You're reading from Windows Ransomware Detection and Protection Securing Windows endpoints, the cloud, and infrastructure using Microsoft Intune, Sentinel, and Defender

Product type Paperback

Published in Mar 2023

Publisher Packt

ISBN-13 9781803246345

Length 290 pages

Edition 1st Edition

Languages

Rust

Tools

Azure

Concepts

Cybersecurity

Author (1):

Marius Sandbu

View More author details

Table of Contents (16) Chapters

Preface

1. Part 1:Ransomware Basics

2. Chapter 1: Ransomware Attack Vectors and the Threat Landscape FREE CHAPTER

3. Chapter 2: Building a Secure Foundation

4. Part 2:Protect and Detect

5. Chapter 3: Security Monitoring Using Microsoft Sentinel and Defender

6. Chapter 4: Ransomware Countermeasures – Windows Endpoints, Identity, and SaaS

7. Chapter 5: Ransomware Countermeasures – Microsoft Azure Workloads

8. Chapter 6: Ransomware Countermeasures – Networking and Zero-Trust Access

9. Chapter 7: Protecting Information Using Azure Information Protection and Data Protection

10. Part 3:Assume Breach

11. Chapter 8: Ransomware Forensics

12. Chapter 9: Monitoring the Threat Landscape

13. Chapter 10: Best Practices for Protecting Windows from Ransomware Attacks

14. Index

Why subscribe?

15. Other Books You May Enjoy

Ransomware Attack Vectors and the Threat Landscape

In this chapter, we will start by providing an introduction to what ransomware is, how attacks are carried out, an overview of some of the main attack vectors used by attackers, and how ransomware groups are operated. Then, we will go into a bit more depth on some of the most well-known ransomware groups such as Conti, LockBit, and Sodinoikibi, and how they have historically performed attacks.

Ransomware has many complex forms. In the last 5 years, we have seen ransomware grow even more complex. This calls for a new level of responder to address these threat actors. Therefore, in this chapter, we will get a better understanding of the different attack tactics and how attacks are carried out. This will then be built upon in the upcoming chapters when we go through the different countermeasures to protect from these types of attacks.

In this chapter, we’re going to cover the following main topics:

Ransomware and attack vectors
Attack and extortion tactics
Overview of some ransomware operators
How identity-based attacks are carried out
How vulnerabilities are exploited to launch attacks
How to monitor for vulnerabilities

Understanding these topics can help us respond better and be better prepared. These are all vital pieces of knowledge and skills to have in our tool belt.

You're reading from Windows Ransomware Detection and Protection Securing Windows endpoints, the cloud, and infrastructure using Microsoft Intune, Sentinel, and Defender

Table of Contents (16) Chapters

Ransomware Attack Vectors and the Threat Landscape

Authors (1)

Personalised recommendations for you