This is the default text value
threat-actor-campaigns
threat actor campaign

Weak Link in the Supply Chain

Threat actors known as Advanced Persistent Threats (APTs) conduct highly sophisticated attacks sponsored by nation-states. They maintain a committment to stealth and often use custom malware. This campaign emulates a supply chain attack by APT29 that is similar to the SolarWinds compromise and it has the end goal of stealing sensitive information.
Enroll Now
Need to train your team?  
Learn More
Start Course
Need to train your team? Learn More
Need to train your team?  
Learn More

5

H

58

m

Time

intermediate

i
Designed for learners with a solid grasp of foundational IT and cybersecurity concepts who are interested in pursuing an entry-level security role.
Experience Level

3100

XP

5

i

Earn qualifying credits for certification renewal with completion certificates provided for submission.
CEU's

1098

Enrollees

Campaign Outline

Threat Actor Campaigns are comprised of multiple MITRE ATT&CK aligned courses. Click on a course below to learn more.
Course
Free
1
H:
18
M
1
 CEUS

Compromise Software Supply Chain

Threat actors use the technique Compromise Software Supply Chain by altering software that they know their victims will use. They include a backdoor that will give them access to their victim's network once the software is installed. You will detect this technique in a virtual lab and master how to mitigate this threat.

Learn More & Enroll

Overview

Threat actors use the technique Compromise Software Supply Chain by altering software that they know their victims will use. They include a backdoor that will give them access to their victim's network once the software is installed. You will detect this technique in a virtual lab and master how to mitigate this threat.

Start Learning
Course
Free
1
H:
15
M
1
 CEUS

Unsecured Credentials and Domain Accounts

Threat actors use the techniques Unsecured Credentials and Domain Accounts to obtain credential access and gain persistence. In this emulation of how the threat group APT29 would use these techniques, you will get hands-on practice detecting this activity so you can protect your organization from highly sophisticated advanced persistent threats.
Learn More & Enroll

Overview

Threat actors use the techniques Unsecured Credentials and Domain Accounts to obtain credential access and gain persistence. In this emulation of how the threat group APT29 would use these techniques, you will get hands-on practice detecting this activity so you can protect your organization from highly sophisticated advanced persistent threats.
Start Learning
Course
Free
1
H:
10
M
1
 CEUS

Disable Windows Event Log and Timestomp

Sophisticated threat actors like APT29 will use the techniques Disable Windows Event Logging and Timestomp for defense evasion to prevent defenders from seeing their presence on the network. You will detect this nefarious activity in our virtual lab so you can react to advanced attackers and outsmart them.

Learn More & Enroll

Overview

Sophisticated threat actors like APT29 will use the techniques Disable Windows Event Logging and Timestomp for defense evasion to prevent defenders from seeing their presence on the network. You will detect this nefarious activity in our virtual lab so you can react to advanced attackers and outsmart them.

Start Learning
Course
Free
1
H:
5
M
1
 CEUS

Lateral Movement: Windows Remote Management

In order to achieve lateral movement, threat actors will use a valid account to access remote systems, such as the Windows Remote Management service. In this way, the threat actor can move around the network and search for valuable information or greater access. Learn more and get hands-on with this technique by detecting it in our virtual lab.
Learn More & Enroll

Overview

In order to achieve lateral movement, threat actors will use a valid account to access remote systems, such as the Windows Remote Management service. In this way, the threat actor can move around the network and search for valuable information or greater access. Learn more and get hands-on with this technique by detecting it in our virtual lab.
Start Learning
Course
Free
1
H:
10
M
1
 CEUS

Application Layer Protocol for C2 and Exfil to Cloud

Threat actors like APT29 use Application Layer Protocols for Command and Control (C2) so they can blend in and avoid detection. They also may attempt to steal data and exfiltrate it to a cloud storage service as the end-goal of their attack. In this course, you will learn about these techniques and get practice detecting them in our virtual lab.
Learn More & Enroll

Overview

Threat actors like APT29 use Application Layer Protocols for Command and Control (C2) so they can blend in and avoid detection. They also may attempt to steal data and exfiltrate it to a cloud storage service as the end-goal of their attack. In this course, you will learn about these techniques and get practice detecting them in our virtual lab.
Start Learning