Learning from Lazarus Group | Ep. #3 | The Security Engineering Show

https://is1-ssl.mzstatic.com/image/thumb/Podcasts126/v4/82/e2/24/82e224dd-3ea8-8097-130f-ffd18992b0f4/mza_9308217718868764874.jpg/600x600bb.jpg

The Security Engineering Show

5 episodes

1 day ago

These are the stories of the security engineering projects that are worth telling. We skip past the broad strokes to the tactics, obstacles, and the untold stories behind the successes and failures. This is the show for the people who architect strong security systems.

Technology

RSS

All content for The Security Engineering Show is the property of The Security Engineering Show and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Technology

https://d3t3ozftmdmh3i.cloudfront.net/staging/podcast_uploaded_nologo/39868488/39868488-1701315850912-9973c0b414af1.jpg

Learning from Lazarus Group | Ep. #3 | The Security Engineering Show

The Security Engineering Show

53 minutes 28 seconds

1 year ago

Learning from Lazarus Group | Ep. #3 | The Security Engineering Show

Delve into the nitty-gritty of a company's two run-ins with the Lazarus Group. The first time, to clean up the mess they left behind, and the second, to stop them in their tracks after getting a telltale alert from the SEIM. This is the show for security engineers, by security engineers. Featuring Noah Stanford: CEO at 0pass Matt Toussain: Founder at Open Security 00:00 Intro 00:47 Lazarus Group Compromise #1: Negotiating ransomware payment 02:55 Lazarus Group Compromise #1: Their tactics and techniques 07:55 Lazarus Group Compromise #1: Bad practices that led to the first breach 10:43 Lazarus Group Compromise #1: Cleaning up the mess 15:38 SEIMs and how not to die the death of a thousand alerts 19:35 Lazarus Compromise #2: Intro 24:18 Lazarus Compromise #2: We're going to "hurt your billable rate" 27:38 Lazarus Compromise #2: How they gained access and what they did 33:27 Lazarus Compromise #2: Reverse engineering the malware 36:24 Lazarus Compromise #2: Hacking back and the FBI 45:10 Working in Private Sector vs US Gov 48:34 Outro advice