One Article Review
| Source |  CISCO Talos |
|---|---|
| Identifiant | 6750298 |
| Date de publication | 2022-09-06 08:00:00 (vue: 2022-09-06 14:07:12) |
| Titre | Researcher Spotlight: How Asheer Malhotra looks for \'instant gratification\' in threat hunting |
| Texte | The India native has transitioned from a reverse-engineer hobbyist to a public speaker in just a few years By Jon Munshaw. Ninety percent of Asheer Malhotra's work will never see the light of day. But it's that 10 percent that keeps him motivated to keep looking for something new. The Talos Outreach researcher spends most of his days looking into potential new threats. Many times, that leads to dead ends of threats that have already been discovered and blocked or don't have any additional threads to pull on. But eventually, the “lightbulb goes off,” as he puts it, which indicates something is a new threat the wider public needs to know about. During his time at Talos, Malhotra has spent much of his time looking into cyber attacks and state-sponsored threat actors in Asia, like the Transparent Tribe group he's written about several times. “At some point, I say 'Hey, I don't think I've seen this before.' I start analyzing public disclosures, and slowly start gaining confidence and being able to craft a narrative around the motivations and tactics around a specific threat actor or malware campaign,” he said. In the case of Transparent Tribe, Malhotra's tracked their growth as a major player in the threat landscape in Asia, as they've added several remote access trojans to their arsenal, targeted high-profile government-adjacent entities in India and expanded their scope across the region. When he's not threat hunting, Malhotra also speaks to Cisco customers about the current state of cybersecurity in briefings and delivers presentations at conferences around the world (mainly virtually during the COVID-19 pandemic).  “I always try to find the latest and new stuff to talk about. … I've been honing my skills and trying to speak more confidently publicly, but the confidence is backed up with the right kind of knowledge and the threat intelligence, that's what helps me succeed,” he said. Malhotra is a native of India and spent most of his life there before coming to the U.S. for his master's degree at Mississippi State University. Mississippi was a far cry from everything else he had known up until that point, but he quickly adjusted. “That was the 'Deep South,'” he said. “So there was a culture shock, but the southern hospitality is such a real thing, and it felt very normal there.” Growing up, Malhotra always knew he wanted to work with computers, starting out as a teenager reverse-engineering exploits he'd see others talk about on the internet or just poking at smaller applications. His additional interest in politics and national security made it natural for him to combine the two and focus his research on state-sponsored actors. He enjoys continuing his research in the Indian subcontinent and sees many parallels between the state of security in India and the U.S. “Th |
| Envoyé | Oui |
| Condensat | because he in malhotra the when “i but ninety the these “at “i “that “these “when 2016 able about access across actor actors added additional adjacent adjusted adversaries again all already also always among analyzing any applications are around arsenal asheer asia attack attacker attacks back backed becoming been before being between blocked blog briefings budding burn but buy called campaign campaigns case center cisco collection combine come coming companies competencies computer computers concentration concern conferences confidence confidently continuing contractors covid craft cry culture cumbersome current currently customer customers cyber cybersecurity danger” day days dead deep defenders degree delivers detect different disclose disclosures discovered discoveries don double during education else ends engineer engineering enjoys entertainment entities eventually every everything evolution evolved excitement executives expanded expensive experience exploits extortion famous far fascinating favorite felt files find finds focus following forms framework from gaining gets goal goes government gratification group groups growth had harder has have headlines helps hey high higher him his hobbyist hold honeypots honing hospitality hostage how huge hunting illustration independent india indian indicates infect information innovate instant intellectual intelligence intention interest internet itself jon just keep keeps kind knew know knowing knowledge known landscape latest leads leak learn led leopard level levels life light like lines looking looks lot love made main mainly major make making malhotra malware manifesting manjusaka many mascots” master matured may mind mississippi more most motivated motivation motivations much muddywater munshaw narrative national native natural needs net never new newly normal not now off offices often one open operate operation others out outreach over pacific paid pandemic parallels percent player point poking politics poop” posts potential potentially present presentation presentations procedures profile property public publicly pull puts quickly ransom ransomware real really recent reduce region relies remote research researcher researching reverse right said say says scene science scope security see seeing seen sees several shock since single skills skillsets slowly smaller some something source sources south southern speak speaker speaks specific spends spent sponsored spotlight: start starting state steal sticker stolen stop strike stuff subcontinent succeed such tactics talk talos targeted targets tech techniques technology teenager telemetry that theft there these they thing think threads threat threaten threats time times too top tracked traditional transitioned transparent tribe trojans try trying ttps twitter two types university until variety very victims virtually wanted what which wider will work world worry written years years “and “clear “cow “lightbulb “malware “sexier” “so “that ” growing ” the |
| Tags | Ransomware Malware Threat Guideline |
| Stories | APT 36 |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.