Watch Hackers Demonstrate a Ransomware Attack (ft. Kilian from SecurityFWD)
Вставка
- Опубліковано 31 тра 2024
- In this episode, Killian from SecurityFWD meets with Kody from Null Byte/SecurityFWD to show off the new ransomware attack lab simulation, which shows how real ransomware works and how you can stop it.
Subscribe to Null Byte: goo.gl/J6wEnH
Kody's Twitter: / kodykinzie
SecurityFWD: / securityfwd
Varonis: / varonissystems
Chapters:
0:00 Countdown
0:44 Intro
1:02 Null Byte Cat Cameo
2:45 What We're Doing Today
8:20 Metasploit and Attack Setup
11:55 Phishing E-mail
17:55 Command and Control
20:30 Exploiting the Target Machine
24:30 Reverse DNS Look-ups
27:15 Password Spray
29:00 Ticket Harvesting Attack
32:00 Hash Cracking
34:10 We Have the Password, Now What?
36:30 Finding the most Sensitive Data
43:10 Launching the Ransomeware
44:20 Defending Against this Attack
54:00 What did Kilian Study
55:40 Kody uses a Macbook
57:10 Best Programming Languages
59:10 Anti-virus
1:01:05 What VM do we use for the Labs
1:02:05 Zip Bomb
1:03:45 Hacker Ethics
1:05:05 Malware Honeypots
1:07:55 Closing Thoughts
Follow Null Byte on:
Twitter: / nullbyte
Flipboard: flip.it/3.Gf_0
Website: null-byte.com
Vimeo: vimeo.com/channels/nullbyte - Наука та технологія
I'm starting to really enjoy these, thank you to everyone who was with us in the live chat and who contributed great questions.
I learned that never click any random buttons. Even if you do, just turn off your wifi, and then click on these buttons.
the past two video formats have been great i also enjoyed them lol! :)
I am trying to make a Spectrum default wordlist. Characteristics include 12 min 15 max all lowercase and the last three character and number word patterns is 2 words (real) lowercase no uppercase followed by 3 number. words can be 4,5,or 6 letters long. How do I set the pattern on crunch to make this list?
The question was asked which is worse Ransom or Unprepared. Unprepared and here is why.
I teach senior citizens how to spot e-predators on social media ie.Facebook. because they are at the highest risk level for e-fraud like romance and FB lottery scams. I teach how to look for clues like names, titles, contact info, pronoun switches, language tells, reverse image look ups, ect. I teach how to protect the three main things Name, Date of birth, SS number. because these are the minimum pieces of info to pull a credit card on you. This also is important because of everything else that is attached to this like friend and family and this weakness makes it easier to phish those people too.
I'm starting to enjoy the field! Yahooooooo! I love the content!
I really like how these videos share new methods and experiments to really understand how things work, rather it be malware or trojan-responses down to simple XML attacks and so forth to help me better understand how I can better protect a company or my networks.
Kody you got some undercover cat-rat at 1:48 breach in your backdoor that may be a new ransomware memz-21
Very, very good content! Would love to piggy back on this in a way to show what Windows admins using Intune, maybe defender for Endpoint, can do to help minimize some of these openings.
There's just soooo much of enthusiasm man!!!
Awww!!!! A lot of urge to learn. Great content too.
Great content. Love to see more
Literally mind blowing
Hey Null Bytes (and everyone)
I just wanted to say that I agree with the point that though ppl have their concerns about things that are shown here and other places because it is giving 'ideas' to ppl that may do bad things with this knowledge....
The point is that these things already DO EXIST with already bad minded ppl and even worse groups of ppl working together to attack 'unwitting' ones running some network(s) at some place.
So even if you were to be 'informing' someone of something they can use for bad (should it be in their heart to do so) the point is that there are even worse things going on by extremely well 'educated' and even 'masterminded' wrong-doers' that do these things as a 'way of life' and may even be working for ppl that are paying them to be very good at doing what is bad.
Thus 'talking to middle schoolers' and opening up thir eyes to realities doesn't mean they are going to be PH.D kind of hackers 'over night' nor will they have that kind of knowledge ALONG with very important 'experience'
which channel is it that you are talking about in the beginning , the android studio hacking one. Reply will be appreciated
Wow it's really awesome love from Nepal 😍😍😍😍
really enjoy the stream. thanks null byte
Love these vids please do more
which is the original hacking software you mention at the beginning?
Very helpful i love your all video
For the finding sensitive data part, if the Doc document has a canary token... would it be triggered?
Have you got any examples of ransomware based on fileless malware or non-PE file attack?
Nice setup, love the vid...What the heck does noisy really mean? I feel like it's all over the place!
Noisey means it's likely to trigger IDS flagging and blow the attack
Do you have an episode that shows how to scan my computer for root kits or spyware?
great love your videos
Mind blowing
This is so interesting!
Thanks
great content wow love ya
What payload and exploit are you using in metasploit?
Is tools.bat part of metasploit?
what are the key factors that influence the success of a ransomware attack?
Wait, there are still people not using TempleOS?
kali gang
The real document alerts 'Security Warning" , You are Detected ! Kali Noobs Rules!
A friend with weed is a friend indeed but a friend with Hash is better... Hash power to mine Bitcoin eh ohhhh😄
What's shocking is to realise that if I understood any of this ... never mind😑
"go get some help"
backups :-) everything important i have is backed up
now adays victim still will pay for the ransomware ???
how much u earn per week by running null byte ?
I don't get paid to do these streams, null byte is owned by wonderhowto so, nothing
You are doing a great job!
u are FULLY RIGHT... if u dont teach THIS.....we are in danger from black hackers....
👍
Dam u look like those cool hackers in movie 🔥
windef off... lol
Linux is a Kernel Ubuntu, Kali, Parrot are all OS that communicates with the same kernel. Debating about which one of those is better is like having 3 identical cars in different colors and trying to say which one is better. It's the same engine same tires same everything that matters. I doubt anyone ever installs a stripped-down base OS of Kali or a stripped base OS of Parrot they always install the one with preinstalled tools where they won't be using 90% of the tools included. You can install the tools that come with Kali on Ubuntu & you can do the same thing the same way. most "Real hackers" create custom distros in ubuntu or some other OS anyway so the debate is really stupid.
Anyone here from Oxfordshire??
Temple OS for hacking? is this sarcasm?
no
Hey Hacker
i see ur long hair its..... nice
social engineering ...
Harden Adobe Reader ; Disable macros in O365
AI is comming, and will take over everything¡¡¡
Estoy un paso más cerca de ti ALVARO URIBE VELEZ(aplica para todos los narcotraficantes y asesinos del MUNDO) ..... algun día te tendremos tras las rejas¡
hmm
Hello sir
How to Hack FB account on kali linux
And, How jam mobile signal
Try to make it international please, you both speak really too fast
Why you would teach this to anyone is mind boggling and simply not useful for the public, other than the malicious few who will use this for profit.
Educational purposes
@@garcand yep definitely "educational purposes". We learned that never click button. Even if you do just turn off your wifi, and then click on these buttons.
Bro the bald guy nodding at every word was too cringe. I was cringing too much 😬
Edit: sorry if I offended you guys.
you seem like the kind of person who ignores the lesson and judges the teacher, that's cool
@@NullByteWHT and a kind who likes his own comment
@@sobhaks7231 lol facts
@@ketsiketsi8265 you liking your own comment too. Check yourself first before judging me
Just realize that making this content is tough and we are all putting ourselves out here to try to make this easier for you. Try to keep the comments constructive, that's what's nice about hacker culture is people are generally trying to help you grow.