Hunting Human Operated Ransomware Operators | 2020 Threat Hunting & Incident Response Summit
The real threat of ransomware these days lies in "Human Operated Ransomware" attacks, in which we see the deployment of ransomware move to secondary or tertiary objectives. The human operators often focus on enumerating the internal environment in preparation of data exfiltration. By the time the ransomware is deployed, the threat actors have already carried out their initial objectives (and stolen your data!). This talk focuses on finding these operators while they are in your network. Find the operators == stop the ransomware deployment.
Speaker: Ryan Chapman, @rj_chap, Principal Incident Response Analyst, Blackberry; Instructor, SANS Institute
Видео Hunting Human Operated Ransomware Operators | 2020 Threat Hunting & Incident Response Summit канала SANS Digital Forensics and Incident Response
Speaker: Ryan Chapman, @rj_chap, Principal Incident Response Analyst, Blackberry; Instructor, SANS Institute
Видео Hunting Human Operated Ransomware Operators | 2020 Threat Hunting & Incident Response Summit канала SANS Digital Forensics and Incident Response
Показать
Комментарии отсутствуют
Информация о видео
24 октября 2020 г. 11:30:00
00:27:14
Другие видео канала
![Investigating WMI Attacks](https://i.ytimg.com/vi/aBQ1vEjK6v4/default.jpg)
![STAR Webcast: Threat Hunting and the Rise of Targeted eCrime Intrusions](https://i.ytimg.com/vi/Yk013i_oo9s/default.jpg)
![Distributed Evidence Collection and Analysis with Velociraptor - SANS DFIR Summit 2019](https://i.ytimg.com/vi/u7KBwgHIZ3U/default.jpg)
![SaaS Hunting | 2020 Threat Hunting & Incident Response Summit](https://i.ytimg.com/vi/boW-yAArbTo/default.jpg)
![CTI Summit Keynote - Cliff Stoll - (Still) Stalking the Wily Hacker](https://i.ytimg.com/vi/1h7rLHNXio8/default.jpg)
![Discover the secrets of a SOC and how to build a Threat Hunting team](https://i.ytimg.com/vi/7S8V9LumQG0/default.jpg)
![Hunting Webshells: Tracking TwoFace - SANS Threat Hunting Summit 2018](https://i.ytimg.com/vi/GjquFKa4afU/default.jpg)
![What Does my SOC Do?: A Framework for Defining an InfoSec Ops Strategy - SANS DFIR Summit 2016](https://i.ytimg.com/vi/rg018yqdqSQ/default.jpg)
![SANS DFIR Webcast - APT Attacks Exposed: Network, Host, Memory, and Malware Analysis](https://i.ytimg.com/vi/r9Ctji9djxI/default.jpg)
![Incident Response in the Cloud (AWS) - SANS Digital Forensics & Incident Response Summit 2017](https://i.ytimg.com/vi/VLIFasM8VbY/default.jpg)
![Threat Hunting via DNS | SANS@MIC Talk](https://i.ytimg.com/vi/144uhgJE3mg/default.jpg)
![Threat Hunting and the Rise of Targeted eCrime Intrusions | STAR Webcast](https://i.ytimg.com/vi/yOAT5n0Pbic/default.jpg)
![How to Get Promoted: Developing Metrics to Show How Threat Intel Works - SANS CTI Summit 2019](https://i.ytimg.com/vi/-d38C3992aQ/default.jpg)
![5 Ways Zeek/Bro Gives You Better Data for Incident Response and Threat Hunting](https://i.ytimg.com/vi/HRwwbkmiOaw/default.jpg)
![Digital Forensics Truths That Turn Out To Be Wrong - SANS DFIR Summit 2018](https://i.ytimg.com/vi/gTNo7bv1GZ0/default.jpg)
![Kolide & OSQuery: How to Build Solid Queries and Packs for Detection and Threat Hunting](https://i.ytimg.com/vi/1yRy94rBUU8/default.jpg)
![How to Use and Create Threat Intelligence in an Office 365 World - SANS CTI Summit 2019](https://i.ytimg.com/vi/bznFYWcUjtc/default.jpg)
![The SOC Puzzle: Where Does Threat Hunting Fit? | 2020 Threat Hunting & Incident Response Summit](https://i.ytimg.com/vi/Ut1t_n6NPQE/default.jpg)
![Kansa for Enterprise scale Threat Hunting w/ Jon Ketchum - SANS DFIR Summit 2020](https://i.ytimg.com/vi/ZyTbqpc7H-M/default.jpg)
![The Mind of a Hunter: A Cognitive, Data-Driven Approach - SANS Threat Hunting Summit 2017](https://i.ytimg.com/vi/bn8lFTledwg/default.jpg)