State of the Hack is FireEye’s monthly series, hosted by Christopher Glyer (@cglyer) and Nick Carr (@itsreallynick), that discusses the latest in information security, digital forensics, incident response, cyber espionage, APT attack trends, and tales from the front lines of significant targeted intrusions.
S4E07: IIV Drippin: Overcoming Your Zero Day Hangover
Zero Days got you down? There sure has been a lot of high impact zero days impacting edge appliances in 2021, from Microsoft Exchange, Pulse Secure, and SonicWall. In this episode, we're joined by Josh Fleischer, the Managed Defense investigator who uncovered three zero days in SonicWall Email Security, to discuss detection and investigation of a zero day, as well as what vendors and customers can do to better to prepare for zero day attacks.
S4E06: Extortion, Ransoms & the Wonderful Life of Red Teams
In today's threat landscape, data theft and extortion go hand in hand with ransomware. In this episode of State of the Hack, we'll talk about how data theft plays a role in modern day ransomware incidents, how attackers carry out data theft, and how we simulate data theft during our Red Team assessments so clients can test their detective capabilities.
S4E05: The Wonderful World of Web Shells
An oft-undiscussed tactic, web shells are a popular way for threat actors of all flavors to gain initial footholds, move laterally, and maintain persistence in a stealthy manner. Austin and Doug discuss a popular exploit that has been observed in the wild leading to web shells and what infosec practitioners can do to protect against this class of malware.
S4E04: Apex Predators: Inside OpSec Strategy
This episode discusses the idea of operational security ("OPSEC") from an attacker's perspective. OPSEC relates to how an attacker or red team might try to make their activities stealthier to avoid detection. During this episode, Evan Pena and Julian Pileggi talk about the various ways the Mandiant Red Team carries out their operational security during an adversary simulation exercise, and interesting techniques they see attackers using that have a high level of operational security.
S4E03: Azure Got Run Over by a Refresh Token
Join us for our holiday episode as we search for silver bells and silver linings in our move to The Cloud! The cast sits down with Dirk-Jan Mollema to talk Azure AD and Primary Refresh Tokens; and what savvy defenders can do to secure their own cloud credentials.
Great review and analysis
I enjoy the podcast and I’m looking forward to more content to come. Keep up the good work!
New Hosts - Great Content
Mandiant continues to be an example in our industry. This podcast is a great supplement and a great listen.
Good info. Worth a listen.
Better than training. Helps bring ideas into focus.