7MS #472: Interview with Christopher Fielder
7 Minute Security
English - June 16, 2021 16:07 - 52 minutes - 48 MB - ★★★★★ - 63 ratingsTechnology News Tech News information security security Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: 7MS #471: Cyber News - Ransomware Should Run Somewhere Edition
Next Episode: 7MS #473: Interview with Nikhil Mittal
Today our good pal Christopher Fielder from Arctic Wolf is back for an interview three-peat! He joins Joe "The Machine" Skeen (a.k.a. Gh0sthax) and I to talk about all things ransomware, including:
How the Colonial Pipeline incident may have started from a weak VPN cred with no MFA. Silver lining (?) - they got some of the $ back.
Was the federal government's response good enough? What should the government be doing to better handle and manage ransomware?
Common ways ransomware gets in our environments, and some ways to NOT get ransomware'd: Use 2FA (make sure that all accounts are using it!) Consider having (if possible) your AD user scheme be something like chi-user4920394 instead of Joe.President Have users that haven't logged in for X days get automatically locked out Train your users - consider Arctic Wolf's managed security awareness offering Detect early signs of compromise like Kerberoasting Lock down your DNS egress to only specific servers so that it doesn't run "wide open" Leverage good threat intel