APT Attribution: Trials and Tribulations From the Field

In this episode, Joshua Miller and Zydeca Cass, Senior Threat Researchers at Proofpoint, join the show to discuss attribution, specifically APT actor attribution. Joshua and Zydeca dive into their experiences of attribution successes and failures, sharing tales of threat actors impersonating Russian opposition leaders and an Iranian kidnapping plot in New York. As Crista says, the good, the bad and the ugly.
Join us as we discuss:
Understanding the difference between the two types of attribution
How attribution can be used in e-crime versus state-aligned investigation
Stories from Josh and Zydeca of threat actors they are tracking based in Russia and Iran


Check out these resources we mentioned:
https://twitter.com/ChicagoCyber/status/1521492543707430912
https://www.activeresponse.org/wp-content/uploads/2013/07/diamond.pdf
https://blog.talosintelligence.com/2022/01/iranian-apt-muddywater-targets-turkey.html
https://www.justice.gov/usao-sdny/pr/manhattan-us-attorney-announces-kidnapping-conspiracy-charges-against-iranian


Keep up with the latest tales from the threat research trenches by subscribing to DISCARDED in Apple Podcasts, Spotify, or wherever you get podcasts. Thanks for listening!