Hunting RATs (Remote Access Trojans)

Security professionals must continue to ask themselves, are they doing enough? Are they continuing to develop their knowledge and defenses? Are they successfully staying ahead of cybercriminals? And even if the answer is yes, how do they know they will continue to stay ahead tomorrow? Systems are built, security protocols are established but then, in many cases, development stops and new defenses are not implemented to mitigate new threats. What may have once been secured, will soon likely fail to keep new threats and vulnerabilities at bay as cybercriminals increase both their capability and volume of attacks.

To prevent an attack, an organization may maintain a good patch management cycle and updated rulesets. Some may even go further to adopt threat intelligence feeds, although, it is argued this can be counterproductive. When threat intelligence is used correctly, it can deliver an early warning of likely threats, enabling ample time to adjust defenses accordingly.

Defense teams are tasked with monitoring within a SOC, safeguarding the business, and winning every engagement with the enemy. On the other hand, threat actors or penetration testers only need to succeed once to win. A common mentality amongst those in the cybersecurity community is to focus on the difficulty of keeping an organization safe from a cyberattack. But this works both ways, as investigators only need to identify one misstep by cybercriminals.

Hunting and identifying a threat actor provide an opportunity to understand the enemy and learn better ways of defending against them. Cybersecurity professionals may not have the jurisdiction of Law enforcement and most definitely do not have the legal rights to hack back. But they can learn what new controls are required, even before a threat actor envisions their new tool, technique or procedure (TTP).

This eBook touches on topics including:

  • What is a RAT (remote access trojan)
  • How to carry out an investigation with an IOC
  • A hunting guide including a real world investigation

Please complete the form below to access this research:

Business E-mail Address

First Name

Last Name

Company

Job Role

Job Function

Company Size

Address

City

State/Province/Region

Zip / Postal Code

Country

Business Phone Number

Your privacy is a top concern for us at Knowledge Hub Media. We’ll only use your personal information to provide you with the content, products and/or services you’ve requested from us. By entering your contact information and clicking on the “submit” button below, you are confirming that you have carefully read Knowledge Hub Media’s Terms of Use agreement, and Privacy Policy, and agree to be legally bound by all such terms.

Yes, I agree to the Terms of Use Agreement.

Yes, I agree to the Privacy Policy.

The third party vendor sponsoring this content may wish to contact you regarding products and/or services as they relate to this white paper/research. Please check the appropriate boxes below, indicating the ways in which you would like to receive communication from our third party affiliates:

Yes, I would like to receive communication by email.Yes, I would like to receive communication by telephone.Yes, I would like to receive communication by postal mail.

Knowledge Hub Media would also like to keep in touch regarding related content, white papers, business/technology research and upcoming events in your area of expertise. Please check the appropriate boxes below to opt-in:

Yes, Knowledge Hub Media may contact me via email.Yes, Knowledge Hub Media may contact me via telephone.Yes, Knowledge Hub Media may contact me via postal mail.

You can easily change your communication and consent preferences at any time. Opt-out of receiving communication from Knowledge Hub Media and/or our third party affiliates by easily updating your personally identifiable data and contact preferences here: Update Communication Preferences

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.