Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Learn how security researchers and academics are being targeted by a sophisticated threat actor through this DEF CON 33 conference talk. Discover the operations of MUT-1244, a newly uncovered threat actor that exploits trust in open-source tools and research environments by distributing trojanized proof-of-concept exploits and fake software updates specifically targeting security professionals, red teamers, and academics. Explore the investigation that revealed over 390,000 leaked credentials exfiltrated by MUT-1244 from a compromised actor, demonstrating the massive scale of their operations. Examine the technical details of MUT-1244's campaigns, including their use of fake GitHub profiles to distribute malicious tools and updates. Understand the OSINT methodology used to map the threat actor's infrastructure and tactics, along with attribution findings that help identify their operations. Gain insights into detection strategies for identifying this type of activity in your environment and learn from the speakers' discovery process of how they uncovered the extensive credential theft operation. Understand how traditional security measures like patching vulnerabilities, sandboxing malware, and avoiding suspicious links may not protect against threats that exploit the very research tools and environments security professionals rely on daily.
