Ransomware gangs like Maze dwell in networks for months, stealing data and leaving backdoors before they start dropping ransom notes.
We'll teach you how big-game ransomware gangs operate and showcase common tactics, techniques, and procedures (TTPs) that will help you prepare for an attack.
Then we'll run a step-by-step Maze attack simulation and show you how our IR team would respond using the Varonis alerts that trigger at each and every phase.
Here's an overview of the attack:
- Trick a user into opening an infected Word document
Perform network recon using reverse DNS lookups
Kerberoast a service account that has admin privileges
Find and exfiltrate sensitive files using HTTP POST commands
Deploy the Maze ransomware payload to encrypt files
It’ll be recorded, so if you can’t make it, register and we’ll send you the replay.