Hello, everyone. I'm Instructor Gerry Roberts, and this is introduction to a PT Groups. This video we're gonna talk about how to look for information about a PT groups,
and then we're gonna talk a little bit about how to implement monitoring in your organization.
First of all, looking for information finding information on a PT groups can be difficult.
There are a lot of different
ah, pieces of misinformation, partial information,
and sometimes you just can't find the information
to some places to look.
First of all, some organizations public regular reports
on a burger the basis with information about the different groups.
So a good spot toe look is actually looking for those regular reports.
Now, some antivirus companies like
actually, dude on a quarterly basis, other organizations due to a yearly basis just depends on the organization. But you wanna look and find those reports. They're very useful. They actually are chock full of information about some of the different groups and the different attacks that are common. So you can actually
put things in place to help prevent those attacks.
Instead of just knowing Hey, there's a group out there. You can actually take action
Some vendor, such a Cisco
and other vendors publish information on their websites and also have products that will scan your system for known threats.
as not only can you get information, but you might be able to find a product to help you defend against such attacks.
Now, if you don't know specifically what you're looking for,
you kind of know group name or you might know a group number or something like that. Use your favorite search engine. Yes, I did just tell you to Google that
One of the best things you can do to prevent a PT groups from attacking your organization is monitoring. Remember, these guys work on secrecy,
so if you're monitoring, you're more likely to find them and more likely to be able to boot them out.
So a couple of things keep yourself up to date so you know what to look for.
you may not have controls in place,
but you may find something weird like certain computers air using a lot of processing power or things like that. Knowing what to look for helps you identify an issue
next some vendors after software.
It's usually updated regularly once they find out about attacks, and they can put information in their software to look for them.
These usually work like anti virus looks for specific items, traces specific things
to be ableto find possible attacks.
You can also customize thes. So look for certain things like spear, phishing emails
or certain types of attacks.
Keep everything up to date. Guys.
I shouldn't have to say this, but you'd be surprised how many times I've gone into an organization and things are not up to date,
and something that would have been fixed by a patch or a service pack
Vendors like Microsoft, other vendors like Cisco Lennox, all that do have updates on a regular basis to protect against these types of attacks.
Once these types of attacks have been identified, these vendors are able to put something together to prevent those phone or abilities from being exploited, and in some cases they can even close up of vulnerability.
The next thing implement threat hunting and pan tastic.
It is extremely valuable.
These activities can actually help you locate vulnerabilities
and sometimes even help you locate attacks in progress.
If you're doing pen testing,
you can actually stumble
upon somebody to an attack,
and I've seen it happen before.
So these items, when implemented, can also help you monitor
potential A P T. Attacks.
All right, that's it for this video. So let's take our post assessment question.
How can you find information about a PT groups?
Would you look at published reports? Would you use Google for information?
Would you look at the vendor's Web sites
or would you do all of the above?
I'll give you a moment
You can pause if you want to, and then we'll come back for an answer.
It's D all of the above. All of these items can be great. Resource is for information about a PT groups and a P T attacks.