Unit 42, which describes itself as “the global threat intelligence team” at Palo Alto Networks, has released 11 new “Adversary Playbooks” that present the tools, techniques, and procedures (TTPs) used by cyber threat actors. The addition of the newest Playbooks nearly doubles the number in Unit 42’s collection, which now stands at 21. One of the adversaries covered by the latest Playbooks is “Sofacy,” also known as “Fancy Bear” and “APT 28” by other organizations, which Unit 42 describes as a “a highly active actor with a Russian nexus” that has been “responsible for targeted intrusion campaigns against various industry vertical such as but not limited to Aerospace, Defense, Energy, Government and Media.” Each Playbook offers an overview of the adversary, summaries of the campaigns it has conducted, and technical information that can be of benefit to network defenders looking for indicators of compromise. Access the Playbooks at Unit 42.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!