Threat actors continue to leverage ransomware to extort victim organizations. What was once a simple scheme to encrypt target data has expanded to include data disclosure and targeting a victim’s clients or suppliers. Understanding the techniques threat actors use in these attacks is vital to having an effective detection and mitigation strategy.
Phishing is one of the top techniques leveraged in breaches today, and adversaries use it to send malicious attachments to targeted users. PowerShell is a powerful scripting tool that adversaries can exploit to perform recon and run executables. You will detect these adversary techniques and discover ways to mitigate them.
Application shimming is a powerful feature that allows for backward compatibility across different versions of Windows OS. Adversaries manipulate this feature to bypass controls. They also search local file systems for files of interest. Get the skills to detect this behavior and prevent adversaries from setting up shop in your organization.
Kerberos enables secure network communication in Windows environments, while Domain Accounts are a core part of Identity and Access Management. Adversaries can attack both of these and move through an environment largely undetected. Start detecting this covert behavior and begin stopping it in its tracks today.
Once in your environment, adversaries will try to evade your defenses and may rename their code to look like a legitimate executable. They could also encrypt your data with ransomware. Don't let adversaries hold you over a barrel. Get hands-on and learn to detect and mitigate these techniques today.
Adversaries want to understand your environment and will use Remote System Discovery to do so. They can also leverage the same Remote Desktop Protocol (RDP) you'd use to access systems remotely. And, with the right credentials, they can move laterally through your system. Outwit them by detecting and blocking these techniques today.
Many organizations still don't block unknown outbound ports. This allows adversaries to leverage them for command and control activities. Even if you are blocking these ports adversaries can use standard ports with different protocols to avoid detection. Learn how to detect and thwart this command and control behavior to secure your environment.
Cloud storage is fast, affordable, and widely available. Adversaries take advantage of a tool that works well just like we do. It's even better when they can use a cloud storage provider your organization already uses, allowing them to exfiltrate data encrypted via HTTPS to a service that looks like normal traffic. Learn how to detect this today.