Search
Close this search box.

Threat Hunting

If you miss the initial access, there’s often still time to stop the ransomware. This section will go over some detection strategies.

In This Section

The Ransomware Seek and Destroy Mission
The Handoff from IABs to Ransomware Affiliates
Many people don’t understand that there’s more than one group involved in most ransomware attacks. The Initial Access Broker (IAB) gains the initial access and either sells or turns over the compromised system to the ransomware group. Understand how this process works and the tools used in these attacks.
Threat Hunting
Ransomware groups use a combination of third-party programs and Windows-native tools for reconnaissance and lateral movement in a ransomware attack. Learn how ransomware groups use these tools and, more importantly, how organizations can detect and stop them.
Ransomware and Your Active Directory
For many ransomware groups, getting access to Active Directory servers is key to deploying their ransomware. Understand why Active Directory access is so key, what to look for on your Active Directory server for signs of a ransomware attack, and how to harden your Active Directory installation to keep ransomware actors at bay.
Honeypots and Honeyfiles
When deployed and monitored correctly, honeypots and honeyfiles can provide an added layer of security against ransomware attacks. Honeypots can serve as “canaries” in the coal mine warning victims of an imminent ransomware attack.
This Is Your Last Chance
If all other defenses fail, there is one last thing an organization can do to protect themselves from a ransomware attack, if they have the right alerting and automation in place. Deleting shadow copies is an important part of a ransomware attack, but it should also be a red flag to the security team that something bad is about to happen. Learn how to take this seeming failure and turn it into at least a partial win.

Get More Ransomware Tools Directly In Your Inbox

Sign Up To Receive Our Monthly Ransomware Newsletter
Don’t worry, we hate spam too

Download The “How To Prevent Ransomware” Cheat Sheet

Grab this free PDF resource on how to prevent Ransomware

Share This Resource With Others

Embed The “How To Prevent Ransomware” resource on your site or blog using this code.

Is This Your Business?
Get In Touch

Contact Us To Sponsor Your Business Listing & Learn More About The Benfits.

Before You Go!
Sign up to stay up to date with everything ransomware

Sign Up To Receive Our Monthly Ransomware Newsletter
Don’t worry, we hate spam too

Free Download Now &
Stay Ahead In Future

Sign Up To Receive Our Monthly Ransomware Newsletter
Don’t worry, we hate spam too
Share via
Copy link
Powered by Social Snap