Leveraging Beacon Detection Techniques to Identify Anomalous Logons | 2020 THIR Summit

preview_player
Показать описание
Attackers attempting to compromise passwords via brute forcing or password spraying usually do so with the help of automated scripts. Sophisticated versions of these scripts may borrow techniques from C2 frameworks, such as implementing sleep timers and jitter between login attempts. In this talk, we'll walk through how we applied C2 beacon analysis techniques to look for evidence of an adversary performing password spraying.

Speakers
Fred Nolte,- Senior Cybersecurity Analyst, Threat Hunting, Target
Nikita Jain, Cybersecurity Analyst, Incident Response, Target
Dante Razo, - Intern, Incident Response, Target
Jacob Alongi, - Intern, Incident Response, Target
  1. SANS Digital Forensics and Incident Response
  2. digital forensics
  3. incident response
  4. threat hunting
  5. cyber threat intelligence
  6. dfir training
Рекомендации по теме
Leveraging Beacon Detection 0:20:24

Leveraging Beacon Detection Techniques to Identify Anomalous Logons | 2020 THIR Summit

Understanding Beacon Detection 0:10:08

Understanding Beacon Detection with CylanceGATEWAY

Detecting Malware Beacons 0:07:51

Detecting Malware Beacons with Zeek and RITA

Vijay Sanjos Alexander- 0:30:51

Vijay Sanjos Alexander- Leveraging BLE beacons for proximity & positioning

Traditional and Advanced 0:28:49

Traditional and Advanced Techniques for Network Beacon Detection

09. x33fcon 2019 0:28:48

09. x33fcon 2019 - Hunting beacons by Bartosz Jerzman

How Creators & 0:47:44

How Creators & Managers Can Leverage AI with Beacons Ft: Team Beacons!

Atlassian Beacon: Intelligent 0:05:02

Atlassian Beacon: Intelligent Threat Detection and Remediation | Atlassian

BSidesFortWayne 2022 - 0:37:00

BSidesFortWayne 2022 - Using open source algorithms for C2 beacon detection with Microsoft Sentinel

Leveraging User Behavior 0:38:01

Leveraging User Behavior for Cyber Threat Hunting

Aggressive Autonomous Actions 0:49:11

Aggressive Autonomous Actions - Operating with Automation

Cracking the Beacon: 0:41:24

Cracking the Beacon: Automating the Extraction of Implant Configurations

Understanding C2 Beacons 0:30:45

Understanding C2 Beacons - Part 1 of 2 | Malware of the Day

A|C — Beacon 0:59:45

A|C — Beacon Analysis – The Key to Cyber Threat Hunting | Chris Brenton

ISE 2016: Crestron 0:01:51

ISE 2016: Crestron Electronics Introduces Fusion Cloud with PinPoint Proximity Detection Beacon

Hunting the beacon: 0:12:14

Hunting the beacon: CLBeaconRegion – Detect-a-Beacon, part 3

Using proximity beacons 0:24:01

Using proximity beacons to extract insight from off-line interactions - Kantar

01. Keynote: How 0:46:31

01. Keynote: How I Met Your Beacon by Dominic Chell

Threat Hunting Beacon 0:48:00

Threat Hunting Beacon Analysis

Mining The Shadows 0:33:05

Mining The Shadows with ZoidbergStrike: A Scanner for Cobalt Strike

Keynote: Threat Hunting: 0:43:34

Keynote: Threat Hunting: Old Data, New Tricks!

Learn How Growy 0:01:57

Learn How Growy Leverages IoT and Modern Data Management for the Future of Farming

Keynote: Cobalt Strike 0:45:45

Keynote: Cobalt Strike Threat Hunting | Chad Tilbury

Unlimited Beacons & 0:01:51

Unlimited Beacons & Geofence capabilities

Комментарии
Автор

The fact that this video only has 873 views is a travesty. BLUE TEAMS - DO

jayinfosec