The Cybreason Nocturnus Research Team recently released a major threat intelligence research report titled, DeadRinger: Exposing Chinese Threat Actors Targeting Major Telcos.

This new research details the discovery of several previously unidentified attack campaigns targeting the telecommunications industry across Southeast Asia, where several clusters of attack activity were identified and assessed to be the work of several prominent APT groups who are known to conduct operations aligned with the interests of the Chinese government.


About the Webinar

In this webinar, Cybereason's Head of Threat Research, Assaf Dahan, and VP of Security Practices, Mor Levi will walk you through the espionage operations, including:

  • Compromising High-Profile Assets, Stealing Sensitive Information: the attackers behind these intrusions attempted to compromise high-profile assets such as Microsoft Exchange servers, domain controllers (DC) and billing systems which may contain highly sensitive information like Call Detail Record (CDR) data.
  • Multiple Threat Actor Groups Operating in the Interest of China: The three clusters of intrusions identified in the investigation have different degrees of connection to Soft Cell, Naikon APT and Group-3390 -- all groups that are known to operate on behalf of Chinese state interests.
  • Overlaps Between the Intrusions: Cybereason found interesting overlaps among the clusters that could indicate a potential connection or collaboration between the different threat actors.
  • Adaptive, Persistent and Sophisticated Threat Actors: The attackers behind the intrusions appear to be highly sophisticated and adaptive, dynamically responding to mitigations and continuously attempting to evade security measures.
  • Undetected Attacks that Date Back to 2017: During the investigation, Cybereason found forensic evidence that shows the attackers in operation as far back as 2017 without being detected.

Meet The Speakers


Assaf Dahan

Senior Director, Head of Threat Research at Cybereason

Assaf has over 15 years in the InfoSec industry. He started his career in the Israeli Military 8200 Cybersecurity unit where he developed extensive experience in offensive security. Later in his career he led Red Teams, developed penetration testing methodologies, and specialized in malware analysis and reverse engineering.


Mor Levi

Vice President, Security Practices at Cybereason

Mor Levi, Vice President Security Practices at Cybereason Mor Levi has over 8 years of experience in cyber investigations, incident response, and SIEM/SOC management. She began her career as a team leader in the Israeli Defense Force security operation center. Later, she led an incident response and forensics team at one of the big four accounting firms providing services to global organizations.