S2E11: Between Two Steves

26:18
 
שתפו
 

Manage episode 290580678 series 2915100
על ידי Mandiant התגלה על ידי Player FM והקהילה שלנו - זכויות היוצרים שמורות למפרסם, לא ל-Player FM, והשמע מוזרם ישירות מהשרתים שלכם. הירשמו כדי לעקוב אחר עדכונים ב-Player FM, או הדביקו את כתובת העדכונים באפליקציות פודקאסט אחרות.

Christopher Glyer and Nick Carr sit down with the top two Steves from
Advanced Practices: Steve Stone (@stonepwn3000) and Steve Miller
(@stvemillertime) to talk about the front-line technical stories and
research presented at the 2019 #FireEyeSummit.
With team members embedded on every investigation, they dissect the
key takeaways from the past year’s responses and trends in tracking
the groups and techniques that matter. They cover the
behind-the-scenes of recent FIN7 events* and put that in perspective
against Steve’s PDB research** and other research presented at the
summit, including talks from Advanced Practices team members on
proactive identification of C2, deep code signing research, and rich
header hunting at scale. We quickly highlight a favorite talk “Living
off the Orchard”*** revealing TTPs and artifacts left behind from the
million mac engagement. There’s double the chance you’ll enjoy Steve
as a guest – and we were pleased to finally have them on.
NOTE: Glyer live-tweeted the technical track**** throughout the summit
until additional blogs and videos are expected to release.
*
https://www.fireeye.com/blog/threat-research/2019/10/mahalo-fin7-respo
nding-to-new-tools-and-techniques.html
**
https://www.fireeye.com/blog/threat-research/2019/08/definitive-dossie
r-of-devilish-debug-details-part-one-pdb-paths-malware.html
***
https://www.fireeye.com/blog/threat-research/2019/10/leveraging-apple-
remote-desktop-for-good-and-evil.html
**** https://twitter.com/cglyer/status/1181978827028873221

38 פרקים