Posted by Martijn Grooten on Dec 7, 2017
Targeted attack campaigns involve multiple stages, the first of which consists of collecting information about the target: the reconnaissance phase. It's an essential part of any campaign and one that often exploits that well known weakest link: the human user.
At VB2017 in Madrid, Cisco Talos researchers Paul Rascagneres and Warren Mercer presented a paper about this specific phase, describing examples from a number of different targeted campaigns.
If, like some of the VB team, you are at Botconf in Montpellier this week, you can see Paul speak about Nyetya (or Notpetya) and the MeDoc connection tomorrow morning, while in the afternoon, Warren will speak about Necurs spam campaigns.