This Company Got Hacked... but HOW?
ฝัง
- เผยแพร่เมื่อ 13 ธ.ค. 2023
- jh.live/pwyc || Jump into Pay What You Can training at whatever cost makes sense for you! jh.live/pwyc
This lab exercise: jh.live/logs-ir
Free Cybersecurity Education and Ethical Hacking
🔥TH-cam ALGORITHM ➡ Like, Comment, & Subscribe!
🙏SUPPORT THE CHANNEL ➡ jh.live/patreon
🤝 SPONSOR THE CHANNEL ➡ jh.live/sponsor
🌎FOLLOW ME EVERYWHERE ➡ jh.live/discord ↔ jh.live/twitter ↔ jh.live/linkedin ↔ jh.live/instagram ↔ jh.live/tiktok
💥 SEND ME MALWARE ➡ jh.live/malware
First off, thanks for showing this John. You were actually one of the first people I started watching in my IT career years ago when you were focused primarily on Python videos. Like you, I have since grown in my career and am now working in DFIR and also enrolled in SANS Incident Response Graduate Certificate program. I perform individual host-based forensics, large-scale multi-host multi-server ransomware compromise investigations, and everything in between. I've considered starting a TH-cam channel focused on DFIR and showing beginning to end investigations (acquiring evidence from physical machines, imaging, various log analysis, network analysis, host-based forensics, investigation methodologies, reporting, etc.). If this is something your audience would like, I would love a 'Like' and will begin putting together a series for viewers.
I would love to watch this if you ever get the time to make it 😊
I would be first in line to watch as I am just completing a four year degree in cybersecurity itself, getting the real world practice out there is invaluable.
ain't readin allat
John, you’re way too good for this community! Every day I watch your videos and try to grasp everything you teach but it’s difficult to keep up with the plethora of information you are giving out 😂😂 we really do appreciate all your hard work, thanks for all the opportunities you’ve given us to grow and learn!
Just finished my first week of my first job in cyber as a Security Analyst. Thank you for everything you do John, thanks to you, this knowledge is readily available in a digestible way.
I'm just over here taking notes on how to TH-cam. Love your channel!
Don't know if you have heard but Toronto Public Library was hacked so bad that even their printers/scanners can't be used. It seems like entire back end was destroyed/deleted.
Seriously? Do you have source I could check out by any chance
awesome to see some incident response videos hoping to see some more of these
Thanks for sharing and let us learn . Very well explained and clear.
big fan here from Ethiopia keep up the content🥰
Here From Nepal!😊
Here from Poland
Excellent video as always! Loving the blue team content on the channel!
@johnhammond my man! thats the right energy and natural tone (so rare nowadays with all the hypee youtubers)!!
have you ever played with polarizing filters for the reflections in your glasses? you would be amazed!
Is amazing, thanks for sharing. What I don't understand is that you need to have Wireshark all the time monitoring the traffic to get that info? Or how you make those pcaps in a real environment?
The number of environments I come across where literally no security baselining has been carried out is simply staggering.
Thanks John. We need more of this or malware analysis videos
It was a really amazing video, we need more of these.
Thank you so much. This is great.
I love your teaching methods 😍😍
this win11 taskbar is a perfect example of why it was put on the left in the first place :P
thank, awesome!
Great video, well made and dictated!
Big fan of you boss❤❤
Pause to shift gears 15:33
05:59 why does office macro have capability to do stuff outside document like spawn process, read and write files?
As noted by a couple of commenters below, there does not seem to be a link to the labs in the description...
Thanks for adding the link.
Nmap is among the stuff? Might give it a shot.
Well not many companies do pcap to workstations. Too much data.
Hello John Hammond, I want to ask you if the Windows copies on the Windowstan website are safe or if they contain viruses.
There's no link to the lab in the description currently.
Sorry, fixed! jh.live/logs-ir
Do you have courses?
so where is the link to poisoning the well? i dont see it via browser
15:33 poor John forgot to cut it out
17:27 too
Hi John why did you use a vm for this ?
Is it normal for a network to be capturing wireshark during normal use? Or is this supposed to have been run per hack but before cleanup?
Decent firewalls do this (but only for traffic hitting the gateway). LAN traffic would be more difficult to capture. You can set up a monitoring port on a network switch so you can monitor all traffic going to and from selected ports on that switch, but quickly bandwidth gets eaten up by the amount of data so you'd need quite a chunky NIC. 48x1Gb for client machines, and then 1x50Gb for your server, sort of thing. Dark trace takes this further with more advanced machine learning software for threat detection.
@@chuckhayes8320 thanks that was kind of my thinking that’s a lot of data to be capturing seems something only big orgs would have budget for?
Hello John, Thanks for the video. There is no link in description.
Apologies, I've added it now.
@@_JohnHammond That's quick. Really appreciate for sharing your knowledge. Thank you very much.
How often are the logs actually available and not wiped?
That is why you have them on a Syslog Server that is not connected to the Domain...
why not open the CSV in excel or something?
Where can I find more Incident Response labs? Free labs
What are the differences between Antisyphon training vs try hack me? Would they complement each other?
Of course, only if you're really interested in cyber security
Definitely am ;),
But if someone would chose one in between these two, which one would be best?
*Nostalgia intensifies*
why don't you make a video about Sysmon???
yeah no link in description
I thought I was the only one, but yeah, no link. Thought I might have fallen on my head...
Sorry, added now! jh.live/logs-ir
Hey, I know that its hard to reply for comments but I have a question
I have my google ID and password but I couldn't sign in into my account
I have no 2fa enabled, no recovery phone or email in my account
When I try to login it says, to login from device I logged in earlier (not available),sign in from same network(which isn't also available)
What to do
Love from india ❤
can you make a tutorial how to get on onion center the search engine?? please
The day will come when someone asks the AI to fix our security problems, and it eliminates all the humans....
There is a lot of data on the web from the WEF and UN, along with their brainwashed useful idiots, that states humans are a plague on the Earth. The first group the AI will wipe out is white people since that's all you hear about on MSM. White people has also been redefined to mean anyone who disagrees with the agenda. It will also see that men are bad and oppressing women but humans don't know what a women is, yet they know that men can be women too. The AI will be confused by our own stupidity. Ironically, it might be what keeps us from getting exterminated. 🤔
They got it hacked cause someone had there head stuck up there hanus holes…
how gta 6 got hacked , can you explain ?
Make An rev eng of an ITP crypto scam app please. :-)
hi
I don't understand anything here
👍
I wonder which company got hacked😂
its obviously in the video.
According to the WEF, hacking now consists of "misinformation". If you post a comment saying "men can NOT get pregnant", you have just "hacked" something and are now an international, cyber criminal terrorist. It's in their new 16 page report. They say it's for your "safety".
⭐️⭐️⭐️⭐️⭐️
wtf is this click bait. be transparent in your title: this is not real
First, 22 seconds ago?
comment
DISH, duh. Lulz
script kiddie stuff
Lmao!!!! Well played on the word.exe. The word.exe for famous because there was a known counter strike player name forsaken who got caught cheating using word.exe.
HACKERATO LEDGER