In this bonus episode of Learning Happy Hour, Jason and Mitch interview Brian Lee, Principal Researcher in Unit 42. Follow along as they cover a list of topics and Brian takes them through the cybersecurity zoo.
| Click the arrow icon [ ↗ ] in the lower, right-hand corner of the video to watch the Learning Happy Hour episode in a new window and search the video in the full video player. |
Take the episode quiz to check your knowledge on threat actors.
Episode Timeline:
0:00 - Intro
1:06 - Threat actor naming & APTs
2:40 - Threat team member roles
4:25 - Espionage Motivated Adversaries (Pandas)
6:30 - Espionage Motivated Adversaries (Bears)
9:40 - Espionage Motivated Adversaries (Kittens)
10:20 - Stuxnet attack
12:25 - Shamoon 1, 2, 3
17:20 - Espionage Motivated Adversaries (Chollimas)
18:35 - Espionage Motivated Adversaries (Chollima - Lazarus Group)
20:40 - Attribution False Flags
21:30 - Difficulty of Attribution
23:00 - Tactics Techniques and Protocols (TTPs)
28:10 – The big 4 adversaries tracked by Bryan
29:08 – Cyber Insurance
31:15 – The Marriott Breach
32:55 – What is your CyberSecurity Nightmare?
34:20 – We’re in the business of Prevention!
35:00 – The creation of AutoFocus
36:30 – Oil Rig Kittens
38:06 – Dark Hydrus Kittens
39:10 – DNS Tunneling
40:20 – C2 using GDrive
41:36 – Sofacy Group (Bears)
42:30 – File-less isn’t really without files
43:15 – Hacker Wizards!
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Episode Resources:
Unit 42 Research & Tools
Unit 42 Playbooks
Unit 42 Predicting Malicious Domains
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Episode Feedback:
