Compromised Outsourced IT Providers

Sign in to queue

Description

US-CERT released an alert on an ongoing attack with roots as far back as May 2016. With a command-and-control shared with Stone Panda and a backdoor malware called RedLeaves, the attack was on a number of systems including those with IT service providers. So let's imagine it hit one of our outsourced IT providers, and the criminals used this to pivot onto our networks. What would the attack look like? Could we detect and respond?

Tag:

Security

Embed

Download

Download this episode

The Discussion

Add Your 2 Cents