Analyzing Malware at Scale – John Hammond – PSW #845
This episode of Paul Security Weekly features John Hammond, a senior security researcher from Huntress, discussing malware analysis. Hammond dives into the analysis of Ocean Lotus attacks, highlighting the use of stealthy techniques like alternate data streams and DLL side-loading. The conversation also touches on the challenges of combating attackers who leverage ‘bring your own vulnerable driver’ techniques to gain kernel-level privileges. The hosts discuss the need for secure-by-default configurations and the ongoing struggle to combat attackers who exploit vulnerabilities. The episode concludes with a discussion on how to improve the security of the industry.
Segment Resources:
Guest
John Hammond is a cybersecurity researcher, educator and content creator. As part of the Research & Development Threat Operations team at Huntress, John spends his days analyzing malware and making hackers earn their access. Previously, as a Department of Defense Cyber Training Academy instructor, he taught the Cyber Threat Emulation course, educating both civilian and military members on offensive Python, PowerShell, other scripting languages and the adversarial mindset. He has developed training material and information security challenges for events such as PicoCTF and competitions at DEFCON US. John speaks at security conferences such as BsidesNoVA, to students at colleges such as the US Naval Academy, and other online events including the SANS Holiday Hack Challenge/KringleCon. He is an online YouTube personality showcasing programming tutorials, CTF video walkthroughs and other cyber security content.
