threat actor campaign

Double Trouble with Double Dragon

Advanced Persistent Threats (APTs) conduct state-sponsored cyberattacks that can radically disrupt global business operations. Launch this campaign to start detecting sophisticated techniques leveraged by APT41, known as "Double Dragon" because they cause double trouble with both espionage and financially-motivated attacks!
Enroll Now
Need to train your team?  
Learn More

9

H

3

m

Time

intermediate

i
Designed for learners with a solid grasp of foundational IT and cybersecurity concepts who are interested in pursuing an entry-level security role.
Experience Level

3520

XP

10

i

Earn qualifying credits for certification renewal with completion certificates provided for submission.
CEU's

11367

Enrollees

Campaign Outline

Threat Actor Campaigns are comprised of multiple MITRE ATT&CK aligned courses. Click on a course below to learn more.

Overview

Spearphishing is one of the oldest tricks in the book, and in this course you will learn more about how it actually works. Plus, see how adversaries can hide malicious code in compiled HTML files. Detect and mitigate these techniques in our hands-on course.

Overview

Windows Services are the main vehicle used by the Windows OS to start and run background functions that do not require user interaction. Configuring malware to run as a service is a common strategy for trying to blend malicious code execution in with other legitimate Windows functions. Prevent adversaries from gaining persistence in this course.

Overview

After gaining initial access on a system, adversaries may want to do some discovery work on local accounts and maintain persistence on a victim system as they create and manipulate accounts in order to maintain their access. Learn to detect such suspicious activity in this course!

Overview

LOLbins won't have you laughing when threat actors "live off the land" to leverage tools and capabilities that are already present in the target environment to achieve objectives. Learn how to detect common adversary techniques such as Ingress Tool Transfer in this course.

Overview

Once an adversary has firmly established access within a target environment and identified data of interest, they want to gather and exfiltrate that data. Learn to detect such late-stage threat actor campaign techniques of automated archive and exfiltration in our hands-on course.

Overview

After an adversary has exfiltrated data from a target system, the potential final stages in an attack include encrypting data for impact and inhibiting system recovery. Learn how to detect endgame ransomware techniques before a threat actor can accomplish their nefarious objective