YoVDO

The Sednit Group, Cyber Espionage in Eastern Europe

Offered By: NorthSec via YouTube

Tags

NorthSec Courses Cybersecurity Courses Threat Intelligence Courses Exploit Development Courses Cyber Espionage Courses

Course Description

Overview

Explore the tools and tactics of the Sednit cyber espionage group in this 37-minute conference talk from NorthSec 2015. Delve into their recent campaigns targeting Eastern Europe, focusing on Ukraine-related topics and custom exploit-kits. Examine the group's exploitation chain, home-made exploit development, and deception techniques like fake password change pages. Analyze the X-Agent malware's Windows and iOS versions, including its modules and communication channels. Gain insights into the group's technical capabilities and understand the broader context of their cyber espionage activities in Eastern Europe.

Syllabus

Intro
Outline
Discovery
Exploitation Chain (1)
Exploitation Chain (2)
Home-Made Exploit Development
Fake Yahoo Change Password Page
Context
Case 1: EConsul
Decoys
Network Communications
Result: "Execution Trace"
X-Agent Modules Windows Version
X-Agent Communication Channels
X-Agent iOS version
Technical Facts
Conclusion


Taught by

NorthSec

Related Courses

Through the Eyes of the Adversary - How to Build a Threat Intel Program
RSA Conference via YouTube
Attribution in a World of Cyber Espionage
Kaspersky via YouTube
Dark Caracal Part II - Where in the World is Caracal?
Kaspersky via YouTube
Darkhotel - Lighting the Room
Kaspersky via YouTube
Stop! Don’t Make That Noob Incident Handling Mistake
44CON Information Security Conference via YouTube