Subscribe
Part of the AvengerCon V presentations cleared for public release: Over the past year, ransomware gangs have increasingly turned to otherwise legitimate information security tools and a variety of automation scripts to carry out post-exploitation lateral movement, data exfiltration and defense evasion, among other tasks. Recent data on attacks by Dharma “affiliate” actors takes this to the extreme—the attackers used a “toolbelt”of packaged tools and scripts to automate their attacks. Other ransomware gangs, including Ryuk and LockBit, have also increasinglyused tools originally developed for penetration testing. In this presentation, I’ll review the most commonly used tools and frameworks, and review the way they’re used by ransomware attackers.
AvengerCon is a free security event hosted every fall by Maryland Innovation and Security Institute to benefit the hackers of the U.S. Cyber Command community and the U.S. Army 780th Military Intelligence Brigade. The event is open to all service members and employees of U.S. Cyber Command and Department of Defense personnel supporting cyberspace missions. AvengerCon features presentations, hacker villages, training workshops, and much more.
The event is open to all service members and employees of U.S. Cyber Command and Department of Defense, and related partners supporting cyberspace missions.
| Date Taken: | 12.01.2020 |
| Date Posted: | 10.20.2022 14:30 |
| Category: | Series |
| Video ID: | 861457 |
| VIRIN: | 201201-O-PX639-250 |
| Filename: | DOD_109279017 |
| Length: | 00:22:03 |
| Location: | US |
| Downloads: | 3 |
| High-Res. Downloads: | 3 |
This work, Ransomware by the numbers- script-driven attacks by Dharma RaaS actors (and others), presented by Sean Gallagher, by Steven Stover, identified by DVIDS, must comply with the restrictions shown on https://www.dvidshub.net/about/copyright.
