Shadow Server Data Reveals Cisco Vulnerabilities & Threat Actor Tactics #shorts
About this talk
Analyzing Cisco vulnerabilities with Shadow Server data. Threat actors use fingerprinting evasion, seen in implant versions 2 & 3. Login traffic monitored via honeypots to track 'Coyote'. #Cisco #Cybersecurity #Vulnerability #Hacking #ThreatActor
Show transcript [en]
We also include data from shadow server in all of these cases. Um so big shout out to them. Uh this is the tracking data that they have for these Cisco vulnerabilities. Um there there are two big gaps in there. That's because of the um fingerprinting evasion that the threat actors used. I will come to that when we talk about the implant. Um and that's why there are annotations for implant version two and version three because it changed over time uh as details were uncovered. Yeah. So onto the log and traffic analysis. Um as I said we set up pony pots to monitor the situation and to monitor what coyote that's what the threat actor um is named internally um
that secure infra is was and
Related talks
0:38Microsoft Security: Safe PC or Password Risk? #shorts
BSides Frankfurt
0:41IP Geolocation Inaccuracy: Understanding Network Routing #shorts
BSides Frankfurt
0:18Vibe Coding Explained: Simple Rules for Secure Programs #shorts
BSides Frankfurt
0:22Microsoft Shared Folder Error 1272: Security Policy Explained #shorts
BSides Frankfurt
0:25Impossible Game Bot: The Ultimate Training Data Challenge #shorts
BSides Frankfurt
1:22Microsoft Share Error: Security Policies & Honeypot Gold! #shorts
BSides Frankfurt