January TASK: Dark Caracal / Command and Conquer: Red Alert - C2 tradecraft and design
Wednesday 31-January-2018 // 6:00 - 9:00 PMMeeting Location: 88 Queens Quay West, TorontoRoom: 29th Floor
January TASK
This month we welcome Apurva Kumar and Jeremy Richards as they discuss the Dark Caracal espionage investigation, announced on January 18 at https://blog.lookout.com/dark-caracal-mobile-apt. Lee Kagan will also join us with a tech talk on C2 tradecraft and design.We have a new meeting location. Don't forget to mark the new address: 29th Floor, 88 Queens Quay West, Toronto.As always, TASK is free, registration is not required to attend, and we invite you to bring your friends and colleagues.Any questions email info@task.to. We look forward to seeing you there!
Apurva Kumar & Jeremy RichardsDark CaracalLookout and Electronic Frontier Foundation (EFF) have discovered Dark Caracal, a persistent and prolific actor running a global espionage campaign against military personnel, enterprises, medical professionals, lawyers, journalists, educational institutions, and activists.Dark Caracal has operated a series of multi-platform campaigns starting from at least January 2012, according to our research. The campaigns span across 21+ countries and thousands of victims. Types of data stolen include documents, call records, audio recordings, secure messaging client content, contact information, text messages, photos, and account data. We believe this actor is operating their campaigns from a building belonging to the Lebanese General Security Directorate (GDGS) in Beirut.This talk will cover the investigation and findings of the months-long investigation.
Lee KaganCommand and Conquer: Red Alert - C2 tradecraft and designAn analysis of various C2 infrastructure design concepts for pentesters, red teams, and threat actors.This presentation will examine the many options available when building and operating a command and control (C2) infrastructure. From the simple to the complex, Lee will cover topics such as design choices made by notable aggressors, differences in requirements between pentesters, red teams, and threat actors, other implementation considerations, OPSEC, and defensive measures. There will also be a video demonstration of a C2 in action.
Meeting Location: 29th Floor - 88 Queens Quay West, Toronto.