Skip Navigation
Get a Demo
Resources Blog Threat hunting

Privilege escalation revisited: webinar highlights

Last week, Red Canary hosted a rockstar panel of researchers and engineers for a webinar on how attackers level up. Check out the highlights below, and see if you can spot any ugly Christmas sweaters.

Originally published . Last modified .
Julie Brown
Security Engineer at Red Canary
Cathy Cramer
Detection Engineer at Red Canary
Erika Noerenberg
Senior Threat Researcher at VMware Carbon Black
Sarah Yoder
Cybersecurity Engineer at MITRE ATT&CK

What is privilege escalation?


Our own Julie Brown kicks things off by introducing our panelists and defining privilege escalation as an attack technique.

Watch Video

Privilege escalation on Windows


Sarah Yoder from MITRE delves into two living-off-the-land techniques attackers use to level up on Windows systems: Access Token Manipulation and Bypass User Access Control (UAC).

Watch Video

Privilege escalation on macOS


Carbon Black’s Erika Noerenberg, who submitted a privilege escalation technique to MITRE ATT&CK earlier this year, highlights the user interaction required to elevate access on macOS systems, using the Shlayer malware as an illustrative example.

Watch Video

Privilege escalation on Linux


Red Canary’s Cathy Cramer explains that because Linux systems are typically servers instead of desktop devices, they are less susceptible to the most vulnerable layer of security: users. Fewer applications means less surface area; thus, adversaries are more likely to seek out different ways to escalate privileges on Linux machines.

Watch Video

Why should you care about privilege escalation?


In this concluding clip, our panelists weigh in on the risk that privilege escalation poses to enterprise environments, citing the NotPetya ransomware outbreak of 2018 that is estimated to have cost a handful of companies $10B globally. Audience questions lead to an enlightening discussion on the roles that developers and individual users play as gatekeepers of security.

Watch Video

Want more? We’ll email you the full on-demand privilege escalation webinar to view at your leisure. Let us know where to send it!


Subscribe to our blog

Back to Top