Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Contenuto fornito da Clint Marsden. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Clint Marsden o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.
Simile a TLP - The Digital Forensics Podcast
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
We help founders make something people want.
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
The Fragmented Podcast is the leading Android developer podcast started by Kaushik Gopal & Donn Felker. Our goal is to help you become a better Android Developer through conversation & to capture the zeitgeist of Android development. We chat about topics such as Testing, Dependency Injection, Patterns and Practices, useful libraries, and much more. We will also be interviewing some of the top developers out there. Subscribe now and join us on the journey of becoming a better Android Developer.
…
continue reading
Discover a whole new take on Artificial Intelligence with Squirro's educational podcast! Join host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and their incredible impact on society, and y ...
…
continue reading
Three nerds discussing tech, Apple, programming, and loosely related matters.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Marc Fennell and a team of people far smarter than him (his words, not ours) take a fun deep dive into how technology is reshaping our lives.
…
continue reading
Player FM - App Podcast
Vai offline con l'app Player FM !
Vai offline con l'app Player FM !
))
Episode 7 - Defending Against Scattered Spider: Understanding Their Tactics, Techniques, and Procedures
Manage episode 425641123 series 3578563
Contenuto fornito da Clint Marsden. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Clint Marsden o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.
In todays episode of TLP - Traffic Light Protocol, Clint Marsden talks about Defending Against Scattered Spider: Understanding Their Tactics, Techniques, and Procedures.
Key Takeaways
Understanding Scattered Spider: Scattered Spider, also known as Roasted Octopus or Octo Tempest, utilizes various legitimate tools for malicious purposes.
Common Tools and Techniques: They employ tools for reconnaissance (PingCastle, ADRecon), credential dumping (Mimikatz, Lazagne), Remote access (Screen Connect, Team Viewer), and VPN (Tailscale).
Social Engineering Tactics: Their methods include impersonation, MFA fatigue (MFA bombing), and SIM swapping to gain access.
Persistence Mechanisms: They maintain access through methods like automatic account linking and adding additional MFA tokens
Defense Strategies: Implement strong identity verification, monitor for unusual activity, and educate users social engineering & smishing
Quotes
"By understanding their tactics, techniques, and procedures, or TTPs, you can better defend your network and improve its security posture."
"There's a lot of push on recognizing phishing emails and hovering over links and verifying the sender, but not enough focus on social engineering training for staff"
Action Points
Review Service Desk Processes: Ensure robust identity verification to prevent social engineering.
Monitor for Unusual Activity: Regularly audit and set up automated alerts for suspicious MFA changes or logins.
Educate Users: Conduct training on recognizing phishing and social engineering techniques.
Test Tools in a Lab: Use the mentioned tools to simulate attacks and improve defensive measures by analyzing security logs and infrastructure.
Mentioned Resources
Remote monitoring and management or RMM tools
Fleetdeck.io
Level.io
Ngrok Mitre Ref: [S0508]
Screenconnect
Splashtop
Teamviewer
Pulseway
Tactical RMM
Reconnaissance:
PingCastle - https://www.pingcastle.com/
ADRecon - https://github.com/sense-of-security/ADRecon
Advanced IP Scanner - https://www.advanced-ip-scanner.com/
Govmomi - https://github.com/vmware/govmomi
Cred dumpers:
Mimikatz - https://github.com/ParrotSec/mimikatz
Hekatomb - https://github.com/ProcessusT/HEKATOMB
Lazagne - https://github.com/AlessandroZ/LaZagne
gosecretsdump - https://github.com/C-Sto/gosecretsdump
smbpasswd.py - (as part of Impacket) - https://github.com/fortra/impacket/blob/master/examples/smbpasswd.py
LinPEAS - https://github.com/peass-ng/PEASS-ng/tree/master/linPEAS
ADFSDump - https://github.com/mandiant/ADFSDump
VPN:
Tailscale - Provides virtual private networks (VPNs) to secure network communications
16 episodi
Condividi
Manage episode 425641123 series 3578563
Contenuto fornito da Clint Marsden. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Clint Marsden o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.
In todays episode of TLP - Traffic Light Protocol, Clint Marsden talks about Defending Against Scattered Spider: Understanding Their Tactics, Techniques, and Procedures.
Key Takeaways
Understanding Scattered Spider: Scattered Spider, also known as Roasted Octopus or Octo Tempest, utilizes various legitimate tools for malicious purposes.
Common Tools and Techniques: They employ tools for reconnaissance (PingCastle, ADRecon), credential dumping (Mimikatz, Lazagne), Remote access (Screen Connect, Team Viewer), and VPN (Tailscale).
Social Engineering Tactics: Their methods include impersonation, MFA fatigue (MFA bombing), and SIM swapping to gain access.
Persistence Mechanisms: They maintain access through methods like automatic account linking and adding additional MFA tokens
Defense Strategies: Implement strong identity verification, monitor for unusual activity, and educate users social engineering & smishing
Quotes
"By understanding their tactics, techniques, and procedures, or TTPs, you can better defend your network and improve its security posture."
"There's a lot of push on recognizing phishing emails and hovering over links and verifying the sender, but not enough focus on social engineering training for staff"
Action Points
Review Service Desk Processes: Ensure robust identity verification to prevent social engineering.
Monitor for Unusual Activity: Regularly audit and set up automated alerts for suspicious MFA changes or logins.
Educate Users: Conduct training on recognizing phishing and social engineering techniques.
Test Tools in a Lab: Use the mentioned tools to simulate attacks and improve defensive measures by analyzing security logs and infrastructure.
Mentioned Resources
Remote monitoring and management or RMM tools
Fleetdeck.io
Level.io
Ngrok Mitre Ref: [S0508]
Screenconnect
Splashtop
Teamviewer
Pulseway
Tactical RMM
Reconnaissance:
PingCastle - https://www.pingcastle.com/
ADRecon - https://github.com/sense-of-security/ADRecon
Advanced IP Scanner - https://www.advanced-ip-scanner.com/
Govmomi - https://github.com/vmware/govmomi
Cred dumpers:
Mimikatz - https://github.com/ParrotSec/mimikatz
Hekatomb - https://github.com/ProcessusT/HEKATOMB
Lazagne - https://github.com/AlessandroZ/LaZagne
gosecretsdump - https://github.com/C-Sto/gosecretsdump
smbpasswd.py - (as part of Impacket) - https://github.com/fortra/impacket/blob/master/examples/smbpasswd.py
LinPEAS - https://github.com/peass-ng/PEASS-ng/tree/master/linPEAS
ADFSDump - https://github.com/mandiant/ADFSDump
VPN:
Tailscale - Provides virtual private networks (VPNs) to secure network communications
16 episodi
Tutti gli episodi
×
Benvenuto su Player FM!
Player FM ricerca sul web podcast di alta qualità che tu possa goderti adesso. È la migliore app di podcast e funziona su Android, iPhone e web. Registrati per sincronizzare le iscrizioni su tutti i tuoi dispositivi.
Simile a TLP - The Digital Forensics Podcast
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
We help founders make something people want.
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
The Fragmented Podcast is the leading Android developer podcast started by Kaushik Gopal & Donn Felker. Our goal is to help you become a better Android Developer through conversation & to capture the zeitgeist of Android development. We chat about topics such as Testing, Dependency Injection, Patterns and Practices, useful libraries, and much more. We will also be interviewing some of the top developers out there. Subscribe now and join us on the journey of becoming a better Android Developer.
…
continue reading
Discover a whole new take on Artificial Intelligence with Squirro's educational podcast! Join host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and their incredible impact on society, and y ...
…
continue reading
Three nerds discussing tech, Apple, programming, and loosely related matters.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Marc Fennell and a team of people far smarter than him (his words, not ours) take a fun deep dive into how technology is reshaping our lives.
…
continue reading
Player FM - App Podcast
Vai offline con l'app Player FM !
Vai offline con l'app Player FM !
