Save the Date! Security Operations and Awereness: APT, Web Apps and Indicators of Compromise

Save the Date! Security Operations and Awereness: APT, Web Apps and Indicators of Compromise

It’s with great pleasure that we’d like to announce to you that CYNET-CSIRT is organizing a Cyber Drill, with collaboration with silensec, on Friday 9th and Monday 12th of April 2021.

It is important that you all register on the platform (see below) by Wednesday 7th April, so that we will be all set and ready to start working on the Drill on Friday.

Scenario Description

Data theft is becoming an increasingly lucrative enterprise throughout the country. We don’t know whether a single APT is behind this or numerous opportunists trying to bank on this unknown drive for purchasing personal information acquired through security breaches. One thing is for certain; organizations that weren’t such attractive targets now shine like diamonds in a bag of coal.

XCallCenter, has been caught off guard by constant attacks on its infrastructure and its stakeholders are increasingly worried that they have been targeted by unknown assailants. The IT department has taken appropriate steps to ensure visibility throughout the network, but lack the knowledge to understand and respond to security incidents. Your team of experts has been called in to manage the monitoring and incident response of the organization until a suitable replacement can be found.

Attacks will start taking place once the scenario commences and will be split into numerous missions that would require investigation.

Technologies used:

  • ELK/Wazuh
  • Windows and Linux Systems

Knowledge and skills challenged in this scenario:

  • Detect Indicators of Compromise
  • Identify and detect suspicious activity
  • Detect attacks to web applications and system services
  • Report and respond to security incidents