Chapter 7: Digital Forensic Artifacts and Their Main Sources

We've already learned a lot about human-operated ransomware attacks in general – common tactics, techniques, and procedures leveraged by threat actors, as well as how to collect actionable cyber threat intelligence to speed up our investigations. So, it's high time we focused on the investigation itself.

If you are reading this book, I'm almost sure you've heard about Locard's exchange principle. Want a reminder? Well, alright – the principle is that the perpetrator of a crime will bring something into the crime scene and leave with something from it, and that both can be used as forensic evidence. Sounds familiar, right?

We can bring this principle to our real-life experience and ...

Get Incident Response Techniques for Ransomware Attacks now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Incident Response Techniques for Ransomware Attacks by Oleg Skulkin

Chapter 7: Digital Forensic Artifacts and Their Main Sources

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly