Data Breaches

  1. The Anatomy of a Data Breach
    1. Cyber Kill Chain Model
      1. Reconnaissance
        1. Target Identification
          1. Selecting Organizations
            1. Selecting Individuals
              1. Profiling Targets
              2. Information Gathering
                1. Open Source Intelligence (OSINT)
                  1. Social Media Reconnaissance
                    1. Network Scanning
                      1. Domain and DNS Analysis
                    2. Weaponization
                      1. Creating Malicious Payloads
                        1. Malware Creation
                          1. Custom Exploits
                            1. Packing and Obfuscation
                            2. Payload Delivery Mechanisms
                            3. Delivery
                              1. Email-Based Delivery
                                1. Phishing Emails
                                  1. Spear Phishing
                                    1. Business Email Compromise
                                    2. Web-Based Delivery
                                      1. Drive-by Downloads
                                        1. Watering Hole Attacks
                                          1. Compromised Websites
                                          2. Physical Delivery
                                            1. Infected USB Drives
                                              1. Malicious CDs and DVDs
                                              2. Supply Chain Delivery
                                              3. Exploitation
                                                1. Triggering Vulnerabilities
                                                  1. Software Vulnerabilities
                                                    1. Configuration Weaknesses
                                                      1. Human Vulnerabilities
                                                      2. Initial Compromise
                                                      3. Installation
                                                        1. Malware Implantation
                                                          1. Backdoors
                                                            1. Remote Access Tools
                                                              1. Rootkits
                                                              2. Establishing Persistence
                                                                1. Registry Modifications
                                                                  1. Scheduled Tasks
                                                                    1. Service Installation
                                                                  2. Command and Control
                                                                    1. Establishing Communication Channels
                                                                      1. C2 Protocols
                                                                        1. Domain Generation Algorithms
                                                                          1. Encrypted Communications
                                                                          2. Evasion Techniques
                                                                            1. Traffic Obfuscation
                                                                              1. Domain Fronting
                                                                              2. Remote Manipulation
                                                                                1. Issuing Commands
                                                                                  1. Receiving Data
                                                                                2. Actions on Objectives
                                                                                  1. Internal Reconnaissance
                                                                                    1. Network Mapping
                                                                                      1. System Enumeration
                                                                                        1. Data Discovery
                                                                                        2. Lateral Movement
                                                                                          1. Credential Harvesting
                                                                                            1. Pass-the-Hash Attacks
                                                                                              1. Exploiting Trust Relationships
                                                                                              2. Privilege Escalation
                                                                                                1. Exploiting System Flaws
                                                                                                  1. Bypassing Access Controls
                                                                                                    1. Token Manipulation
                                                                                                    2. Data Collection
                                                                                                      1. Sensitive Data Identification
                                                                                                        1. Data Staging
                                                                                                        2. Data Exfiltration
                                                                                                          1. Data Compression and Encryption
                                                                                                            1. Exfiltration Channels
                                                                                                              1. Timing and Volume Control

                                                                                                        Previous

                                                                                                        1. Fundamentals of Data Breaches

                                                                                                        Go to top

                                                                                                        Next

                                                                                                        3. Causes and Sources of Data Breaches