YoVDO

The Great Sandbox Escape

Offered By: nullcon via YouTube

Tags

nullcon Courses Cybersecurity Courses Microsoft Azure Courses Windows Server Courses Active Directory Courses Malware Analysis Courses Ransomware Courses Encryption Courses Endpoint Protection Courses

Course Description

Overview

Explore the evolution of ransomware attacks in this 36-minute webinar presented by Vikas Singh at NULLCON. Delve into the sophisticated techniques employed by cybercriminals, including the novel approach of deploying virtual machines for full-scale ransomware attacks. Learn about the MegaCortex and Snatch ransomware families, their infection methods, and lateral movement strategies. Discover how attackers bypass endpoint protection using various techniques, and understand the Ragnar Locker ransomware's unique approach of leveraging virtual machines. Gain insights into five warning signs that indicate an impending attack, equipping yourself with valuable knowledge to enhance your organization's cybersecurity posture.

Syllabus

Intro
MegaCortex
Snatch From Breach to Encryption . Brute-forced credentials on a Windows Server in Microsoft Azure • Initial access via RDP • Lateral movement to Active Directory domain controller • Surveillance via WMI (for several weeks)
Snatch The Ransomware * Ransomware binary is registered as a service in the Windows Registry (the service is not immediately started)
Robbin Hood Destroying endpoint protection with RE Kill file in 7 ways and kill process - from ring 0; tamper protection is ineffective
Ragnar Locker Preparing the Physical Machine
Ragnar Locker Virtual Machine
Five signs you're about to be attacked 1. You find a network scanner like AngryIP or Advanced Port Scanner


Taught by

nullcon

Related Courses

Unearthing Malicious and Risky OpenSource Packages Using Packj
nullcon via YouTube
Pushing Security Left by Mutating Byte Code
nullcon via YouTube
The Faces of MacOS Malware - Detecting Anomalies in a Poisoned Apple
nullcon via YouTube
Contextomy - Let's Debug Together
nullcon via YouTube
Mind The Gap - The Linux Ecosystem Kernel Patch Gap
nullcon via YouTube