Threat Alert: New Babuk Ransomware Discovered

Presented by

Nadav Lorber, Security Research Team Lead

About this talk

Morphisec has discovered a brand-new variant of Babuk ransomware. The new variant uses the Babuk ransomware source code leaked on Russian language hacker forums last year, combined with new evasive techniques based on open-source loaders. Threat actors used this previously unseen variant to target a large manufacturing company with more than 10,000 workstations and server devices. The attack bypassed the customer’s next generation anti-virus (NGAV) and endpoint protection platform (EPP). The new variant could also evade industry-leading endpoint detection and response (EDR) solutions at the time of the attack. Watch this special 30-minute virtual session to hear exclusive details about the attack, including: * Technical analysis of the ransomware, including indications of compromise (IOCs) and the differences between the original Babuk ransomware and the new variant * Techniques the ransomware uses to evade NGAV, EPP, and EDR solutions * Recommendations for adjusting your security posture to protect against the new threat

Related topics:

More from this channel

Upcoming talks (3)
On-demand talks (33)
Subscribers (1487)
Morphisec offers prevention-first cybersecurity from endpoint to the cloud. Morphisec provides real-time risk visibility and secures device memory at runtime to stop the most damaging, undetectable attacks. This includes ransomware, supply chain attacks, fileless attacks, zero-days, and other advanced, stealthy, evasive attacks. Morphisec's Automated Moving Target Defense (AMTD) technology provides a lightweight, Defense-in-Depth security layer to augment solutions like NGAV, EPP, and EDR/XDR and close their runtime memory security gap against undetectable cyberattacks.