accent 1 accent 2
CPE Cyber Attack Lab #4

Big Game Ransomware

Mon, August 9 | 3:00 pm ET

Join us to see exactly how a big-game ransomware attack works and how to defend against it in our attack-and-respond simulation! 

Ransomware gangs dwell in networks for months, stealing data and leaving backdoors before they start dropping ransom notes. 

We'll teach you how big-game ransomware gangs operate and showcase common tactics, techniques, and procedures (TTPs) that will help you prepare for an attack.

Then we'll run a step-by-step attack simulation and show you how our IR team would respond using the Varonis alerts that trigger at each and every phase.

If you would like ISC2 CPE credits for attending, please make sure to submit your ISC2 member number in the form.


+1 CPE

Register Now

Here's an outline of how this attack works:

  • Perform network recon using reverse DNS lookups
  • Kerberoast a service account that has admin privileges 
  • Find and exfiltrate sensitive files using HTTP POST commands 
  • Deploy the ransomware payload to encrypt file 

Raphael Kelly 3
Raphael Kelly Datalert Operation Manager, Varonis

Raphael Kelly, GCIH is a Team Lead for the Incident Response and Security Architecture team at Varonis. Raphael has an consulting and automation background with experience in IT infrastructure, Incident Response, and Data Protection. Varonis’ team of security professionals provide complementary Incident Response services to all existing customers. In addition, they work with customers to operationalize the Varonis Data Security Platform and integrate Varonis into the security ecosystem.

"A few months ago, a non-HR user opened up an HR folder that contained sensitive employee salary information. With Varonis, I was able to track down the user and review exactly what they had accessed and changed."

Infrastructure Manager, US Federal Credit Union

Want to see Varonis in action?