Latest Hacking,Hacker News for Hackers and Hacking and Secuirty Community

Latest Hacking News for Hacker News for Security Guys

At 2:05pm your log monitoring tool sends an alert to the InfoSec team that a special account named dba_admin was just used. While investigating this alert, at 2:30pm your database administrator calls with information that a database extract of ten thousand records occurred around 2pm. He says this is unusual because no data extract jobs were scheduled at that time. At 2:45pm your web proxy sends an alert to the InfoSec team that someone just tried to access the underground hacker site named Data4Sale.com. After consulting on the information available so far, the Manager of Information Security, the Director of Information Technology, and the Chief Information Security Officer declare an incident. During the Evidence Gathering and Handling phase of the incident response, what is the most important thing to do?

1 min read

Leave a Reply

Your email address will not be published. Required fields are marked *