The Human Connection Blog
1 MIN READ
New Cyber Threat Intelligence Lab release!
BenMcCarthy
Immerser
10 months agoToday we have a brand new set of labs related to GhostEngine: Analysis
On May 22, 2024, Elastic Security identified an intrusion set containing several malicious modules and vulnerable drivers used to disable endpoint detection and response (EDR) solutions before deploying a crypto miner.
In this lab, you'll analyze the malware used in this operation and learn about what detections can be implemented for malware that disables internal security solutions.
Who's it for?
These labs are focused on upskilling an increasing the defensive capabilities of the following roles:
- SOC Analysts
- Incident Responders
- Threat Hunters
- Malware Analysts
What are the key takeaways?
- Gaining an understanding of how the malware disables anti-virus and endpoint detection solutions
- Analyze the malware to identify indicators of compromise
Cyber Pro licensed users can access the new collection here.
Published 10 months ago
Version 1.0BenMcCarthy
Immerser
Joined May 30, 2024
The Human Connection Blog
Learn from our passionate experts on a wide range of subjects from Cyber Threat Research to maximizing value with Immersive, plus, hear from our outstanding customers who are keen to share their experiences.