Hear from Kroll’s Head of Threat Intelligence in EMEA, George Glass, on how Kimsuky weaponized the ScreenConnect vulnerability using new malware strain TODDLERSHARK.

Threat intelligence fueled by frontline incident response intel and elite analysts can provide a rich insight into threat actor activity. Security leaders need access to this frontline incident intelligence to understand if they are likely to be in a similar situation but also take immediate action on their defenses. During the briefing, George will highlight how the malware was deployed as part of an attempted compromise, then detected and stopped by the Kroll Responder team.

Key sections:

0:00 - Introduction

1:27 - Agenda

2:28 – Examining the ScreenConnect Vulnerability

7:08 – Exploitation Timeline

11:48 – Introducing TODDLERSHARK

21:31 – The Overlap with BABYSHARK & RECONSHARK

27:32 – Key Takeaways

31:06 – Behavioral Based Detection

32:27 – Q&A
Get the latest from the Kroll Cyber Risk blog - https://www.kroll.com/en/insights/publications/cyber
Cyber Security Case Studies - https://www.kroll.com/en/insights/publications/cyber/case-studies
Kroll Threat Intel Reports - https://www.kroll.com/en/insights/publications/cyber/threat-intelligence-reports
#threatdetection #malware #cyberrisk #MalwareDetection