???? When it comes to cyber threats, they are often attributed to specific cybercriminal groups or intelligence agencies. But how is this actually done? I will try to answer these and many other questions in a conversation with specialists from @esetglobal Would you prefer to see the material with the original soundtrack? ???????? • Fighting APTs, espionage and cybercrime... ???? Sources: ????️ DAGMA IT Security @dagmaITsecurity https://dagma.eu/pl My interlocutors: ???? Robert Lipovský @ Twixxer https://x.com/robert_lipovsky ???? Ondrej Kubovič @ Twixxer https://x.com/on drashmachula ???? Cyberespionage the Gamaredon way: Analysis of toolset used to spy on Ukraine in 2022 and 2023 https://www.welivesecurity.com/en/ese... ???? Telekopye: Hunting Mammoths using Telegram bot https://www.welivesecurity.com/en/ese... ???? Telekopye transitions to targeting tourists via hotel booking scam https://www.welivesecurity.com/en/ese... ❗️CosmicBeetle steps up: Probation period at RansomHub https://www.welivesecurity.com/en/ese... ???? Operation Texonto: Information operation targeting Ukrainian speakers in the context of the war https://www.welivesecurity.com/en/ese... ❓ @ZaufanaTrzeciaStronaYT How to combine an ugly Lambo, a powerful father-in-law, and a talent for computer crime? https://zaufanatrzeciastrona.pl/post/... ???????? Russian cyberattack on Polish infrastructure: sewage treatment plant victim https://wiadomosci.wp.pl/rosyjski-cyb... ???? Russians hacked a sewage treatment plant in Masuria? https://cyberdefence24.pl/cyberbezpie... ???? @CERTPolska https://x.com/CERT_Polska/status/1780... Relevant xkcd: https://xkcd.com/1573/ © All trademarks are property of their respective owners. ❤️ Thank you for your attention. You can also find me on: Instagram @mateuszemsi / mateuszemsi Twitter @MateuszChrobok / mateuszchrobok Mastodon https://infosec.exchange/@mateuszchrobok LinkedIn @mateuszchrobok / mateuszchrobok Patronite @MateuszChrobok https://patronite.pl/MateuszChrobok Podcasts on: Anchor https://anchor.fm/mateusz-chrobok Spotify https://open.spotify.com/show/6y6oWs2... Apple Podcasts https://apple.co/3OwjvOh Thank you for having me @esetglobal Chapters: 00:00:00 Intro 00:01:51 Attribution 00:03:32 Data sources 00:05:05 Do APT and cybergangs have anything in common? English: 00:08:53 Motivations 00:10:22 Ads with deepfakes 00:12:41 Malvertising? 00:13:45 Influence of law enforcement 00:15:07 Competition 00:16:31 Changes in the industry due to AI 00:18:34 Goals 00:19:48 Is it possible to generate LLM malware? 00:21:18 Changing motivations since the outbreak of the war 00:28:00 Propaganda 00:32:08 Motives 00:33:19 Attacks on Polish companies 00:35:00 Connecting the dots 00:40:04 Is it laziness? 00:41:37 Do you have a joint chat? 00:43:21 Is it clear who's an experienced user? English: 00:45:08 Migrations in the industry 00:47:00 Grandoreiro closure 00:49:34 Frustration 00:50:56 Initiative 00:53:56 Telekopye bot 00:56:51 Awareness 00:58:22 What do you like about your job? 01:00:00 Changes, trends 01:05:06 Do you write your own viruses? English: 01:06:31 Threat market ups and downs 01:09:12 Approaching mistakes 01:11:16 Trust 01:13:02 Software supply chain 01:14:46 NotPetya 01:17:09 Keep your system up to date 01:19:52 Sharing is caring 01:21:07 Outro #ESET #DAGMA #antivirus #APT #advertisingcooperation