Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
This conference talk from Black Hat delves into "Crimson Palace," a sophisticated Chinese state-sponsored cyber espionage campaign targeting a Southeast Asian government organization. Discover how researchers from Sophos uncovered and monitored three distinct threat clusters coordinating activities to maintain persistent network access over an extended period. Learn about the campaign's evolution from a testing ground for novel malware to a more aggressive approach after detection, featuring over a dozen malware families (including previously unreported variants), more than 15 distinct DLL sideloads, and innovative defense evasion techniques like a malware variant capable of blackholing anti-virus communications. Gain insights into the investigators' novel techniques for identifying threat activity clusters and analyzing APT intrusion campaigns, along with practical tools developed during this investigation that can be applied to complex intrusions in your own environment.
