In this bonus episode of Learning Happy Hour, Jason and Mitch interview Brian Lee, Principal Researcher in Unit 42. Follow along as they cover a list of topics and Brian takes them through the cybersecurity zoo.

Take the episode quiz to check your knowledge on threat actors.

Episode Timeline:

0:00 - Intro

1:06 - Threat actor naming & APTs

2:40 - Threat team member roles

4:25 - Espionage Motivated Adversaries (Pandas)

6:30 - Espionage Motivated Adversaries (Bears)

9:40 - Espionage Motivated Adversaries (Kittens)

10:20 - Stuxnet attack

12:25 - Shamoon 1, 2, 3

17:20 - Espionage Motivated Adversaries (Chollimas)

18:35 - Espionage Motivated Adversaries (Chollima - Lazarus Group)

20:40 - Attribution False Flags

21:30 - Difficulty of Attribution

23:00 - Tactics Techniques and Protocols (TTPs)

28:10 – The big 4 adversaries tracked by Bryan

29:08 – Cyber Insurance

31:15 – The Marriott Breach

32:55 – What is your CyberSecurity Nightmare?

34:20 – We’re in the business of Prevention!

35:00 – The creation of AutoFocus

36:30 – Oil Rig Kittens

38:06 – Dark Hydrus Kittens

39:10 – DNS Tunneling

40:20 – C2 using GDrive

41:36 – Sofacy Group (Bears)

42:30 – File-less isn’t really without files

43:15 – Hacker Wizards!

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Episode Resources:

Unit 42 Research & Tools

Unit 42 Playbooks

Unit 42 Predicting Malicious Domains

 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 

Episode Feedback: