Sign up to save your podcasts
Or
Share 7MS #472: Interview with Christopher Fielder
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
7MS #472: Interview with Christopher Fielder
Today our good pal Christopher Fielder from Arctic Wolf is back for an interview three-peat! He joins Joe "The Machine" Skeen (a.k.a. Gh0sthax) and I to talk about all things ransomware, including:
-
How the Colonial Pipeline incident may have started from a weak VPN cred with no MFA. Silver lining (?) - they got some of the $ back.
-
Was the federal government's response good enough? What should the government be doing to better handle and manage ransomware?
-
- Common ways ransomware gets in our environments, and some ways to NOT get ransomware'd:
- Use 2FA (make sure that all accounts are using it!)
- Consider having (if possible) your AD user scheme be something like chi-user4920394 instead of Joe.President
- Have users that haven't logged in for X days get automatically locked out
- Train your users - consider Arctic Wolf's managed security awareness offering
- Detect early signs of compromise like Kerberoasting
- Lock down your DNS egress to only specific servers so that it doesn't run "wide open"
- Leverage good threat intel
- Common ways ransomware gets in our environments, and some ways to NOT get ransomware'd:
View all episodes
By Brian Johnson
4.7
6868 ratings
Today our good pal Christopher Fielder from Arctic Wolf is back for an interview three-peat! He joins Joe "The Machine" Skeen (a.k.a. Gh0sthax) and I to talk about all things ransomware, including:
-
How the Colonial Pipeline incident may have started from a weak VPN cred with no MFA. Silver lining (?) - they got some of the $ back.
-
Was the federal government's response good enough? What should the government be doing to better handle and manage ransomware?
-
- Common ways ransomware gets in our environments, and some ways to NOT get ransomware'd:
- Use 2FA (make sure that all accounts are using it!)
- Consider having (if possible) your AD user scheme be something like chi-user4920394 instead of Joe.President
- Have users that haven't logged in for X days get automatically locked out
- Train your users - consider Arctic Wolf's managed security awareness offering
- Detect early signs of compromise like Kerberoasting
- Lock down your DNS egress to only specific servers so that it doesn't run "wide open"
- Leverage good threat intel
- Common ways ransomware gets in our environments, and some ways to NOT get ransomware'd:
More shows like 7 Minute Security
View all
Hacked
187 Listeners
Security Now (Audio)
2,011 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
372 Listeners
Risky Business
371 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
651 Listeners
CyberWire Daily
1,028 Listeners
Smashing Security
317 Listeners
Click Here
418 Listeners
Darknet Diaries
8,077 Listeners
Cybersecurity Today
175 Listeners
Hacking Humans
315 Listeners
CISO Series Podcast
195 Listeners
Defense in Depth
73 Listeners
Cybersecurity Headlines
139 Listeners
Risky Bulletin
45 Listeners