{"version":1,"type":"rich","provider_name":"Libsyn","provider_url":"https:\/\/www.libsyn.com","height":90,"width":600,"title":"039| Deconstructing the Dukes: A Researcher's Retrospective of APT29","description":"APT29, aka Cozy Bear or the Dukes, is a cyber espionage group whose misdeeds include famously hacking into the DNC servers in the run-up to the 2016 US election. Now, as the subject of MITRE's latest ATT&amp;amp;CK Evaluation, the group is in focus again. The Dukes are familiar to F-Secure's Artturi Lehtio, who extensively researched them in 2015. But hindsight is 20\/20, and Artturi joins the show to discuss how his views on the group have changed since his research.&amp;nbsp; Also in this episode: How APT groups behave after being burned and why the Dukes are different; why calling them a single organization is too strong; and why published APT research has generally dwindled in recent years. Links: Episode 39 transcript The Dukes: 7 Years of Russian Cyberespionage - F-Secure whitepaper MITRE ATT&amp;amp;CK Evaluation: APT29 Operation Ghost - ESET No Easy Breach by Matthew Dunwoody &amp;amp; Nick Carr - DerbyCon 2016 Dukes activity after their &quot;return&quot; in 2016 - Volexity ","author_name":"Cyber Security Sauna","author_url":"https:\/\/www.withsecure.com\/en\/expertise\/podcasts","html":"<iframe title=\"Libsyn Player\" style=\"border: none\" src=\"\/\/html5-player.libsyn.com\/embed\/episode\/id\/14311922\/height\/90\/theme\/custom\/thumbnail\/yes\/direction\/forward\/render-playlist\/no\/custom-color\/88AA3C\/\" height=\"90\" width=\"600\" scrolling=\"no\"  allowfullscreen webkitallowfullscreen mozallowfullscreen oallowfullscreen msallowfullscreen><\/iframe>","thumbnail_url":"https:\/\/assets.libsyn.com\/secure\/item\/14311922"}