webinar register page

Huntress Labs Logo
Tradecraft Tuesday
Episode 18: Orion Part Deux: Post-Access Movement & Attacker Detection

In last month's Tradecraft Tuesday, we unpacked some of the more interesting technical components of the supply chain attack on Solarwinds' Orion products. This month, we're digging into what the attackers did once they had gained their initial access—and what ultimately led to their detection and being discovered.

Join us to learn more about concepts including:
- How attackers reduced the risk of detection after gaining access
- How attackers were detected by FireEye when registering and new 2FA device
- How attackers transitioned to their second stage implant to avoid disruption when the initial access was detected

To watch previous episodes, check out: https://www.huntress.com/resources/tradecraft-tuesday

Hackers are constantly changing their tradecraft to get into and stay in our networks. Join us every month for unfiltered conversations where we expose hackers' tactics, techniques, and procedures in a way that anyone can understand. Technically savvy? Bring your toughest questions.
Mar 9, 2021 01:00 PM
Apr 13, 2021 01:00 PM
May 11, 2021 01:00 PM
Jun 8, 2021 01:00 PM
Jul 13, 2021 01:00 PM
Aug 10, 2021 01:00 PM
Sep 14, 2021 01:00 PM
Oct 12, 2021 01:00 PM
Nov 9, 2021 01:00 PM
Dec 14, 2021 01:00 PM
Time shows in
Tradecraft Tuesday Logo
* Required information

By registering, I agree to the Privacy Statement and Terms of Service.



Kyle Hanslovan
Founder & CEO @Huntress Labs
Kyle Hanslovan comes to Huntress Labs from the U.S. Intelligence Community where he supported defensive and offensive cyber operations for the past decade. He previously co-founded the defense consulting firm StrategicIO and actively participates in the ethical hacking community as a Black Hat conference trainer, STEM mentor, and Def Con CTF champion. Additionally, he serves in the Maryland Air National Guard as a Cyber Warfare Operator. With his strong background in technical leadership, software development, and malware analysis, At this stage in his life, Kyle is hell bent on making hackers earn every inch of their access within the networks he protects.
Chris Bisnett
Founder & Chief Architect @Huntress Labs
Chris Bisnett is a veteran information security researcher with more than a decade of experience in offensive and defensive cyber operations. While serving with the NSA RedTeam, he attacked government networks and systems to identify and remedy vulnerabilities. He is also a recognized Black Hat conference trainer and has taught his “Fuzzing For Vulnerabilities” course at several events around the world. Prior to founding Huntress Labs, Chris co-founded LegalConfirm, LLC where he led product design and development until the company was acquired in 2014.
John Ferrell
Founder & Endpoint SME @Huntress Labs
John Ferrell has over 15 years of experience in the fields of systems engineering, software development, and cyber security. He has supported the U.S. Department of Defense, the U.S. Department of Justice, and the University of Maryland. John is an avid member of the information security community, participating multiple times at Def Con CTF Finals and recently taught “Exploiting Buffer Overflows 101” at BSidesCharm 2015. Prior to founding Huntress Labs, he co-founded StrategicIO, a defense consulting firm.