dissection of a Cyber- Espionage attack
21.11.2015 Views
Share Embed Flag

dissection of a Cyber- Espionage attack

cct-w08_evolving-threats-dissection-of-a-cyber-espionage-attack

cct-w08_evolving-threats-dissection-of-a-cyber-espionage-attack

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
talbeerysec

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

The <strong>attack</strong> strategy<br />

More patients to care about…<br />

To escalate the infection the <strong>attack</strong>er have used the OWA access <strong>of</strong> the stolen<br />

accounts to enumerate other potential victims for a new wave <strong>of</strong> targeted emails.<br />

#RSAC<br />

Also, one <strong>of</strong> the <strong>of</strong>ficers has access to internal Sharepoint service and participates<br />

to boards were specific internal meetings and projects are discussed.<br />

With tailored messages published in Sharepoint board, the <strong>attack</strong>er has been able<br />

to sneak through the inner layers <strong>of</strong> the military infrastructure distributing the<br />

dropper.<br />

One lesson I learn from Sharepoint…<br />

it has a horrible Log format.

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!