TechTalk
In order to shed some light on the subject, we would like to look at a few facts and figures about ransomware as well as a typical course of attack.
That a compromised mailbox is an extremely unpleasant situation is something everyone should be able to imagine. In a recent case we have investigated, attackers have been particularly clever.
In this article, we will look at artifacts that should always be collected during an incident on a Windows-based system to get the best possible picture of what happened.
In Active Directory, domains are used to emulate organizational structures; a domain is always an organizational unit with a unique name that contains, among other things, specific security policies and settings.
Having previously made a name for itself on the criminal scene by attacking major companies such as Quanta Computer and Invernergy, REvil's latest attack on software company Kaseya and its update service is believed to have affected several hundred companies worldwide.
In the event of an attack, companies should take appropriate countermeasures with professional help. The tool of choice here is Digital Forensics & Incident Response (DFIR).
In addition to the expected IOCs for the ProxyLogon/Hafnium vulnerability, our analysis identified one IOC of another vulnerability.
Log management describes the centralized storage of event logs and the ability to search and analyze this data. The benefits of a solid log management solution are manifold and span different areas.
With Compromise Assessment, the traces of cyber attacks can be detected and, ideally, high damage can be prevented.
CYBER DEFENSE.
MADE IN GERMANY.
Our portfolio
©2024 SECUINFRA GmbH. All rights reserved.