BSidesSATX 2023

How LockBit Orchestrated the Destruction of a Domain and Network and How We Kicked Them Off Stage
2023-06-10, 15:00–15:45, Track 1 (UC Conference Rm A)

In this talk we take the audience through a LockBit 3.0 and LockBit ESXi investigation, containment, and recovery case. We cover how we identified infected systems, attacks that don't match TTPs from the FBI and CISA, and how we helped our client get back up and running again.

Incident Response Engineer and Post Breach Remediation Consultant

Currently dedicated to Incident Response with Kudelski Security
14 months at an electric cooperative as NOC Analyst and Security Administrator
5 ½ years at a private nonprofit university, including as Systems Administrator, with a focus on security
4 years at the world's largest telecommunication provider in network monitoring and remediation roles