Irish Podcasts Irish Podcasts
Analyzing Malware at Scale - John Hammond - PSW #845

Analyzing Malware at Scale - John Hammond - PSW #845

Paul's Security Weekly (Audio) · 2024-10-02
03:07:23

This episode of Paul Security Weekly features John Hammond, a senior security researcher from Huntress, discussing malware analysis. Hammond dives into the analysis of Ocean Lotus attacks, highlighting the use of stealthy techniques like alternate data streams and DLL side-loading. The conversation also touches on the challenges of combating attackers who leverage ‘bring your own vulnerable driver’ techniques to gain kernel-level privileges. The hosts discuss the need for secure-by-default configurations and the ongoing struggle to combat attackers who exploit vulnerabilities. The episode concludes with a discussion on how to improve the security of the industry.

Segment Resources:

https://www.huntress.com/blog/the-hackers-in-the-arena-the-huntress-ctf-retrospective https://www.huntress.com/blog/fake-browser-updates-lead-to-boinc-volunteer-computing-software

Automated tank gauges are leaking more than just fuel, while CUPS is serving up a steaming hot brew of vulnerabilities. Meanwhile, Supermicro's BMC firmware is giving away root access like it's going out of style. If you thought your Kia was safe, think again - all it takes is a license plate and 30 seconds to turn your car into a hacker's joyride. China's been busy building a massive IoT botnet called Raptor Train. It's been chugging along undetected for four years. NIST has decided that your password doesn't need to be a cryptographic masterpiece anymore. No more special characters or arbitrary changes - just make it long and don't use "password123". A Texas hospital is playing a game of "hot potato" with ambulances thanks to a ransomware attack. More thoughts on known exploited vulnerabilities, firmware unpacking tools lowdown, Aruba, Bahama, come-on command injection, and kids changing the name of their school!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-845

Paul's Security Weekly (Audio)

For the latest in computer security news, hacking, and research! We sit around, drink beer, and talk security. Our show will feature technical segments that show you how to use the latest tools and techniques. Special guests appear on the show to enlighten us and change your perspective on information security. Note: This is only Paul's Security Weekly, a 2-hour show recorded once per week.

Where can you listen?

Apple Podcasts Logo Podtail Logo Google Podcasts Logo RSS

Episodes