EMERGENCY INCIDENT RESPONSE
Get Started

Threat Actor Webinar Recap with ThreatLocker

Avatar photo
webops

Episode Summary

In this episode of The Airiam Podcast, Danny Jenkins from ThreatLocker rejoins Art to rehash the conversation from the webinar. For those weren’t able to attend the webinar, you can watch it here or listen to our webinar recap!

Royal Ransomware Recap

2022 witnessed the emergence of a highly sophisticated malware, Royal Ransomware. Royal Ransomware is a malicious entity distinguishing itself through a distinctive partial encryption method. This method allows threat actors to selectively encrypt a specific percentage of data within files, enabling them to fly under the radar. What adds to the gravity of the situation is the extortion element, as the attackers resort to threats of publicly releasing the encrypted data unless a ransom is paid. As of November 2022, 43 new victims fell prey to Royal Ransomware, facing ransoms ranging from $250,000 to $2 million.

Companies like Airiam and ThreatLocker have encountered Royal Ransomware head-on. Airiam has concentrated efforts on both pre and post-breach strategies, while ThreatLocker boasts significant expertise in incident response, with a focus on immediate containment and machine isolation during the rebuilding process.

Data Exfiltration Recap

In the webinar, Danny demonstrated a data exfiltration attempt using a Rubber Ducky—a specialized hardware device utilized in hacking and penetration testing. A Rubber Ducky mimics keyboard inputs to automate tasks or exploit vulnerabilities within a target system. The good news is that it is typically employed by ethical hackers, security professionals, and penetration testers. Its capabilities include keystroke injection, malware deployment, data exfiltration, automated tasks, and social engineering.

Danny showcased ThreatLocker’s effectiveness in blocking hacking attempts through the Rubber Ducky. This highlighted the crucial role ThreatLocker plays in safeguarding against cyber threats. The platform’s robust defenses demonstrated resilience against the diverse actions a Rubber Ducky can perform. You can imagine the protection against unauthorized access and potential data breaches in real life events.

Conclusion

While this episode was an overview of the detailed demonstration of our webinar, Art and Danny discussed a couple of key details to re-emphasize how easily Threat Actors can get into your systems without proper protection. For more details, watch the webinar or listen to our podcast!

Video Version

Listen to more episodes at www.airiam.com/podcast, on SpotifyApple Podcasts, Google PodcastsAmazon Music, and other podcast platforms.

New Resources In Your Inbox

Get our latest cybersecurity resources, content, tips and trends.

Other resources that might be of interest to you.

Stop Cyber Werewolves: The Importance of Identity Management
Imagine a cybercriminal as a werewolf—a shape-shifting predator that blends into the shadows, hiding its true nature until it strikes. These cyber werewolves use clever tactics to steal your identity and impersonate you, wreaking havoc within your comp
Vivian Lee
>>Read More

How to Recover From a Ransomware Attack with Immutable Backups
Ransomware attacks have been on the rise over the last decade, and businesses have failed to find a one-size-fits-all approach to eliminating the threat. Prevention is better than cure, but with criminal hackers are tenacious and flexibility, it’s not
Jesse Sumrak
>>Read More

AI-Powered Threat Detection in SOC: Tales from the Crypt
Cybersecurity isn’t just about firewalls and patches. It’s a constant battle against threats that lurk in the shadows of your network. In today’s post, we’re cracking open the crypt to share stories from the Security Operations Center (SOC), where AI f
Vivian Lee
>>Read More