Rhysida - Vice Society

Rhysida - Vice Society is a blue team lab that falls under the Threat Hunting category and will cover the following subjects: CyberChef, Splunk, ELK, SIEM, Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Collection, Command and Control, Impact.

Learning Objectives

Reconstruct the Rhysida ransomware attack chain, identifying initial access, persistence, C2, and impact using Splunk and CyberChef.

Categories: Threat Hunting.

MITRE ATT&CK Tactics: Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Collection, Command and Control, Impact.

Tools: CyberChef, Splunk, ELK, SIEM.

Difficulty: medium.