))
Impacket, SIMATIC, Alchemist and Mirai - oh my!
Manage episode 364421144 series 3478620
Content provided by Robin Johns and Bill Carter. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Robin Johns and Bill Carter or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
1) Impacket - All your Bases
The Impacket tool was used by APTs to target the US Defense Industrial Base sector. The initial vector was unknown, but how do you identify reconnaissance and exfiltration in your organization?
2) PLCs - Patching is Logical
A critical vulnerability with a 9.3 CVSS score was found in the Siemens SIMATIC programmable logic controllers (PLCs) and the controlling portal, allowing the theft of cryptographic keys. What are you doing to prevent your IoT from being hacked?
3) Alchemist - Turning Vulnerabilities into Gold
A previously undocumented C2 framework is being used to target Windows, macOS, and Linux machines; with the Alchemist toolset granting anybody that can point/click the ability to create a botnet. Are you vulnerable?
4) Mirai - Another Word
In episode 001, we shared that we saw Mirai as a top-10 intercept at Cato Networks in the wild. Since then, Mirai has been used to orchestrate a 2.5Tbps DDoS attack on the Wynncraft Minecraft server. How could this have been prevented?
34 episodes
Share
