About this webinar
What's behind those malicious Word macros that users just love to enable?
Watch our IR team convince a user to open an infected document, giving us a reverse shell. We'll use that connection to recon the network, run a pass-the-hash attack, and sneak some top-secret data out via DNS tunneling.
See how Varonis uncovers indicators of compromise at every turn as our adversary:
- Gets their victim to open a malicious attachment
- Drops malware via a Word macro
- Establishes a reverse shell
- Does network recon to find interesting hosts
- Moves laterally and elevates privileges using pass the hash
- Exfiltrates data via DNS tunneling
Rudi Wynen Account Manager, Varonis
