Hi [[ session.user.profile.firstName ]]

A Peek Inside Threat Research - Dissecting a RAT

There’s no denying the importance of security software in today’s fight against cybercriminals—but automation and alerting is only half the battle.

In this on-demand webinar, Huntress Senior Security Engineer Dave Kleinatland highlights the importance of moving beyond automation with human threat hunting—and takes an under-the-hood look at a RAT to show how IT resellers can identify and respond to modern threats.
Recorded Mar 2 2021 60 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Dave Kleinatland, Senior Security Engineer at Huntress
Presentation preview: A Peek Inside Threat Research - Dissecting a RAT

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Evolving the Hunt with New Huntress Tech and Talent Recorded: Oct 18 2021 87 mins
    Kyle Hanslovan, CEO | Chris Bisnett, Chief Architect
    The cybersecurity landscape is evolving, and so should we. While enterprises can afford to throw everything but the kitchen sink at hackers, this simply isn’t realistic for the other 99% of businesses. Instead, we champion a more proactive and layered approach to security—one that provides comprehensive detection and response at a cost-conscious price point.
  • Rapid Response: Mass MSP Ransomware Incident Recorded: Jul 8 2021 75 mins
    Kyle Hanslovan, CEO | John Hammond, Senior Security Researcher | Caleb Stewart, Security Researcher | Tom Lawrence, President
    The Huntress Founders and members of our ThreatOps Team are hosting an open webinar to advise MSPs and Resellers on how to help their customers recover from a mass ransomware attack like the most recent one deployed through the Kaseya VSA.

    Our team has coached MSPs and Resellers through over 200 of these types of attacks and we'll be sharing how you can make sure you have an action plan for when something like this happens to your business.
  • Redefining Your Stack: A New Step in the MSP Cybersecurity Journey Recorded: Jun 29 2021 51 mins
    Shane Rose, Huntress Security Engineer | Tiffany Ricks, HacWare Founder, CEO, and Chief Hacker
    Developing a cybersecurity stack requires a careful set of balancing acts—too little and clients will look elsewhere, too much and it becomes difficult to manage. So how do you know if you’re offering the right set of services for your SMB clients?

    It’s time to redefine how you think about your security stack in a way that is sellable, and most importantly, fully protects your clients. Join us as we discuss how to bring your ‘A’ game to SMB security, including:

    - The core components of a strong security stack
    - The need for layered security
    - How to tailor the security conversation to win clients over
  • How Hackers Stole $2M in Cryptocurrency Recorded: Jun 22 2021 65 mins
    Kyle Hanslovan, CEO | John Hammond, Senior Security Researcher | Chris Bisnett, Chief Architect | John Ferrell, ThreatOps
    If money were no object—if the world could function without currency, do you think cybercrime would still exist? Obviously, many hackers are in it for the money alone. Bad actors are always looking to make a quick buck, whether by deploying ransomware, selling data on the dark web or mining cryptocurrency. Bitcoin, Ethereum and other digital currencies are entering the world’s stage, but why should a hacker try to mine their own if they can steal from others?

    Join us for our next Tradecraft Tuesday event, where we’ll dive into...
    - How hackers make money—and why cryptocurrency is their payment method of choice
    - How hackers stole more than $2M in cryptocurrencies
    - How they tried to cover their tracks
    - How we caught them red-handed
  • Redefining Your Stack: A New Step in the MSP Cybersecurity Journey Recorded: Jun 17 2021 51 mins
    Shane Rose, Huntress Security Engineer | Tiffany Ricks, HacWare Founder, CEO, and Chief Hacker
    Developing a cybersecurity stack requires a careful set of balancing acts—too little and clients will look elsewhere, too much and it becomes difficult to manage. So how do you know if you’re offering the right set of services for your SMB clients?

    It’s time to redefine how you think about your security stack in a way that is sellable, and most importantly, fully protects your clients. Join us as we discuss how to bring your ‘A’ game to SMB security, including:

    - The core components of a strong security stack
    - The need for layered security
    - How to tailor the security conversation to win clients over
  • Powering Up PowerShell with C# Recorded: May 19 2021 60 mins
    John Hammond, Senior Security Research | Chris Bisnett, Founder & Chief Architect | John Ferrell, Founder & ThreatOps VP
    It's well known that hackers use native programs and scripting languages like PowerShell to attack their targets, but how do they leverage the power of compiled programming languages that can get much closer to the core of the Windows operating system? Join us for Tradecraft Tuesday as we breakdown the technical details of how hackers can harness the C# language, Win32 API and the .NET framework on-the-fly with these higher-level techniques.

    We’ll also dive into more details on:
    - How PowerShell can compile and execute C# inline
    - How native tools like msbuild.exe can compile and execute C#
    - How hackers use reflection techniques to avoid writing to disk with inline C#
    - What you can do to better detect this techniques and hunt for artifacts

    To watch previous episodes, check out: https://www.huntress.com/resources/tradecraft-tuesday
  • Hacking Web Services Recorded: May 6 2021 62 mins
    Kyle Hanslovan, Founder & CEO | Chris Bisnett, Founder & Chief Architect | John Ferrell, Founder & ThreatOps VP
    Hackers are compromising common web servers or content management systems, and leveraging these to do more damage. Join this episode of Tradecraft Tuesday for better insights on patching or detecting hackers like these.
  • Slipping Past Prevention: An Intro to Antivirus Evasion Recorded: Mar 23 2021 59 mins
    Jason Slagle Vice President of Technology at CNWR, Inc. | John Hammond Senior Security Researcher at Huntress
    Ready to put your AV to the test? It’s time to get our hands on the keyboard and start hacking.

    In this session we’ll develop a payload for command and control—and put it to the test against a series of modern antivirus (AV) programs. We’ll pull back the curtain on signature vs. heuristic-based detection, how smart hackers can trick AV, and more. Jam-packed with live demonstrations, this offense-focused session will take you under the hood and show how the bad guys are breaking in.
  • Tales From The Trenches: Hacker Horror Stories Recorded: Mar 23 2021 59 mins
    Felicia King at Quality Plus Consulting | Matt Lee at IconicIT | Dave Kleinatland at Huntress | John Ferrell at Huntress
    If we’ve learned anything from our time in cybersecurity, it’s that you can’t understate the value of community-building and knowledge-sharing. From ex-intelligence operations to managing enterprise networks, to day-to-day operations in a small mom-and-pop shop—we all have our sea stories to share.

    In this session, we’ll bring together members of the IT and small business communities to shine the spotlight on real events they have worked through, and to share important insights and wisdom gained along the way.
  • Making the Malware: A Choose-Your-Own Adventure Exercise Recorded: Mar 23 2021 54 mins
    Kyle Hanslovan, Founder and CEO at Huntress | Barbara Paluszkiewicz, CEO at CDN Technologies
    Break out your hacker hoodie and prepare to get shady! In this interactive session, we’re planning a big cyberattack and we need your help to make it happen.

    As an attendee, you’ll dictate our actions—whether we build our own tool or buy it from the dark web, what features and functionality are most important, and more. Join us for a fun hands-on look at hacker tradecraft, C2 frameworks, post-exploitation tools and the activity taking place in today’s cybercrime markets.
  • Mastering the Cybersecurity Sales Conversation Recorded: Mar 18 2021 59 mins
    Ryan Cutler, Senior Account Executive at Huntress | Gary Pica, President of TruMethods
    As an MSP, both you and your customers are at a much higher risk of a security breach. As a result, every MSP is enhancing security tools and processes. Unfortunately, MSP’s costs related to security are rising faster than the prices they command.

    How do you get customers and prospects to make the additional investment required to secure their environments and reduce their risks? TruMethods President Gary Pica and Huntress Senior Account Executive Ryan Cutler will share a step by step method to crack the code on selling managed security.
  • An Exchange on Exchange: MFST On-Prem Exchange Exploits Recorded: Mar 15 2021 23 mins
    John Hammond, Senior Cybersecurity Researcher at Huntress | Jeremy Young, Channel Partnerships at Huntress
    Join Huntress for a digestible breakdown of what’s happening and more importantly, what can be done regarding the current zero-day exploits impacting on-prem MFST Exchange servers.
  • Exploiting CVEs and On-Prem Exchange Servers Recorded: Mar 9 2021
    Kyle Hanslovan, Founder & CEO | Chris Bisnett, Founder & Chief Architect at Huntress | John Ferrell, Founder & ThreatOps VP
    With the news of the Exchange Server zero-day flaws being exploited by hackers, this month has already seen its fair share of excitement. Join us for Tradecraft Tuesday as we unpack this recent news, explore how the hackers exploited recent CVEs while using some pretty overt tradecraft, plus a candid discussion on how the attack was much larger than Microsoft had suggested.

    We’ll also dive into more details on:
    - How these exploits slipped past most preventive security products
    - How the vulnerabilities could be leveraged to gain remote code execution
    - How living-off-the-land techniques were used for post-exploitation and further attacks
    - What this incident means for the greater conversation of security
  • Exploiting CVEs and On-Prem Exchange Servers Recorded: Mar 9 2021 94 mins
    Kyle Hanslovan, Founder & CEO | Chris Bisnett, Founder & Chief Architect | John Ferrell, Founder & ThreatOps VP
    With the news of the Exchange Server zero-day flaws being exploited by hackers, this month has already seen its fair share of excitement. Join us for Tradecraft Tuesday as we unpack this recent news, explore how the hackers exploited recent CVEs while using some pretty overt tradecraft, plus a candid discussion on how the attack was much larger than Microsoft had suggested.

    We’ll also dive into more details on:
    - How these exploits slipped past most preventive security products
    - How the vulnerabilities could be leveraged to gain remote code execution
    - How living-off-the-land techniques were used for post-exploitation and further attacks
    - What this incident means for the greater conversation of security
  • A Peek Inside Threat Research - Dissecting a RAT Recorded: Mar 2 2021 60 mins
    Dave Kleinatland, Senior Security Engineer at Huntress
    There’s no denying the importance of security software in today’s fight against cybercriminals—but automation and alerting is only half the battle.

    In this on-demand webinar, Huntress Senior Security Engineer Dave Kleinatland highlights the importance of moving beyond automation with human threat hunting—and takes an under-the-hood look at a RAT to show how IT resellers can identify and respond to modern threats.
  • Huntress Partner Panel Recorded: Feb 25 2021 62 mins
    Sara Ehrich, COO at Hill Country Tech Guys | David Spire, CDO at Entech | Nate Austin at Mytech Partners
    Your clients are counting on you to protect them from advanced threats and cyberattacks, but that doesn’t mean it’s easy to upsell them on your newest services and higher-tier offerings.

    In this on-demand webinar, hear from three managed service providers (MSPs) who have successfully pivoted their clients toward higher-tier security bundles and offerings—including how they overcome common objections and pricing conversations.
  • Incident Response Case Study: What Happens When Everything Goes Wrong Recorded: Feb 18 2021 58 mins
    John Hammond, Senior Cybersecurity Researcher at Huntress | Oscar Minks, Dir. of Technical Solutions and Services at FRSecure
    As an information security professional, you're likely no stranger to thinking in worst-case scenario terms. Of course, learning from the experience of others can help as well.

    During this webinar, you will hear the story of a real incident, what went wrong, and how to avoid meeting the same fate as the unfortunate victim.
  • Redefining Security Investment: Introducing Huntress' Latest Service Recorded: Feb 3 2021 73 mins
    Chris Bisnett, Co-Founder & Chief Architect at Huntress and Kyle Hanslovan, Co-Founder & CEO at Huntress
    It’s time to challenge the way you look at improving your cybersecurity!

    We all know the drill: when security gaps are identified, you fill them in with new solutions. But with added costs and learning curves, it isn’t always that simple. What if we took a different approach and extracted more value and function out of tools we already use?

    Join our founders, Chris Bisnett and Kyle Hanslovan, as they dive into how we’re redefining the security investment cycle with the latest addition to the Huntress Security Platform.
  • Analyzing Ryuk: Another Link in the Cyber Attack Chain Recorded: Jan 29 2021 60 mins
    John Hammond, Senior Cybersecurity Researcher at Huntress
    There’s a long and concerning history of threat actors targeting managed service providers (MSPs) and the small and mid-size businesses (SMBs) they support. For every new incident or strain of malware we discover, security researchers must carefully step through each stage of the attack to understand its technical components — and determine how to defend against it. In this session, we’ll analyze the delivery of Ryuk ransomware while highlighting the danger in other threats like Emotet and Trickbot. Join us for a discussion spanning both prevention and detection, with a live demonstration that showcases how each link in the chain presents an opportunity to stop a cyberattack. Huntress is a leading provider of advanced threat detection and actionable cybersecurity information that delivers easy to follow remediation steps into your existing ticketing system. IT Departments & MSPs worldwide use Huntress to enable their junior IT staff to confidently address cybersecurity incidents that slip past their preventive security stack. As a result, they discover breaches before they cause downtime, costly cleanup, and damaged reputations.
  • Don’t Judge a Book—or a PDF—By Its Cover Recorded: Jan 21 2021 58 mins
    John Hammond, Senior Cybersecurity Researcher at Huntress | Mendy Greene, CTO at IntelliComp Technologies
    What makes a file a file? Your computer can open up pictures, music, videos and documents, but how does it know which program to use? You can’t always trust a file extension—and in fact, some of these filetypes are able to hide malicious code. Join us for a technical demonstration as we explore how common files are viewed and understood by the Windows operating system, and how the right tricks enable hackers to manipulate and maliciously repurpose them.
Our Offense is Your Defense
Huntress is a leading provider of managed detection and response (MDR) technology, services and cybersecurity education that enable our partners to take the fight directly to hackers. With a laser focus on a specific set of attack surfaces, vulnerabilities and exploits, the Huntress Security Platform uniquely enables our partners—local service providers, regional and national resellers—to protect and educate their customers while capturing new security revenue. Learn more at huntress.com

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: A Peek Inside Threat Research - Dissecting a RAT
  • Live at: Mar 2 2021 11:55 pm
  • Presented by: Dave Kleinatland, Senior Security Engineer at Huntress
  • From:
Your email has been sent.
or close