February 10

Webinar takeaway: A Master Class on IT Security – Roger Grimes Teaches Ransomware Mitigation

Security

0  comments

My key takeaways

  • often ransomeware dwells 8mo-1yr before detection or execution
  • since 1989 AIDS/PC Cyborg Trojan
  • since end 2019 data exfiltration get more and more common with ransomware
  • today access to network is more worry than encrypted files
  • droppers are often not recognized by AV/EDR
  • 2% of revenue is common request for ransom
  • stolen data also be used to attack customers and partners of victim
  • the majority of all malicious data breaches are due to phishing or social engineering
  • Second most is due to unpatched software
  • "Detonation sandbox" for testing potential malicious links
  • Have a ransomware response plan, practice it and stick to it
  • application control programms in audit-only mode may help detect ransomware

Env

additional links

Tags

ransomware, webinar takeaway

You may also like

Event takeaway: Deutscher IT-Security Kongress

My key takeaways hardening backup systems is key disconnected from the AD designed in a way, that it may continue functioning even if all other systems are shut down due to testing and verification of software patches in most B2B environments before rollout, the time a system remains unpatched is prolonged more time for the

Read More
Leave a Comment