YoVDO

MuddyWater: From Canaries to Turkeys - Evolution of APT Campaigns 2021-2022

Offered By: NorthSec via YouTube

Tags

Cybersecurity Courses Malware Analysis Courses Threat Intelligence Courses Advanced Persistent Threats Courses VBA Macros Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the evolution and tactics of the Iranian-based threat actor MuddyWater in this 27-minute conference talk from NorthSec 2022. Delve into three distinct campaigns targeting Turkish governmental organizations, Armenia, Pakistan, and countries in the Arabian peninsula. Examine the group's use of Canarytokens for payload activation, mixed-stage payload delivery methods, and the introduction of a new payload builder. Analyze the group's flexibility in employing various techniques, including VBA macros, double extension executables, and WSF-based RATs. Gain insights into MuddyWater's timeline, tool capabilities, and the possibility of it being a collective of groups sharing tools and techniques. Understand the implications of the U.S. Cyber Command's attribution of MuddyWater to Iran's Ministry of Intelligence Services (MOIS) and how it differs from previous beliefs.

Syllabus

NSEC 2022 - Asheer Malhotra - MuddyWater: From Canaries to Turkeys


Taught by

NorthSec

Related Courses

Proactive Computer Security
University of Colorado System via Coursera
Security in Office 365
Microsoft via edX
Threat Detection: Planning for a Secure Enterprise
Microsoft via edX
Cyber Threat Intelligence
IBM via Coursera
Security Analyst Fundamentals
IBM via Coursera