All Articles

Unveiling the Ransomware Arsenal: Identifying and Mitigating Critical CVEs

Posted by Priya R on May 23, 2024 at 12:38am in Blog

Unveiling%20the%20Ransomware%20Arsenal%20Identifying%20and%20Mitigating%20Critical%20CVEs%20(1).png?profile=RESIZE_710x

 

Greetings, esteemed members of the CISO Platform, the premier online community for information security executives. Today, we are honored to host Jendra Chan, Head of Research at Fire Compass, as he delves into the intricate world of cybersecurity vulnerabilities. In this webinar, Jendra will navigate through the labyrinth of six of the most critical CVEs weaponized by ransomware actors in the past three months. By unveiling these vulnerabilities and elucidating strategies for identification and mitigation, Jendra will empower CISOs to fortify their defenses and reduce the risk of ransomware attacks by a staggering 26%. Join us as we embark on a journey to bolster our cybersecurity resilience and safeguard our digital assets.

 

 

Here is the verbatim discussion:

hello everyone welcome to ciso platform the world's leading online community dedicated to information security Executives including cesos cios csos CTO and directors with over 40,000 Global community members today we are excited to have jendra Chan head of research at fire compus joining us in this webinar jendra will Deep dive into six most critical and ransomware weaponized cves published in the last 3 months he will further share how cesos can identify them and immediately decrease the chance of ransomware by 26% thank you for joining us and all right uh let's you know now not only that attackers have now the capability to scan internet in just few days and that's makes it increasingly difficult to you know increasing that makes a life of of a you know Defender increasingly difficult the reason being that if attacker can scan the internet in few days which means your meantime to remediate has drastically decreased from weeks to days in fact uh now how does this automation works I'll just describe in very in few you know words and sentences and I'll try to simplify this by the way this is and when very simplified version of what happens in reality uh now one of the first step that uh attackers to is to create a internet wide scanner now there are various open source tools available uh which if configured properly using expert can be used to scan the whole internet actually within few days and if you put more horsepower more Computing resources within hours in fact uh now this is not an easy task by the way right there are 3 billion ipv4 addresses and there are 65,000 PS which makes it nearly impossible right to scan the whole internet but then the the advantage the attacker has is that they do not scan whole internet on all the ports but they do do it as per you know as per the attack say a one libility which which is being there on a specific framework such as exxi you know VMware which are exposed outside then they have to just scan certain ports only I think few port on all the IPS right and that makes it relatively easier uh task for them okay and in fact actually what attackers do nowadays is that they maintain this database uh you know pre-indexed they keep on crawling and can maintain this database and in some you know raw big data tables uh Big Data you know Solutions so that you know whenever a one liberty comes up uh they can go and just do a search on this and poent find a potential Target right so first step is internet wide scan and index it into the database so that you can search later then the next.

 

Highlights:

The Peril of Ransomware:

  • Ransomware continues to pose a significant threat to organizations worldwide, targeting critical infrastructure and digital assets.
  • Understanding the vulnerabilities exploited by ransomware actors is paramount in crafting effective defense strategies.

Spotlight on Critical CVEs:

  • Jendra will shine a spotlight on six of the most critical CVEs leveraged by ransomware attackers in recent months.
  • These vulnerabilities represent the entry points through which attackers infiltrate organizational networks and initiate ransomware campaigns.

Empowering CISOs:

  • By equipping CISOs with knowledge about these critical CVEs, Jendra aims to empower them to proactively identify and remediate vulnerabilities within their organizations.
  • Rapid vulnerability mitigation is key to reducing the window of opportunity for ransomware actors and thwarting potential attacks.

Strategic Mitigation Approaches:

  • Jendra will elucidate strategic approaches for identifying and prioritizing critical CVEs, enabling CISOs to fortify their cybersecurity posture effectively.
  • By implementing robust vulnerability management practices, organizations can significantly mitigate the risk of ransomware attacks and enhance their overall resilience.

 

As we navigate the complex landscape of cybersecurity threats, knowledge emerges as our most potent weapon against ransomware. By arming CISOs with insights into critical CVEs and actionable mitigation strategies, we pave the path towards a more secure digital future. Let us harness the collective expertise of our community to fortify our defenses, mitigate vulnerabilities, and safeguard our organizations against the perils of ransomware. Together, we can rise to the challenge and emerge stronger in the face of evolving cyber threats.

 

Speaker:

Jitendra Chauhan has over 16+ years of experience in the Information Security Industry in key areas such as Building and Managing Highly Scalable Platforms, Red Teaming, Penetration Testing, and SIEM. He holds multiple patents in Information Security. He loves to visualize problems, solutions and ideas. He is very strong with modelling and inductive learning (he can mentally make math models based on a few examples). He is very passionate about machine learning and its applications, Cyber Security and Micro Services.

https://www.linkedin.com/in/jitendrachauhan/
https://x.com/jitendrachauhan

Views: 32
Tags: ransomeware, riskreduction, jitendrachauhan, cves
E-mail me when people leave their comments –
Follow

You need to be a member of CISO Platform to add comments!

Join CISO Platform

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)
 

 

 

CISO Breakfast at BlackHat Las Vegas 2024!

Aug 8, 2024 from 9:00am to 11:30am
https://docs.google.com/forms/d/e/1FAIpQLSeHr8y6I83L0zPXRew8E8Ut52o4C3_KwgFWTyF4qSy6qRT-lQ/viewform
  • Description:

    We are thrilled to invite you to the CISO Breakfast at BlackHat 2024. 

    CISOPlatform is a community partner for the event which is co-hosted by Silicon Valley Bank, Stage One, First Rays Venture Partners, Latham & Watkins.

     

    Event Details: 

    • Date: Thursday, August 8th,…
  • Created by: pritha
  • Tags: blackhat usa, las vegas, ciso breakfast, usa