all InfoSec news
Incident Response For Common Attack Types
DEV Community dev.to
Incident Response For Common Attack Types
- Brute Forcing
Details:
Attacker trying to guess a password by attempting several different passwords
Threat Indicators:
Multiple login failures in a short period of time
Where To Investigate:
• Active directory logs
• Application logs
• Operational system logs
• Contact user
Possible Actions:
If not legit action, disable the account and investigate/block attacker
- Botnets
Details:
Attackers are using the victim server to perform DDoS attacks or other malicious activities
Threat Indicators:
• Connection …
action actions active directory application attack attacker brute brute forcing directory incident incident response legit login logs operational password passwords period response system threat types