There are so many new variants competing for “market share” of victim networks, that it’s sometimes difficult to determine which one(s) you need to pay closer attention to as the basis for shoring up your defenses. But when the FBI dedicates an entire advisory to a single ransomware gang, you know it’s bad. And that’s exactly what we have in Hive Ransomware.
This strain of ransomware operating using a Ransomware-as-a-Service model has been around since June of 2021. Post initial attack, Hive ransomware attacks typically include a reinfection of either Hive or another ransomware, making it critical that organizations get the detection, investigation, and response correct the first time to bring the victimized network back into a known-secure state.
In this Real Training for Free webinar, 4-time Microsoft MVP, Nick Cavalancia, takes my seat as he first discusses:
- The brief history of Hive Ransomware
- The various initial attack vectors used
- Extortion methods used
- The latest IOC details from the FBI
Next up, you’ll hear from Ted Samuels, Lead Incident Response Consultant, and Nasah Ahmed, Senior Security Solutions Engineer, both from Rapid7. Ted will begin by walking through Hive’s attack pattern and activities to shine a light on detection opportunities throughout the attack lifecycle.
Then Nasah will demonstrate the workflow of this activity using Rapid7’s Threat Command product, showing how the initial alert will populate within the product, how you can use the IOCs shared in the alert to dig deeper within your investigation, and then he will perform response actions leveraging integrated products.
This Real Training for Free session will be chock full of practical, real world content!