Threat Hunting - Using MITRE ATT&CK Against Carbanak Malware
Security BSides San Francisco via YouTube
Overview
Syllabus
Threat Hunting: Using MITRE ATT&CK against Carbanak malware
Threat Hunting - Why?
Intelligence - Threat Hunting Model
Situational - Threat Hunting Model
Hypothesis - Threat Hunting Model
MITRE ATT&CK v11.0 Tactics
TTP Example
Attack working
MITRE Initial Access
Phishing mitigation
MITRE Execution
Command & Control Execution Exfiltration
Deploy Toolkit (Defense Evasion)
Privilege Escalation
Lateral Movement
Discovery of privileged user
Persistence on privileged account
Covert access and victim profile
Impersonate Victim
Taught by
Security BSides San Francisco