Live Red Team vs. Blue Team Intrusion Simulation Using Wizard Spider

Webinar Registration

The Wizard Spider cybercriminal gang dates all the way back to 2016 (a lifetime ago in cyberattack terms!) when they first started attacks with the Trickbot botnet. More currently, Wizard Spider have been seen leveraging Ryuk and Conti ransomware and have taken organizations for tens of millions of dollars. They’ve also, recently, been tied to a “cartel” made up of 3 other cybercriminal gangs, all sharing (to various degrees) infrastructure, victim data & leak sites, and tactics. And just as the sharing of threat intel makes defenses stronger, this sharing of “anti-threat intelligence” of sorts means Wizard Spider and their cartel counterparts are only becoming more effective at their craft.

In this real training for free webinar, you will get to see the Human side of these simulations. We will be running a Live Red vs. Blue Adversary Simulation showing what the attackers do, and critically how you can spot them through Logs, and some basic IR analysis.

Microsoft MVP, Nick Cavalancia takes my seat in this session where he will first discuss:

  • A primer on Wizard Spider and the most notable attacks
  • A look at the tools and tactics they use in their attacks
  • A view of Wizard Spider’s documented TTPs using the MITRE ATT&CK Framework

Nick will be joined by Kev Breen, Director of Cyber Threat Research and Alex Seymour, Lead Threat Researcher – both from Immersive Labs.

Alex, playing the role of Wizard Spider, will use an initial foothold to start exploring, exploiting, and pivoting through the network. Kev, armed only with his wit, a SIEM, and maybe some help from the audience, will have to track what the attacker is doing before the inevitable ransomware arrives on the scene. In this lively back-and-forth simulation, Alex will work to exploit the network while Kev explains what each stage looks like in logs, using some basic IR skills like decoding powershell, until we all run out of time. Kev plans on relying on you as well to offer advice on how to best stop the attack at each step!

This real training for free event will be jam packed with technical detail and real-world application. Register today!

First Name:   
Last Name:   
Work Email:  
Job Title:  

Your information will be shared with the sponsor.

By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us.



Additional Resources