Time
1 hour 41 minutes
Difficulty
Beginner
CEU/CPE
2

Video Transcription

00:00
Hey, guys, I won't come back to the cyber Clinton course in Savary. This is a German name and this episode we're going to talk about the cybercult Ian,
00:08
in this video, we're going to cover the Sabbath cult. Ian, we're going to briefly talk about the steps of the Sabra cult in, and we're going to end with how to use a savage guilty in defense.
00:20
So if you go ahead then Google Sabra Kel chain, you might find a number of varieties. However, one of the most accepted ones by the Sabra skating community is the look it Martin cyberculture. It was derived from the military. Guilty were described this structure of an attack
00:36
and military. They have a two different varieties, or number of right is one of the most popular is the F to T to ee ay, which stands for find fixed target. Sorry. Find fix, track, target engaged and assists. There's a number of other ones, such as find fixed, fight and finish.
00:55
But these are
00:57
a legacy terminology or an older terminology. Luckily, the cybersecurity contain is none of these. We don't have finished an hour termine ality.
01:07
However, in this case, it's the seven pays or seven step description of a targeted attack. It starts with the con or reconnaissance, which includes research, identification and selection of target. And this might be one of the most overlooked phases. However, in my own opinion, I think
01:26
this might be the most important one.
01:30
It's crucial to have good reconnaissance because you're going to use each off the information that you gain through the Constance throughout the rest off the cybercult in.
01:42
And the next step is organization which and this step you're going to use the information that you gain
01:49
during reconnaissance on Kate weapons based on your research.
01:55
Once this weapon or the payload is created, you go to delivery again. You're going to use the information you get from reconnaissance. So if you know they have an FTP port open, you can deliver it using that and open FTP port.
02:07
If you know that the system admin is interested in cars, you can create a social engineering campaign that would actually be of interest in. So this is why, again, reconnaissance is one if the most important steps. After that, we moved to exploitation
02:28
on DDE
02:29
and exploitation. We merge or mix of the organization with reconnaissance
02:35
because we're using the vulnerabilities or the vulnerability that we learned about the Constance and he doesn't our weapons for during exploitation to be able to
02:46
exploit this vulnerability on the targeted system.
02:50
Once this is done, our payload is going to install a backdoor for us. Now that we have a back door. Now that we have a, uh,
02:59
a M put inside or an application or malware inside the environment, we need some way or some talent to communicate with it. That's when command and control comes in.
03:10
So in commanding patrol trying to do is we're trying to control our payload or control our back door that we installed and face five. As you can see, we're building up. Every step builds on the one before. So again, going back to the Constance to Constance is the base that you build the whole cyber
03:30
chain on top of.
03:32
So once we have this commanding control, we completed the first. Except now there's an objective that I created. This stuck to the tax for Andi the seventh phase with the seven step off the cybercult chain. Reaction on the subjective whether it was data leakage. Weather was destruction
03:53
or any other objectives.
03:53
That happens in phase six.
03:59
So
04:00
now I we talked about using the Sabra Kill Teen
04:04
An attack. But we can also use it
04:08
for defense
04:11
because, as I said in the previous video video, the best way to protect from a hacker is to think like a hacker,
04:19
a cybersecurity as a cyber security professional, our goal is to break the streak in any step off this chain. If we can break it, protect the rest of the system, they cannot build on top of it.
04:31
So again, our goal is to break this chain and each one of these step, present an opportunity to detect, deny, disrupt, degrade, deceive or contained that targeted attack.
04:45
That's great.
04:46
Now that we went over the kitchen, let's see if you can answer these questions.
04:50
So the first question is, who created the Sabbath guilty?
04:54
And that's kind of it's a question. Although I said, Look it, Martin created the one that is widely accepted. However looking Martin
05:02
lookit, Martin's Kel chain is just a reflection off targeted attack, so I think it might be safe to stay there. Hackers actually created the cyberculture.
05:15
Second is what are the seven paces off the guilty.
05:18
So, as I said, we started very Constance, and then we build on top of it organization, delivery, exploitation, commanding control and action objectives.
05:30
However, that's incorrect because I skipped insulation.
05:34
So going back, it's reconnaissance organization, delivery, exploitation, installation, commanding control and, finally, action on objectives.
05:45
The last question of this post assessment is how the how do cyber skit professionals use the cybersecurity? Guilty.
05:53
As I said, each and every steps off the Sybil routine
05:58
presents an opportunity to defend against a targeted attack.
06:02
And that's how we use the cybersecurity for good, persecuted culture in for good.
06:10
In today's video, we covered steps off the Sabbath, a critical chain or the cybercult chain, and the next video we're going to start our targeted attack and do some reconnaissance. See you then

Up Next

Cybersecurity Kill Chain™

A practical take on Lockheed Martin Cyber Kill Chain™, The course simulates an example target attack following the 7 phases of the Cyber Kill Chain™.

Instructed By

Instructor Profile Image
Abdulrahman Alnaim
Security Operations Manager
Instructor