Threat Hunting//
Threat Hunting Case Study: FileFix
FileFix bypasses Mark of the Web (MotW) protections by hijacking the Windows File Explorer address bar. Here is how to hunt for it.
Bluma Janowitz is a social engineer and red team agent. She specializes in what are called red-teaming exercises, which are designed to test an organization’s defenses against malicious hackers. She might try to trick employees into giving up sensitive information over the phone or drop USB drives in places where curious people might put them in their computers. She talks her way into buildings and does discreet Wi-Fi scans, taking photos along the way. These techniques are known as social engineering. Threat actors have been using social engineering as a tool to gain access for decades, and in fact, it remains one of the most potent ones today. Bluma does these exercises to help companies get better at security. That’s because access is everything. If access control is compromised, the consequences can be severe. In this episode of Cybercrime Exposed, Bluma describes two of her engagements. Would you fall for the tricks?
Participants:
Bluma Janowitz, Social Engineering and Red Team Agent
Jeremy Kirk, Executive Editor, Cyber Threat Intelligence, Intel 471
