When the threat group doesn’t leave: Incident response under fire

Автор: SANS Digital Forensics and Incident Response

Загружено: 2025-12-10

Просмотров: 716

Описание: When the threat group doesn’t leave: Incident response under

Eran Liloof, Head of Threat Detection – Vega Security
DFIR Prague 2025

What happens when you face one of the most aggressive, capable, and determined threat group - while they’re still active in the network? This session presents a real-world cyber extortion case where investigators battled a live adversary within a complex environment. Attendees will explore the threat group’s TTPs, a detailed attack timeline, critical containment and forensic challenges, and key incident management dilemmas. Beyond a war story, this deep-dive provides actionable lessons for IR professionals, threat hunters, SOC analysts, and incident managers, offering guidance on avoiding costly mistakes when responding to live, ongoing attacks.

#cybercrime | #dfir

Не удается загрузить Youtube-плеер. Проверьте блокировку Youtube в вашей сети.
Повторяем попытку...

When the threat group doesn’t leave: Incident response under fire

Доступные форматы для скачивания:

Скачать видео

Информация по загрузке:

Скачать аудио

Похожие видео

The art of concealment: How cybercriminals are becoming and remaining anonymous

The art of concealment: How cybercriminals are becoming and remaining anonymous

Mobile device hardening: A forensic comparison of advanced protection programmes in IOS and Android

Mobile device hardening: A forensic comparison of advanced protection programmes in IOS and Android

Extracting the unseen: Real-world RAM acquisition and analysis from Android devices

Extracting the unseen: Real-world RAM acquisition and analysis from Android devices

When to Conduct Structured and Unstructured Threat Hunts

When to Conduct Structured and Unstructured Threat Hunts

Digital forensics and security: Automate audits, investigations and response with AWX and Ansible

Digital forensics and security: Automate audits, investigations and response with AWX and Ansible

One Piece at a Time: A Guide to Building a CTI Program

One Piece at a Time: A Guide to Building a CTI Program

Сложность пароля — это ложь. Вот что на самом деле защищает вас

Сложность пароля — это ложь. Вот что на самом деле защищает вас

Почему спагетти-код лучше чистой архитектуры

Почему спагетти-код лучше чистой архитектуры

Stay Ahead of Ransomware - Threat Hunting for Ransomware and Cyber Extortion

Stay Ahead of Ransomware - Threat Hunting for Ransomware and Cyber Extortion

PDF forensics and authenticity detection

PDF forensics and authenticity detection

What Quantum Safe Is and Why We Need It to Stay Secure

What Quantum Safe Is and Why We Need It to Stay Secure

MacOS telemetry vs EDR telemetry - Which is better?

MacOS telemetry vs EDR telemetry - Which is better?

AI-Powered Ransomware: How Threat Actors Weaponize AI Across the Attack Lifecycle

AI-Powered Ransomware: How Threat Actors Weaponize AI Across the Attack Lifecycle

Dark Web РАСКРЫТ (БЕСПЛАТНО + Инструмент с открытым исходным кодом)

Dark Web РАСКРЫТ (БЕСПЛАТНО + Инструмент с открытым исходным кодом)

Security Concepts

Security Concepts

СЫРЫЕ видео от НАСТОЯЩИХ хакеров

СЫРЫЕ видео от НАСТОЯЩИХ хакеров

How to Hide in Plain Sight: Next-Level Digital Privacy | Ivan Banov at BSidesCache 2025

How to Hide in Plain Sight: Next-Level Digital Privacy | Ivan Banov at BSidesCache 2025

Что такое XDR, EDR и MDR? Разбор расширенного обнаружения и реагирования

Что такое XDR, EDR и MDR? Разбор расширенного обнаружения и реагирования

He Hunts Malware for a living. Here's what he's most afraid of

He Hunts Malware for a living. Here's what he's most afraid of

$12 Миллиардов, Но Бесплатно Для Всех. Что Скрывает GPS?

$12 Миллиардов, Но Бесплатно Для Всех. Что Скрывает GPS?