Threat Update 51 – LockBit and Insider Threats for Hire
Organizations face threats from all sides – both external attackers trying to get in, and internal “trusted” employees going rogue. It was only a matter of time before these two...
Organizations face threats from all sides – both external attackers trying to get in, and internal “trusted” employees going rogue.
It was only a matter of time before these two forces combined. The attackers and associates behind the LockBit 2.0 ransomware are skipping the old tried-and-true infiltration vectors like phishing emails, and simply offering cash for disgruntled insiders to provide credentials that will let attackers in through VPN, RDP, or to corporate email addresses.
Join Kilian and Kyle Roth from the Varonis Incident Response team as they break down some of the details on how LockBit works, provide suggestions on how to spot signs of rogue behavior, and ways organizations can reduce the “blast radius” of a compromised account.
Share this blog post with someone you know who'd enjoy reading it. Share it with them via email,LinkedIn,Reddit, or Facebook.
Kilian EnglertKilian has a background in enterprise security engineering, as well as security solution selling. Kilian is a Certified Information Systems Security Professional (CISSP) and creates internal and public content on topics related to cybersecurity and technology best practices.
Try Varonis free.
Get a detailed data risk report based on your company’s data. Deploys in minutes.
Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.
Threat Update 18 – Sanctions for Ransomware Payments
Kilian Englert
December 24, 2020
Would you consider coughing up the bitcoins if you got hit with ransomware? Better think again, you could potentially end up in more trouble! Click to watch Kilian Englert and...
Threat Update #14 - Post-Ransomware Recovery
Kilian Englert
November 20, 2020
To stop ransomware, every second counts. But once the threat is contained, the race is on to get back up and running after a ransomware incident. Click to watch Kilian Englert...
Threat Update #10
Kilian Englert
October 22, 2020
An alert notifies you that something suspicious is going on. Minutes matter, so you call the Varonis Incident Response team to help. Security investigators must act fast, but where do...
Threat Update 28 – Re-Ryuk’ed & Exchange Zero-Day
Kilian Englert
March 4, 2021
Is it too soon for a 2020 throwback? The Ryuk ransomware gang certainly doesn’t think so! It looks like one of the premiere ransomware-as-a-service groups was not content to rest on their laurels, and it appears they’ve added self-spreading capabilities.