Ransomware for Financial Gain
Threat actors continue to leverage ransomware to extort victim organizations. What was once a simple scheme to encrypt target data has expanded to include data disclosure and targeting a victim’s clients or suppliers. Understanding the techniques threat actors use in these attacks is vital to having an effective detection and mitigation strategy.
5
H
45
m
intermediate
3800
7
2822
Campaign Outline
Spearphishing Attachment and PowerShell
Phishing is one of the top techniques leveraged in breaches today, and adversaries use it to send malicious attachments to targeted users. PowerShell is a powerful scripting tool that adversaries can exploit to perform recon and run executables. You will detect these adversary techniques and discover ways to mitigate them.
Overview
Phishing is one of the top techniques leveraged in breaches today, and adversaries use it to send malicious attachments to targeted users. PowerShell is a powerful scripting tool that adversaries can exploit to perform recon and run executables. You will detect these adversary techniques and discover ways to mitigate them.
Application Shimming and Data from Local System
Application shimming is a powerful feature that allows for backward compatibility across different versions of Windows OS. Adversaries manipulate this feature to bypass controls. They also search local file systems for files of interest. Get the skills to detect this behavior and prevent adversaries from setting up shop in your organization.
Overview
Application shimming is a powerful feature that allows for backward compatibility across different versions of Windows OS. Adversaries manipulate this feature to bypass controls. They also search local file systems for files of interest. Get the skills to detect this behavior and prevent adversaries from setting up shop in your organization.
Kerberoasting and Domain Accounts
Kerberos enables secure network communication in Windows environments, while Domain Accounts are a core part of Identity and Access Management. Adversaries can attack both of these and move through an environment largely undetected. Start detecting this covert behavior and begin stopping it in its tracks today.
Overview
Kerberos enables secure network communication in Windows environments, while Domain Accounts are a core part of Identity and Access Management. Adversaries can attack both of these and move through an environment largely undetected. Start detecting this covert behavior and begin stopping it in its tracks today.
Remote System Discovery and Remote Desktop Protocol
Adversaries want to understand your environment and will use Remote System Discovery to do so. They can also leverage the same Remote Desktop Protocol (RDP) you'd use to access systems remotely. And, with the right credentials, they can move laterally through your system. Outwit them by detecting and blocking these techniques today.
Overview
Adversaries want to understand your environment and will use Remote System Discovery to do so. They can also leverage the same Remote Desktop Protocol (RDP) you'd use to access systems remotely. And, with the right credentials, they can move laterally through your system. Outwit them by detecting and blocking these techniques today.
