SANS CyberCast SANS@MIC - Stealth persistence strategies

  • Webcast Aired Monday, 30 Mar 2020 3:30PM EDT (30 Mar 2020 19:30 UTC)
  • Speaker: Erik Van Buggenhout

This talk will introduce some more interesting stealth techniques! We'll include fancy new techniques and techniques that have been around for a while, yet remain super-effective. Some examples we'll discuss:

-Application shimming

-COM object hijacking

-Office persistence

-AppCert, AppInit and Netsh helper DLLs

WARNING: We will do live demos, so get ready. 'We'll cover how they can be implemented, but also how they can be detected and possibly prevented