"Cloud-First" Ransomware - A Technical Analysis - Seguridad Mania.com - España y América Latina

Cloud services have emerged as the preferred attack vector of some of the most dangerous and innovative cloud malware exploits of the past six months. Why?  Because many organizations don't inspect their cloud SSL traffic for malware and the same functionalities of the cloud dramatically increase productivity (sync, share, collaborate, etc) also provide ransomware developers with a perfect medium for faster delivery of malware payloads to more targets. Join Netskope chief evangelist, Bob Gilbert, and Threat Detection Engineer, Sean Hittel, for a fascinating look at how malicious actors now design ransomware to make best use of popular cloud services to hide in plain sight, and do more damage in less time.    Bob and Sean will provide technical analyses of recent malware campaigns discovered or documented by Netskope Threat Research Labs and how to defend against them.  These include:   • Virlock, which encrypts files and also infects them, making it a polymorphic file infector  • CloudFanta, which uses the SugarSync cloud storage app to deliver malware capable of stealing user credentials and monitoring online banking activities • CloudSquirrel, which takes advantage of multiple cloud apps throughout the ransomware kill chain with the intent to steal and exfiltrate user data • The Zepto variant of Locky ransomware, now distributed both by popular cloud storage apps and via DLL