The long-awaited update to Sysmon is here. Microsoft has recently released version 15. This updated version of the popular logging tool includes new features and provides responders insight into endpoint behavior. In this Anti-Cast, Gerard Johansen, digital forensics practitioner and course author of Enterprise Forensics ...
This Anti-Cast session explores advanced techniques and tools for extracting valuable information from diverse online platforms, social media, public databases, and breaches. By emphasizing responsible approaches to OSINT, attendees will learn how to navigate vast data sources, analyze digital footprints, and uncover the hidden gems ...
Active Directory loves spewing hashes, all kinds of them. This talk will focus on NetNTLM (or NTLM, call it what you will) hashes. We'll chat about how they can be obtained and used for privilege escalation and lateral movement. Here's what we'll cover:We'll break down ...
Chat with your fellow attendees in the Antisyphon Discord server:https://discord.gg/antisyphonin the #🍿anticasts-chat channelStay up to date on our upcoming live Anti-Casts and more at https://poweredbybhis.com
Despite being a common Linux file system, forensic support for XFS is still largely lacking. In this session, Hal will describe how to turn the humble xfs_db tool into a useful forensic application for examining XFS file system internals and finding critical evidence. Attackers aren’t ...
TellTail is a free and open source application that makes it easy to view and learn about PowerShell logging. In this webcast we will enable/disable the various PowerShell logging options and watch the effect it has on what gets logged. Come to this webcast to ...
Based on recent threat reports, a growing number of bad actors are bringing vulnerable drivers to victim environments to exploit and guarantee a more successful attack path. These kernel drivers are legitimate, trusted and... vulnerable! Amazingly, some have CVEs dating back to 2015 or earlier. ...
When it comes to security, the goal is to make an attacker’s job as difficult as possible. The more hurdles they must jump through, the easier it should be to detect and stop them. Unfortunately, common practices around how and where privileged accounts are used ...
Get ready for a wild ride as Jennifer Shannon, a Senior Security Consultant at Secure Ideas, presents "API-ocalypse Now." In this thrilling and entertaining webcast, Jennifer will showcase the vulnerabilities lurking within APIs and the havoc they can wreak if left unaddressed. Through live pentesting ...
In this one-hour webinar, we will explore an overview of the threats targeting Kubernetes, a crucial technology for managing containerized applications. “Infiltrating Kubernetes: An Overview of Attacker Motives and Methods,” aims to equip IT professionals, DevOps engineers, and cybersecurity enthusiasts with insights into why and ...
Everything old is new again, including intelligence analytic techniques. In today's webcast, Jake will introduce you to Kent's Analytic Doctrine, a formal intelligence analysis doctrine developed and refined in WWII. You don't need to be a CTI analyst to benefit from this webcast. Practically every ...
First Showing:Delve into the realm of compiler tactics to navigate AV and EDR safeguards. Discover the potential of Cobalt Strike payloads to sidestep these security measures. Explore compilers like Clang++, LLVM, and G++, showcasing their role in reshaping security strategies.By showcasing submissions aimed at diverse ...
