SolarWinds breach: Insights from the trenches | Live incident response demo | Cyber Work Podcast
It’s been a busy week for cybersecurity professionals as they respond to the SolarWinds breach. On December 13, the Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive to immediately “disconnect or power down SolarWinds Orion products" as they were being actively exploited by malicious actors.
Infosec Skills author and KM Cyber Security managing partner Keatron Evans is helping numerous clients respond to the breach. In this live discussion and incident response demo (recorded Friday, December 18) he covers:
0:00 Intro
1:22 Agenda
4:55 What happened with the SolarWinds breach
15:58 Immediate action you can take
19:14 Industry responses
25:40 FireEye IOCs and Snort rules
29:20 Live demo of Snort
44:30 Live demo of memory forensics
1:09:30 Q&A with live attendees
1:29:40 Keatron's courses and outro
SolarWinds and incident response resources discussed by Keatron:
– FireEye Mandiant SunBurst countermeasures: https://github.com/fireeye/sunburst_countermeasures
– McAfee analysis into the SUNBURST backdoor: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/additional-analysis-into-the-sunburst-backdoor/
– Keatron's free Cyber Work Applied training videos: https://www.infosecinstitute.com/learn/
– Keatron's Infosec Skills courses: https://www.infosecinstitute.com/authors/keatron-evans/
— Follow Keatron on LinkedIn: https://www.linkedin.com/in/keatron/
– Follow Keatron on YouTube: https://www.youtube.com/channel/UCsS-2IWyoQDOe5UImFWsIVQ
About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
Видео SolarWinds breach: Insights from the trenches | Live incident response demo | Cyber Work Podcast канала Infosec
Infosec Skills author and KM Cyber Security managing partner Keatron Evans is helping numerous clients respond to the breach. In this live discussion and incident response demo (recorded Friday, December 18) he covers:
0:00 Intro
1:22 Agenda
4:55 What happened with the SolarWinds breach
15:58 Immediate action you can take
19:14 Industry responses
25:40 FireEye IOCs and Snort rules
29:20 Live demo of Snort
44:30 Live demo of memory forensics
1:09:30 Q&A with live attendees
1:29:40 Keatron's courses and outro
SolarWinds and incident response resources discussed by Keatron:
– FireEye Mandiant SunBurst countermeasures: https://github.com/fireeye/sunburst_countermeasures
– McAfee analysis into the SUNBURST backdoor: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/additional-analysis-into-the-sunburst-backdoor/
– Keatron's free Cyber Work Applied training videos: https://www.infosecinstitute.com/learn/
– Keatron's Infosec Skills courses: https://www.infosecinstitute.com/authors/keatron-evans/
— Follow Keatron on LinkedIn: https://www.linkedin.com/in/keatron/
– Follow Keatron on YouTube: https://www.youtube.com/channel/UCsS-2IWyoQDOe5UImFWsIVQ
About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
Видео SolarWinds breach: Insights from the trenches | Live incident response demo | Cyber Work Podcast канала Infosec
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
How to Become an Incident Responder
SANS Emergency Webcast: What you need to know about the SolarWinds Supply-Chain Attack
How the Best Hackers Learn Their Craft
SolarWinds, The Biggest Case of Cyber-Espionage Yet
Hiring a ransomware negotiator: Tactics, tips and careers | Cyber Work Podcast
Finding SolarWinds / SUNBURST backdoors with Zeek, Suricata, & Corelight
The threats arising from the massive SolarWinds hack
Cybersecurity careers: Risk management, privacy and healthcare security | Cyber Work Podcast
SUNBURST SolarWinds Malware - Tools, Tactics and Methods to get you started with Reverse Engineering
SolarWinds: What It Means & What’s Next
Huntworld - SANS Threat Hunting & Incident Response Summit 2017
The 5 pillars of cybersecurity framework | Cyber Work Podcast
Vulnerability hunting and ecommerce safety | Cyber Work Podcast
Updates on the SolarWinds Sunburst Supply Chain Attack | FireEye Hack
Understanding the SolarWinds hack
Solarwinds Orion Hack December 2020
Ask an expert: How to start and advance your cybersecurity career
Coding Expectations for Malware & Pentesting
A former NSA hacker breaks down the FireEye hack