Dance Fancy Bear. Dance!

a starving artist guide to threat emulation on macOS

Some of the most recognized artists began their career by copying other artists and creating convincing forgeries. Leveraging the parallels between the art of forgery and the art of adversary emulation, this presentation studies Fancy Bear (APT28) using freely available open-source intelligence to create a convincing forgery of their malware, X-agent, for defenders to study. This talk was inspired by friends that are defenders wanting to conduct threat emulation of a specific threat actor on a starving artist budget.

 

I 😻 feedback. Let me know how I can make this post more useful.

 
Next
Next

cyber Security for the everyday Cat