The challenge of defending an organization against rapidly evolving, increasingly complex cyberthreats can be considerable. Adversaries continuously adapt and evolve their behavior and toolsets, leverage new vulnerabilities and misuse everyday IT tools to evade detection and stay one step ahead of security teams.
It can be hard for an organization’s IT and security operations professionals Cyberattacker to keep up with the latest approaches used by adversaries. Particularly when it comes to targeted, active attacks that involve more than one perpetrator, such as an initial access broker (IAB) breaching a target and then selling that access on to a ransomware gang for use in their attack.
The Active Adversary Playbook 2022 details the main adversaries, tools and attack behaviors seen in the wild during 2021 by Sophos’ frontline incident responders. It follows on from the Active Adversary Playbook 2021 and shows how the attack landscape continues to evolve.
The aim is to help security teams understand what adversaries do during attacks and how to spot and defend against such activity on their network.
To read full download the whitepaper:
Cyberattacker behaviors, tactics and tools seen on the frontline of incident response during 2021