Lessons from the Frontlines: Ransomware Attacks, New Techniques, and Old Tricks

SANS Institute · Beginner ·📋 Product Management ·2y ago

Skills: Security Basics80%PM Basics60%

SANS Ransomware Summit 2023 Lessons from the Frontlines: Ransomware Attacks, New Techniques, and Old Tricks Speakers: Peter O, Cyber Threat Analyst, The DFIR Report Alessandro Di Carlo, Forensics & Product Manager, Certego Srl Ransomware attacks are a constant threat faced by many organizations. In 2022 The DFIR Report continued to observe a number of ransomware-related attacks facilitated by a variety of initial access brokers. This talk will provide practical insights into attack lifecycle trends, initial access detections, new techniques observed and the continued use of familiar tools. We'll share detection opportunities for quick wins on identifying attackers on your network. Explore new and emerging discovery tools, and how detecting the adversary early in the attack lifecycle is key to stopping a ransomware attack unfolding. All details are based on 'Real Intrusions by Real Attackers, The Truth Behind the Intrusion.' It will serve as a practical guide for defenders to understand a typical attack. - Initial access by threat actors - Race to compromise, - Attack objectives - Can you detect and respond?, - Who is on your network? - Understanding human behaviours, - Attacker Tooling - New and old discovery techniques View upcoming Summits: http://www.sans.org/u/DuS

Watch on YouTube ↗ (saves to browser)

Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from SANS Institute · SANS Institute · 0 of 60

← Previous Next →

SANS FOR610: Reverse Engineering Malware: Malware Analysis Tools & Techniques

SANS FOR610: Reverse Engineering Malware: Malware Analysis Tools & Techniques

SANS Institute Cybersecurity Training Customer Stories

SANS Institute Cybersecurity Training Customer Stories

SANS Institute UK Cyber Academy

SANS Institute UK Cyber Academy

SANS Institute UK Cyber Academy

SANS Institute UK Cyber Academy

CISSP® Prep Exam, MGT414, by SANS Institute

CISSP® Prep Exam, MGT414, by SANS Institute

SANS Institute's Rob Lee Discusses The OPM.GOV Hack on CNN

SANS Institute's Rob Lee Discusses The OPM.GOV Hack on CNN

Information Security Training from SANS Institute - Student Testimonials

Information Security Training from SANS Institute - Student Testimonials

SANS DFIR NetWars

SANS DFIR NetWars

Hack The Drone - SANS Cyber Academy UK

Hack The Drone - SANS Cyber Academy UK

SANS VetSuccess Immersion Academy

SANS VetSuccess Immersion Academy

SANS Cybersecurity Training, Certifications & Placement for Veterans

SANS Cybersecurity Training, Certifications & Placement for Veterans

The 2015 SANS Holiday Hack Challenge

The 2015 SANS Holiday Hack Challenge

SANS VetSuccess Academy: Hands-on Skills

SANS VetSuccess Academy: Hands-on Skills

SANS VetSuccess Academy Overview

SANS VetSuccess Academy Overview

SANS ICS Security Summit & Training 2017

SANS ICS Security Summit & Training 2017

Exploring the Unknown Industrial Control System Threat Landscape – SANS ICS Security Summit 2017

Exploring the Unknown Industrial Control System Threat Landscape – SANS ICS Security Summit 2017

WannaCry recap, patches, and analysis

WannaCry recap, patches, and analysis

If We’re Doing So Well at Cyber Security, Why Are We Still Doing So Poorly?

If We’re Doing So Well at Cyber Security, Why Are We Still Doing So Poorly?

Graduation Day - SANS HM Gov Cyber Retraining Academy

Graduation Day - SANS HM Gov Cyber Retraining Academy

Incentivizing ICS Security: The Case for Cyber Insurance – SANS ICS Security Summit 2017

Incentivizing ICS Security: The Case for Cyber Insurance – SANS ICS Security Summit 2017

SANS Data Breach Summit & Training 2017

SANS Data Breach Summit & Training 2017

SANS Secure DevOps Summit & Training 2017

SANS Secure DevOps Summit & Training 2017

How Threats Are Slipping In the Back Door - SANS ICS Security Summit 2017

How Threats Are Slipping In the Back Door - SANS ICS Security Summit 2017

SANS Webcast – Continuous Opportunity: DevOps & Security

SANS Webcast – Continuous Opportunity: DevOps & Security

SANS Cybersecurity Programs for the Department of Defense

SANS Cybersecurity Programs for the Department of Defense

SANS Pen Test HackFest Summit & Training 2017

SANS Pen Test HackFest Summit & Training 2017

SANS SIEM & Tactical Analytics Summit & Training

SANS SIEM & Tactical Analytics Summit & Training

If We’re Doing So Well, Why Are We Still Doing So Poorly? – SANS ICS Security Summit 2017

If We’re Doing So Well, Why Are We Still Doing So Poorly? – SANS ICS Security Summit 2017

ICS515: ICS Active Defense and Incident Response

ICS515: ICS Active Defense and Incident Response

Introducing the NEW SANS Pen Test Poster

Introducing the NEW SANS Pen Test Poster

SANS Institute - An Inside Look at the Newly Updated ICS515 Course

SANS Institute - An Inside Look at the Newly Updated ICS515 Course

SANS ICS Security Training, Munich, Germany

SANS ICS Security Training, Munich, Germany

SANS Automotive Summit Webcast

SANS Automotive Summit Webcast

Privesc Playground - SANS Pen Test HackFest Summit 2017

Privesc Playground - SANS Pen Test HackFest Summit 2017

Introduction to Reverse Engineering for Penetration Testers – SANS Pen Test HackFest Summit 2017

Introduction to Reverse Engineering for Penetration Testers – SANS Pen Test HackFest Summit 2017

Honey, Please Don’t Burn Down Your Office: Fun with Smart Home Automation

Honey, Please Don’t Burn Down Your Office: Fun with Smart Home Automation

SANS Security Operations Summit & Training 2018

SANS Security Operations Summit & Training 2018

Sh*t Happens! (But You Still Need to Drink the Water) – SANS ICS Summit 2018

Sh*t Happens! (But You Still Need to Drink the Water) – SANS ICS Summit 2018

ICS Threat Intelligence: Moving from the Unknowns to a Defended Landscape – SANS ICS Summit 2018

ICS Threat Intelligence: Moving from the Unknowns to a Defended Landscape – SANS ICS Summit 2018

You’re Probably Not Red Teaming (And Usually I’m Not, Either) – SANS ICS Summit 2018

You’re Probably Not Red Teaming (And Usually I’m Not, Either) – SANS ICS Summit 2018

A Sneak Peak at the New ICS410

A Sneak Peak at the New ICS410

Jumping Air Gaps – SANS ICS Summit 2018

Jumping Air Gaps – SANS ICS Summit 2018

Introduction to Linux

Introduction to Linux

Introduction to Malware Analysis

Introduction to Malware Analysis

You’re Probably Not Red Teaming (And Usually I’m Not, Either) Webcast by Deviant Ollam

You’re Probably Not Red Teaming (And Usually I’m Not, Either) Webcast by Deviant Ollam

Hacking your SOEL: SOC Automation and Orchestration – SANS Security Operations Summit 2018

Hacking your SOEL: SOC Automation and Orchestration – SANS Security Operations Summit 2018

Hunting for Post-Exploitation Stage Attacks with Elastic Stack and the MITRE ATT&CK Framework

Hunting for Post-Exploitation Stage Attacks with Elastic Stack and the MITRE ATT&CK Framework

Apples and Oranges?: A CompariSIEM – SANS Security Operations Summit 2018

Apples and Oranges?: A CompariSIEM – SANS Security Operations Summit 2018

SANS Webcast - Perimeter Security and Why it is Obsolete

SANS Webcast - Perimeter Security and Why it is Obsolete

SANS Webcast - Trust No One: Introducing SEC530: Defensible Security Architecture

SANS Webcast - Trust No One: Introducing SEC530: Defensible Security Architecture

The Science of Security: The Psychological Impacts of Security Awareness Programs

The Science of Security: The Psychological Impacts of Security Awareness Programs

How I Pulled Off an Edgy Security Campaign – SANS Security Awareness Summit 2018

How I Pulled Off an Edgy Security Campaign – SANS Security Awareness Summit 2018

Practical Advice for Submitting to Speak at a Cybersecurity Conference

Practical Advice for Submitting to Speak at a Cybersecurity Conference

SANS Webcast - Consuming OSINT: Watching You Eat, Drink, and Sleep

SANS Webcast - Consuming OSINT: Watching You Eat, Drink, and Sleep

SANS Webcast - Zero Trust Architecture

SANS Webcast - Zero Trust Architecture

SANS STX Cyber Range

SANS STX Cyber Range

Part 1 – SANS Institute and Tenable talk about cloud security

Part 1 – SANS Institute and Tenable talk about cloud security

More on: Security Basics

View skill →

HackTheBox - Analytics

HackTheBox - Analytics

AWS Security Agent (Preview) Overview - Frontier Agent for Proactive AppSec | Amazon Web Services

AWS Security Agent (Preview) Overview - Frontier Agent for Proactive AppSec | Amazon Web Services

Amazon Web Services

HOW FRCKN' HARD IS IT TO UNDERSTAND A URL?! - uXSS CVE-2018-6128

HOW FRCKN' HARD IS IT TO UNDERSTAND A URL?! - uXSS CVE-2018-6128

Secure Hash Algorithms Using Python- SHA256,SHA384,SHA224,SHA512,SHA1- Hashing In BlockChain

Secure Hash Algorithms Using Python- SHA256,SHA384,SHA224,SHA512,SHA1- Hashing In BlockChain

Bruteforce 32bit Stack Cookie. stack0: part 3 - bin 0x23

Bruteforce 32bit Stack Cookie. stack0: part 3 - bin 0x23

Configure and Deploy AWS Client VPN

Configure and Deploy AWS Client VPN

Related AI Lessons

Building WeRemember in Public — Day 0: Why Another Calendar App?

Learn why building another calendar app is necessary and what problems it aims to solve

Dev.to · Sandro Hu

Google Announces Its Chromebook Successor: The Googlebook

Google announces Googlebook, a successor to Chromebook, with a new OS based on Android, set to launch in the fall

Daring Fireball

Building Connect Freelance — A Trust-Focused Freelance Platform

Learn how to build a trust-focused freelance platform that prioritizes hiring quality over activity, creating a better experience for clients and freelancers

How I rebuilt my SaaS landing page in 6 weeks: Essential lessons for developer founders

Rebuild your SaaS landing page in weeks by applying essential lessons from a developer founder's 6-week project

Dev.to · Zenovay

Pengelolaan Pengguna dan Fasilitas Google Workspace