Search
Close this search box.
EMERGENCY INCIDENT RESPONSE
Search
Close this search box.
Get Started

Prepare Your Company for Future Attacks: Threat Actors Webinar

Vivian Lee

Prepare Your Company: That’s a wrap!

Airiam and ThreatLocker wrapped up our final webinar in our Threat Actors series! Art Ocain and Danny Jenkins went in-depth about Royal Ransomware and data exfiltration.

Royal Ransomware

Royal Ransomware is a sophisticated malware that emerged in 2022. The malware quickly gained notoriety due to the unique partial encryption approach that allows the threat actor to choose a specific percentage of data in a file to encrypt, which can help them evade detection. In addition, they also engage in extortion tactics where they threaten to publicly release the data if they do not receive the ransom. In November 2022, Royal Ransomware had 43 new victims with ransoms ranging from $250,000 to $2 million.

Airiam and ThreatLocker have both had extensive experience dealing with Royal Ransomware. While Airiam has focused on pre and post-breach, ThreatLocker has great experience in incident response, particularly in terms of immediate containment and isolating machines during rebuilding.

Data Exfiltration

During the webinar, Danny showed us a data exfiltration attempt using a Rubber Ducky. A Rubber Ducky is a specific type of hardware device used in hacking and penetration testing. A Rubber Ducky is typically used by ethical hackers, security professionals, and penetration testers to automate tasks or exploit vulnerabilities in a target system. It is programmed to mimic keyboard inputs and can perform a wide range of actions, including:

  • Keystroke Injection
  • Malware Deployment
  • Data Exfiltration
  • Automated Tasks
  • Social Engineering

Using the Rubby Ducky, Danny also showed us how ThreatLocker blocked the attempts to hack into the victim computer.

View the Webinar

Thanks to everyone who attended our webinar! If you’d like to view this webinar or our previous ones, please use the links below to view them on YouTube.

TOPIC PARTNER REGISTER
Live Attack Simulation Watch Here
How to Defend Your Company During an Attack Watch Here
How to Rebuild Your Company After an Attack Watch Here
How to Prepare Your Company for Future Attacks Watch Here

Stay notified about upcoming webinars and events with the link below.

New Resources In Your Inbox

Get our latest cybersecurity resources, content, tips and trends.

Other resources that might be of interest to you.

The Grinches Who Stole Data
The Grinches Who Stole Data: Guarding Against Holiday Cyber Attacks He’s a mean one, Mr. Grinch. Cyber grinches are on the prowl, looking to steal more than just your holiday joy. As we exchange festive greetings and share goodwill, it’s crucial to be
Vivian Lee
>>Read More

Office 365 Working with OpenDNS
Office 365 Working with OPENDNS We ran into some issues the other day with our client running Office365. Activation and a few other issues due to OpenDNS Enterprise running on their network. We worked with support and got the full list of domains to wh
Avatar photo
Anthony Lewis
>>Read More

Why Should We Use Virtual San
Why Should I Use VMware Virtual San? I see a lot of questions asking, “Why should we use VMware VSAN?” First, let me give an overly simplistic explanation of what a Virtual SAN does. Virtual SAN uses hard drives or SSDs in group of servers to create a
Avatar photo
Anthony Lewis
>>Read More

130 Buffalo Rd
Suite 103
Lewisburg, PA 17837

(866) 525-8324

Linkedin Youtube

Solutions

Company

Locations

© 2023 All Rights Reserved
Privacy Policy
Master Service Agreement