STAR Webcast: Dissecting BadBlood: an Iranian APT Campaign

In late 2020, TA453 (which overlaps with Charming Kitten and Phosphorus) conducted a targeted credential phishing against medical researchers specializing in oncology, neurology, and genetic research. Dubbed BadBlood, this campaign marked a departure from typical TA453 targeting which has historically aligned with Islamic Revolutionary Guard Corps (IRGC) collection priorities, targeting dissidents, academics, diplomats, and journalists. In this webcast, Proofpoint researchers will walk through the BadBlood campaign, techniques used to research the campaign, and structured analytic techniques used while writing the report to ensure the most thorough analysis.
Download presentation slides here: https://www.sans.org/webcasts/star-webcast-dissecting-badblood-iranian-apt-campaign-119545/?msc=star-webcast

Speakers
Katie Nickels, Crista Giering & Joshua Miller

About SANS Threat Analysis Rundown (STAR)
The SANS Threat Analysis Rundown (STAR) is an all-new live streaming series that brings you the inside scoop on what you need to know about cyber threats. Hosted by SANS Instructor Katie Nickels, this series will bring you different voices from around the community to ensure you're up-to-date on what's happening in the threat landscape so you can take action.

Every day, analysts track what adversaries are doing and how we can better protect our networks based on that - but it's often overwhelming to track everything. STAR will let you hear from the people who do this on a daily basis and break down that information to let you take action on it in your own organization. STAR will approach threats from all angles, and you'll get different takes each month. Some months we'll focus on specific adversaries or malware, and some we'll focus on a broader view like industry targeting.

digital forensicsincident responsethreat hunting