Found 2 bookmarks
Custom sorting
Event Log Talks a Lot: Identifying Human-operated Ransomware through Windows Event Logs - JPCERT/CC Eyes
Event Log Talks a Lot: Identifying Human-operated Ransomware through Windows Event Logs - JPCERT/CC Eyes
The difficult part of the initial response to a human-operated ransomware attack is identifying the attack vector. You may already know from recent security incident trends that the vulnerabilities of VPN devices are likely to be exploited, but it often...
#jpcert#EN#2024#event#analysis#windows-events#Log#human-operated#Ransomware
·blogs.jpcert.or.jp·
Event Log Talks a Lot: Identifying Human-operated Ransomware through Windows Event Logs - JPCERT/CC Eyes
Tracing Ransomware Threat Actors Through Stylometric Analysis and Chat Log Examination
Tracing Ransomware Threat Actors Through Stylometric Analysis and Chat Log Examination
I stumbled upon an intriguing concept presented by Will Thomas (BushidoToken) in his blog post titled “Unmasking Ransomware Using Stylometric Analysis: Shadow, 8BASE, Rancoz.” This concept revolves around utilizing stylometry to identify potential modifications in new ransomware variants based on existing popular strains. If you’re interested, you can read the blog post here. (Notably, Will Thomas also appeared on Dark Net Diaries, discussing his tracking of the Revil ransomware.)
#callyso0414#YUCA#medium#EN#2023#ransomware#logs#log#chats#Stylometric#Analysis
·medium.com·
Tracing Ransomware Threat Actors Through Stylometric Analysis and Chat Log Examination