OopsSec - The Bad, the Worst, and the Ugly of APT

Dive into a comprehensive analysis of Advanced Persistent Threat (APT) groups' operational security in this one-hour conference talk from Recon 2022. Explore the surprising vulnerabilities in APT campaigns across the Middle East, Far East, and beyond, including state-sponsored surveillance and large-scale financial attacks. Discover critical mistakes that reveal advanced Tactics, Techniques, and Procedures (TTPs) used by attackers, such as bypassing iCloud two-factor authentication and crypto wallet theft methods. Gain insights into attackers' internal communications, business models, and the scale of sensitive data sharing. Learn about a seven-year investigation into the sophisticated Infy threat actor and their 15-year active campaign. Understand how APT groups improve their operational security over time and how researchers monitored their activity in real-time. Conclude with valuable strategies for organizations to enhance their defenses against these evolving threats.