Paul's Security Weekly Subscribe

Offensive Operating Against SysMon, Carlos Perez –

September 28, 2018

Carlos Perez delivers the Technical Segment on How to Operate Offensively Against Sysmon. He talks about how SysMon allows him to create rules, and track specific types of tradecraft, around process creation and process termination. He dives into network connection, driver loading, image loading, creation of remote threats, and more!

Full Show Notes: https://wiki.securityweekly.com/Episode577

Visit https://www.securityweekly.com/psw for all the latest episodes!

Full episode and show notes

Hosts

Paul Asadoorian

Principal Security Evangelist at Eclypsium

https://securitypodcaster.com

Principal Consultant, Team Lead for Research at TrustedSec

https://www.trustedsec.com/

Security Researcher

https://jasonwood.io/

Security Analyst at Black Hills Information Security

https://www.blackhillsinfosec.com/team/joff-thyer/

Related

Vulnerability Management

Combadges, SISENSE, Microsoft, CISA, Lastpass, Palo Alto, Broadband, Aaran and More – SWN #377

April 12, 2024

Combadges, SISENSE, Microsoft, Malware Next-Gen, Lastpass, Palo Alto, Broadband, Aaran Leyland, and More, on this edition of the Security Weekly News.

Managed Services

Understanding KillNet and Recent Waves of DDoS Attacks – Michael Smith – ESW #357

April 11, 2024

In the days when Mirai emerged and took down DynDNS, along with what seemed like half the Internet, DDoS was as active a topic in the headlines as it was behind the scenes (check out Andy Greenberg's amazing story on Mirai on Wired). We don't hear about DDoS attacks as much anymore. What happened? Well, they didn't go away. DDoS attacks are a more...

The AI-est news segment ever, now with even more AI! – ESW #357

April 11, 2024

This week, Tyler and Adrian discuss Cyera's $300M Series C, which lands them a $1.4B valuation! But is that still a unicorn? Aileen Lee of Cowboy Ventures, who coined the term back in 2013, recently wrote a piece celebrating the 10th anniversary of the term, and revisiting what it means. We HIGHLY recommend checking it out: https://www.cowboy.vc/ne...