In this month's Security knowledge-sprint session we will cover how easy it is for threat actors to bypass EDR and some of the TTPs involved during living of the land attacks.
Threat actors often use Cobalt Strike, a tool turned weapon by malicious actors and its rich feature set lowers the technical barrier to entry for ransomware gangs. We are seeing more financially motivated threat actors using the same tool that was previously only available to nation-state threat operations. In this 30-minute sprint session our Secops team members will cover some demonstrations and examples to;
- Understand how Cobalt Strike works and how it can be detected with Crystal Eye
- Identify the detection techniques that don't work and how EDR can be bypassed.
- Learn about the role good CTI and Crystal Eye's Automated Actionable Intelligence plays in mitigating attacks leveraging Cobalt Strike.
- Learn to understand the cyber kill chain and the stages of attack with these types of LOl threats.
Event Details
Where: Online via Demio
When: Thursday, 4th April 2024
Time: 11:30 AM - 12:30 PM AWST
02:30 PM - 03:30 PM AEDT
02:00 PM - 03:00 PM ACDT
03:30 AM - 04:30 AM UTC
International Scheduling:
EU Session - Thursday, 4th April 2024
Time: 12:00 PM - 01:00 PM CEST
06:00 PM - 07:00 PM AWST
09:00 PM - 10:00 PM AEDT
08:30 PM - 09:30 PM ACDT
10:00 AM - 11:00 AM UTC
US Session - Thursday, 4th April 2024
Time: 09:00 AM - 10:00 AM EDT
09:00 PM - 10:00 PM AWST
12:00 AM - 01:00 AM AEST Next day
11:30 PM - 12:30 AM ACST Next day
01:00 PM - 02:00 PM UTC
Key Presenters
Ben Aylett - Product Manager at Red Piranha
Damien Peters - Cyber Security Engineer at Red Piranha
Adrian Gough - Pen Tester and Security Analyst at Red Piranha