• Online, Self-Paced

In this 1 hour training event with James we will discuss:

  • How We Got Here - The underlying causes that lead to systemic vulnerabilities.
  • Intrusion Kill Chain Overview - Introduction to the common model used to analyze attacks.
  • The Target Breach - What was stolen.
  • Intrusion Kill Chain Attack Analysis - Reviewing the steps, reasons and methods, used by the attacker.

Identifying Target's missed opportunities and lessons learned.

  1. Reconnaissance - Learning about Target and attack vector determination.
  2. Weaponize - Packaging malware for delivery.
  3. Deliver - Getting the malware installed on target.
  4. Exploit - Scraping RAM and capturing data.
  5. Install - Maintaining access and installing BlackPOS malware on POS terminals.
  6. Command and Control - Communication with malware by attackers.
  7. Action - How credit card data was exfiltrated.

Learning Objectives

  1. Satisfy Annual Role Based Security Training Requirements
  2. Enhance awareness of IT and/or cyber security issues, threats and solutions.

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Targets
  • Threat Analysis
  • Vulnerability Assessment and Management

Specialty Areas have been removed from the NICE Framework. With the recent release of the new NICE Framework data, updates to courses are underway. Until this course can be updated, this historical information is provided to give better context as to how it can help you with your cybersecurity goals.