Hunting Human Operated Ransomware Operators | 2020 Threat Hunting & Incident Response Summit
The real threat of ransomware these days lies in "Human Operated Ransomware" attacks, in which we see the deployment of ransomware move to secondary or tertiary objectives. The human operators often focus on enumerating the internal environment in preparation of data exfiltration. By the time the ransomware is deployed, the threat actors have already carried out their initial objectives (and stolen your data!). This talk focuses on finding these operators while they are in your network. Find the operators == stop the ransomware deployment.
Speaker: Ryan Chapman, @rj_chap, Principal Incident Response Analyst, Blackberry; Instructor, SANS Institute
Видео Hunting Human Operated Ransomware Operators | 2020 Threat Hunting & Incident Response Summit канала SANS Digital Forensics and Incident Response
Speaker: Ryan Chapman, @rj_chap, Principal Incident Response Analyst, Blackberry; Instructor, SANS Institute
Видео Hunting Human Operated Ransomware Operators | 2020 Threat Hunting & Incident Response Summit канала SANS Digital Forensics and Incident Response
Показать
Комментарии отсутствуют
Информация о видео
24 октября 2020 г. 11:30:00
00:27:14
Другие видео канала
Investigating WMI Attacks
STAR Webcast: Threat Hunting and the Rise of Targeted eCrime Intrusions
Distributed Evidence Collection and Analysis with Velociraptor - SANS DFIR Summit 2019
SaaS Hunting | 2020 Threat Hunting & Incident Response Summit
CTI Summit Keynote - Cliff Stoll - (Still) Stalking the Wily Hacker
Discover the secrets of a SOC and how to build a Threat Hunting team
Hunting Webshells: Tracking TwoFace - SANS Threat Hunting Summit 2018
What Does my SOC Do?: A Framework for Defining an InfoSec Ops Strategy - SANS DFIR Summit 2016
SANS DFIR Webcast - APT Attacks Exposed: Network, Host, Memory, and Malware Analysis
Incident Response in the Cloud (AWS) - SANS Digital Forensics & Incident Response Summit 2017
Threat Hunting via DNS | SANS@MIC Talk
Threat Hunting and the Rise of Targeted eCrime Intrusions | STAR Webcast
How to Get Promoted: Developing Metrics to Show How Threat Intel Works - SANS CTI Summit 2019
5 Ways Zeek/Bro Gives You Better Data for Incident Response and Threat Hunting
Digital Forensics Truths That Turn Out To Be Wrong - SANS DFIR Summit 2018
Kolide & OSQuery: How to Build Solid Queries and Packs for Detection and Threat Hunting
How to Use and Create Threat Intelligence in an Office 365 World - SANS CTI Summit 2019
The SOC Puzzle: Where Does Threat Hunting Fit? | 2020 Threat Hunting & Incident Response Summit
Kansa for Enterprise scale Threat Hunting w/ Jon Ketchum - SANS DFIR Summit 2020
The Mind of a Hunter: A Cognitive, Data-Driven Approach - SANS Threat Hunting Summit 2017