This course teaches learners how to utilize the MITRE ATT&CK Framework for threat hunting, focusing on the 'Carbanak' backdoor malware used in banking applications. The learning outcomes include understanding threat hunting models, exploring MITRE ATT&CK v11.0 tactics, and analyzing TTP examples. The course covers skills such as phishing mitigation, command and control execution, privilege escalation, and covert access. The teaching method involves a demonstration of threat hunting using real-world examples. This course is intended for cybersecurity professionals interested in enhancing their threat hunting skills and knowledge of malware analysis.
Threat Hunting - Using MITRE ATT&CK Against Carbanak Malware
Security BSides San Francisco via YouTube
Overview
Syllabus
Threat Hunting: Using MITRE ATT&CK against Carbanak malware
Threat Hunting - Why?
Intelligence - Threat Hunting Model
Situational - Threat Hunting Model
Hypothesis - Threat Hunting Model
MITRE ATT&CK v11.0 Tactics
TTP Example
Attack working
MITRE Initial Access
Phishing mitigation
MITRE Execution
Command & Control Execution Exfiltration
Deploy Toolkit (Defense Evasion)
Privilege Escalation
Lateral Movement
Discovery of privileged user
Persistence on privileged account
Covert access and victim profile
Impersonate Victim
Taught by
Security BSides San Francisco
Related Courses
-
Execution with macro_pack
-
Don't Boil the Ocean - Using MITRE ATT&CK to Guide Hunting Activity
3.0 -
MITRE ATT&CK - The Play at Home Edition
-
ARTHIR - ATT&CK Remote Threat Hunting Incident Response Windows Tool
-
Conceptos de OT para Blue Teamers - Santiago Abastante & Matias Manassero - Ekoparty 2021: BlueSpace
