Endpoint Security Got You Down? No PowerShell? No Problem

Black Hills Information Security

Do your PowerShell scripts keep getting caught? Tired of dealing with EDRs & Windows Defender every time you need to pop a box? In this one-hour webcast, we introduce a somewhat new Red Team approach that we call BYOI (Bring Your Own Interpreter).  Turns out, by harnessing the powah of C# and the .NET framework you can embed entire interpreters inside of a C# binary. This allows you to dynamically access all of the .NET API from a scripting language of your choosing without going through Powershell in any way!  We also cover some basic .NET & C# concepts in order to understand why this is possible and all the hype surrounding offensive C# tradecraft.
Watch Now

Spotlight

This is an article about how cybersecurity gets “made,” with a focus on the role of commercial computer security firms in generating knowledge in matters of international cybersecurity. The argument is two-fold. Firstly, malware may be an intangible artefact in some ways, but its success and its interpretation as malware is deeply interwoven in social, technical, and material alliances.

OTHER ON-DEMAND WEBINARS

Is GDPR Working? Lessons from Data & the Field

BitSight

Find out what data tells us about the effectiveness of GDPR. After years of debate over whether to impose new cybersecurity regulations on companies, the General Data Protection Regulation (GDPR) went into effect in Europe in May 2018. Already we’re seeing data breach victims ordered to pay fines under the new rules, and cookie disclosure notices are popping up on more websites than ever.
Watch Now

Kali Linux Overview: Tips, Tricks and Traps for Cybersecurity Professionals

CompTIA

Dr. James Stanger, CompTIA's Chief Technology Evangelist, has consulted with corporations, governments and learning institutions worldwide about cybersecurity, open source, network administration and help desk management for over 20 years. Organizations he has worked with include RSA, IBM, NTT Japan, Symantec, the Scottish Qualifications Authority (SQA), the US Department of Defense (DoD), the United Arab Emirates Cultural Division, the US Department of State, Meisei University, and General Dynamics.
Watch Now

The Future of Phishing: It’s all about your customers

SEGASEC

While current anti-phishing solutions usually cover basic entry-level phishing scams using reactive inside-the-firewall defenses, a billion of potential variations of sophisticated phishing scams are already being planned and executed everywhere on the internet, entirely undisturbed, evading most current detection tools. Todays phishing attacks are no longer performed by scruffy hoodie covered villains, but by sophisticated, risk-calculating, online marketing experts who take social engineering to new heights. By constantly using A/B testing to improve their technology with each attack, they know how to tell a convincing story that would trick even the savviest users, causing irreversible reputational and financial damages to brands worldwide.
Watch Now

Managing Cyber Security Risks

Ever wonder how businesses get exposed to cyber-attacks like ransomware, phishing, social engineering scams, and more? Is your organization vulnerable to these threats? If you are uncertain about the vulnerabilities in your business that could lead to a major loss in productivity, revenue… or worse… attend this webinar and learn how to identify risk factors and bolster your organization’s defenses.
Watch Now

Spotlight

This is an article about how cybersecurity gets “made,” with a focus on the role of commercial computer security firms in generating knowledge in matters of international cybersecurity. The argument is two-fold. Firstly, malware may be an intangible artefact in some ways, but its success and its interpretation as malware is deeply interwoven in social, technical, and material alliances.

resources