Tales from the Dark Side: Episode 8A – Investigating Volt Typhoon
In this captivating episode of Tales from the Dark Side, we investigate a cunning adversary: Volt Typhoon (APT44), a highly sophisticated China-linked advanced persistent threat that has emerged as a significant risk to critical infrastructure worldwide, characterized by stealth, operational discipline, and strategic targeting with a focus on long-term espionage and network persistence.
Using tunneling and living-off-the-land techniques, Volt Typhoon thundered through two major Middle Eastern logistics companies via third-party contractors, then flooded internal networks like a storm surge across operational environments. The attackers gracefully pivoted from IT to OT systems, leveraging legitimate tools and built-in functionalities to evade detection while maintaining persistent access.
Don’t miss this opportunity to dive into advanced threat investigation methodologies, shining a light on how NetWitness behavioral detection performs against such sophisticated attacks, and outlining proven tactics for detection and mitigation to help ensure your critical infrastructure remains unwelcoming to digital storm surges.
WATCH NOW! →
MEET THE SPEAKERS
Stefano Maccaglia
Director, Incident Response
NetWitness
Director, Incident Response
NetWitness
James Sobel
Incident Response
NetWitness
Incident Response
NetWitness
Interested in learning more? Book a meeting today with one of our experts!
BOOK NOW
NetWitness is a pioneering cybersecurity software developer whose products are used by the world’s most security-conscious and sophisticated organizations. NetWitness Platform delivers industrial-strength SIEM, NDR, and EDR capabilities that operate across on-premises, cloud, or hybrid infrastructures, providing a unified set of detection, investigation, and response tools. Threat analysts around the world rely on NetWitness for its robust threat intelligence, deep analytics, guided case management, and built-in response actions.