Adversary-Threat Infrastructure: Threat Actor Profiles and Tools скачать в хорошем качестве

Adversary-Threat Infrastructure: Threat Actor Profiles and Tools

We will continue our Summer Camp Series by learning how to identify common threat actors and malicious tools used in global-scale cyber attacks. Moment by moment the internet changes. Infrastructure, apps, pages, attackers, services, third parties—and everything else on the web are dynamic. As a result, the enterprise attack surface becomes elastic, continuously evolving. Meanwhile, cybercriminals, hacktivists, and even nation-state threats all remake their tactics, techniques, and procedures (TTPs) to improve malicious capabilities. All of this combines to create hidden risk. Every enterprise gets entangled with threats and adversary-threat infrastructure anywhere, everywhere, all the time. Sustainable, durable digital protection comes from fingerprinting malicious tools and adversary infrastructure to defend against threats today and threats yet to be deployed. Our experts will demonstrate how to identify cyber threats relevant to your unique attack surface (digital footprint) and pinpoint threats entangled with your digital presence—kits, C2 servers, remote access trojans (RATs), and malicious associations and alliances, including threat tools shared among thousands of threat actors. WARNING: During this highly sensitive workshop, RiskIQ will share intelligence that has implications on national security for the United States. As such, RiskIQ will not distribute recordings from this specific cyber threat workshop. You must be present to receive threat intelligence resources, including threat actor tracking via related malicious infrastructure fingerprints. Agenda: Adversary-Threat Tooling Open Source and Commercial Tools Metasploit Cobalt Strike Command and Control LemonDuck & LemonCat beEF Embedded Firmware Netgear – APT31 Jupyter notebook Investigating Firmware Attack Example ingesting json file and running reputation and components Common Attack Services and Protocols Windows Remote Desktop Protocol (RDP) VNC SSH SMNP Building Control SMB Telnet RPC SIP Server NFS Synology NginX