| |||||
| |||||
Search Irongeek.com:
Help Irongeek.com pay for bandwidth and research equipment: |
Since July of 2016, there has been an observable increase in the number of Emotet/Qakbot infections impacting small and medium-sized businesses. This family of malware spreads using the Windows Server Message Block (SMB) protocol. Preventing the spread of the worm is a simple precaution that many organizations who lack a formal security program miss. This talk demonstrates the impact of SMB spreading worms on an unprotected enterprise network from real-world case studies, the effort necessary to remediate an SMB infection, and some low business impact security controls that could prevent the spread. Matthew serves as a Senior Incident Response Analyst on Cisco,s Advisory Services team. Prior to joining Cisco, Matt served nine years in the United States Marine Corps as a Cyber Systems Chief in addition to various public/private sector roles as a Malware and Digital Forensic Analyst. With over 15 years of experience working in the Information Technology field in Windows, Linux, and Apple environments. Matt has a B.S. in Information Systems Security and is currently pursuing a M.S. in Digital Forensic Science from Champlain College. Matt also holds multiple industry certifications to include the GIAC Reverse Engineer Malware (GREM), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Incident Handler (GCIH), and the Certified Information Systems Security Professional - Information Systems Security Management Professional (CISSP-ISSMP). Matt currently lives in Northern Virginia with his wife and young son. https://blogs.cisco.com/author/mattaubert https://www.medium.com/@aubsec Back to Converge 2018 video list
15 most recent posts on Irongeek.com:
|
If you would like to republish one of the articles from this site on your
webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast