A typical incident could have multiple lines of investigation to get a clear understanding and scope of the attack. It is important to capture each of these train of thoughts or hypothesis. Zero day attacks are typical scenarios where multiple approaches with independent short teams need to be run in parallel. Standardized processes are not enough for responding to every security alert. Apart from running […]
The objective is to have a set of standard and common containment and mitigation tasks that gets applied during a response. While handling an adversary it helps to know what all steps we can possibly do and then accordingly take action based on which part of the kill chain the adversary is in. Mitigation tasks Tactical tasks https://atc-project.github.io/react-navigator/ References Strategies to mitigate by ACSC Prioritized […]
Companies need to respond to a data breach in such a way that it’s crystal clear to all related. Lets explore state-of-art remediation practices.
If short on time directly jump to the playbooks section. Summary Any attempt to compromise a system and/or steal information by tricking a user into responding to a malicious message. The most common phishing attacks involve emails armed with malware hidden in attachments or links to infected websites, although phishing can be conducted via other methods such as voicemail, text messages, and social media, too. […]