Page 149 - Cyber Defense eMagazine December 2023
P. 149
Instead of this incomplete infection response, security leaders must gain knowledge and visibility into the
authentication data stolen by the malware, quickly remediate the compromised credentials and invalidate
the stolen web sessions for business-critical applications.
A comprehensive post-infection remediation process substantially reduces the risk of ransomware
events tied to infostealer infections and closes previously overlooked exposures – including those
resulting from infected personal or unmanaged devices accessing the network – stopping criminals in
their tracks before they use malware-exfiltrated data to cause further harm.
About the Author
Trevor Hilligoss is the Senior Director of Security Research at SpyCloud and
is an experienced security researcher with a background in federal law
enforcement. Before leaving government service, Trevor spent nearly a
decade tracking both cybercriminal and nation-state actors for the DoD and
FBI and has presented at the US and international conventions as a threat
intelligence expert. He holds a BA in Sociology, multiple federal certifications
in the field of cyber investigations, and two Global Information Assurance
Certifications (GIAC). Trevor can be reached online at
https://www.linkedin.com/in/thilligoss/ and at SpyCloud’s company website https://spycloud.com/.
Cyber Defense eMagazine – December 2023 Edition 149
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.