Compromised Outsourced IT Providers

Download this episode

Download Video


US-CERT released an alert on an ongoing attack with roots as far back as May 2016. With a command-and-control shared with Stone Panda and a backdoor malware called RedLeaves, the attack was on a number of systems including those with IT service providers. So let's imagine it hit one of our outsourced IT providers, and the criminals used this to pivot onto our networks. What would the attack look like? Could we detect and respond?





Available formats for this video:

Actual format may change based on video formats available and browser capability.

    The Discussion

    Add Your 2 Cents