Logging is what allowed us to catch and understand an advanced Chinese attack. Learn what we did and know so you can do it too.
Windows logs are solid gold if you know what to Enable, Configure, Gather and Harvest. When hacked they can tell you what you need to know to find and harvest the malware. This class walks through a Chinese advanced attack and what information in the logs allowed us to harvest their malware and understand what it and they were doing. Details of the attack will be covered as well as information shared to allow you to catch a similar type of attack. This class will show Chinese Red Team pwnage at its finest, but is designed to be Blue Team Defense in nature so you can learn from those that have been through an advanced attack. What works and why will also be discussed. Handouts will be provided.