June 26, 2017

Reverse Analyzing Attacks for Detection, Justin Henderson - Paul's Security Weekly #519

Listen Later

36 minutes

Learn how to use Windows Event Logs to catch attackers in your network, including domain admin group enumeration and mimikatz attacks! Justin Henderson (@SecurityMapper) categorizes these techniques as "reverse attack analysis for detection" and shows us how to do it in this technical segment! References to Mark Baggett's work on freq.py are made as well (https://isc.sans.edu/forums/diary/Detecting+Random+Finding+Algorithmically+chosen+DNS+names+DGA/19893/)

Full Show Notes: https://wiki.securityweekly.com/Episode519

Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg

Security Weekly Website: http://securityweekly.com

Follow us on Twitter: @securityweekly

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

Security Weekly Podcast Network (Video)

By Security Weekly Productions

4.7

3535 ratings

June 26, 2017

Reverse Analyzing Attacks for Detection, Justin Henderson - Paul's Security Weekly #519

Listen Later

36 minutes

Learn how to use Windows Event Logs to catch attackers in your network, including domain admin group enumeration and mimikatz attacks! Justin Henderson (@SecurityMapper) categorizes these techniques as "reverse attack analysis for detection" and shows us how to do it in this technical segment! References to Mark Baggett's work on freq.py are made as well (https://isc.sans.edu/forums/diary/Detecting+Random+Finding+Algorithmically+chosen+DNS+names+DGA/19893/)

Full Show Notes: https://wiki.securityweekly.com/Episode519

Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg

Security Weekly Website: http://securityweekly.com

Follow us on Twitter: @securityweekly

...more

More shows like Security Weekly Podcast Network (Video)

Security Now (Audio) by TWiT

Security Now (Audio)

2,011 Listeners

RunAs Radio by Richard Campbell

RunAs Radio

83 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

651 Listeners

Network Break by Packet Pushers

Network Break

101 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,028 Listeners

Security Weekly News (Audio) by Doug White

Security Weekly News (Audio)

33 Listeners

The Matt Walsh Show by The Daily Wire

The Matt Walsh Show

28,494 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

195 Listeners

Cybersecurity Headlines by CISO Series

Cybersecurity Headlines

139 Listeners

Morning Wire by The Daily Wire

Morning Wire

26,679 Listeners