Artwork

Content provided by Team Cymru. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Team Cymru or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ro.player.fm/legal.
Player FM - Aplicație Podcast
Treceți offline cu aplicația Player FM !

ZScaler’s Brett Stone-Gross on the Tactics of the Dark Angels Ransomware Group (Black Hat Edition)

8:14
 
Distribuie
 

Manage episode 436577377 series 3505151
Content provided by Team Cymru. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Team Cymru or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ro.player.fm/legal.

In our latest special episode of the Future of Threat Intelligence podcast, Brett Stone-Gross, Senior Director of Threat Intelligence at Zscaler, joins us at the Black Hat conference. He shares their uncovering of the largest ransomware payment in history — $75 million — made by a Fortune 50 company to the Dark Angels group.

Brett explains the group's unique approach, which involves stealing vast amounts of data without encrypting files, and their preference for low-volume, high-impact attacks to evade media scrutiny. He also highlights essential cybersecurity measures, such as implementing two-factor authentication and adopting a zero-trust architecture to protect against such threats.

Topics discussed:

  • How the Dark Angels group executed the largest ransomware payment in history, totaling $75 million.
  • How, unlike typical ransomware attacks, the group stole data without encrypting files, exfiltrating approximately 100 terabytes of sensitive information.
  • How their operational model is low-volume, focusing on individual companies to avoid media attention and maintain a low profile.
  • The importance of basic IT hygiene practices, such as two-factor authentication, which are crucial for preventing significant data breaches and ransomware attacks.
  • How implementing a zero-trust architecture can help organizations limit lateral movement and enhance overall cybersecurity defenses against threats.

Key Takeaways:

  • Implement two-factor authentication to enhance security and reduce the risk of unauthorized access to sensitive corporate data.
  • Monitor network traffic for anomalous behavior, especially large data transfers, to quickly identify potential data exfiltration attempts.
  • Adopt a zero-trust architecture to limit lateral movement within your network and ensure users only access necessary resources.
  • Limit user privileges, ensuring that users have only the access necessary for their roles.
  • Stay informed about emerging ransomware trends and tactics to proactively adjust your cybersecurity strategies and defenses.

If you’re interested in Team Cymru’s latest research, download our “Voice of a Threat Hunter 2024” report here: https://www.team-cymru.com/voth2.0

  continue reading

67 episoade

Artwork
iconDistribuie
 
Manage episode 436577377 series 3505151
Content provided by Team Cymru. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Team Cymru or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ro.player.fm/legal.

In our latest special episode of the Future of Threat Intelligence podcast, Brett Stone-Gross, Senior Director of Threat Intelligence at Zscaler, joins us at the Black Hat conference. He shares their uncovering of the largest ransomware payment in history — $75 million — made by a Fortune 50 company to the Dark Angels group.

Brett explains the group's unique approach, which involves stealing vast amounts of data without encrypting files, and their preference for low-volume, high-impact attacks to evade media scrutiny. He also highlights essential cybersecurity measures, such as implementing two-factor authentication and adopting a zero-trust architecture to protect against such threats.

Topics discussed:

  • How the Dark Angels group executed the largest ransomware payment in history, totaling $75 million.
  • How, unlike typical ransomware attacks, the group stole data without encrypting files, exfiltrating approximately 100 terabytes of sensitive information.
  • How their operational model is low-volume, focusing on individual companies to avoid media attention and maintain a low profile.
  • The importance of basic IT hygiene practices, such as two-factor authentication, which are crucial for preventing significant data breaches and ransomware attacks.
  • How implementing a zero-trust architecture can help organizations limit lateral movement and enhance overall cybersecurity defenses against threats.

Key Takeaways:

  • Implement two-factor authentication to enhance security and reduce the risk of unauthorized access to sensitive corporate data.
  • Monitor network traffic for anomalous behavior, especially large data transfers, to quickly identify potential data exfiltration attempts.
  • Adopt a zero-trust architecture to limit lateral movement within your network and ensure users only access necessary resources.
  • Limit user privileges, ensuring that users have only the access necessary for their roles.
  • Stay informed about emerging ransomware trends and tactics to proactively adjust your cybersecurity strategies and defenses.

If you’re interested in Team Cymru’s latest research, download our “Voice of a Threat Hunter 2024” report here: https://www.team-cymru.com/voth2.0

  continue reading

67 episoade

Toate episoadele

×
 
Loading …

Bun venit la Player FM!

Player FM scanează web-ul pentru podcast-uri de înaltă calitate pentru a vă putea bucura acum. Este cea mai bună aplicație pentru podcast și funcționează pe Android, iPhone și pe web. Înscrieți-vă pentru a sincroniza abonamentele pe toate dispozitivele.

 

Ghid rapid de referință