Feb. 7, 2024, 5:49 p.m. | Black Hat

Black Hat www.youtube.com

...In this talk, we will present how defenders and analysts can utilize these features in Windows to track and defend against RPC-based attacks. We will also demonstrate their effectiveness in analyzing RPC data and detecting malicious traffic. Finally, we will share signatures that we wrote to detect many common lateral movement techniques and one-days....

By: Stiv Kupchik

Full Abstract and Presentation Materials: https://www.blackhat.com/us-23/briefings/schedule/#lifting-the-fog-of-war---monitoring-identifying-and-mitigating-ms-rpc-based-threats-32792

analysts attacks can data defenders detect features fog of war malicious monitoring rpc share signatures threats track traffic war windows

Deputy Chief Information Security Officer

@ United States Holocaust Memorial Museum | Washington, DC

Humbly Confident Security Lead

@ YNAB | Remote

Information Technology Specialist II: Information Security Engineer

@ WBCP, Inc. | Pasadena, CA.

Consultant Sénior Cyber Sécurité H/F

@ Hifield | Lyon, France

Staff Application Security Engineer (AppSec) - Open to remote across ANZ

@ Canva | Sydney, Australia

Consultant Senior en Gestion de Crise Cyber et Continuité d’Activité H/F

@ Hifield | Sèvres, France