BlueSky Ransomware - Public Case #19208
BlueSky Ransomware - Public Case #19208
Difficulty:
Easy
Couldn't load pickup availability
This DFIR Lab is based on the public case "SQL Brute Force Leads to BlueSky Ransomware."
To read more about DFIR Labs click here.
You will receive an email within 5 minutes of purchase with instructions on how to activate the lab. Buy now, use anytime within the next 3 months. Enjoy!
Disclaimer
All information in the DFIR Labs and analysis of that information shall be treated as TLP:RED. This classification mandates that the information is not shared publicly or privately without explicit permission from The DFIR Report.
The difficulty of each DFIR Lab case is inherently subjective and may vary based on the participant’s individual skills and experience.
Share

This was the first lab from The DFIR Report. I highly enjoyed going through this investigation and being given a set of data to essentially "go and find the evil." I think the ability to read and follow along is great. I definitely encourage reading the case first and then trying to find the malicious activity on your own; referencing the provided report if you get stuck. This was a great experience and I will be doing more lab scenarios
"I thoroughly enjoyed working on this investigation, and I really appreciated the DFIR team's support in reissuing a Splunk lab as a one-time exception."
I had fun working on this investigation and the DFIR team was really supportive to reissue me a Splunk lab as an one time exception.
I enjoyed this lab. It simulates really well what happens when you do a modern Incident Response and when you are faced with many many different events and need to make some sense out of it.
Can't wait to try out the other labs !
First lab I worked on here on DFIR. Can say it was a great introduction as I had an awesome time navigating myself through this scenario. What makes it even better is that I worked on it with a few friends of mine as we are beginners in DFIR and we completed it after a few hours! Purchase this lab and bring some friends with you so you can all enhance you foundation as analysts!