CPE Cyber Attack Lab #1

Malware, C&C, and DNS Exfiltration

Wed, August 12 | 10:00 AM ET

What's behind those malicious Word macros that users just love to enable?

Watch our IR team convince a user to open an infected document, giving us a reverse shell. We'll use that connection to recon the network, run a pass-the-hash attack, and sneak some top-secret data out via DNS tunneling.

Then learn, step-by-step, how you can use Varonis to run a fast and conclusive investigation—without wasting hours stitching logs or running reports.

+1 CPE

Register Now

About this webinar

See how Varonis uncovers indicators of compromise at every turn as our adversary:

Gets their victim to open a malicious attachment
Drops malware via a Word macro
Establishes a reverse shell
Does network recon to find interesting hosts
Moves laterally and elevates privileges using pass the hash
Exfiltrates data via DNS tunneling

Ian McIntyre Security Analyst, Varonis

Ian McIntyre is a Security Analyst on the Security Architecture and Incident Response team at Varonis. In his position at Varonis, Ian helps customers understand and implement the full scope of Varonis’ detection and alerting capabilities, as well as assisting customers through cybersecurity investigations. Specific areas of interest include training SOC teams on how to analyze and triage Varonis alerts, and building full activity timelines of suspected insider threats.

"Having Varonis is a continually eye-opening -- and sometimes alarming -- experience. A few months ago, a non-HR user opened up an HR folder that contained sensitive employee salary information. With Varonis, I was able to track down the user and review exactly what they had accessed and changed."

Infrastructure Manager, US Federal Credit Union

Want to see Varonis in action?