Udemy
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
Subscribe
Turn what you know into an opportunity and reach millions around the world.
Learn More
Your cart is empty.
Keep shopping
Cyber Security Advanced Persistent Threat Defender Preview
Rating: 4.5 out of 5(1,406 ratings)
53,073 students

Cyber Security Advanced Persistent Threat Defender Preview

Learn to intelligently detect and take down advanced cyber threats
Created byBally Kehal (Cybertraining365)
Last updated 2/2017
English

What you'll learn

  • Have a high level overview of Advanced Persistent Threats
  • Understand The APT Lifecycle
  • an Overview of APT1
  • an Overview of Stuxnet

Course content

1 section18 lectures2h 33m total length

  • Course Intro & APT Overview Part 16:14

    Defines advanced persistent threat and explains how nation-state, state-sponsored groups deploy highly sophisticated zero-day malware to target specific organizations, persevere for years, and evade detection across multiple attack vectors.

  • APT Overview Part 25:01

    Apt overview highlights persistence: attackers stay in a network for long periods, often undetected by antivirus and intrusion detection systems. They aim to steal trade secrets and insider information.

  • APT Overview Part 36:44

    Examine the Sony Pictures hack and the Stuxnet operation to see how data leaks erode trust and how Natanz, Siemens, and Windows-driven malware can cause physical damage.

  • APT Overview Part 48:04

    Advanced persistent threats target every sector, including government, finance, and manufacturing, using zero-day exploits for long term, persistent access and stealthy, highly customized operations.

  • APT Overview Part 57:37

    Attach in memory to an existing application or process to gain control. Exfiltrate data with stealth, encryption, and regeneration after reboot.

  • Cyber Kill Chain & APT Lifecycle Part 19:48

    Explore the cyber kill chain and the advanced persistent threat lifecycle. Learn how reconnaissance, weaponization, and delivery drive campaigns and malware across targets.

  • Cyber Kill Chain & APT Lifecycle Part 29:11

    Exploitation uncovers vulnerabilities, enables code execution and malware installation, establishes command and control, and mirrors reconnaissance and initial compromise within the Mandia lifecycle on the cyber kill chain.

  • Cyber Kill Chain & APT Lifecycle Part 39:03

    After gaining a foothold, attackers stay undetected, install back doors, perform internal reconnaissance, map the network, and escalate privileges to move toward sensitive assets.

  • Cyber Kill Chain & APT Lifecycle Part 411:50

    Map targets through internal reconnaissance by collecting public information via osint, social engineering, and infrastructure fingerprinting, then assess entry points for initial compromise via phishing and water hole attacks.

  • Cyber Kill Chain & APT Lifecycle Part 510:29

    Learn how attackers establish a foothold and persist with stealthy backdoors and downloader malware, then control compromised hosts via encrypted, chunked command and control channels.

  • Cyber Kill Chain & APT Lifecycle Part 66:56

    Explore how attackers escalate privileges to gain admin access, dump password hashes, and move laterally across networks using pass-the-hash and hash injection.

  • Cyber Kill Chain & APT Lifecycle Part 710:25

    Map databases, operating systems, users, and vulnerabilities during internal reconnaissance to target admin privileges and financial data and source code, using stealthy tools and lateral movement.

  • Cyber Kill Chain & APT Lifecycle Part 85:45

    Explore how attackers maintain presence after infiltration, impersonation, footholds, and precise network mapping, download sophisticated malware, and carry out exposure, destruction, or business harassment to pressure targets, while evading detection.

  • APT1 Overview9:37

    Explore the APT1 overview, detailing a state-sponsored Chinese military unit 61398, its advanced persistent threat operations, and the theft of intellectual property across hundreds of victims.

  • Stuxnet Overview Part 19:48

    Explain how stuxnet damaged physical infrastructure by infecting usb drives to compromise a programmable logic controller, using zero-day exploits and stolen certificates from Realtek and Jim Macron to spread.

  • Stuxnet Overview Part 210:26

    Examine Stuxnet’s targeted attack on Iran’s Natanz centrifuges, a US-Israel operation that infected via USB, moved laterally, and reprogrammed Siemens software to corrupt speeds and damage equipment.

  • Stuxnet Overview Part 36:05

    Explore Stuxnet alongside Doku and Flame, revealing correlations and shared exploits tied to the NSA and equation group, and its spread to thousands of companies worldwide.

  • Cyberwar: New Domain of Warfare10:50

    Explore cyber warfare as the new domain of warfare, a silent, nation-state driven frontier; examine incidents like the Sony Pictures hack and Bureau 121.

Requirements

  • Familiar with cyber exploits and breaches that have occurred in the public

Description

Welcome to this FREE course preview of the Cyber Security Threat Intelligence Researcher Certification.

Cyber-attacks have become so sophisticated over the years, that a new term has emerged - Advanced Persistent Threat, which we will refer to as APT. An APT is a group of individuals that have both the means and the intent to launch persistent attacks against specific targets. Understanding these groups and their behavior is important when evaluating threats against any organization.

Hackers have traditionally targeted large corporations, but today small to midsize businesses are being attacked with the same type of highly sophisticated malware. These new strains of advanced malware are often referred to as APTs

Modern malware uses Advanced techniques such as encrypted communication channels, kernel-level rootkits, and sophisticated evasion capabilities to get past a network’s defenses. More importantly, they often leverage zero day vulnerabilities – flaws for which no patch is available yet and no signature has been written.

Modern malware is often Persistent and designed to stick around. It’s stealthy and carefully hides its communications. It lives in a victim’s network for as long as possible, often cleaning up after itself by deleting logs, using strong encryption, and only reporting back to its controller in small, obfuscated bursts of communication.

Many attacks are now blended combinations of different techniques. A common tactic for hackers is to initiate an APT with spear phishing. This involves sending a carefully crafted email that appears to be in the from of a known individual or business with a link to a malicious website or an infected download. 

Once the initial breach is successful, attackers can further damage defenses by disabling security protocols, changing security settings or stealing passwords. Groups of highly skilled, motivated, and very well-funded attackers represent significant Threats because they have very specific targets and goals in mind – often financial gain from theft of credit cards and other valuable account information.

Here are the topics that we will be covering in this course. We will begin by going over the APT Lifecycle and teach you a structured approach to analyze and assess inherent vulnerabilities. We will teach you mitigation and countermeasures that may prevent an attacker from gaining a foothold into an organization.

Next, we will get you familiar with APT1 Group and some common ATPs we have seen in the last few years like Stuxnet, and two new ones, Adwind and Poseidon. Lastly, we will get you familiar with the Cyber World War.

 

Who this course is for:

  • anyone interested in preventing cyber attacks

Report abuse