Story image

Understanding sophisticated attacks with TI and Core Security

28 Sep 15

With sophisticated attacks on the rise and IT teams struggling to keep up, Threat Intelligence (TI) and Core Security have organised an educational webcast to be held at the end of this month.

TI and Core Security have collaborated in the development of TI’s Reverse DNS Tunnelling Shellcode into Core Impact - which Core Security brands as its DNS Channel, a covert communication channel for its exploit framework.

DNS Channel is designed to bypass organisations' border security, allowing exploits to communicate back to the remote attacker.

The two organisations jointly demonstrated DNS Channel at Black Hat 2015 and are now bringing the presentation to Australia as a webcast - on Wednesday September 30 at 11:00PM (AEST).

Ty Miller, Threat Intelligence founder, and Alberto Solino, Core Security’s ‘technical guru’, will explain and illustrate some of the attack technologies currently being used to exfiltrate data from organisations and maintain persistency inside a network.

They will discuss DNS Tunnelling, touching on combinations of advanced attack techniques, including the DNS Channel and attacking Windows systems using WMI.

They will also introduce a demonstration combining Windows WMI to install backdoor agents onto systems to gain persistent control over the victim, and then getting the agents to communicate back to the attacker via the covert DNS channel. This will be performed using Core Impact Pro.

Miller says, “Defending your organisation’s critical assets and data from a breach is not a game. To detect and mitigate risks, information security teams need to stay up-to-date with modern attack techniques.

“The webinar is a rare opportunity to hear and see the latest developments and to learn how to quantitatively assess and measure threats to critical information assets.”

Sarah Maloney, Core Security content marketing and creative design manager, says, “This is an exciting opportunity to introduce Core Security to audiences in Australia and promote the strength of our joint efforts with TI.”

Three ways to achieve data security whilst enabling BYOD
"A mobility strategy is now more important than ever before, that said, selecting the right one is often no small task."
Mobile Infrastructure market sees fastest growth since 2014
The report from Dell’Oro shows that while the vendor rankings for the top three vendors remained unchanged with Huawei, Ericsson, and Nokia leading.
HPE unveils AI-driven operations for ProLiant, Synergy and Apollo servers
With global learning and predictive analytics capabilities based on real-world operational data, HPE InfoSight supposedly drives down operating costs.
How IoT and hybrid cloud will change in 2019
"Traditional VPN software solutions are obsolete for the new IT reality of hybrid and multi-cloud."
Enterprises to begin closing their data centres
Dan Hushon predicts next year companies will begin bidding farewell (if they haven't already) to their onsite data centres.
Citrix acquires micro app platform Sapho
Sapho’s micro applications improve employee productivity by consolidating access to tools, activities and tasks in a simple and unified work feed.
HPE expands AI-driven operations
HPE InfoSight extends select predictive analytics and recommendation capabilities to HPE servers, enabling smarter, self-monitoring infrastructure.
Dimension Data nabs three Cisco partner awards
Cisco announced the awards, including APJ Partner of the Year, at a global awards reception during its annual partner conference.