Defend Against Hacktivist Groups like APT Handala | The Cyber Security Podcast

Описание: Hacktivists don’t need zero-days to hurt you—they weaponize people. Host Lieuwe Jan Koning sits down with Yuri Wit (SOC analyst) and Rob Maas (Field CTO) to dissect APT Handala: how they hunt targets, deliver wipers, and brag about leaks. We map their moves to the Lockheed Martin Kill Chain and turn it into a Zero Trust defense playbook you can actually use—today.

Chapter timestamps
00:00 - 01:40 - Introduction
01:40 - 02:27 - What is APT Handala?
02:27 - 05:27 - Kill Chain Step 1: Reconnaissance
05:27 - 06:43 - Kill Chain Step 2: Weaponization
06:43 - 10:39 - Kill Chain Step 3: Delivery
10:39 - 14:37 - Kill Chain Step 4: Exploitation
14:37 - 17:34 - Kill Chain Step 5: Installation
17:34 - 23:39 - Kill Chain Step 6: Command and control
23:39 - 26:40 - Kill Chain Step 7: Act on objectives
26:40 - 29:35 - How to respond to being hacked
29:25 - 30:22 - Closing notes

Key Topics Covered
• Handala’s playbook: people-centric recon, phishing kits, wipers, boast-and-leak ops.
• Zero Trust counters: deny-by-default egress, newly-registered-domain blocks, hard EDR, passkeys.
• SOC tells: DNS DGA spikes, encrypted C2 on common apps, “human error” as the biggest CVE.
• Comms reality: when openness helps—and when strategic silence limits amplification.

Additional Resources
• ON2IT Zero Trust: https://on2it.net/zero-trust/
• Lockheed Martin Cyber Kill Chain: https://www.lockheedmartin.com/en-us/...
• Tor Project (onion services): https://www.torproject.org/
• Threat Talks hub: https://threat-talks.com/

Guest and Host Links:
Lieuwe Jan Koning (Founding Partner, ON2IT):   / lieuwejan  
Rob Maas, Field CTO, ON2IT:   / robmaas83  
Yuri Wit, SOC Specialist, ON2IT:   / yuriwit  

🔔 Follow and Support our channel! 🔔
===
► YOUTUBE:    / @threattalks  
► SPOTIFY: https://open.spotify.com/show/1SXUyUE...
► APPLE: https://podcasts.apple.com/us/podcast...

👕 Receive your Threat Talks T-shirt
https://threat-talks.com/

🕵️ Threat Talks is a podcast created in collaboration with ON2IT and AMS-IX. Each episode features leading cybersecurity experts sharing real-world insights on emerging threats, trends, and defense strategies — helping organizations stay secure in today’s rapidly evolving digital world.

ON2IT website: https://on2it.net/
AMS-IX website: https://www.ams-ix.net/ams