8 hours 39 minutes
Hello and congratulations on the successful completion of the persistence module of the application of the minor attack framework discussions. So what should we know at this point? Well, we looked at accessibility features, and within that we discussed what that was
common attack methods. We talked about sticky keys on RTP,
some mitigation techniques and some detection techniques. We then stepped into boot kits. We describe what those were, how they could be used and again looking at mitigation and detection techniques. We then went through browser extensions, talking about the
threat actors that took advantage of the Google chrome extensions to steal. Use your information.
We looked at browser extension as far as what then is defined as, and that it is not limited to just Google chrome, but could be in any browser that allows for the installation of extensions. We then talked about component from where and how it was different in system firmware, and then it involves the
firmware of components attached
to the system. Now, within this particular review, we noted that mitigation techniques are quite difficult and training would need to be pretty particular Is far spike forensic level training to potentially detect manipulation of this firmware and of these components.
We then got into account creation or create account as a persistent mechanism. This is where a threat actor again creates an account in order to pose as a legitimate user or something that would not maybe be out of place if we were viewing that. Typically,
threat actors create accounts to avoid
detection mechanisms and Anna virus that may pick up malware and things of that nature that they would use to install backdoors, Trojan, anything of that nature.
And then we talked about hooking, which is essentially process hooking, and we looked at how that could be used some mitigation techniques and detection techniques as well. We then got into new service where a threat actor came creating new service or inject themselves into a service
that could allow them to get system level privilege. We talked about mitigation and detection techniques here as well.
Now I hope you enjoyed the case study. I hope you found it to be a value, and I want to congratulate you again, and I look forward to seeing you again soon.