Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Baited Canaries - Monitoring Attackers With Active Beacons

BSidesLV via YouTube

Overview

Explore active beacon techniques for monitoring attackers in this 25-minute conference talk from BSidesLV 2019. Delve into the concept of canaries and their application in cybersecurity, focusing on phishing sites and attack scenarios. Learn about JavaScript canaries, DNS prefetch, and their constraints. Discover additional functionalities, nonce payloads, and typical timelines for these monitoring methods. Examine G Suite permissions, Google Doc phishing, and the use of bait files. Gain insights into Drive audits, alerts, and token reports. Review key concepts and understand the best practices for implementing active beacons to enhance your organization's security posture against phishing attacks.

Syllabus

Introduction
The Problem
What Are Canaries
Phishing Sites
Attack Scenario 1
JavaScript Canaries
DNS Prefetch
Constraints
Additional Functionality
Nonce
Payload
Typical Time Line
The Best Way
G Suite Permissions
Google Doc Fishing
Bait Files
Drive Audit
Drive Alert
Token Report
Review
Conclusion
Special Thanks
Phishing

Taught by

BSidesLV

Reviews

Start your review of Baited Canaries - Monitoring Attackers With Active Beacons

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.