Blog Post

The Human Connection Blog
1 MIN READ

New Cyber Threat Intelligence Lab release!

BenMcCarthy's avatar
BenMcCarthy
Icon for Immerser rankImmerser
5 months ago

Today we have a brand new set of labs related to DEEP GOSU Campaign – Analysis & Threat Actors: Volt Typhoon

DEEP GOSU Campaign – Analysis

Securonix has released an advisory covering a new campaign observed that might be conducted by the threat actor Kimusky, also known as APT43. The campaign, known as DEEP#GOSU, targets South Korean victims. In this lab, you'll learn about the tactics, techniques, and procedures (TTPs) used by the threat actor group in the delivery, execution, and post-execution actions of its malware, stagers, and remote access trojan (RAT).

Who's it for?

  • SOC Analysts
  • Threat Hunters
  • Incident Responders
  • CTI Analysts

What are the key takeaways?

  • Outline the ingress vectors used by Kimusky to deliver malware during the GOSU campaign
  • Understand how legitimate services are being used for command and control by threat actors

Cyber Pro licensed users can access the new collection here.

Threat Actors: Volt Typhoon

Volt Typhoon, also known as Bronze Silhouette, is a state-sponsored threat actor group and has been active since at least 2021. Its attacks target critical infrastructure in the United States and its territories, focusing on covert espionage to stay undetected for as long as possible.

In this lab, you'll learn about Volt Typhoon, its TTPs, and its most significant campaigns.

Who's it for?

  • SOC Analysts
  • Threat Hunters
  • Incident Responders
  • CTI Analysts

What are the key takeaways?

  • Analyze and identify specific TTPs used by Volt Typhoon
  • Apply knowledge of Volt Typhoon's TTPs to design and implement effective detection and mitigation strategies

Cyber Pro licensed users can access the new collection here.

Published 5 months ago
Version 1.0
No CommentsBe the first to comment