83 episodes

State of the Hack is FireEye’s monthly series, hosted by Christopher Glyer (@cglyer) and Nick Carr (@itsreallynick), that discusses the latest in information security, digital forensics, incident response, cyber espionage, APT attack trends, and tales from the front lines of significant targeted intrusions.

State of the Hack Mandiant

    • Technology
    • 4.7 • 26 Ratings

State of the Hack is FireEye’s monthly series, hosted by Christopher Glyer (@cglyer) and Nick Carr (@itsreallynick), that discusses the latest in information security, digital forensics, incident response, cyber espionage, APT attack trends, and tales from the front lines of significant targeted intrusions.

    S4E07: IIV Drippin: Overcoming Your Zero Day Hangover

    S4E07: IIV Drippin: Overcoming Your Zero Day Hangover

    Zero Days got you down? There sure has been a lot of high impact zero days impacting edge appliances in 2021, from Microsoft Exchange, Pulse Secure, and SonicWall. In this episode, we're joined by Josh Fleischer, the Managed Defense investigator who uncovered three zero days in SonicWall Email Security, to discuss detection and investigation of a zero day, as well as what vendors and customers can do to better to prepare for zero day attacks.

    • 35 min
    S4E06: Extortion, Ransoms & the Wonderful Life of Red Teams

    S4E06: Extortion, Ransoms & the Wonderful Life of Red Teams

    In today's threat landscape, data theft and extortion go hand in hand with ransomware. In this episode of State of the Hack, we'll talk about how data theft plays a role in modern day ransomware incidents, how attackers carry out data theft, and how we simulate data theft during our Red Team assessments so clients can test their detective capabilities.

    • 37 min
    S4E05: The Wonderful World of Web Shells

    S4E05: The Wonderful World of Web Shells

    An oft-undiscussed tactic, web shells are a popular way for threat actors of all flavors to gain initial footholds, move laterally, and maintain persistence in a stealthy manner. Austin and Doug discuss a popular exploit that has been observed in the wild leading to web shells and what infosec practitioners can do to protect against this class of malware.

    • 32 min
    S4E04: Apex Predators: Inside OpSec Strategy

    S4E04: Apex Predators: Inside OpSec Strategy

    This episode discusses the idea of operational security ("OPSEC") from an attacker's perspective. OPSEC relates to how an attacker or red team might try to make their activities stealthier to avoid detection. During this episode, Evan Pena and Julian Pileggi talk about the various ways the Mandiant Red Team carries out their operational security during an adversary simulation exercise, and interesting techniques they see attackers using that have a high level of operational security.

    • 35 min
    S4E03: Azure Got Run Over by a Refresh Token

    S4E03: Azure Got Run Over by a Refresh Token

    Join us for our holiday episode as we search for silver bells and silver linings in our move to The Cloud! The cast sits down with Dirk-Jan Mollema to talk Azure AD and Primary Refresh Tokens; and what savvy defenders can do to secure their own cloud credentials.

    • 40 min

Customer Reviews

4.7 out of 5
26 Ratings

26 Ratings

Sm@rt speller ,

Great review and analysis

I enjoy the podcast and I’m looking forward to more content to come. Keep up the good work!

ark(scout) ,

New Hosts - Great Content

Mandiant continues to be an example in our industry. This podcast is a great supplement and a great listen.

ChadInPa ,

Good info. Worth a listen.

Better than training. Helps bring ideas into focus.

Top Podcasts In Technology

Listeners Also Subscribed To