mandian: 46% incedent , tiada malware di install.
100% attack, curi credential
Attack lifecylce:
-Initial Recon
-Initial Compromise(laptop, end user device)
-Establish Foothold
-Escalate Privileges
-Internal Recon
-Complete Mission(data theft) (disini baru ada bussiness impact.)
Prevention:
-Malware problem
-Endpoint EPP
-Tactical Intellgigence
-MSSP
Detection Breach
-First Atack, usually malware, tapi lepas breach, human attacker.
- Endpont Detection and Response(EDR)
- Operational Threat Intellignence
-MDR, Manage Detection and REsponse
Fin7
mimikatz
gizmodo
doubleagent
100% attack, curi credential
Attack lifecylce:
-Initial Recon
-Initial Compromise(laptop, end user device)
-Establish Foothold
-Escalate Privileges
-Internal Recon
-Complete Mission(data theft) (disini baru ada bussiness impact.)
Prevention:
-Malware problem
-Endpoint EPP
-Tactical Intellgigence
-MSSP
Detection Breach
-First Atack, usually malware, tapi lepas breach, human attacker.
- Endpont Detection and Response(EDR)
- Operational Threat Intellignence
-MDR, Manage Detection and REsponse
Fin7
mimikatz
gizmodo
doubleagent
No comments:
Post a Comment
Terima kasih