Connecting the Dots - A Beginner's Experience of Threat Actor Tracking

Explore the fundamentals of threat actor tracking in this 15-minute conference talk from Security BSides London. Dive into the world of cybersecurity as Keith Short shares his beginner's experience in identifying and following digital threats. Learn about the importance of tracking threat actors, setting up a safe environment, and utilizing tools like Wireshark for analysis. Discover techniques for extracting metadata, resolving domains, and mapping connections. Follow along as Short presents a real-world scenario, introducing threat actors Jessica Koran and Prince Ali, and demonstrates practical tracking methods. Gain valuable tips and insights to enhance your own threat intelligence capabilities in this concise yet informative presentation.

Introduction
Agenda
What are threat actors
Threat actor I tracked
Why track for actors
The scenario
Safe environment setup
Wireshark
Metadata
The hint
Finding more samples
Resolving domains
Map out
Pivot
Analyze
Jessica Koran
Prince Ali
Tracking methods
Tips
Summary
Outro