YoVDO

Abusing Normality - Data Exfiltration in Plain Site

Offered By: LASCON via YouTube

Tags

LASCON Courses Cybersecurity Courses PowerShell Courses Communication Channels Courses Stack Overflows Courses Data Exfiltration Courses Document Security Courses

Course Description

Overview

Explore innovative data exfiltration techniques in this 48-minute LASCON conference talk. Delve into the world of stealthy attacker methods that leverage seemingly innocuous system components to hide malicious activities. Learn how attackers can exploit normal-looking files, legitimate software, and common system objects to establish covert communication channels and exfiltrate sensitive data. Discover techniques involving Symantec virus definition files, Wikipedia-based command and control, Word dictionary files, Outlook email headers, and more. Examine various hiding spots, including prefetch files, Search Index, event logs, Recent Documents, free disk space, and Excel templates. Gain insights into detecting these subtle attack vectors and understand why traditional monitoring methods may overlook such threats. Through live demonstrations and practical examples, enhance your understanding of advanced data exfiltration techniques and improve your ability to defend against sophisticated cyber attacks.

Syllabus

Introduction
Requirements
Demo
Stack Overflow
PowerShell Demo
War Document Demo
User Info Demo
Wireless History Demo
Stealing Documents
Dumping the elses
Passwords
Password Vault
Find Password Vault
Live Demo


Taught by

LASCON

Related Courses

Computer Security
Stanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network