YoVDO

APT Attribution and DNS Profiling

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses DNS Courses Data Collection Courses Behavioral Patterns Courses Advanced Persistent Threats Courses

Course Description

Overview

Explore Advanced Persistent Threat (APT) attribution and DNS profiling in this 22-minute Black Hat conference talk. Delve into the organized and prolonged nature of APT attacks, focusing on their discernible attributes and patterns. Examine how APT attackers maintain redundant command and control networks through multiple DNS names. Investigate a study of malware samples from APT attack victims, revealing behavioral patterns in DNS domain registration and the use of stable DNS-IP pairs. Learn about an automated solution for collecting and storing open-source information on malware binaries, simplifying analysis tasks. Discover how to build and update a database of malicious DNS-IP pairs, "parked domains," and "whois information" for future analysis. Gain insights into using visualization tools like Maltego for identifying potential attacker identities or personas.

Syllabus

APT Attribution and DNS Profiling


Taught by

Black Hat

Related Courses

Real-Time Cyber Threat Detection and Mitigation
New York University (NYU) via Coursera Ciberseguridad: ataques y contramedidas
Universidad Rey Juan Carlos via Independent Fundamentos de Ciberseguridad: un enfoque práctico
Inter-American Development Bank via edX Cyber Security Advanced Persistent Threat Defender Preview
Udemy Threat Intelligence: Cyber Threats and Kill Chain Methodology
Pluralsight