Webinars http://10.10.10.29 Fri, 19 May 2017 12:57:32 +0000 en-US hourly 1 https://wordpress.org/?v=4.6.1 Investigating Privilege Elevation on Linux http://10.10.10.29/resources/investigating-privilege-elevation-on-linux/ Wed, 05 Apr 2017 00:19:30 +0000 http://10.10.10.29/?post_type=resources&p=2454 Continue reading Investigating Privilege Elevation on Linux ]]> REGISTER TODAY!

Wed, Apr 12, 2017 1:00 PM- 1:30 PM EST

In order to remotely take over a host running the GNU/Linux operating system, the most common strategy is for the attacker to get a program to run as the root user. In essence, a low-privileged backdoor elevates its privileges to the highest level available on the system, from which all data on the system become available, and all actions become possible.

Fortunately, the exploits and techniques leveraged for elevating privileges leave some signature traces to whom actively looks for them, as Arc4dia’s SNOW does.

In this webinar:

1. We will discuss signs of privilege elevation and a model for such attacks.

2. We will walk through the investigation of two such episodes.

3. We will outline best practices that can mitigate the privilege elevation risk on a Linux host.

This Webinar is FREE but space is limited, so please REGISTER TODAY!

About the Speaker:

Benoit Hamelin, Chief Technology Officer @Arc4dia Passionate Programmer, Hacker, Teacher

Recorded webinar will be distributed to all REGISTERED after the webinar session.

Previous webinar recordings:

Mar 15, 2017 Detecting Malware Through Process Chain Analysis
Feb 15, 2017 Looking for Cyber Threats Through Statistical Outliers 
Jan 24, 2017 Responding to Cyber Incidents

]]>
Detecting Malware Through Process Chain Analysis http://10.10.10.29/resources/detecting-malware-through-process-chain-analysis/ Mon, 20 Feb 2017 21:36:28 +0000 http://10.10.10.29/?post_type=resources&p=2290 Continue reading Detecting Malware Through Process Chain Analysis ]]>

Updated: For those who missed the webinar, you can watch here or read the transcript

REGISTER TODAY!

Wed, Mar 15, 2017 1:00 PM – 2:00 PM EST

When anyone uses a computer, her actions prompt programs to start other programs, such as the computer’s desktop to start a word processor or web browser. These programs begetting other programs form process chains. Malware deployed through exploits and code injections often has to perform similar tricks, which yield process chains often remarkable as abnormal. Arc4dia’s SNOW detects strange process chains through heuristic and behavioral analysis.

In this webinar:

1. We will present examples of process chains.

2. We will show how process chain analysis reveals normal yet unexpected behaviors of certain software.

3. We will illustrate how malware may yield remarkable process chains that should always raise alerts.

4. We will demonstrate how strange process chains can be inspected using SNOW.

This Webinar is FREE but space is limited, so please REGISTER TODAY!

About the Speaker:

Justin Seitz is a Hunter @Arc4dia, has written books “Black Hat Python” & “Grey Hat Python”, Creator of @Hunchly. Blogging & training #OSINT techniques.

Recorded webinar will be distributed to all REGISTERED after the webinar session.

Previous webinar recordings:

Feb 15, 2017 Looking for Cyber Threats Through Statistical Outliers
Jan 24, 2017 Responding to Cyber Incidents

]]>
Looking for Cyber Threats Through Statistical Outliers http://10.10.10.29/resources/looking-for-cyber-threats-through-statistical-outliers/ Thu, 02 Feb 2017 22:56:43 +0000 http://10.10.10.29/?post_type=resources&p=2146 Continue reading Looking for Cyber Threats Through Statistical Outliers ]]> Updated: For those who missed the webinar, you can watch here or read the transcript

REGISTER TODAY!

Defenders of IT infrastructures complain that detecting malware is hard — but so it is for malware to hide. Malicious programs have to leverage the same computing hooks to run on a system, so they necessarily leave specific traces and artifacts. Arc4dia’s SNOW offers a few features that facilitate sleuthing for these artifacts.

In this webinar:

1. We will present SNOW’s database of objects.
2. We will show how we can look for outliers on a host, objects rarely seen across a given network.
3. We will demonstrate how to look for outlier relationships between objects, which may uncover malware even when it sneaks into common files and directories.

This Webinar is FREE but space is limited, so please REGISTER TODAY!

About the Speaker:

Justin Seitz is a Hunter @Arc4dia, has written books “Black Hat Python” & “Grey Hat Python”, Creator of @Hunchly. Blogging & training #OSINT techniques.

Recorded webinar will be distributed to all REGISTERED after the webinar session.

Updated: For those who missed the webinar, you can watch here or read the transcript

]]>
Responding To Cyber Incidents http://10.10.10.29/resources/responding-to-incidents/ Wed, 18 Jan 2017 02:33:28 +0000 http://10.10.10.29/?post_type=resources&p=2047 Continue reading Responding To Cyber Incidents ]]> Even with the best defenses and the best defenders, attackers only need to circumvent them once. Getting attacked and breached is not a question of if, but rather a question of when. A good response plan for cyber incidents is a great first step, but its execution risk can be mitigated further with the proper tools.

In this webinar:

1. We will demonstrate how to execute incident response remotely by taking action against an infected host.

2. We will show how to interrupt malware computation with surgical precision.

3. Then grab the payload for offline analysis.

4. We will also present how to clean up the infection once its spread has been ascertained.

5. Finally, we will discuss some tricks on setting up a response plan, with clear communication lines and standard operating procedures.

This Webinar is FREE but space is limited, so please REGISTER TODAY!

About the Speaker:

Justin Seitz is a Hunter @Arc4dia, has written books “Black Hat Python” & “Grey Hat Python”, Creator of @Hunchly. Blogging & training #OSINT techniques.

Recorded webinar will be distributed to all REGISTERED after the webinar session.

Updated: For those who missed the webinar, you can watch here or read the transcript

 

]]>
Live Analysis of a Process Hollowing http://10.10.10.29/resources/live-analysis-of-a-process-hollowing/ Wed, 14 Dec 2016 02:45:57 +0000 http://10.10.10.29/?post_type=resources&p=2056 Join speaker, Justin Seitz, the author of books “Black Hat Python” & “Grey Hat Python”, Malware hunter @Arc4dia

During this session , Justin will cover the following topics :

1. What is process hollowing
2. Detection
3. Investigating a hollowed process
4. Pitfalls

Questions will be answered by Marc Theberge, CCSO @Arc4dia

]]>
Live Remote Memory Forensics with SNOW http://10.10.10.29/resources/live-remote-memory-forensics-with-snow/ Thu, 10 Nov 2016 02:41:19 +0000 http://10.10.10.29/?post_type=resources&p=2052 Continue reading Live Remote Memory Forensics with SNOW ]]> Join speaker, Justin Seitz, the author of books “Black Hat Python” & “Grey Hat Python”, Malware hunter @Arc4dia

During this session , Justin will cover the following topics :

  • A tamed piece of malware
  • Infecting the target host
  • Examining  process memory
  • Further clues to the infection
  • Neutralizing the threat
  • Mapping the malware spread

Questions will be answered by Marc Theberge, CCSO @Arc4dia

]]>