BSidesSATX 2023

Jacob Wellnitz

Incident Response Engineer and Post Breach Remediation Consultant

Currently dedicated to Incident Response with Kudelski Security
14 months at an electric cooperative as NOC Analyst and Security Administrator
5 ½ years at a private nonprofit university, including as Systems Administrator, with a focus on security
4 years at the world's largest telecommunication provider in network monitoring and remediation roles


How LockBit Orchestrated the Destruction of a Domain and Network and How We Kicked Them Off Stage
Jacob Wellnitz

In this talk we take the audience through a LockBit 3.0 and LockBit ESXi investigation, containment, and recovery case. We cover how we identified infected systems, attacks that don't match TTPs from the FBI and CISA, and how we helped our client get back up and running again.

In the Weeds
Track 1 (UC Conference Rm A)