November 17, 2022

Special: Coordinated Release of Detection Rules for CobaltStike Abuse

Listen Later

20 minutes

Guest:

Greg Sinclair, Security Engineer @ Google Cloud

Topics:

Could you tell us a bit about your background and how you ended up here at Google? Also, tell us about your team here?
We're very excited about the release of the CobaltStrike rules. Could you share more about what they are looking for and second why this is so valuable?
How did CobaltStrike come to be so widely used by bad guys?
When you were doing this research what was the most surprising thing you uncovered?
Could you tell us about the coordinated disclosure aspects of this work?
In the past you've contributed research to our Threat Horizons reports, could you tell us about that?

Resources:

Making CobaltStike harder for threat actors to abuse blog
CobaltStrike YARA-L rules
CobaltStrike site
"Cobalt Strike Usage Explodes Among Cybercrooks"
Google Cybersecurity Action Team Threat Horizons Report #4 Is Out!
Detection as Code? No, Detection as COOKING!

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

Cloud Security Podcast by Google

By Anton Chuvakin

4.8

3939 ratings

November 17, 2022

Special: Coordinated Release of Detection Rules for CobaltStike Abuse

Listen Later

20 minutes

Guest:

Greg Sinclair, Security Engineer @ Google Cloud

Topics:

Could you tell us a bit about your background and how you ended up here at Google? Also, tell us about your team here?
We're very excited about the release of the CobaltStrike rules. Could you share more about what they are looking for and second why this is so valuable?
How did CobaltStrike come to be so widely used by bad guys?
When you were doing this research what was the most surprising thing you uncovered?
Could you tell us about the coordinated disclosure aspects of this work?
In the past you've contributed research to our Threat Horizons reports, could you tell us about that?

Resources:

Making CobaltStike harder for threat actors to abuse blog
CobaltStrike YARA-L rules
CobaltStrike site
"Cobalt Strike Usage Explodes Among Cybercrooks"
Google Cybersecurity Action Team Threat Horizons Report #4 Is Out!
Detection as Code? No, Detection as COOKING!

...more

More shows like Cloud Security Podcast by Google

WSJ Your Money Briefing by The Wall Street Journal

WSJ Your Money Briefing

1,723 Listeners

WSJ What’s News by The Wall Street Journal

WSJ What’s News

4,423 Listeners

Security Now (Audio) by TWiT

Security Now (Audio)

2,010 Listeners

Risky Business by Risky Business Media

Risky Business

373 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,026 Listeners

NVIDIA AI Podcast by NVIDIA

NVIDIA AI Podcast

347 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

8,079 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

177 Listeners

Practical AI by Practical AI LLC

Practical AI

211 Listeners

Cloud Security Podcast by TechRiot.io

Cloud Security Podcast

58 Listeners

Cybersecurity Headlines by CISO Series

Cybersecurity Headlines

140 Listeners

Huberman Lab by Scicomm Media

Huberman Lab

29,297 Listeners

The AI Daily Brief: Artificial Intelligence News and Analysis by Nathaniel Whittemore

The AI Daily Brief: Artificial Intelligence News and Analysis

683 Listeners

HBR On Leadership by Harvard Business Review

HBR On Leadership

169 Listeners

AI Security Podcast by TechRiot.io

AI Security Podcast

9 Listeners