new
Enterprise
Capture The Flag
Defensive
New Threat Range Scenario - Cash Credentials
Cash Credentials simulates a real-world breach that begins when an insider threat sells valid VPN credentials on an underground marketplace. Inspired by compromises attributed to the BlackSuit ransomware gang, this investigation challenges defenders to uncover subtle indicators of compromise, trace attacker activity across the environment, and respond before a ransomware deployment impacts the organization.
Together with your team, you will collaborate to:
- Triage alerts
- Investigate suspicious activity
- Investigate forensic evidence
- Identify the impact to your organization
By completing this scenario, you will gain hands-on experience investigating credential access techniques, tracking attacker movement through Active Directory environments, identifying data theft activity, and responding to a ransomware attack from initial access through impact.
