DFSP # 400 - CMSTP

DFSP # 400 - CMSTP

This week I am going to focus on a specific remote execution technique that you may see in the wild. Remote execution is important for incident response investigations but also for file use and knowledge investigations, particularly those that conducted due diligence exams for evidence of malware. I have covered remote execution in the past from different angles and I have done so because it is one of the red flags that an analyst should be looking for. In order to be effective in recognizing either an actual malicious execution or the risk of an attempted remote execution you must be reversed in the clever ways attackers attempt to compromise a host using Microsoft applications. The highlight this week will be CMSTP.exe abuse...

Denne episoden er hentet fra en åpen RSS-feed og er ikke publisert av Podme. Den kan derfor inneholde annonser.

Episoder(498)

Populært innen Vitenskap

fastlegen
tingenes-tilstand
jss
rekommandert
villmarksliv
forskningno
liberal-halvtime
sinnsyn
tomprat-med-gunnar-tjomlid
vett-og-vitenskap-med-gaute-einevoll
rss-kunstig-intelligens-med-elisabeth-maren-og-morten
fjellsportpodden
rss-nysgjerrige-norge
rss-rekommandert
nevropodden
diagnose
dekodet-2
smart-forklart
rss-overskuddsliv
rss-paradigmepodden