Choose Your Own Adventure Ransomware Response

Embark on an interactive journey through a ransomware incident response scenario in this engaging conference talk from Shmoocon 2020. Experience the high-stakes decision-making process of a cybersecurity professional as you navigate through a simulated attack based on real-world cases. Vote on crucial turning points that shape the investigation, encountering various malware types, potential threat actors, and unexpected twists along the way. Gain valuable insights into digital forensics and incident response (DFIR) techniques, learn about different ransomware variants, and explore the complexities of handling cybersecurity crises. Benefit from the speaker's expertise in log analysis, report creation, and forensic investigation while enjoying a mix of technical knowledge, memes, and bizarre stories from the field. Discover the challenges of reconstructing RDP sessions, analyzing DLLs, and dealing with unexpected findings during incident response.

Introduction
Who am I
Story Time
Incident Response
Voting
Gang Crab
Ryu
Ryu Carta
DLLs
Random MFT
BOTS DLL
RDP Login Event
Mimicats
Mimicats Run
Ticket Process