S2E06: APT41 - Double Dragon: The Spy Who Fragged Me


Manage episode 290580683 series 2915100
על ידי Mandiant התגלה על ידי Player FM והקהילה שלנו - זכויות היוצרים שמורות למפרסם, לא ל-Player FM, והשמע מוזרם ישירות מהשרתים שלכם. הירשמו כדי לעקוב אחר עדכונים ב-Player FM, או הדביקו את כתובת העדכונים באפליקציות פודקאסט אחרות.

This is our APT group graduation party for APT41: Double Dragon,
conducting both Chinese state-sponsored espionage activity and
personal financially-motivated activity. You've read the report* and
on this episode, Christopher Glyer and Nick Carr go behind-the-scenes
with two technical experts, Jackie O'Leary and Ray Leong, who worked
for months to produce the report. We answer viewer questions and
discuss sifting years of incident response data, peppered with Glyer's
IR war stories, and fascinating malware and techniques analyzed by our
reverse engineers in FLARE. Ray and Jackie share their experiences
with the threat group and challenges in the graduation process. We
cover what makes them sophisticated and deep-dive on their supply
chain attacks & guardrails, passive & cross-platform backdoors,
rootkits & bootkits, legit services usage, and third party access via

38 פרקים