In this one-hour webinar, we will explore an overview of the threats targeting Kubernetes, a crucial technology for managing containerized applications. “Infiltrating Kubernetes: An Overview of Attacker Motives and Methods,” aims to equip IT professionals, DevOps engineers, and cybersecurity enthusiasts with insights into why and how attackers infiltrate Kubernetes environments.
This week’s Anti-Cast is with… Jennifer Shannon!! Join us Wednesday, Sept. 20 at 12 p.m. EDT, for “API-ocalypse Now.” → Register here. As always, join us early, 11:30 a.m. EDT,…
Read more… “Join us for this week’s Anti-Cast with Jennifer Shannon!” »
Get ready for a wild ride as Jennifer Shannon, a Senior Security Consultant at Secure Ideas, presents “API-ocalypse Now.” In this thrilling and entertaining webcast, Jennifer will showcase the vulnerabilities lurking within APIs and the havoc they can wreak if left unaddressed. Through live pentesting demos, she will demonstrate jaw-dropping exploits, mind-bending injection attacks, and authentication bypass techniques that will leave you on the edge of your seat. Join Jennifer as she navigates the dark side of APIs to help you understand and fortify your attack surface in order to prevent the impending API-ocalypse.
When it comes to security, the goal is to make an attacker’s job as difficult as possible. The more hurdles they must jump through, the easier it should be to detect and stop them. Unfortunately, common practices around how and where privileged accounts are used in Windows environments reduces the race down to only a couple of jumps (or maybe just a sprint). We will talk about why device and account tiering is critically important for making a network a virtual obstacle course.
Based on recent threat reports, a growing number of bad actors are bringing vulnerable drivers to victim environments to exploit and guarantee a more successful attack path. These kernel drivers are legitimate, trusted and… vulnerable! Amazingly, some have CVEs dating back to 2015 or earlier. During this Anti-Cast, we will map out detection methods to identify and remove vulnerable drivers already present in your network AND devise prevent/block strategies to future-proof against BYOVD attacks.
If you missed our Anti-Cast, “XFS Forensics with xfs_db,” with Hal Pomeranz, you can view the live recording! Join Hal for his class, “Linux Forensics,” Sept. 12-15, 2023!
TellTail is a free and open-source application that makes it easy to view and learn about PowerShell logging. In this webcast, we will enable/disable the various PowerShell logging options and watch the effect it has on what gets logged. Come to this webcast to learn more about PowerShell Script Block and Module logging and how you can easily explore and learn on your own.
Join us for our next Anti-Cast, “Down with the CISO,” with Nathan Case this Wednesday, Aug. 9 at 12 p.m. EDT! Register here. As always, tune in at 11:30 a.m….
Read more… “Next Anti-Cast, ‘Down with the CISO,’ Wednesday, Aug. 9!” »
Despite being a common Linux file system, forensic support for XFS is still largely lacking. In this session, Hal will describe how to turn the humble xfs_db tool into a useful forensic application for examining XFS file system internals and finding critical evidence. Attackers aren’t the only ones who can “live off the land”!
Join us for our next Anti-Cast, “Obtaining NetNTLM Hashes by Asking Nicely,” with Qasim Ijaz & Jake Nelson this Wednesday, Aug. 2, 2023, at 12 p.m. EDT!
