Incident Response Techniques for Ransomware Attacks by Oleg Skulkin
Author:Oleg Skulkin
Language: eng
Format: epub
Publisher: Packt Publishing Pvt Ltd
Published: 2022-03-10T00:00:00+00:00
As you can see, analyzing reports from various cyber security companies may provide us with great insights into ransomware affiliates' operations for us to use this CTI to make our IR engagements faster and more efficient.
In the next section, we'll look at how we can collect CTI from the cyber security community.
Community
There are thousands of incident responders worldwide, and of course, some of them like to share their findings from IR engagements. We already looked at some threat research reports, but it usually takes quite a lot of time to create one. Therefore, responders and researchers often use other media to share their findings in a short form. A very popular media platform for such sharing is Twitter.
If you are dealing with a human-operated ransomware attack and you already identified the strain, you may find quite a lot of information on the threat actors, including TTPs. Understanding the threat actor is critical. Usually, certain ransomware affiliates use specific tools and processes during certain stages of the attack life cycle.
Let's start with RagnarLocker ransomware and have a look at the following tweet from Peter Mackenzie, Director of Incident Response at Sophos (https://twitter.com/AltShiftPrtScn/status/1403707430765273095):
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Management Strategies for the Cloud Revolution: How Cloud Computing Is Transforming Business and Why You Can't Afford to Be Left Behind by Charles Babcock(4131)
Ego Is the Enemy by Ryan Holiday(3991)
Offensive Shellcode from Scratch by Rishalin Pillay(3679)
Exploring Deepfakes by Bryan Lyon and Matt Tora(3273)
Robo-Advisor with Python by Aki Ranin(3055)
Learning C# by Developing Games with Unity 2021 by Harrison Ferrone(2876)
Speed Up Your Python with Rust by Maxwell Flitton(2853)
Liar's Poker by Michael Lewis(2812)
Agile Security Operations by Hinne Hettema(2807)
Linux Command Line and Shell Scripting Techniques by Vedran Dakic and Jasmin Redzepagic(2807)
OPNsense Beginner to Professional by Julio Cesar Bueno de Camargo(2806)
Extreme DAX by Michiel Rozema & Henk Vlootman(2791)
Essential Cryptography for JavaScript Developers by Alessandro Segala(2743)
Elevating React Web Development with Gatsby by Samuel Larsen-Disney(2733)
Python for ArcGIS Pro by Silas Toms Bill Parker(2648)
AI-Powered Commerce by Andy Pandharikar & Frederik Bussler(2642)
Incident Response Techniques for Ransomware Attacks by Oleg Skulkin(2628)
Distributed .NET with Microsoft Orleans by Bhupesh Guptha Muthiyalu Suneel Kumar Kunani(2628)
Cryptography Algorithms by Massimo Bertaccini(2627)