Presented by
Asaf Perlman, Incident Response Team Leader at Sygnia
Fire Ant: Inside a Hypervisor-Level Espionage Operation
About this talk
In this webinar, we’ll present the case study of Fire Ant, a China-nexus threat actor that gained access to virtualization and networking infrastructure by creating multilayered attack kill chains to facilitate access to restricted and segmented network assets within presumed to be isolated environments.
The webinar will cover:
- How Fire Ant exploited vCenter and ESXi vulnerabilities to deploy persistent backdoors.
- The use of advanced stealth techniques, including rootkits, to maintain resilience even during remediation.
- Practical detection and investigation techniques for unmonitored infrastructure.
- Strategic lessons on how incident response must evolve when facing adaptive, nation-state adversaries.
This session is designed for cybersecurity leaders and practitioners. You’ll get a rare look into the reality of fighting an APT beneath the hypervisor, told from the front lines of incident response.
Sygnia
255 subscribers4 talks
Front-line cyber expertise to strengthen your defenses
Sygnia is the foremost global cyber readiness and response team, applying creative approaches and battle-tested solutions to help organizations beat attackers and stay secure. With a team of deep digital combat and enterprise security specialists, Sygnia enables companies to proactively build cyber resilience and defeat attacks within their networks. At each phase of the security journey, Sygnia delivers the tailored insight, technological acumen and decisive action needed for their clients to be unstoppable in the face of cyber threats.
Sygnia is a trusted advisor and service provider of technology and security teams, executives and boards of leading organizations worldwide, including Fortune 100 companies. Sygnia is a Temasek company and part of the ISTARI Collective.