Podcast Detail

Cobaltstrike via MSBuild; Bypassing MacOS Gatekeeper; Spider-Miner

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://chrt.fm/track/2748D7/https://traffic.libsyn.com/securitypodcast/7812.mp3

Podcast Logo
SANS Daily Network Security Podcast (Stormcast) for Tuesday, December 28th, 2021
00:00

Interested in Internet Storm Center stickers? Check here if there are still some available for today.

Attackers are Abusing MSBuild to Evade Defenses and Implant Cobalt Strike Beacons
https://isc.sans.edu/forums/diary/Attackers+are+abusing+MSBuild+to+evade+defenses+and+implant+Cobalt+Strike+beacons/28180/

Bypassing File Quarantine, Gatekeeper and Notarization Requirements
https://objective-see.com/blog/blog_0x6A.html

Spider-Miner: Trojanized Version of Spiderman No Way Home
https://blog.reasonlabs.com/2021/12/23/spider-miner-with-great-power-comes-great-problems/