Description:
APT Tactics: Lazarus, Ransomware, and Advanced Exploitation is an intermediate-level course designed to immerse participants in the sophisticated techniques and operations used by Advanced Persistent Threats (APTs) such as the Lazarus Group. This hands-on course provides deep insights into their tactics, including ransomware deployment, lateral movement, and data exfiltration, with a focus on real-world scenarios.
Students will learn to leverage tools and techniques like RDP, PSExec, and SMB for lateral movement across enterprise networks, exploit vulnerabilities like Log4J (CVE-2021-44228), and deploy ransomware not just on systems but also on enterprise backups. The course includes training on stealing high-value assets, such as cryptocurrency wallets, and crafting comprehensive campaigns against both Windows and Linux environments.
In addition to simulating ransomware attacks, participants will practice disabling Endpoint Detection and Response (EDR) systems, explore Bring Your Own Driver (BYOD) attack techniques, and emulate high-profile breaches, such as the WannaCry ransomware outbreak. Through engaging labs and carefully constructed emulation exercises, attendees will apply these techniques in realistic scenarios, gaining a thorough understanding of both offensive operations and the defensive strategies needed to counter them.
Students Will Be Provided With:
- Lifetime Access to Course Material, plus 1-month Lab Access
- Exclusive Course Swag
- Certificate of Completion
Minimum Course Requirements:
- Laptop with 8GB of RAM
- Modern Web Browser (Chrome, Firefox, etc.)
Prerequisites:
- Basic understanding of Offensive Security Tools.
- Familiarity with C2 Frameworks.
- Willingness to learn in a fast-paced environment.
Target Audience:
This course is aimed at intermediate red team operators who are looking to upgrade their skills in executing modern Advanced Persistent Threat (APT) Tactics, Techniques, and Procedures (TTPs).
Trainers Biography:
Anthony “Coin” Rose, CISSP, is a Lead Security Researcher and Chief Operating Officer at BC Security, where he specializes in adversary tactic emulation planning, Red and Blue Team operations, and embedded systems security. He has presented at numerous security conferences, including Black Hat, DEF CON, and RSA conferences. Anthony is the author of various offensive security tools, including Empire and Starkiller, which he actively develops and maintains. He is recognized for his work, revealing wide-spread vulnerabilities in Bluetooth devices and is the co-author of a cybersecurity blog at https://www.bc-security.org/blog/.
Jake “Hubble” Krasnov is the Red Team Operations Lead and Chief Executive Officer of BC Security. He has spent the first half of his career as an Astronautical Engineer overseeing rocket modifications for the Air Force. He then moved into offensive security, running operational cyber testing for fighter aircraft and operating on a red team. Jake has presented at DEF CON, where he taught courses on offensive PowerShell and has been recognized by Microsoft for his discovery of a vulnerability in AMSI. Jake has authored numerous tools, including Invoke-PrintDemon and Invoke-ZeroLogon, and is the co-author of a cybersecurity blog at https://www.bc-security.org/blog/.