THREAT INTELLIGENCE Tryhackme Writeup

This is a Writeup of Tryhackme room “THREAT INTELLIGENCE”

Room link: https://tryhackme.com/room/threatintelligence
Note: This room is Free

Task 1: Understanding a Threat Intelligence blog post on a recent attack

THREAT INTELLIGENCE: SUNBURST

This lab will try to walk an SOC Analyst through the steps that they would take to assist in breach mitigations and identifying important data from a Threat Intelligence report.

Lets try to define some of the words that we will encounter:

Red Team Tools: Red team tools are a set of programs that offensive security teams will use in pentesting engagements to assist a company in determining flaws in their procedures, policies, frameworks, tools, configurations, and workflows. A Red Team may try to crack user passwords, takeover company infrastructure like apis, routers, firewalls, IPS/IDS, Printer servers, Mail Servers, Active Directory Servers, basically ANYTHING they can get their digital hands on. Some common frameworks and OS used to study for Sec+/Sans/OSCP/CEH include Kali, Parrot, and metasploit

APT: Advanced Persistant Threat is a nation-state funded hacker organization which participates in international…