In this episode of David Bombal's cybersecurity podcast, OTW (OccupyTheWeb) discusses advanced methods for detecting if a computer has been hacked, focusing on tools and techniques beyond basic checks. OTW introduces osquery, a free, open-source application from Facebook, that allows users to query system information and detect malicious activities. He explains how to use SQL queries within osquery to identify unusual services, network connections, and processes, emphasizing the importance of persistence mechanisms used by hackers. OTW also shares real-world examples from his digital forensic investigations, highlighting how hacking is increasingly used in personal and business conflicts. The discussion covers identifying suspicious processes, examining scheduled tasks and registry entries for persistence, and detecting processes running without a corresponding file on disk. The episode also touches on the limitations of antivirus software and the increasing sophistication of hacking techniques.
Sign in to continue reading, translating and more.
Continue
