While fighting against malicious groups, identifying threat landscape and mapping attack network are often crucial for investigators to hunt down threats and criminals as well as organizations to protect themselves from attacks.
With RiskIQ PassivTotal Transforms in Maltego, investigators can study the SSL certificates, associated IP addresses, and other infrastructure intelligence that help them identify patterns of criminal activities.
Using RiskIQ PassiveTotal Transforms to Track Advanced APT Groups 🔗︎
This webinar demonstrates how RiskIQ PassiveTotal and its integration with Maltego help researchers and analysts identify and visualize relationships in attacker infrastructure. By tapping into the internet intelligence graph and visualizing its connections, even advanced, well-funded APTs can’t hide for long.
- An investigative case study on the cyber espionage group “OceanLotus” and how reporters from German Publications BR24 and Zeit Online track Ocean Lotus activity across Europe
- From SSL certificate to infrastructure: How a custom certificate and its associated IP addresses led to the infrastructure OceanLotus uses to deploy Windows-based malware
- Identifying APT activities through campaign patterns: How similarities between campaigns—tactics, malware, and even infrastructure—can be a strong indicator that a particular IP Address is associated with a certain APT
- Advanced techniques leveraging RiskIQ PassiveTotal data in Maltego to visualize threat landscape of cybercriminal groups
Download and watch the webinar now to learn how these tools make it easier and faster for cybersecurity analysts, law enforcement agencies, and threat intelligence teams to track down advanced cybercriminal activities and networks!