Blog Post

The Human Connection Blog
2 MIN READ

New Cyber Threat Intelligence Lab release!

BenMcCarthy's avatar
BenMcCarthy
Icon for Immerser rankImmerser
6 months ago

Today we have a brand new set of labs related to Threat Actors: Earth Krahang & StrelaStealer Malware Campaign – Analysis

Threat Actors: Earth Krahang

Earth Krahang has been an active state-sponsored Advanced Persistent Threat (APT) group since 2022. Believed to be based out of China and associated with the Earth Lusca group, Earth Krahang is newly designated as a specific threat actor. It is known for compromising government infrastructure to move laterally within their networks and across departments with the gained access. 

Who's it for?

  • SOC Analysts
  • Threat Hunters
  • Incident Responders
  • Network Engineers
  • CTI Analysts

What are the key takeaways?

  • Analyze and identify specific TTPs used by Earth Krahang
  • Apply knowledge of Earth Krahang’s TTPs to design and implement effective detection and mitigation strategies

Cyber Pro licensed users can access the new collection here.

StrelaStealer Malware Campaign – Analysis

Unit42 has released an advisory covering a new email credential harvesting campaign observed in early 2024. StrelaStealer malware is designed to extract email login credentials from popular email platforms and transmit them to the attacker's command and control server. Once compromised, the threat actor can exploit the victim's email account for additional malicious activities. Since its initial appearance in 2022, the creators of StrelaStealer have conducted numerous widespread email campaigns and show no signs of halting their operations.In this lab, you'll learn to detect indicators of compromise for this malware in logs.

Who's it for?

  • SOC Analysts
  • Threat Hunters
  • Incident Responders

What are the key takeaways?

  • Outline the execution flow used by the threat actor to deploy their malware
  • Understand how this threat actor's attack flow as evolved with each observed campaign

Cyber Pro licensed users can access the new collection here.

Updated 6 months ago
Version 2.0
No CommentsBe the first to comment