New Cyber Threat Intelligence Lab release!
Today we have a brand new set of labs related to DEEP GOSU Campaign – Analysis & Threat Actors: Volt Typhoon
DEEP GOSU Campaign – Analysis
Securonix has released an advisory covering a new campaign observed that might be conducted by the threat actor Kimusky, also known as APT43. The campaign, known as DEEP#GOSU, targets South Korean victims. In this lab, you'll learn about the tactics, techniques, and procedures (TTPs) used by the threat actor group in the delivery, execution, and post-execution actions of its malware, stagers, and remote access trojan (RAT).
Who's it for?
- SOC Analysts
- Threat Hunters
- Incident Responders
- CTI Analysts
What are the key takeaways?
- Outline the ingress vectors used by Kimusky to deliver malware during the GOSU campaign
- Understand how legitimate services are being used for command and control by threat actors
Cyber Pro licensed users can access the new collection here.
Threat Actors: Volt Typhoon
Volt Typhoon, also known as Bronze Silhouette, is a state-sponsored threat actor group and has been active since at least 2021. Its attacks target critical infrastructure in the United States and its territories, focusing on covert espionage to stay undetected for as long as possible.
In this lab, you'll learn about Volt Typhoon, its TTPs, and its most significant campaigns.
Who's it for?
- SOC Analysts
- Threat Hunters
- Incident Responders
- CTI Analysts
What are the key takeaways?
- Analyze and identify specific TTPs used by Volt Typhoon
- Apply knowledge of Volt Typhoon's TTPs to design and implement effective detection and mitigation strategies
Cyber Pro licensed users can access the new collection here.
Learn from our passionate experts on a wide range of subjects from Cyber Threat Research to maximizing value with Immersive Labs, plus, hear from our outstanding customers who are keen to share their experiences.