Initial Access & Malware Delivery Landscape: Top Threats and TTPs

Presented by

Scott Small, Director of CTI, Tidal Cyber

About this talk

This webcast provides a broad overview of the top cyber threats currently used to gain initial footholds into victim environments and deliver a wide range of other, usually more impactful malware. Our research into loaders, remote access trojans (RATs), and other initial access threats fills a notable community knowledge gap by aggregating the TTPs associated with newer or resurging threats, including SocGholish, Gootloader, Raspberry Robin, IcedID, BumbleBee, Emotet, and more, and aligning them to a common lexicon (MITRE ATT&CK®) for quicker pivoting into defensive actions. Although many of these threats are responsible for high infection volumes and are notoriously adept at modifying their TTPs, there has yet to be a comprehensive survey of how techniques might be shared (or differ) among the various operations, campaigns, & malware. This session will especially spotlight common early-stage attack techniques and overlaps in second- or later-stage payloads, helping defenders identify opportunities to prioritize their work and make the most efficient use of finite time & resources.

Related topics:

More from this channel

Upcoming talks (1)
On-demand talks (14)
Subscribers (681)
We formed Tidal for one simple reason—we believe that defenders need and deserve tools and services that make achieving the benefits of threat-informed defense practical and sustainable. We believe that these tools and services should be independent of any specific vendor’s security product or capability. That independence helps ensure that our enterprise customers always understand what is best for them and that our solution provider customers are positioned to deliver success.