Description

Let’s talk network recon (ATT&CK ID T1695.001) and discovery (ATT&CK ID T1046)! This week we dive into some of the obvious atomic indicators and talk about behavioral indicators associated with APT34, APT39, and generic approaches. We also talk about how attackers might evade IDS/IPS/detection signatures and how you can deal with this during your threat hunting efforts.