EMERGENCY INCIDENT RESPONSE
Get Started

Threat Actor Webinar Recap with ThreatLocker

Avatar photo
webops

Episode Summary

In this episode of The Airiam Podcast, Danny Jenkins from ThreatLocker rejoins Art to rehash the conversation from the webinar. For those weren’t able to attend the webinar, you can watch it here or listen to our webinar recap!

Royal Ransomware Recap

2022 witnessed the emergence of a highly sophisticated malware, Royal Ransomware. Royal Ransomware is a malicious entity distinguishing itself through a distinctive partial encryption method. This method allows threat actors to selectively encrypt a specific percentage of data within files, enabling them to fly under the radar. What adds to the gravity of the situation is the extortion element, as the attackers resort to threats of publicly releasing the encrypted data unless a ransom is paid. As of November 2022, 43 new victims fell prey to Royal Ransomware, facing ransoms ranging from $250,000 to $2 million.

Companies like Airiam and ThreatLocker have encountered Royal Ransomware head-on. Airiam has concentrated efforts on both pre and post-breach strategies, while ThreatLocker boasts significant expertise in incident response, with a focus on immediate containment and machine isolation during the rebuilding process.

Data Exfiltration Recap

In the webinar, Danny demonstrated a data exfiltration attempt using a Rubber Ducky—a specialized hardware device utilized in hacking and penetration testing. A Rubber Ducky mimics keyboard inputs to automate tasks or exploit vulnerabilities within a target system. The good news is that it is typically employed by ethical hackers, security professionals, and penetration testers. Its capabilities include keystroke injection, malware deployment, data exfiltration, automated tasks, and social engineering.

Danny showcased ThreatLocker’s effectiveness in blocking hacking attempts through the Rubber Ducky. This highlighted the crucial role ThreatLocker plays in safeguarding against cyber threats. The platform’s robust defenses demonstrated resilience against the diverse actions a Rubber Ducky can perform. You can imagine the protection against unauthorized access and potential data breaches in real life events.

Conclusion

While this episode was an overview of the detailed demonstration of our webinar, Art and Danny discussed a couple of key details to re-emphasize how easily Threat Actors can get into your systems without proper protection. For more details, watch the webinar or listen to our podcast!

Video Version

Listen to more episodes at www.airiam.com/podcast, on SpotifyApple Podcasts, Google PodcastsAmazon Music, and other podcast platforms.

New Resources In Your Inbox

Get our latest cybersecurity resources, content, tips and trends.

Other resources that might be of interest to you.

Google Emergency Chrome Security Update
Google has released an emergency Chrome security update for Windows, Mac and Linux to address a high severity zero-day vulnerability that is now being actively exploited. The emergency Chrome update to version 99.0.4844.84 contains a single security fi
Vivian Lee
>>Read More

7 Security Operations Center (SOC) Tools for Advanced Security
Ransomware attacks have tripled since 2020. The average incident now costs businesses $1.85 million, and that number keeps climbing. And while 60% of companies run security operations centers (SOCs), most are flying blind with fragmented tools and silo
Jesse Sumrak
>>Read More

Microsoft Teams is Replacing Skype for Business
You may have heard of Skype, Microsoft’s tool within Office 365 for instant messaging and conferencing. You may even use it in your business today. It is a great tool to communicate and collaborate with people inside and outside of your organization. A
Vivian Lee
>>Read More