Ransomware Battleground Syya Yasotornrat

No one likes to be told that their baby is ugly. Magnify that sentiment with a multi-billion dollar corporation with a reputation at stake.
THIS is the challenge that ethical hackers face when they are able to breach environments and report it to these businesses. Are they received well? Sometimes yes, and mostly, no. No one is taking anything or charging for the services. It's a hobby for most of these researchers and the thrill of finding vulnerabilities is often a reward in itself.
Case in point: We had an awesome opportunity to speak with Higinio "W0rmer" Ochoa and two of his collaborators, Robert "Rej_ex" Willis and "Wabafet," all members of the research collective, "Sakura Samurai." Sakura Samurai has gained a reputation for successfully breaching multiple high-profile government targets. Most recently, we discuss the story of their involvement with John Deere, as highlighted in the Forbes article by contributer Paul F. Roberts, "Under Scrutiny, Big Ag Scrambles To Address Cyber Risk."
Chat with W0rmer, Regex, Wabafet Below:
Twitter:
W0rmer: @0x686967
Regex: @rej_ex
Wabafet: @wabafet1

We know Ransomware attacks have blown up in recent years and targets are as diverse as the type of attacks. We've discussed the challenges for businesses, small and enterprise, but what about for the public at large? Who is at risk? What percentage of the population is security savvy to know what to look for in attacks or attempts?
This week's Ransomware Battleground chat features special guest, Karen Rhodes, Chief Technologist at Hewlett Packard Enterprise to share her insights and guidance on educating family on friends on the very real threats affecting everyone.
Highlights:
Stay up to date on updates and practice good discipline on scheduling and checking for updatesPassword storage tools may be convenient, but understand the risk if those applications are compromised.ASK FOR HELP

What is it about mainstream entertainment that makes the general population suddenly pay attention? Ransomware has grown exponentially in the last year and though it feels like attacks are daily occurrences, the majority of folks haven't changed behaviors, enacted additional security measures or seem to notice the impact that the headline attacks are a fraction of the overall number of attacks.
This week, Syya and Paul briefly chat on a recent episode of Last Week Tonight where the host, John Oliver, lays out the very real threats that ransomware poses and the repercussions with Ransomware as a Service, Double Extortion and let's cringe together - toys.
Ransomware is Mainstream! But will anything change?

Red team and blue team play an important role in defending against advanced cyber attacks that threaten business communications. In this special episode of Ransomware Battleground, we talk through the flow in incident response per cyber kill chain.
Ransomware Kill Switch™ can be used by the incident response to control/contain the blast radius in real time using the preventive and proactive zero trust approach. However, when the detections failed on zero day exploits, how can you use Ransomware Kill Switch™ in the post exfiltration mitigation phase?
Airgap provides an agentless Anti-Ransomware platform to stop the spread of malware in the enterprise network. Our industry’s first Ransomware Kill Switch™ locks down your most critical network assets at the first indication of compromise with complete control and policy enforcement over the device-to-device and device-to-application communication.

Where does time go when the heat of summer turns up and families can enjoy a little vacation time?
Well hopefully ransomware attacks aren't tied to soaring temperatures because it's looking like over 120% increase in attacks from 2020. No one is immune and it's up to educating the broader population to understand that ANYTHING can be suspect. Even if it's "just" a clickbait website.
Poul Frederiksen and Syya Yasotornrat catch up and let off a little steam on how much hackers really chaps Syya's hide.
It's no longer a question of what is ransomware. The question is now: How many people do you know that has been a victim of ransomware?

Kaseya Ltd. is a Miami-based company that provides software to help other businesses manage their networks. The hackers targeted Kaseya’s virtual systems/server administrator (VSA), a type of software that large companies and technology-service providers use to manage and send out software updates to systems on computer networks. The hacks are caused by cybercriminals who acquired and used zero-day vulnerabilities. What do we know about REvil's behavior pattern in this incident? What can you do when your detection solution failed?
In this episode, we will demonstrate the post-ransomware incident use cases and how you can automate in-network detection and Ransomware incident response to isolate inside the enterprise network.
The integrated Zero Trust enterprise access solution provides organizations an advanced level of visibility and turns every connected endpoint into a Zero Trust endpoint to stop Ransomware lateral movement before they spread.
Hear how our joint solution can provide your organization:
* Advanced Ransomware detection and incident response with of Ransomware Kill Switch™
* Consolidated SOC threat intelligence and analytics
* End to end visibility and intelligence into malware behaviors
Thanks to sponsor Airgap Networks!
Airgap provides an agent-less Anti-Ransomware platform to stop the spread of malware in the enterprise network. Our industry’s first Ransomware Kill Switch™ locks down your most critical network assets at the first indication of compromise with complete control and policy enforcement over the device--device-application communication. Visit them at Black Hat 2021 USA in Vegas or Virtual. For expo passes, contact info@airgap.io.