YoVDO

Abusing Normality - Data Exfiltration in Plain Site

Offered By: LASCON via YouTube

Tags

LASCON Courses Cybersecurity Courses PowerShell Courses Communication Channels Courses Stack Overflows Courses Data Exfiltration Courses Document Security Courses

Course Description

Overview

Explore innovative data exfiltration techniques in this 48-minute LASCON conference talk. Delve into the world of stealthy attacker methods that leverage seemingly innocuous system components to hide malicious activities. Learn how attackers can exploit normal-looking files, legitimate software, and common system objects to establish covert communication channels and exfiltrate sensitive data. Discover techniques involving Symantec virus definition files, Wikipedia-based command and control, Word dictionary files, Outlook email headers, and more. Examine various hiding spots, including prefetch files, Search Index, event logs, Recent Documents, free disk space, and Excel templates. Gain insights into detecting these subtle attack vectors and understand why traditional monitoring methods may overlook such threats. Through live demonstrations and practical examples, enhance your understanding of advanced data exfiltration techniques and improve your ability to defend against sophisticated cyber attacks.

Syllabus

Introduction
Requirements
Demo
Stack Overflow
PowerShell Demo
War Document Demo
User Info Demo
Wireless History Demo
Stealing Documents
Dumping the elses
Passwords
Password Vault
Find Password Vault
Live Demo


Taught by

LASCON

Related Courses

Python 3 For Offensive PenTest: A Complete Practical Course
Udemy
Python for Command-and-control, Exfiltration and Impact
Infosec via Coursera
Network Analysis with Arkime
Pluralsight
Cisco Core Security: Secure Network Access, Visibility, and Enforcement
Pluralsight
Post Exploitation with Meterpreter
Pluralsight