Just like students heading back to the classroom this fall, you can boost your skills by signing up for an
Atomic Red Team training session. Headed to Deadwood next month for
Wild West Hackin' Fest? Get hands-on help emulating real-world adversary techniques and test your defenses with these upcoming workshops.
Practical Threat Emulation with Atomic Red Team
In this two-hour session, attendees will get a crash course on configuring a testing environment, running atomic tests, and crafting adversary emulations based on the latest threat intelligence.
October 9
3:15 – 5:15 PM MT
Live and virtual event
REGISTER
Offense for Defense
In this Red Siege Information Security class, also being held at WWHF, attendees can bolster their offensive security skills, including knowledge around tools like Atomic Red Team and the MITRE ATT&CK framework.
ENROLL NOW
Trainings at DEATHCon
Two workshops at DEATHCon, a globally-distributed cybersecurity conference for detection engineering, will focus on how to create automated atomic tests and how to plan and run tests in a purple teaming framework.
LEARN MORE
NEW AND FEATURED TESTS
T1036.005 - Masquerading cmd.exe as VEDetector.exe
This test simulates an adversary renaming cmd.exe to VEDetector.exe to masquerade as a legitimate application
T1123 - Audio capture using device audio capture commandlet
This test simulates how an adversary can leverage a computer's peripheral devices, like microphones and webcams, or applications, like voice and video call services, to capture audio recordings
T1529 - Abuse of Linux magic system request key for reboot
This test simulates a forced system reboot on Linux by writing "b" to /proc/sys/kernel/ sysrq
ATOMIC IN THE WILD
Atomic Red Team named a top five red team tool
SISA, a cybersecurity solutions company that works with the PCI Security Standards Council, named Atomic Red Team as one of the five best red teaming tools organizations can use to help organizations simulate real-world attacks. "The simplicity and modularity of Atomic Red Team mean it can be run regularly, ensuring continuous validation without the overhead of a full-scale red team exercise."
Wazuh's John Olatunde discusses how defenders can use the security platform and Atomic Red Team for attack simulation. Examples include an adversary using
bitsadmin.exe,
mshta.exe, and
regsvr32.exe, to carry out attacks.
Simulating a LSASS dump attack with Invoke-AtomicRedTeam
Stevanus Banu, a cybersecurity enthusiast, wrote a Medium blog about how to detect a LSASS
credential dumping attack—
T1003.001—with Wazuh and Sysmon. He concludes by walking through how to use
invoke-atomicredteam to simulate the attack.
Phishing tactics are constantly evolving, yet many security teams are stuck with a response model that can’t keep up. It’s time to modernize your approach! Join this webinar on Wednesday for the latest phishing trends and recommendations for improving your team's phishing response.
Red Canary 1601 19th Street, Suite 900 Denver, CO 80202
You got this newsletter because you’ve subscribed to Red Canary content in the past. Not your thing? You can update your preferences or give us the boot and unsubscribe from all future emails.
