Welcome to this learning module on modern phishing techniques using Windows logs. Phishing is one technique used by attackers at all skill/capability levels. Although defensive measures to detect and prevent phishing have improved, it remains one of the most reliable ways to gain access to a target network.
In this module, we will explore some modern delivery and execution techniques that leverage:
* OneNote attachments
* VHD and ISO images
* encrypted zip files
By the end you will understand common detection and analysis challenges and how to overcome them. You will also gain familiarity with some post-execution behavior of real malware samples.
The events in your SIEM can be found in the following timespan: 11 Feb 2023 - 18 Feb 2023.](https://assets.aceresponder.com/meta/1246cbdc-8b68-4003-bda9-f8a396e9e0c5.png)
Phishing Basics
Prerequisites:
Welcome to this learning module on modern phishing techniques using Windows logs. Phishing is one technique used by attackers at all skill/capability levels. Although defensive measures to detect and prevent phishing have improved, it remains one of the most reliable ways to gain access to a target network.
In this module, we will explore some modern delivery and execution techniques that leverage:
- OneNote attachments
- VHD and ISO images
- encrypted zip files
By the end you will understand common detection and analysis challenges and how to overcome them. You will also gain familiarity with some post-execution behavior of real malware samples.
The events in your SIEM can be found in the following timespan: 11 Feb 2023 - 18 Feb 2023.
Analyst
$17.49
/mo
Explore realistic pre-recorded attacks
Master full-featured defensive platforms
Browser-based challenges and modules
Extended attack videos
Grants access to Analyst content. You can cancel any time by returning to this page and following the cancellation steps.
Defender
$44.49
/mo
Instant fully interactive labs
Hands-on prevention and detection
Master offensive techniques
Security engineering exercises
Highly realistic and dynamic scenarios
Access to all Analyst-level content
Grants access to all Defender content, Analyst content and interactive lab environments. You can cancel any time by returning to this page and following the cancellation steps.