Threat Actor Campaigns
Learn how adversaries target your environment and develop the skills to defend against threats with interactive courses that provide a complete overview of real-world kill chains.
Stay Ahead of Agile Adversaries
Gain a deeper understanding of advanced persistent threats (APTs) and identify methods used to compromise networks and steal sensitive information with real-world case studies, and learn how to effectively mitigate threats from nation-state actors, criminal organizations, and hacktivists with hands-on exercises. Enroll today to stay threat-informed and protect your organization from sophisticated cyber attacks.
Why Threat Actor Campaigns?
Follow comprehensive attack scenarios to understand how, why, and when adversaries will target your environment.
Shadow subject matter experts as they identify and validate threat actor behavior and build detection methods.
Practice detecting adversary techniques with enterprise-class security tools in a realistic environment.
Hone your skills with hands-on training built around observed adversary tactics and techniques.
Threat-Informed Training
Leverage realistic tools, techniques, and attack scenarios to enhance your detection strategies and defend your organization.
Royal Ransomware Group
Royal is a spin-off group of Conti, which first emerged in January of 2022. The group consists of veterans of the ransomware industry and brings more advanced capabilities and TTPs against their victims. Begin this campaign to learn how to detect and protect against this newer APT group!
Raspberry Robin
Raspberry Robin is a malware family that continues to be manipulated by several different threat groups for their purposes. These threat actors (Clop, LockBit, and Evil Corp) specialize in establishing persistence on a compromised host and creating remote connections to use later. Once established, these C2 connections can be used for multiple purposes, including data exfiltration, espionage, and even further exploitation.
Double Trouble with Double Dragon
Weak Link in the Supply Chain
Spinning a Web Shell for Initial Access
Exfiltration and Extortion
Threat actors will use stolen data exfiltrated from victim systems to extort organizations. Once they gain a foothold, they delete critical system files and threaten to release the data or disrupt operations if the victims do not pay up. Understanding these techniques is vital to defending your organization from such attacks.
Ransomware for Financial Gain
Threat actors continue to leverage ransomware to extort victim organizations. What was once a simple scheme to encrypt target data has expanded to include data disclosure and targeting a victim’s clients or suppliers. Understanding the techniques threat actors use in these attacks is vital to having an effective detection and mitigation strategy.
Empower Your Team, Protect Your Organization
Empower your team to detect and mitigate cybersecurity threats with Cybrary. Request a demo today for access to hands-on practice labs, assessments, custom content, and more.
