Sometimes it seems like the bad guys have all the advantages, but the more we study their techniques, the more opportunities we find to exploit weak spots or dependencies on the attacker side. Advanced attackers have the patience and motivation to play the long game of greater sophistication, but the good news is that we can take advantage of that.
In this real training for free event, I will show you the infrastructure that attackers must set up prior to launching certain advanced attacks against your organization including:
- Domain names
- Redirectors
- Short and long haul C2 servers
- Phishing servers
- Payload servers
- SMTP relays
- Domain fronting
- Domain categorization
The bad guys use all of this infrastructure for more than payload delivery and C2. They implement many of these elements to:
- Fool end-users
- Blend in with legitimate traffic on your network
- Retain access even if you “burn” elements of their infrastructure
That last bullet point is important because attackers expect you to detect part of their attack and block the associated domain names or IP addresses. If they are sophisticated enough to be ready for that, they simply “roll” that element and the attack continues. But if you know how to pivot off data like this you can often find the rest of their infrastructure and shut it down. Which brings me to the next part of this event.
The more sophisticated the attack the more infrastructure required which increases their own attack surface. After I show you what, how and why attackers need and use infrastructure, Taylor Wilkes-Pierce, lead sales engineer at DomainTools, will show you how to leverage this knowledge to:
- Identify attacks while they are still in the setup stage
- Take a single element, like a domain name, and pivot on it to discover the rest of the infrastructure
Our sponsor, DomainTools, will briefly demonstrate how they leverage and enrich truly massive amounts of big data to help you identify malicious domains and more.
Please join us for this real training for free Session.