BSidesWLG 2017 - Noushin Shabab - Investigation of targeted attacks

We have been tracking targeted attacks on countries and territories in APAC region for the past few years. By constantly improving the detection capabilities of our products we have managed to collect a large set of tools from these APT actors' toolsets, most of which have been meticulously analysed and reverse engineered. The targets of these attacks have been thoroughly researched and many artifacts have been carefully analysed in order to ascertain the identity of the groups behind these attacks. This talk will present the result of the most comprehensive research up to date on these APT actors which we consider as the most active actor in this region.