11 October 2017

mata api

mandian: 46% incedent , tiada malware di install.

100% attack, curi credential


Attack lifecylce:
-Initial Recon
-Initial Compromise(laptop, end user device)
-Establish Foothold
-Escalate Privileges
-Internal Recon
-Complete Mission(data theft) (disini baru ada bussiness impact.)

Prevention:
-Malware problem
-Endpoint EPP
-Tactical Intellgigence
-MSSP

Detection Breach
-First Atack, usually malware, tapi lepas breach, human attacker.
- Endpont Detection and Response(EDR)
- Operational Threat Intellignence
-MDR, Manage Detection and REsponse




Fin7
mimikatz
gizmodo
doubleagent

No comments:

Post a Comment

Terima kasih