Info-stealer Malware 101: Mitigating Risks, Strengthening Defenses
Podcast from The CyberWire, Episode Summary:
This informative episode offers compelling food for thought as it delves into the practices and aftermath of info-stealer malware – how infostealers gain access to systems and what to do to remediate an attack. The podcast hosts interview guests Rick Doten, the CISO for Healthcare Enterprises Center, and Trevor Hilligoss, the Director of Security Research at SpyCloud. They point out that most organizations have only rudimentary knowledge and understanding of the security protections on their networks, and generally take the strength of their network security for granted. Many fail to consider the virtual expanse of their networks – the scope of which widens to include such elements as employees using outside or unauthorized devices, insider threats, system administration shortfalls, and means of access disguised as legitimate resources such as popular ad campaign platforms – and just how far across system networks malware can permeate. Malware can be installed and activated on a system simply by opening a seemingly innocuous file sitting on a drive and that malware can do irreparable damage. The speakers stress the value of hiring outside analytical consultants who come in with no preconceived notions and are so much more knowledgeable of the current threat environment and the newest strategies infostealers are using to exploit vulnerable networks.
This podcast is hosted by Rick Howard, N2K chief security officer and CyberWire chief analyst and senior fellow, and Dave Bittner, CyberWire senior producer and podcast host.
Listen to the episode here:
Comments