S2E09: DerbyCon Edition with Dave Kennedy
State of the Hack
English - September 18, 2019 05:00 - 19 minutes - 13.2 MB - ★★★★★ - 28 ratingsTechnology News Tech News fireeye mandiant cybersecurity malware hacker Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Christopher Glyer and Nick Carr interview Dave Kennedy (@HackingDave)
on his experience running DerbyCon over the years, what conferences he
plans to attend next, and future plans to build and support DerbyCon
Communities (DerbyCom). Red teaming in the last few years has started
to get harder due to improvements in security visibility, improved
security tools, and better SOC teams. They discussed how Dave's red
team's @TrustedSec use security tools to baseline what their activity
looks like so they can try and blend in with legitimate activity. The
trend of red teams shifting away from PowerShell to C-based
tools/backdoors. Finally, they discussed both new and old (but still
effective) techniques recently seen in the wild that can evade
detection including using py2exe and pyinstaller based
backdoors/tools.