Jordan Drysdale // tl;dr Sentinel is easy! Especially when using Azure Sentinel To-Go. So, let’s do some threat research by deploying Sentinel To-Go and executing a Cobalt Strike beacon. Link: https://github.com/OTRF/Azure-Sentinel2Go Keeping up with Roberto’s (and his brother, and the OTRF contributors) is as monumental a task as his efforts to push threat research forward. […]
Originally aired on November 30, 2020 Articles discussed in this episode: https://www.computerweekly.com/news/252491324/Surge-in-Ryuk-ransomware-attacks-has-hospitals-on-alert https://www.baltimoresun.com/maryland/baltimore-county/bs-md-co-what-to-know-schools-ransomware-attack-20201130-2j3ws6yffzcrrkfzzf3m43zxma-story.html https://www.darknet.org.uk/2020/10/fuzzilli-javascript-engine-fuzzing-library
Podcast: Play in new window | Download
Subscribe: RSS
Originally aired on November 19, 2020 Articles discussed in this episode: https://duo.com/blog/the-great-dns-vulnerability-of-2008-by-dan-kaminsky https://blog.cloudflare.com/sad-dns-explained
Podcast: Play in new window | Download
Subscribe: RSS
Jordan Drysdale // TL;DR The problem with a pentester’s perspective on defense, hunting, and security: Lab demographics versus scale. If it costs $15 bucks per month per server for me to get ATP data, demo its effectiveness, provide tips, tricks, and some basic guidance to the world, this is affordable. Deploying ATP on 5,000 virtual […]
Originally aired on November 11, 2020 Articles discussed in this episode: https://www.darkreading.com/attacks-breaches/malware-hidden-in-encrypted-traffic-surges-amid-pandemic/d/d-id/1339420 https://threatpost.com/millions-hotel-guests-worldwide-data-leak/161044/
Podcast: Play in new window | Download
Subscribe: RSS
Originally aired on 11/09/2020 Articles discussed in this episode: https://www.darkreading.com/threat-intelligence/6-ways-passwords-fail-basic-security-tests/d/d-id/1339299 https://www.infosecurity-magazine.com/news/national-guard-uvm-health-network/ https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/
Podcast: Play in new window | Download
Subscribe: RSS
Ray Felch // Introduction Continuing with my ongoing Smart Lock attack research (see blog Reverse Engineering a Smart Lock), I decided to move my focus to a different type of attack technique, namely a relay attack. The relay attack is a form of MitM attack, not to be confused with the more well-known replay attack. […]
