In part 2 of the deep dive into CKC7, we look the evidence presented by IOCs. This data can then be instrumental is uncovering adversary activity. Exploits such as keyloggers can provide a big advantage to an intruder by capturing keystrokes in realtime that can reveal passwords. Evidence that one has been installed is a strong IOC. Remote Access Trojans (RAT) and spyware are also evidence of a compromise and can be extremely dangerous. The video concludes with a discussion of social engineering and the various tactics employed from in-person exploits to phishing to phone exploits.
Intro to Cyber Threat Intelligence
The CTI course consists of 12 information-packed modules. CTI is a critical function within any organization that involves roles like analysts, methodologies, tools, teams, and policies. From threat analysis to the Cyber Kill Chain, learn it here.