Threat Hunting//
Threat Hunting Case Study: FileFix
FileFix bypasses Mark of the Web (MotW) protections by hijacking the Windows File Explorer address bar. Here is how to hunt for it.
Join us into the world of cybercrime. Studio 471 brings you the latest trends, emerging threats, and expert advice to arm you with the insights needed to protect your business. By unraveling the mysteries of the underground, our series empowers teams, organizations, and communities to make informed decisions and discover actionable strategies to safeguard your digital footprint.
In this video, Brett Winterford of Okta and Intel 471’s Jeremy Kirk discuss strong authentication, paths to strengthening authentication and what Intel 471 analysts are observing around credential theft in the cybercriminal underground.
Some of most popular illicit digital products in underground digital marketplaces are access credentials and session tokens. The reuse of credentials is often the starting point that leads to a data breach and ransomware. But tying authentication to unspoofable factors – a person’s fingerprint, a device footprint – provides a much higher level of assurance that only legitimate users are accessing systems. This strong authentication provides higher security and a better user experience.
Participants:
Brett Winterford, Regional Chief Security Officer, APJ, Okta
Jeremy Kirk, Executive Editor, Cyber Threat Intelligence, Intel 471
