With sophisticated attacks on the rise and IT teams struggling to keep up, Threat Intelligence (TI) and Core Security have organised an educational webcast to be held at the end of this month.
TI and Core Security have collaborated in the development of TI’s Reverse DNS Tunnelling Shellcode into Core Impact - which Core Security brands as its DNS Channel, a covert communication channel for its exploit framework.
DNS Channel is designed to bypass organisations' border security, allowing exploits to communicate back to the remote attacker.
The two organisations jointly demonstrated DNS Channel at Black Hat 2015 and are now bringing the presentation to Australia as a webcast - on Wednesday September 30 at 11:00PM (AEST).
Ty Miller, Threat Intelligence founder, and Alberto Solino, Core Security’s ‘technical guru’, will explain and illustrate some of the attack technologies currently being used to exfiltrate data from organisations and maintain persistency inside a network.
They will discuss DNS Tunnelling, touching on combinations of advanced attack techniques, including the DNS Channel and attacking Windows systems using WMI.
They will also introduce a demonstration combining Windows WMI to install backdoor agents onto systems to gain persistent control over the victim, and then getting the agents to communicate back to the attacker via the covert DNS channel. This will be performed using Core Impact Pro.
Miller says, “Defending your organisation’s critical assets and data from a breach is not a game. To detect and mitigate risks, information security teams need to stay up-to-date with modern attack techniques.
“The webinar is a rare opportunity to hear and see the latest developments and to learn how to quantitatively assess and measure threats to critical information assets.”
Sarah Maloney, Core Security content marketing and creative design manager, says, “This is an exciting opportunity to introduce Core Security to audiences in Australia and promote the strength of our joint efforts with TI.”