Threat Hunting - Using MITRE ATT&CK Against Carbanak Malware

Explore threat hunting techniques using the MITRE ATT&CK Framework in this 51-minute conference talk from BSidesSF 2022. Dive into the practical application of the framework against the 'Carbanak' backdoor, a malware specifically designed for banking applications. Learn about various threat hunting models, including Intelligence, Situational, and Hypothesis-based approaches. Examine MITRE ATT&CK v11.0 Tactics and TTP examples, and understand how attacks work through different stages such as Initial Access, Execution, Command & Control, Exfiltration, and more. Gain insights into mitigating phishing attempts, deploying toolkits for defense evasion, privilege escalation, lateral movement, and discovery of privileged users. Discover techniques for maintaining persistence on privileged accounts, establishing covert access, and impersonating victims. Enhance your cybersecurity skills with this comprehensive exploration of threat hunting strategies and their practical implementation against sophisticated malware.