We’re about to do an incident response test, and our organization is, well, skeptical. I’ve been tasked with finding some documentation of how an organization was infected and the end result. They were hoping from to see something from the initial infection – like someone stupidly downloaded a file – to the end result. Anybody know where I can find something like this? I’ve been Googling like crazy, but haven’t found anything other than vague articles.