Sample The Ransomware Families Using a DFIR Framework


Learn about the different styles and flavors of ransomware with a DFIR spin. Many resources talk about encryption algorithms and speed differences of different ransomware families, but that’s not that relevant to you as a responder.

This talk first presents a framework for the key concepts of ransomware that a responder should know about. We’ll then go through many popular varieties of ransomware and show their differences. The goal is to publish updates as new varieties are detected so that responders can quickly focus on the elements that are important to completing their investigation quickly.