Embedded Files
Interested in participating in one of the Interoperability Validation Demonstrations?
Participation is encouraged in vendor “Interoperability Validation" sessions, where vendors present how their products fit in the value propositions and use cases, and participants inquire about vendor-agnostic standard interfaces (SBOM, VEX, STIX, OpenC2, etc.). Below are some details about two of the use cases. Additional use case information will be available on the CASP GitHub site [here]. There will be prep sessions for this coming soon. Time the day before the event on Tuesday, 1 April will be allocated to setup and testing. Contact events@oasis-open.org for more information.
Materials for Volt Typhoon (Use Case 1)
Volt Typhoon, a Chinese state-sponsored hacker group, has emerged as a significant threat to critical infrastructure worldwide, particularly in the United States. The group has successfully infiltrated networks of organizations in the Communications, Energy, Transportation Systems, and Water and Wastewater Systems sectors. Volt Typhoon's sophisticated tactics include exploiting outdated edge devices, such as Cisco and Netgear routers, to create a vast botnet for launching attacks.
Their activities are not consistent with traditional cyber espionage; instead, they aim to pre-position themselves on IT networks to enable lateral movement to operational technology assets, potentially for disruptive effects during geopolitical tensions. The group's persistent and adaptive nature, coupled with its ability to evade detection by using legitimate system tools, makes it a formidable adversary in the cybersecurity landscape.
NTLM Elevation of Privilege (Use Case 2)
The Microsoft Outlook NTLM vulnerability (CVE-2023-23397) disclosed in March 2023 was particularly severe, with wide-ranging business implications for organizations that delayed applying the available patches.
The WitchyWashy Zero Day (Use Case 3)
Page updated
Report abuse