C3Subtitles: 32c3: APT Reports and OPSEC Evolution, or: These are not the APT reports you are looking for
back

APT Reports and OPSEC Evolution, or: These are not the APT reports you are looking for

How advanced threat actors learn and change with innovation in security defense and constant APT reports, and how we can get better

If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!

Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.

Video duration
01:00:24
Language
English
Abstract
With the advancement of defensive security and the constant release of research papers into their toolsets, advanced threat actors have had to adapt with new operational security practices, as well as with new technology.

With the advancement of defensive security and the constant release of research papers into their toolsets, advanced threat actors have has to adapt with new operational security practices, as well as with new technology.

Examples of this are how long it takes for a threat actor to take its operation offline once a public report of it's tools is getting released, or the technology it may be using to cope when its expensive code base that has taken years of development suddenly becomes public property.

Two quick examples are the geographical distribution of attacks, which are often (mis)used in attribution, and the use of cryptography for reuse of now public code bases.

Talk ID
7260
Event:
32c3
Day
1
Room
Hall 2
Start
11 p.m.
Duration
01:00:00
Track
Security
Type of
lecture
Speaker
Gadi Evron
Inbar Raz
gadi