October 02, 2024

Analyzing Malware at Scale - John Hammond - PSW #845

Listen Later

1 hour 3 minutes

This episode of Paul Security Weekly features John Hammond, a senior security researcher from Huntress, discussing malware analysis. Hammond dives into the analysis of Ocean Lotus attacks, highlighting the use of stealthy techniques like alternate data streams and DLL side-loading. The conversation also touches on the challenges of combating attackers who leverage ‘bring your own vulnerable driver’ techniques to gain kernel-level privileges. The hosts discuss the need for secure-by-default configurations and the ongoing struggle to combat attackers who exploit vulnerabilities. The episode concludes with a discussion on how to improve the security of the industry.

Segment Resources:

https://www.huntress.com/blog/the-hackers-in-the-arena-the-huntress-ctf-retrospective
https://www.huntress.com/blog/fake-browser-updates-lead-to-boinc-volunteer-computing-software

Show Notes: https://securityweekly.com/psw-845

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

Security Weekly Podcast Network (Video)

By Security Weekly

4.7

3535 ratings

October 02, 2024

Analyzing Malware at Scale - John Hammond - PSW #845

Listen Later

1 hour 3 minutes

This episode of Paul Security Weekly features John Hammond, a senior security researcher from Huntress, discussing malware analysis. Hammond dives into the analysis of Ocean Lotus attacks, highlighting the use of stealthy techniques like alternate data streams and DLL side-loading. The conversation also touches on the challenges of combating attackers who leverage ‘bring your own vulnerable driver’ techniques to gain kernel-level privileges. The hosts discuss the need for secure-by-default configurations and the ongoing struggle to combat attackers who exploit vulnerabilities. The episode concludes with a discussion on how to improve the security of the industry.

Segment Resources:

https://www.huntress.com/blog/the-hackers-in-the-arena-the-huntress-ctf-retrospective
https://www.huntress.com/blog/fake-browser-updates-lead-to-boinc-volunteer-computing-software

Show Notes: https://securityweekly.com/psw-845

...more

More shows like Security Weekly Podcast Network (Video)

Security Now (Audio) by TWiT

Security Now (Audio)

1,986 Listeners

Security Weekly Podcast Network (Audio) by Security Weekly Productions

Security Weekly Podcast Network (Audio)

208 Listeners

Discovery by BBC World Service

Discovery

967 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

639 Listeners

The Joe Rogan Experience by Joe Rogan

The Joe Rogan Experience

225,811 Listeners

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

369 Listeners

Exchanges by Goldman Sachs

Exchanges

980 Listeners

Hacked by Hacked

Hacked

180 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

7,962 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

174 Listeners

The Matt Walsh Show by The Daily Wire

The Matt Walsh Show

27,926 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

77 Listeners

All-In with Chamath, Jason, Sacks & Friedberg by All-In Podcast, LLC

All-In with Chamath, Jason, Sacks & Friedberg

9,248 Listeners

Morning Wire by The Daily Wire

Morning Wire

26,474 Listeners

The Tucker Carlson Show by Tucker Carlson Network

The Tucker Carlson Show

15,525 Listeners