HYPERQUBE BLOG

Thought Leadership. News. Advice.

HyperQube Included in WWT’s Advanced Technology Center!

HyperQube has been included in World Wide Technology‘s Advanced Technology Center (ATC) ‘ecosystem’ where engineers will discover what they can build, share and accomplish with HyperQube! (click here to read)

From Chris Konrad at WWT, “The World Wide Technology ATC HyperQube Proving Ground Lab exists to help people create VMware environments and exact replicas of current environments in under 30 seconds. This solution seeks to conquer business problems such as long set up times and bad configurations when it comes to setting up virtual environments.”

For more information on WWT’s ATC, visit: https://lnkd.in/dw6Sq92

HyperQast EP2: The Business of Ransomware

HYPERQAST:  A TECHNOLOGY PODCAST.

Hosted by Curious Craig (Craig Stevenson), alongside a bevy of subject-matter experts they’re digging into topics from Cybersecurity to software development and everything in between!

 

EP2: The Business of Ransomware

Hacking is a business. A hacker’s goal is to monetize their unauthorized access to your system. The market has shown us that the best way to do that is through Ransomware. Curious Craig along with professional Penetration testers Miguel and John from BreachBits do a deep dive into the world of Ransomware.

HyperQast EP1: DLL Search Order Hijacking

INTRODUCING HYPERQAST:  A TECHNOLOGY PODCAST.

Hosted by Curious Craig (Craig Stevenson), alongside a bevy of subject-matter experts they’re digging into topics from Cybersecurity to software development and everything in between!

 

EP1: DLL Search Order Hijacking

What is it? How do hackers use it? How can you detect/stop it?  What happens immediately after a Hacker gains access to a computer?  Most people think that they just download some files or launch some ransomware and it’s over.  But the actual first steps are a little bit harder than that.  Suppose someone clicks on a malicious email and as a result has let a hacker onto their computer.  If the hacker does nothing and that user reboots their computer, the hacker no longer has access.  So the hackers first goal is to establish Persistence.  Straight from the Mitre ATT&CK framework, “Persistence consists of techniques that adversaries use to keep access to systems across restarts, changed credentials, and other interruptions that could cut off their access.”  One way to establish persistence is through a technique called DLL Search Order Hijacking.  But first a bit of background on what a DLL is and how Windows uses them.  

A DLL is a file that contains code and data that can be used by more than one program at the same time.  These files have a lot of advantages.  They allow programs to use fewer resources by avoiding duplication and they can increase security.  If you fix a security hole in a DLL then all the programs that use that DLL automatically get fixed as well.  When a windows program starts it searches for the DLL’s it needs by looking through directories on the hard drive in a specific order.  This is known as the DLL search order.  If you drop a malicious DLL in the right directory Windows will load it before finding the legitimate library. 

Our curious founder, Craig Stevenson, along with professional Penetration testers from BreachBits break down the steps of an attack and what role DLL Hijacking plays within that attack.

Screen Capture: A Hacker’s Approach

Screen Capture:  What is it?  How do hackers use this technique to gather intelligence?

As a sub-technique of “Collection” from the MITRE ATT&CK framework, Screen Capture is where a hacker takes screen shots of their victim’s computer while they’re using it.  Watch as our CEO Craig Stevenson plays the role of hacker and demonstrates how an adversary uses Screen Capture to gather information on their target’s computer.

Keylogging: A Hacker’s Approach

Keylogging:  What is it?  How does it work?  How do hackers use this technique to gather intelligence?

As a sub-technique of “Input Capture” from the MITRE ATT&CK framework, Keylogging is the most prevalent type of input capture hackers use to intercept credentials.  Watch as our CEO Craig Stevenson plays the role of hacker and demonstrates how an adversary captures all the keystrokes that happen on their target’s computer.

Webinar April 28, 2021: Credential Dumping – Analysis, Detection and Prevention

Bad actors have infiltrated your network. But, how do you know you’re compromised?  Watch as Craig Stevenson, CEO of HyperQube and Gabe Martinez, CEO of Analytica42 demonstrate:

  • All the steps of a Mimikatz attack

  • How Credential Dumping enables Lateral Movement

  • How to analyze the attack and build detection

  • Proactive prevention

WEBINAR SERIES: KNOW THY ENEMY THRU TESTING AND VALIDATION

Episode 1:  Credential Dumping – Analysis, Detection and Prevention

Bad actors have infiltrated your network. But, how do you know you’re compromised?  Join Craig Stevenson, CEO of HyperQube and Gabe Martinez, CEO of Analytica42 as they demonstrate:

  1. All the steps of a Mimikatz attack
  2. How Credential Dumping enables Lateral Movement
  3. How to analyze the attack and build detection
  4. Proactive prevention

 

Reconnaissance: A Hacker’s Approach

Have you ever wondered how computers in your network would respond to a hacker coming after them?  And, is the cybersecurity system you have in place able to quickly identify each possible point of entry?  Watch as our CEO Craig Stevenson demonstrates the 2 most common active scanning techniques a hacker will use to identify targets within your network.

“This is one of the most innovative systems that we’ve seen in a long time and you can see the value very, very quickly.”

Dr. Chase Cunningham (aka Dr. Zero Trust) demonstrates how he leverages the power of the HyperQube platform to create as many virtual environments needed to do anything from malware research and product demos to POC’s and architecture design – and everything in between.

“The HyperQube platform is a super simple way for the purposes of building infrastructure and sharing it with people. This is it! You don’t have to be a power user, you don’t have to know how to do networking, you don’t have to know how to do configuration. You can fire this up, use it, share it.” – Dr. Chase Cunningham.