Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Threat Hunting - Using MITRE ATT&CK Against Carbanak Malware

Security BSides San Francisco via YouTube

Overview

Explore threat hunting techniques using the MITRE ATT&CK Framework in this 51-minute conference talk from BSidesSF 2022. Dive into the practical application of the framework against the 'Carbanak' backdoor, a malware specifically designed for banking applications. Learn about various threat hunting models, including Intelligence, Situational, and Hypothesis-based approaches. Examine MITRE ATT&CK v11.0 Tactics and TTP examples, and understand how attacks work through different stages such as Initial Access, Execution, Command & Control, Exfiltration, and more. Gain insights into mitigating phishing attempts, deploying toolkits for defense evasion, privilege escalation, lateral movement, and discovery of privileged users. Discover techniques for maintaining persistence on privileged accounts, establishing covert access, and impersonating victims. Enhance your cybersecurity skills with this comprehensive exploration of threat hunting strategies and their practical implementation against sophisticated malware.

Syllabus

Threat Hunting: Using MITRE ATT&CK against Carbanak malware
Threat Hunting - Why?
Intelligence - Threat Hunting Model
Situational - Threat Hunting Model
Hypothesis - Threat Hunting Model
MITRE ATT&CK v11.0 Tactics
TTP Example
Attack working
MITRE Initial Access
Phishing mitigation
MITRE Execution
Command & Control Execution Exfiltration
Deploy Toolkit (Defense Evasion)
Privilege Escalation
Lateral Movement
Discovery of privileged user
Persistence on privileged account
Covert access and victim profile
Impersonate Victim

Taught by

Security BSides San Francisco

Reviews

Start your review of Threat Hunting - Using MITRE ATT&CK Against Carbanak Malware

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.