Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore a comprehensive cybersecurity conference talk examining the TIDRONE and VENOM cyber campaigns targeting drone manufacturers and military industries in Eastern Asia. Discover how the Earth Ammit threat group, likely linked to Chinese-speaking actors, executed sophisticated supply-chain attacks beginning in 2022, initially compromising service providers as stepping stones to reach high-value military targets in Taiwan. Learn about the group's strategic use of dual toolsets - employing shared, attribution-resistant tools for initial breaches while deploying customized malware including advanced RATs like CXCLNT and CLNTEND for long-term espionage operations. Analyze the attackers' focus on credential theft from Active Directory systems, their lateral movement techniques, and how they maintained persistent access to critical infrastructure. Understand the connection between the VENOM campaign and the Dalbit group through shared tactics, techniques, and procedures (TTPs), common target profiles, and overlapping toolsets. Gain insights into Earth Ammit's adaptive methodology that demonstrates how modern threat actors tailor their approaches based on target value, using simpler methods for supply-chain penetration while reserving sophisticated techniques for sustained intelligence gathering from military organizations.
![CNCF [Cloud Native Computing Foundation]](https://www.classcentral.com/cdn-cgi/image/height=40,format=auto,quality=85/images/logos/institutions/cncf-cloud-native-computing-foundation-hz.png){kind=small}
