EMERGENCY INCIDENT RESPONSE
Get Started

Threat Actor Webinar Recap with ThreatLocker

Avatar photo
webops

Episode Summary

In this episode of The Airiam Podcast, Danny Jenkins from ThreatLocker rejoins Art to rehash the conversation from the webinar. For those weren’t able to attend the webinar, you can watch it here or listen to our webinar recap!

Royal Ransomware Recap

2022 witnessed the emergence of a highly sophisticated malware, Royal Ransomware. Royal Ransomware is a malicious entity distinguishing itself through a distinctive partial encryption method. This method allows threat actors to selectively encrypt a specific percentage of data within files, enabling them to fly under the radar. What adds to the gravity of the situation is the extortion element, as the attackers resort to threats of publicly releasing the encrypted data unless a ransom is paid. As of November 2022, 43 new victims fell prey to Royal Ransomware, facing ransoms ranging from $250,000 to $2 million.

Companies like Airiam and ThreatLocker have encountered Royal Ransomware head-on. Airiam has concentrated efforts on both pre and post-breach strategies, while ThreatLocker boasts significant expertise in incident response, with a focus on immediate containment and machine isolation during the rebuilding process.

Data Exfiltration Recap

In the webinar, Danny demonstrated a data exfiltration attempt using a Rubber Ducky—a specialized hardware device utilized in hacking and penetration testing. A Rubber Ducky mimics keyboard inputs to automate tasks or exploit vulnerabilities within a target system. The good news is that it is typically employed by ethical hackers, security professionals, and penetration testers. Its capabilities include keystroke injection, malware deployment, data exfiltration, automated tasks, and social engineering.

Danny showcased ThreatLocker’s effectiveness in blocking hacking attempts through the Rubber Ducky. This highlighted the crucial role ThreatLocker plays in safeguarding against cyber threats. The platform’s robust defenses demonstrated resilience against the diverse actions a Rubber Ducky can perform. You can imagine the protection against unauthorized access and potential data breaches in real life events.

Conclusion

While this episode was an overview of the detailed demonstration of our webinar, Art and Danny discussed a couple of key details to re-emphasize how easily Threat Actors can get into your systems without proper protection. For more details, watch the webinar or listen to our podcast!

Video Version

Listen to more episodes at www.airiam.com/podcast, on SpotifyApple Podcasts, Google PodcastsAmazon Music, and other podcast platforms.

New Resources In Your Inbox

Get our latest cybersecurity resources, content, tips and trends.

Other resources that might be of interest to you.

Using an MDR Service vs. Building Capabilities Internally
The Need for Detection and Response Cybersecurity is a top priority for businesses of all sizes due to the constant barrage of attacks. Monitoring system logs, detecting cybersecurity incidents, and responding are important parts of every sophisticated
Vivian Lee
>>Read More

Why SMEs Need to Be Prepared for Ransomware Attacks
Preparing for Ransomware Attacks It seems like ransomware attacks have been continually in the news for the last several years. While we may be inundated with media reports of ransomware attacks targeting critical U.S. infrastructure or government agen
Vivian Lee
>>Read More

Airiam Has Moved to Delafield!
Exciting news—Airiam has a new home! We’ve officially relocated from Hartland to Delafield, bringing the same top-tier cybersecurity and IT services to a new location. Our new address is 2301 Sun Valley Drive, Suite 102, Delafield, WI 53018. Servicing
Vivian Lee
>>Read More