- Incident Management Response and Cyberattack Frameworks
- Phishing Scams
- Point of Sale Breach
- 3rd Party Breach
- Ransomware
-
NIST recommendations for IR (Incident Response):
- Establish formal IR capability
- Create IR policy
- Develop IR plan based on IR policy
- Develop IR procedures
- Establish policies & procedures regarding IR information
- Consider relevant factors when selecting IR team model
-
NIST IR lifecycle:
- Preparation
- Detection & Analysis
- Containment, Eradication & Recovery
- Post-incident activity
-
Types of phishing scams:
- Phishing
- Spear phishing
- Whaling
-
For PoS (Point of Sale) Security, the PCI DSS (Payment Card Industry Data Security Standard) is the main payment card industry info security standard; with the goal to protect cardholder data & sensitive authentication data.
-
Security controls & processes for PCI DSS requirements:
- Build & maintain secure network & systems
- Protect cardholder data
- Maintain vulnerability management program
- Implement strong access control measures
- Regularly monitor and test networks
- Maintain Information Security policy
-
PoS malware examples:
- Alina
- vSkimmer
- Dexter
- FYSNA
- Decebel
- BlackPOS
-
Types of 3rd party breaches
- Cloud-based
- Payment
- JavaScript library
-
Ransomware - malware that infects computer systems, restricting user access; users are told that unless a ransom is paid, access will not be restored.
-
Types of ransomware:
- Crypto
- Locker
- Leakware/Doxware
-
Ransomware attack vectors:
- Phishing
- RDP (Remote Desktop Protocol)
- Software vulnerabilities
- Malicious links
-
Prevention:
- Backup
- Update software & passwords
- Antivirus
- Beware of links
-
Ransomware examples:
- Locky
- WannaCry
- Bad Rabbit
- Ryuk
- Troldesh
- Jigsaw
- CryptoLocker
- Petya
- GoldenEye
- GandCrab