Top Banner
53

ApistekPassword Stealer 2nd Attack: Ransomware Exploit Kit KIT 9 KS) C YPOBHA 6e30nacgocrg PO c0061.uaer o cepbe3Hbtx '-t3MeHeH1tm ogeHEH peH0Me 6aHEOBCXHX cnyxauuc:.:. E 'Heapegmo

Feb 03, 2021

Download

Documents

dariahiddleston
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
  • TRADITIONAL STATIC SECURITY APPROACHES

    AND ARCHITECTURES BASED ON SECURITY CONTROLS, PREVENTATIVE TECHNOLOGIES AND PERIODIC STRATEGY REVIEWS ARE NOW OUTDATED

    File to Fileless

    Abnormal to Normal

    Malicious to Neutral

  • 12

    • Invisible Attacks

    • VPN, AD, PtH, PtT

    • Invisible Network Traffic

    • Google Drive, Dropbox

    • Invisible Malware

    • Task schedule, Wmi , Powershell

    Low visibility of Cyber Threats

  • 30

  • 34

    • https://www.facebook.com/HITCON/videos/1245856318779021/

  • 資安問題本質上是一個風險問題

  • The target will always be a target, so we should coexist with the threat, and deal with the cyber investigation more adaptively and effectively.

  • 42

    An Intelligence-Driven Approach to Cyber Defense

    https://hitcon.org/2016/pacific/agenda.htm

  • 45

    ATT&CK Matrix

    https://attack.mitre.org/

  • ATT&CK Groups

    https://attack.mitre.org/

  • 47

    Structured Threat Information eXpression

  • 49

    Machine-readable threat intelligence

    Not able to generate IOCs

    able to generate IOCs

    Closed threat intelligence(organization)

  • Thank YouFOR LESSENING