ransomware Archives - Jean-Christoph von Oertzen

Ransomware Resilience Starts in the Mind: Overcoming Cognitive Biases and Decision-Making Errors in Cybersecurity

jean-christoph — Sun, 09 Feb 2025 18:52:45 +0000

Why We Keep Losing Despite Stronger Security Controls Over the past three years, businesses have almost doubled their confidence in cybersecurity—rising from 32% in 2021 to 54% in 2024 (The Global Cost of Ransomware Study, 2025). Despite this, ransomware’s impact has only grown: 40% of affected companies suffered significant revenue losses, 58% experienced operational downtime, […]

The post Ransomware Resilience Starts in the Mind: Overcoming Cognitive Biases and Decision-Making Errors in Cybersecurity appeared first on Jean-Christoph von Oertzen.

Webinar takeaway – Nuclear Ransomware 3.0: We Thought It Was Bad and Then It Got Even Worse

jean-christoph — Wed, 19 Jan 2022 20:26:26 +0000

My key takeaways PC Cyborg AIDS trojan in 1998 => first known ransomware $189 asked as ransom CryptoLocker, 2013 first to ask for Bitcoin "Ransomware 2.0", from 2019 made backups less of a protection the access to the victim becomes the "gold" Todays ransomware workflow stager look around (trickbot) and calling home (C2 server) if […]

The post Webinar takeaway – Nuclear Ransomware 3.0: We Thought It Was Bad and Then It Got Even Worse appeared first on Jean-Christoph von Oertzen.

Event takeaway: Deutscher IT-Security Kongress

jean-christoph — Thu, 07 Oct 2021 19:09:39 +0000

My key takeaways hardening backup systems is key disconnected from the AD designed in a way, that it may continue functioning even if all other systems are shut down due to testing and verification of software patches in most B2B environments before rollout, the time a system remains unpatched is prolonged more time for the […]

The post Event takeaway: Deutscher IT-Security Kongress appeared first on Jean-Christoph von Oertzen.

Webinar takeaway: New Wave of Ransomware Attacks: How did this happen?

jean-christoph — Wed, 09 Jun 2021 19:20:45 +0000

My key takeaways compliance documents are not written by technical people compliance is not about security people tend to meet the minimum, not more GDPR is an accountability framework not a compliance framework "Security is a cost center" a management statement calling for trouble the goal of a VC backed vendor is the best possible […]

The post Webinar takeaway: New Wave of Ransomware Attacks: How did this happen? appeared first on Jean-Christoph von Oertzen.

Webinar Takeaway: EMERGENCY WEBCAST: OK, let´s talk about ransomware…

jean-christoph — Tue, 11 May 2021 17:52:08 +0000

My key takeaways 3 types of ransomware encrypt hard drive steal files and data and threat to release them both 1 & 2 Ransomware gangs usually have great customer support it has become a serious business It doesn’t matter if you consider your organsiation a valuable target, if at least some money could be extorted […]

The post Webinar Takeaway: EMERGENCY WEBCAST: OK, let´s talk about ransomware… appeared first on Jean-Christoph von Oertzen.

Webinar takeaway: A Master Class on IT Security – Roger Grimes Teaches Ransomware Mitigation

jean-christoph — Wed, 10 Feb 2021 21:00:45 +0000

My key takeaways often ransomeware dwells 8mo-1yr before detection or execution since 1989 AIDS/PC Cyborg Trojan since end 2019 data exfiltration get more and more common with ransomware today access to network is more worry than encrypted files droppers are often not recognized by AV/EDR 2% of revenue is common request for ransom stolen data […]

The post Webinar takeaway: A Master Class on IT Security – Roger Grimes Teaches Ransomware Mitigation appeared first on Jean-Christoph von Oertzen.

Webinar takeaway: How to Cover C&C in the MITRE ATT&CK Matrix

jean-christoph — Tue, 17 Nov 2020 16:43:46 +0000

My key takeaways Modern threats are almost impossible to detect by signatures or heuristics command and control channels (C2) now are often using common encryption like https so content analysis is not an option either Well known and legit websites are abused as C2 channels like Google Mail or O365 Even CDNs are used as […]

The post Webinar takeaway: How to Cover C&C in the MITRE ATT&CK Matrix appeared first on Jean-Christoph von Oertzen.