Paul's Security WeeklySubscribe
Incident Response, Malware, Security Program Controls/Technologies

Pen Testing & Adversary Emulation – Carlos Perez – PSW #789

In this segment we welcome Carlos Perez back to the show! Carlos will discuss methods we can use to hide one systems and cover our tracks. We'll cover how on a system (as administrator) the blue team's struggle using default logs or even on a default install of Sysmon to detect an attacker. Attackers can selectively disable modern event log providers, take action and then re-enable. We will demo this and how to best monitor for this technique.

Full episode and show notes

Announcements

  • Stay up-to-date with us on X (formerly known as Twitter) for the latest show clips and updates! Find us @SecWeekly and stay connected with our cybersecurity community.

Guest

Principal Consultant, Team Lead for Research at TrustedSec

Carlos is currently the Principal Consultant, Team Lead for Research at TrustedSec and well-known for his research on both Metasploit and Windows Powershell. His blog www.darkoperator.com carries the tag line: “Shell Is Only The Beginning”.

Hosts

Principal Security Researcher at Eclypsium
Sr. InfoSec Consultant at Online Business Sytems
Executive Director at Guardedrisk
Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

Related

Hacker Heroes – Aaron Turner – PSW Vault

In this Hacker Heroes episode, we sit down with Aaron Turner, a highly respected figure in the realm of cybersecurity. With a career spanning decades, Aaron has established himself as a thought leader and authority on various aspects of information security. As a seasoned cybersecurity professional, Aaron has navigated the evolving landscape of d...

You can skip this ad in 5 seconds