Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Pluralsight

Volt Typhoon: T1070.003 Indicator Removal Emulation

via Pluralsight

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore how and why Volt Typhoon removed or modified files left behind by the actions of their intrusion activity in critical infrastructure networks.

Non-native files such as tools and malware used during an attack may leave traces to indicate what was done by an adversary and how they did it. A common technique used by adversaries to hide their tracks is to remove these files either during an intrusion, or as part of post-intrusion activities. In this course, Volt Typhoon: T1070.003 Indicator Removal Emulation, explore how the Volt Typhoon threat group used this technique to minimize their footprint on systems and remain undetected in critical infrastructure for over 5 years.

Syllabus

  • Volt Typhoon: T1070.003 Indicator Removal Emulation 7mins

Taught by

Matthew Lloyd Davies

Reviews

Start your review of Volt Typhoon: T1070.003 Indicator Removal Emulation

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.