S2E09: DerbyCon Edition with Dave Kennedy

Christopher Glyer and Nick Carr interview Dave Kennedy (@HackingDave) on his experience running DerbyCon over the years, what conferences he plans to attend next, and future plans to build and support DerbyCon Communities (DerbyCom). Red teaming in the last few years has started to get harder due to improvements in security visibility, improved security tools, and better SOC teams. They discussed how Dave's red team's @TrustedSec use security tools to baseline what their activity looks like so they can try and blend in with legitimate activity. The trend of red teams shifting away from PowerShell to C-based tools/backdoors. Finally, they discussed both new and old (but still effective) techniques recently seen in the wild that can evade detection including using py2exe and pyinstaller based backdoors/tools.

Om Podcasten

State of the Hack is FireEye’s monthly series, hosted by Christopher Glyer (@cglyer) and Nick Carr (@itsreallynick), that discusses the latest in information security, digital forensics, incident response, cyber espionage, APT attack trends, and tales from the front lines of significant targeted intrusions.