DFSP # 400 - CMSTP

DFSP # 400 - CMSTP

This week I am going to focus on a specific remote execution technique that you may see in the wild. Remote execution is important for incident response investigations but also for file use and knowledge investigations, particularly those that conducted due diligence exams for evidence of malware. I have covered remote execution in the past from different angles and I have done so because it is one of the red flags that an analyst should be looking for. In order to be effective in recognizing either an actual malicious execution or the risk of an attempted remote execution you must be reversed in the clever ways attackers attempt to compromise a host using Microsoft applications. The highlight this week will be CMSTP.exe abuse...

Det här avsnittet är hämtat från ett öppet RSS-flöde och publiceras inte av Podme. Det kan innehålla reklam.

Avsnitt(498)

Populärt inom Vetenskap

p3-dystopia
dumma-manniskor
allt-du-velat-veta
kapitalet-en-podd-om-ekonomi
medicinvetarna
bildningspodden
rss-ufobortom-rimligt-tvivel
svd-nyhetsartiklar
rss-vetenskapsradion-2
det-morka-psyket
rss-spraket
rss-vetenskapsradion
rss-broccolipodden-en-podcast-som-inte-handlar-om-broccoli
dumforklarat
rss-arkeologi-historia-podden-som-graver-i-vart-kulturlandskap
rss-kriminologerna
rss-lara-fran-larda-en-fackbok-och-en-forfattare
vetenskapsradion
parkinsonpodden
rss-personlighetspodden