Contenu connexe Similaire à Not-so Passive Sonar - Red October Similaire à Not-so Passive Sonar - Red October (20) Not-so Passive Sonar - Red October1. Red October
Tracking Active CyberSONAR in 2012
Kurt Baumgartner, Senior Security Researcher
Global Research and Analysis Team
5. Broad Target Variety
Various diplomats, government agencies, geopolitical financial centers, and more
Sources: 2012 KSN Data + Sinkhole activity
6. Exploit Scrubbing
Scrubbed CN-APT spear
Scrubbed CN-APT spear
• CVE-2012-0158
• CVE-2010-3333
• CVE-2009-3129
Custom decoys
Timely, relevant names
Ongoing detection, AV-evasion,
Advanced Exploit Prevention
8. Thank You
Questions, comments, criticism?
Kurt Baumgartner, Senior Security Researcher
Global Research and Analysis Team
kurt.baumgartner@kaspersky.com