Careto: Unmasking a New Level in APT-ware

Webinar Registration

Careto (aka The Mask) is a recently discovered APT actor that has been active since at least 2007. Here’s what makes Careto different than past APTs like Duqu, Flame and Stuxnet:
Sophistication and complexity. Careto includes malware, a rootkit, plug-in architecture, utilizes many, many different vectors and versions for Windows, Max OS X, Linux and beyond. It uses never-before-seen methods to hide itself.
Professional operation. Beyond the software itself, the people behind its operation and control are unusually professional.
There’s a tremendous amount knowledge and benefit that can be gained from understanding Careto. In this webinar we will explore Careto in terms of:
  • Backdoor components
  • Use of certificates
  • Exploit sites
  • Communication
  • Command and control servers
  • Exploits used
Then we will take a look at the indicators of compromise not just so you can detect Careto (might be a moot point since it appears to have been shutdown) but so that you can see how other APTs can be detected.
We will finish up by putting all the exploits used by Careto on the board and then see what happens as we apply each multi-level endpoint security defense, one layer at a time. I think you will find the results interesting and beneficial. Attackers like Careto are powerful and sophisticated but they are not invincible. Lumension is my sponsor for this webinar and I’ll be joined by Dan Teal for some detailed analysis of Careto’s advanced techniques.
Please join me for this highly technical and fascinating real training for free™ event.
Register now!
First Name:   
Last Name:   
Work Email:  
Zip/Postal Code:  
Number of Employees?:
Job Title?:

Your information will be shared with the sponsor.

By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us and the sponsor.



Additional Resources