As ESXi virtualization environments face an escalating onslaught of ransomware threats, this presentation draws from experiences gained by Truesec in handling several incidents involving ESXi ransomware, such as Akira, AlphV, and Trigona. The threat landscape has evolved, with ESXi ransomware becoming a staple tool for various threat actors. Topics of interest include, but are not limited to: Threat Intelligence: An exploration of the evolving landscape of ESXi ransomware threats, insights into different strains, and the integration of ransomware as a standard tool for numerous threat actors. Additionally, a discussion on how the leaked source code from Babuk has reshaped the threat landscape. Malware Analysis: In-depth examinations of ESXi ransomware strains, encompassing code analysis, behavioral patterns, and evasion techniques. Incident Response: Case studies and lessons learned from real-world ESXi ransomware incidents. Forensic Analysis: Insights into forensic methodologies tailored for ESXi ransomware investigations. Protection: How can customers protect their VMware platforms against these attacks? Insight into Exploitation: Explorations into the methods and vulnerabilities exploited by ransomware actors, with a specific emphasis on understanding attack vectors, exploitation techniques, and vulnerabilities within ESXi environments. The presentations aim to contribute to the collective effort to fortify defenses and mitigate the impact of ESXi ransomware incidents, with a particular focus on enhancing threat intelligence capabilities.
Anders Olsson is VMware VCDX #182, and has 15 years of experience designing and implementing VMware environments. Now he focuses on vSphere security, helping customers protect against Ransomware attacks and breaches, both proactively and in incident response cases.
Nicklas Keijser is a Threat Research Analyst, a role that involves much reverse engineering and looking into all things malware. Nicklas is also a subject matter expert in industrial control systems and anything related to its security. He started his career programming PLCs, SCADA systems, and almost anything else possible within the industry. Before joining Truesec, Nicklas worked at the Swedish National CERT in the Swedish Civil Contingencies Agency.
About Security Fest 2024
Join us on May 30-31
This summer, Gothenburg will become the most secure city in Sweden! We’ll have two days filled with great talks by internationally renowned speakers on some of the most cutting edge and interesting topics in technical information security! Our attendees will learn from the best and the brightest, and have a chance to get to know each other during the lunch, dinner, breaks in the sponsor area and of course the awesome after-party!
Please note that you have to be at least 18 years old to attend.
Highlights of Security Fest
Interesting IT security talks by renowned speakers
Breakfast sandwich, lunch and Thursday’s dinner included
Great CTF with nice prizes
Awesome party!
0:00:00 Low-res stream copy
0:12:08 Full-res recording
[ad_2]
source
