攻击链内部：新兴威胁行为者的战术和技术.pdf

《攻击链内部：新兴威胁行为者的战术和技术.pdf》由会员分享，可在线阅读，更多相关《攻击链内部：新兴威胁行为者的战术和技术.pdf（61页珍藏版）》请在三个皮匠报告上搜索。

1、 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.S E C 3 0 9Inside the Attack Chain:Emerging Threat Actor Tactics and TechniquesSteve de Vera(He/Him)Manager Threat ResearchAWS CIRTBen Fletcher(He/Him)EMEA CIRT Lead

2、AWS CIRTJavier Teitelbaum(He/Him)US PT CIRT ResponderAWS CIRT 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.AgendaStatisticsThreat Technique Catalog for AWSTactics and TechniquesTakeawaysOpen Discussion 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.THIS SESS

3、ION IS INTERACTIVE!Ask us questions!2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Threat primary tacticsOpportunistic destructionResource hijackRansom eventsA zero trust strategy 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or i

4、ts affiliates.All rights reserved.Statistics and TrendsNote:Statistics are based on only what we see 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.How does the Threat Actor(TA)perform their actions?2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Note:service o

5、n service interaction and console login register as Amazon InfrastructureAWS Infrastructure used by TA 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Countries of TA IP addresses 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Threat actor IP address location 2

6、025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Bringing the data together Resource Hijacking 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Bringing the data together S3 Ransom Events 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazo