![]() Bonus content and hands-on exercises to develop your skills beyond the course.A digital index for quick-reference to all material.Visual association maps to break down complex material.Detailed video walkthroughs for all lab exercises.Perpetual access to all hands-on lab exercises.Printed and electronic course books and a hands-on workbook.Unlimited access to all hands-on exercises that never expires.How attackers exploit publicly-accessible systems including Microsoft 365.Attacker steps for internal discovery and lateral movement after an initial compromise.How attackers exploit complex cloud vulnerabilities.Attacker techniques to evade endpoint detection tools.How attackers leverage cloud systems against organizations.Defense spotlight strategies to protect critical assets.Cyber investigation processes using live analysis, network insight, and memory forensics.Leverage PowerShell for data collection and cyber threat analysis.Best practices for effective cloud incident response.Identify threats using host, network, and log analysis. ![]() Apply a dynamic approach to incident response.By getting into the mindset of attackers, you will learn how they apply their trade against your organization, and you will be able to use that insight to anticipate their moves and build better defenses. In the hands-on environment provided by SEC504, you will use the tools of the attackers themselves in order to understand how they are applied and the artifacts the attackers leave behind. To fully grasp the actions attackers take against an organization, from initial compromise to internal network pivoting, you also need to understand their tools and techniques. Understanding the steps to effectively conduct incident response is only one part of the equation. All lab exercises come with detailed walkthrough video content to help reinforce the learning concepts in the course. You never lose access to the lab exercises, and they can be repeated as often as you like. You will work with complex network environments, real-world host platforms and applications, and complex data sets that mirror the kind of work you may be asked to do. You will be able to take the skills and hands-on experience gained in the course back to the office and apply them immediately.Ī big focus in SEC504 is applying what you learn with hands-on exercises: 50% of the course is hands-on where you will attack, defend, and assess the damage done by threat actors. Using indicators of compromise, you will practice the steps to effectively respond to breaches affecting Windows, Linux, and cloud platforms. In SEC504, you will learn how to apply a dynamic approach to incident response. Keeping your organization out of the breach headlines depends on how well incidents are handled to minimize loss to the company. The goal of modern cloud and on-premises systems is to prevent compromise, but the reality is that detection and response are critical. Next, Cama and Zhu used a race condition in the Windows kernel followed by an out-of-bounds write in VMware workstation that linked to executing code on the underlying hypervisor.Immediately apply the skills and techniques learned in SANS courses, ranges, and summits That hack began on VMware Workstation where Fluoroacetate opened an Edge browser and visited a booby-trapped website that contained a confusion bug. The story of the day continued to be Cama and Zhu, who earned an additional $130,000 for a “masterfully crafted exploit chain” that eventually lead to the owning the underlying hypervisor of a VMware Workstation, ZDI reported. They earn $130K plus 13 Master of Pwn points. They used a type confusion in #Edge, a race condition in the kernel, then an out-of-bounds write in #VMware to go from a browser in a virtual client to executing code on the host OS. For their efforts the two earned $50,000. ![]() “They were able to execute code at SYSTEM level just by using Firefox to visit their specially crafted website,” wrote Zero Day Initiative in a write-up of the day’s hacking results. The one-two punch allowed Fluoroacetate to take over the targeted system. ![]() The two trained their skills first on Mozilla Firefox, leveraging a JIT bug in the browser, followed up by an out-of-bounds write exploit in the Windows kernel. The dynamic hacking duo of Amat Cama and Richard Zhu, which make up team Fluoroacetate, had another good day, following Wednesday’s successes. Hackers took down the Mozilla Firefox and Microsoft Edge browsers on Thursday at Pwn2Own, the annual hacking conference held in tandem with CanSecWest, as the competition continued for a second day.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |