Overview
Explore the multi-faceted threat of ransomware in this 27-minute conference talk from BSidesSF 2022. Delve into recent ransomware campaigns, encryption techniques, and the historical context of attacks like WannaCry. Examine the ransomware kill chain, including attack schemes, macro execution, privilege escalation, and malware deployment. Learn essential mitigation strategies, such as identifying suspicious file extensions, and discover key preparation techniques to bolster your organization's defenses against this pervasive cybersecurity threat.
Syllabus
Intro
Recent Ransomware Campaigns
Ransomware...
Encryption
Ransomware History...
WannaCry Code Sample
Ransomware kill chain...
Attack Scheme
Running the Macro establish foothold
Privilege escalation...
Create Ticket to Logon to DC
Deploy and execute Malware
Mitigation
Look for RW File extensions
How To Prepare
Key takeaways
Taught by
Security BSides San Francisco