Explore a PowerShell-based tool for early detection of ransomware and other attack techniques in this 53-minute conference talk from SecureWV/Hack3rcon 2016. Learn about SUSpect's functionality, its potential drawbacks, and why it's crucial to understand ransomware threats. Delve into topics such as the persistence of ransomware, common vulnerabilities like missing patches and phishing, and the importance of whitelisting. Gain insights into character distribution analysis, metadata examination, and process monitoring. Discover how SUSpect can help bolster your cybersecurity defenses and stay informed about emerging threats in the ever-evolving landscape of digital security.
SUSpect - A PowerShell Based Tool to Provide Early Detection of Ransomware and Other Attacks
via YouTube
Overview
Syllabus
Intro
Ransomware
SUSpect
Help
How it works
Why shouldnt you be using it
Ransomware is bad
Dont pay it
Ransomware wont go away
Multiple problems
Missing patches
Fishing
Whitelisting
Questions
Character Distribution
Blog Post
Metadata
GetProcess
Recurse
Release date
Notifications