Everand Logo

Welcome to Everand!

  • Discover this podcast and so much more

    Podcasts are free to enjoy without a subscription. We also offer ebooks, audiobooks, and so much more for just $11.99/month.

    Special: Coordinated Release of Detection Rules for CobaltStike Abuse

    Special: Coordinated Release of Detection Rules for CobaltStike Abuse

    FromCloud Security Podcast by Google

    Start listeningView podcast show

    Special: Coordinated Release of Detection Rules for CobaltStike Abuse

    FromCloud Security Podcast by Google

    ratings:
    Length:
    21 minutes
    Released:
    Nov 17, 2022
    Format:
    Podcast episode

    Description

    Guest: Greg Sinclair, Security Engineer @ Google Cloud Topics: Could you tell us a bit about your background and how you ended up here at Google? Also, tell us about your team here? We're very excited about the release of the CobaltStrike rules. Could you share more about what they are looking for and second why this is so valuable? How did CobaltStrike come to be so widely used by bad guys? When you were doing this research what was the most surprising thing you uncovered? Could you tell us about the coordinated disclosure aspects of this work? In the past you've contributed research to our Threat Horizons reports, could you tell us about that? Resources: Making CobaltStike harder for threat actors to abuse blog CobaltStrike YARA-L rules CobaltStrike site “Cobalt Strike Usage Explodes Among Cybercrooks” Google Cybersecurity Action Team Threat Horizons Report #4 Is Out! Detection as Code? No, Detection as COOKING!
    Released:
    Nov 17, 2022
    Format:
    Podcast episode

    Titles in the series (100)

    Cloud Security Podcast by Google focuses on security in the cloud, delivering security from the cloud, and all things at the intersection of security and cloud. Of course, we will also cover what we are doing in Google Cloud to help keep our users' data safe and workloads secure. We’re going to do our best to avoid security theater, and cut to the heart of real security questions and issues. Expect us to question threat models and ask if something is done for the data subject’s benefit or just for organizational benefit. We hope you’ll join us if you’re interested in where technology overlaps with process and bumps up against organizational design. We’re hoping to attract listeners who are happy to hear conventional wisdom questioned, and who are curious about what lessons we can and can’t keep as the world moves from on-premises computing to cloud computing.