May 11

Webinar Takeaway: EMERGENCY WEBCAST: OK, let´s talk about ransomware…

Security

0  comments

My key takeaways

  • 3 types of ransomware
    1. encrypt hard drive
    2. steal files and data and threat to release them
    3. both 1 & 2
  • Ransomware gangs usually have great customer support
    • it has become a serious business
  • It doesn't matter if you consider your organsiation a valuable target, if at least some money could be extorted from you, you will become a target
  • Deception has become essential
    • Attivo Netwoks, Honeypots, Red Canary,....
    • HoneyDocs
    • HoneyAccounts
      • be aware to log in to it so the last login time is not empty!
      • needs to be enabled
  • Use RITA
  • market verticals calling themself "unique" are creating excuses for not doing the "right" thing
  • ransomware deletes all shadow copies using vssadmin pretty often; raccine may help here
  • there is some built-in ransomware protection in Windows, but not enabled by default

Env

additional links

Tags

blue team, deception, ransomware

You may also like

What Fantasy Role-Playing Games Can Teach Us About Cybersecurity Roles

— And why your SOC might actually need a Bard 🐉⚔️ Cybersecurity teams are often compared to armies, fire brigades, or special forces. Personally? I think they’re much closer to a party of heroes in a classic fantasy role-playing game. No matter how many frameworks, SIEMs, or AI tools we summon, defending a digital kingdom

Read More

Ransomware Resilience Starts in the Mind: Overcoming Cognitive Biases and Decision-Making Errors in Cybersecurity

Why We Keep Losing Despite Stronger Security Controls Over the past three years, businesses have almost doubled their confidence in cybersecurity—rising from 32% in 2021 to 54% in 2024 (The Global Cost of Ransomware Study, 2025). Despite this, ransomware’s impact has only grown: 40% of affected companies suffered significant revenue losses, 58% experienced operational downtime,

Read More
Leave a Comment