Threat Actor Webinar Recap with ThreatLocker

Avatar photo
webops

Episode Summary

In this episode of The Airiam Podcast, Danny Jenkins from ThreatLocker rejoins Art to rehash the conversation from the webinar. For those weren’t able to attend the webinar, you can watch it here or listen to our webinar recap!

Royal Ransomware Recap

2022 witnessed the emergence of a highly sophisticated malware, Royal Ransomware. Royal Ransomware is a malicious entity distinguishing itself through a distinctive partial encryption method. This method allows threat actors to selectively encrypt a specific percentage of data within files, enabling them to fly under the radar. What adds to the gravity of the situation is the extortion element, as the attackers resort to threats of publicly releasing the encrypted data unless a ransom is paid. As of November 2022, 43 new victims fell prey to Royal Ransomware, facing ransoms ranging from $250,000 to $2 million.

Companies like Airiam and ThreatLocker have encountered Royal Ransomware head-on. Airiam has concentrated efforts on both pre and post-breach strategies, while ThreatLocker boasts significant expertise in incident response, with a focus on immediate containment and machine isolation during the rebuilding process.

Data Exfiltration Recap

In the webinar, Danny demonstrated a data exfiltration attempt using a Rubber Ducky—a specialized hardware device utilized in hacking and penetration testing. A Rubber Ducky mimics keyboard inputs to automate tasks or exploit vulnerabilities within a target system. The good news is that it is typically employed by ethical hackers, security professionals, and penetration testers. Its capabilities include keystroke injection, malware deployment, data exfiltration, automated tasks, and social engineering.

Danny showcased ThreatLocker’s effectiveness in blocking hacking attempts through the Rubber Ducky. This highlighted the crucial role ThreatLocker plays in safeguarding against cyber threats. The platform’s robust defenses demonstrated resilience against the diverse actions a Rubber Ducky can perform. You can imagine the protection against unauthorized access and potential data breaches in real life events.

Conclusion

While this episode was an overview of the detailed demonstration of our webinar, Art and Danny discussed a couple of key details to re-emphasize how easily Threat Actors can get into your systems without proper protection. For more details, watch the webinar or listen to our podcast!

Video Version

Listen to more episodes at www.airiam.com/podcast, on SpotifyApple Podcasts, Google PodcastsAmazon Music, and other podcast platforms.

New Resources In Your Inbox

Get our latest cybersecurity resources, content, tips and trends.

Other resources that might be of interest to you.

Setup PTD Email Account in Outlook 2010

PTD Email Account in Outlook 2010 Many people enjoy the freedom a web-based email as it allows you to access your email from any computer. If you would prefer this flexibility we recommend you just use PenTeledata’s webmail interface at http://webmail.
Avatar photo
Anthony Lewis
>>Read More

Teach Your Employees Not to Take the Phishing Bait

Hopefully, your employees know a foreign prince doesn’t really want to send them $1 million, and your systems probably block those types of phishing emails. But is your team prepared to avoid taking the bait as phishing attacks grow more sophisticated?
Avatar photo
Doug Church
>>Read More

Patching in VMware

  VMware is Frequent Attack Target Cybercriminals have been targeting VMware and vCenter more than ever, exploiting newly discovered vulnerabilities with ease. Without high availability redundancies in place to facilitate patching, organizations c
Avatar photo
Art Ocain
>>Read More