{"id":23300,"date":"2023-11-05T05:22:13","date_gmt":"2023-11-05T13:22:13","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2023\/11\/05\/news-17030\/"},"modified":"2023-11-05T05:22:13","modified_gmt":"2023-11-05T13:22:13","slug":"news-17030","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2023\/11\/05\/news-17030\/","title":{"rendered":"Investigating data exfiltration\u2026"},"content":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/10\/shutterstock_94265683.jpg\"\/><\/p>\n<p><strong>Credit to Author: Angela Gunn| Date: Fri, 03 Nov 2023 17:09:16 +0000<\/strong><\/p>\n<div class=\"entry-content lg:prose-lg mx-auto prose max-w-4xl\" width=\"100%\" height=\"420\">\n<p>On our new Sophos X-Ops video channel, Robert Weiland of the Incident Response team walks viewers through a data-exfiltration investigation, starting with an idea of which system on the affected estate might have been involved with the incident, and ending with an understanding of the tools used by the attacker \u2013 and, crucially, which files were taken. Incident responders (especially those familiar with the Sophos Central console) will feel very much at home. For others, it\u2019s a quick-paced look at the thought process that goes into diving into a data lake and surfacing with treasure.<\/p>\n<p> <span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe loading=\"lazy\" class=\"youtube-player\" width=\"100%\" height=\"420\" src=\"https:\/\/www.youtube.com\/embed\/bWq1S0xr42s?version=3&#038;rel=1&#038;showsearch=0&#038;showinfo=1&#038;iv_load_policy=1&#038;fs=1&#038;hl=en-US&#038;autohide=2&#038;wmode=transparent\" allowfullscreen=\"true\" style=\"\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation\" frameborder=\"0\"><\/iframe><\/span> <\/p>\n<p>Going forward, we\u2019ll be doing video demonstrations and walkthroughs on a regular basis. Subscribe to our Sophos X-Ops video channel to see what else the Incident Response, MDR, Labs, and AI teams are working on. If you\u2019d like to get that information in a different format, bookmark this blog for recaps (and, if you like, commenting capability), and our <a href=\"https:\/\/github.com\/sophoslabs\/video-transcripts\">GitHub video-transcripts repository<\/a> for full (and fully spell-checked by humans, because accuracy in CVEs and code is a good thing) transcripts of each video.<\/p>\n<\/p><\/div>\n<p><a href=\"https:\/\/news.sophos.com\/en-us\/2023\/11\/03\/investigating-data-exfiltration\/\" target=\"bwo\" >http:\/\/feeds.feedburner.com\/sophos\/dgdY<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/10\/shutterstock_94265683.jpg\"\/><\/p>\n<p><strong>Credit to Author: Angela Gunn| Date: Fri, 03 Nov 2023 17:09:16 +0000<\/strong><\/p>\n<p>\u2026and introducing Sophos X-Ops\u2019 new video channel, which provides viewers (and readers too) with a little something extra<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10377],"tags":[129,16771,9053,2593],"class_list":["post-23300","post","type-post","status-publish","format-standard","hentry","category-security","category-sophos","tag-featured","tag-threat-research","tag-video","tag-youtube"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/23300","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=23300"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/23300\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=23300"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=23300"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=23300"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}