YoVDO

Visibility Beyond Perimeters - Detecting C2 at Time of Execution

Offered By: BruCON Security Conference via YouTube

Tags

BruCON Courses Cybersecurity Courses Incident Response Courses Ransomware Courses DNS Courses

Course Description

Overview

Explore a groundbreaking method for detecting malicious network intrusions in this 48-minute conference talk from BruCON Security Conference. Delve into the limitations of current detection techniques and discover a new approach that provides near-real-time alerting without relying on endpoint client software. Learn how this innovative technology leverages network IOCs beyond existing XDR platforms, offering consistent detection across all OS versions and vendors. Gain insights into detecting supply-chain attacks and partner vulnerabilities. Examine real-world examples from the CTI League's efforts to protect hospitals during the 2020 pandemic. Understand how this method can augment existing EDR solutions, potentially giving organizations extra time to prevent data breaches. Topics covered include the F51 vulnerability, Gray Noise, forensics, DNS IOCs, ransomware, trojans, and techniques for detecting various types of malware and botnets.

Syllabus

Intro
Why is this important
Showdown
F51 vulnerability
Who found F51
What we found
How we did this
Gray Noise
Forensics
Showdown Hunting
Pro Tips
Ingram Micro
DNS
DNS IOCs
Ransomware
trojans
CTI League
Answering malware
Detecting malware
Detecting botnets
Conclusion
QA


Taught by

BruCON Security Conference

Related Courses

Implementing DNS in Microsoft Windows Server
Microsoft via edX
Networking for Web Developers
Udacity
Microsoft Windows Server 2012 Fundamentals: DNS
Microsoft via edX
Windows Server 2016: Basic Networking
Microsoft via edX
The Bits and Bytes of Computer Networking
Google via Coursera