Tom Lancaster gave this talk in May 2023 at the Volexity Cyber Sessions.
This talk focuses on two real-world examples of Chinese nation-state attackers using 0-day exploits to compromise firewall devices. The story behind how these attacks were detected and the ensuing investigation process will be explained, giving unique insights into the actions the attackers performed after breaching the target network.