One tactic commonly used by REvil is to use system backups to gain access to critical infrastructure and data. Coincidently this same tactic was recently used by the FBI to gain access and take REvil down. A lot can be learned by understanding how REvil maliciously leveraged malware and backup systems to compromise critical systems to protect your organization from future attacks.
During this webinar, Andrew Yeates, ReversingLabs Solutions Architect, will cover how organizations can take an intelligence driven approach to prevent future ransomware attacks like Sodinokibi Revil Ransomware. Andrew will walk through how to analyze, protect and hunt for ransomware to prevent the next attack. You’ll learn:
• How to detect similar ransomware in backup systems, S3 buckets and SMB shares
• How to analyze ransomware samples like Sodinokibi to understand how it behaves
• How to put ransomware intelligence to work through YARA rules to detect future attacks
• How to go on the offensive and hunt for hidden ransomware through advanced search, retrohunt and automated notifications