WinSCP: Yeah you know me! | SANS@MIC Talk

Channel:
United States SANS Institute
Subscribers:
64,099
Published on ● Video Link: https://www.youtube.com/watch?v=sCqyAcsVaL0


Duration: 47:20
631 views
18

This presentation covers the artifacts related to WinSCP. WinSCP has traditionally been associated with external access and exfiltration. However, with some recent changes to Windows 10, WinSCP is an attractive option for attackers to leverage to fly under the radar to conduct lateral movement. Join me on a trip through the '90s as we cover WinSCP and the forensic artifacts associated with it.

Speaker Bio

Mari DeGrazia brings her puzzle-solving skills to her position as Senior Director of Incident Response at Kroll Cyber Security, where she leads high-profile incident response cases and helps clients find and respond to attackers in their environment. In her role as a SANS instructor for FOR500: Windows Forensic Analysis, Mari draws on nearly 20 years of experience in the IT industry, including 10 years in Digital Forensics and incident Response (DFIR).



Other Videos By SANS Institute


2020-06-16Arcane Web and Mobile Application Vulnerabilities | SANS@MIC Talk
2020-06-16A Walk Through Logs Hell | SANS@MIC Talk
2020-06-12Shellcode Analysis 101 | SANS@MIC Talk
2020-06-09SANS Live Online Interactive Remote Lab and Range Demo – SEC599: Defeating Advanced Adversaries
2020-06-09SANS Live Online Interactive Local Lab Demo – FOR508: Advanced Incident Response
2020-06-09SANS Live Online Interactive Live Lab Environment Demo: Slack, Local and Remote Lab Demonstrations
2020-06-09CYA by Using CIA -- Correctly For a Change | SANS@MIC Talk
2020-06-09Remote Forensic Investigations in the Context of COVID-19 | SANS@MIC Talk
2020-06-05Waiting for a cyber range exercise is not enough | SANS@MIC Talk
2020-06-03Case Study: Airbus
2020-06-02WinSCP: Yeah you know me! | SANS@MIC Talk
2020-05-28Prioritizing OT Security Efforts: The Five Tactical Things to Accomplish | SANS@MIC Talk
2020-05-28Introduction to Docker for security work | SANS@MIC Talk
2020-05-27Threat Hunting and the Rise of Targeted eCrime Intrusions | STAR Webcast
2020-05-21Moving Past Just Googling It: Harvesting and Using OSINT | SANS@MIC Talk
2020-05-20Find_Evil - Threat Hunting | SANS@MIC Talk
2020-05-18Tricking modern endpoint security products | SANS@MIC Talk
2020-05-18Modern Domain Deception - The risk, issues and potentiality | SANS@MIC Talk
2020-05-14Cloud Native Payloads: A Matryoshka Doll of Exploits | SANS@MIC Talk
2020-05-14Incident Response in ICS in times of Lockdown | SANS@MIC Talk
2020-05-13SANS – Your Source for Cybersecurity Training – Live Online


Tags:
sans institute
information security
cyber security
cybersecurity
information security training
cybersecurity training
cyber security training
WinSCP