DFSP # 400 - CMSTP

DFSP # 400 - CMSTP

This week I am going to focus on a specific remote execution technique that you may see in the wild. Remote execution is important for incident response investigations but also for file use and knowledge investigations, particularly those that conducted due diligence exams for evidence of malware. I have covered remote execution in the past from different angles and I have done so because it is one of the red flags that an analyst should be looking for. In order to be effective in recognizing either an actual malicious execution or the risk of an attempted remote execution you must be reversed in the clever ways attackers attempt to compromise a host using Microsoft applications. The highlight this week will be CMSTP.exe abuse...

Tämä jakso on lisätty Podme-palveluun avoimen RSS-syötteen kautta eikä se ole Podmen omaa tuotantoa. Siksi jakso saattaa sisältää mainontaa.

Jaksot(498)

Suosittua kategoriassa Tiede

rss-mita-tulisi-tietaa
hippokrateen-vastaanotolla
utelias-mieli
filocast-filosofian-perusteet
docemilia
rss-tiedetta-vai-tarinaa
rss-hereilla
rss-totuuden-liepeilla
tiedekulma-podcast
ihanat-ipanat
radio-antro
rss-bios-podcast
rss-vaasan-yliopiston-podcastit
rss-ammamafia
rss-kasvikutsut