inksec
Has successfully completed 🎉
MarkShell - TA577 Lab
A regional healthcare provider escalated an urgent security incident after an employee reported unexpected background activity detected in routine external communication. Initial triage by the security team uncovered evidence of credential harvesting and unauthorized lateral movement toward critical internal infrastructure, posing a serious risk to patient records and administrative systems.You have been provided with SIEM logs and forensic artifacts collected across multiple affected machines. Your task is to conduct a multi-host investigation, correlating evidence across workstations, servers, and domain infrastructure to reconstruct the full attack chain and determine the extent of the attacker's reach across the network. Splunk Credentials:- User:...
Read More