Hunting Human Operated Ransomware Operators | 2020 Threat Hunting & Incident Response Summit
The real threat of ransomware these days lies in "Human Operated Ransomware" attacks, in which we see the deployment of ransomware move to secondary or tertiary objectives. The human operators often focus on enumerating the internal environment in preparation of data exfiltration. By the time the ransomware is deployed, the threat actors have already carried out their initial objectives (and stolen your data!). This talk focuses on finding these operators while they are in your network. Find the operators == stop the ransomware deployment. Speaker: Ryan Chapman, @rj_chap, Principal Incident Response Analyst, Blackberry; Instructor, SANS Institute
▶︎
Hunting and Scoping A Ransomware Attack
▶︎
The SOC Puzzle: Where Does Threat Hunting Fit? | 2020 Threat Hunting & Incident Response Summit
▶︎
Common misconceptions and mistakes made in Threat Hunting
▶︎
Keynote: Cobalt Strike Threat Hunting | Chad Tilbury
▶︎
Find_Evil - Threat Hunting | SANS@MIC Talk
▶︎
World's Deadliest Computer Virus: WannaCry
▶︎
SANS DFIR Webcast - Incident Response Event Log Analysis
▶︎
SANS Emergency Webcast: What you need to know about the SolarWinds Supply-Chain Attack
▶︎
Attacking AI - Jason Haddix - NDC Security 2026
▶︎
Hunting Threat Actors Using OSINT
▶︎
How The FBI Finds Your REAL IP Address
▶︎
Kansa for Enterprise scale Threat Hunting w/ Jon Ketchum - SANS DFIR Summit 2020
▶︎
5 Cybersecurity Certificates You Should Avoid (Do THIS Instead)
▶︎
Dealing with a Ransomware Attack: A full guide
▶︎
An Introduction to Threat Hunting With Zeek (Bro)
▶︎
The Man Who Outsmarted EVERY Government
▶︎
Putting MITRE ATT&CK™ into Action with What You Have, Where You Are presented by Katie Nickels
▶︎
Dogfighting in a T-38A (1 v 1)
▶︎
ShimCache and AmCache enterprise-wide hunting - SANS Threat Hunting Summit 2017
▶︎