Hi [[ session.user.profile.firstName ]]

(ISC)2 APAC Secure Webinars

  • Date
  • Rating
  • Views
  • In-Depth Analysis of a Fast Flux Botnet
    In-Depth Analysis of a Fast Flux Botnet Or Katz, Principal Lead Security Researcher, Akamai Recorded: Nov 22 2017 60 mins
    In recent years, we have seen large-scale botnets used to execute attacks rarely seen in the past -- botnets that incorporate new features and bigger capabilities than ever before. How and why some of these botnets remain resilient is a question that needs to be answered, and one of the reasons is Fast Flux. Fast Flux is a DNS technique used by botnets to hide various types of malicious activities (such as phishing, web proxying, malware delivery, and malware communication) behind an ever-changing network of compromised hosts acting as proxies. In general, a Fast Flux network is mostly used to make communication between malware and its command and control server (C&C) more resistant to discovery. Akamai’s high visibility to both Web and Enterprise traffic enables new and unique insights on the behavior of such Fast Flux networks.

    In this webinar, you will get an in-depth analysis on:

    - How network fluxing is using domains, IP addresses and even nameservers to become resistant to discovery
    - How Fast Flux networks offer services such as malware communication and hosting of malicious content
    - How botnets are used both for Fast Flux communications and a variety of Web attacks such as Web scraping and credential abuse
    - Best practices for detecting and defending against such botnets

    Join Akamai and (ISC)² on Nov 22 (Wed) at 13:00 (Singapore time) / 16:00 (Sydney time) to learn more about the Fast Flux Botnet.

    Presenter: Or Katz, Principal Lead Security Researcher, Akamai
    Moderator: Ir. Tejinder Singh, Senior Development Expert, T-Systems Malaysia SGA Security Engineering
  • Phishing Incident Response - How to Stop the Chaos!
    Phishing Incident Response - How to Stop the Chaos! Presenter: Duncan Thomas, Director of Sales, PhishMe; Moderator: Clayton Jones, Managing Director, APAC, (ISC)2 Recorded: Nov 15 2017 61 mins
    A recent survey conducted among security professionals in Australia, Singapore revealed that up to 95% of respondents said phishing is the #1 threat. Yet many acknowledged they’re unprepared to deal with phishing attacks.

    Attend this webinar to learn why responders are drowning in emails instead of hunting real threats. See why they’re betting on automation whilst we know, tech alone won’t stop threats from getting through and wreaking serious havoc. Learn what rapid changes and investments your peers are planning to turn the tide against phishing and protect their organisations.

    In this webinar, you will learn:

    - How bad is the phishing threat?
    - How confident are companies in their phishing responses?
    - What solutions are companies using—and which ones should they add?
    - How can automation and technology help? Why are humans important, too?
    - How does your organisation compare to organisations in Australia, Singapore and other countries around the globe?

    Join PhishMe and (ISC)² on Nov 15 (Wed) at 14:00 (Singapore time) and learn more about phishing incident response.
  • Equifax: 又一启重大数据外泄事件! 分析事件根源、探讨解决方案
    Equifax: 又一启重大数据外泄事件! 分析事件根源、探讨解决方案 演讲人: Disney Cheng 郑学辉, Solution Architect 架构顾问, Tenable 亚太区; 主持人: 吴树鹏, (ISC)² 北京分会会员主席 Recorded: Nov 8 2017 59 mins
    Equifax征信数据的外泄将对美国上亿人口产生潜在危害,敏感的个人信息(包括银行账户、信用评分和身份信息)可被犯罪分子利用,导致严重的安全隐患和财务损失。特别令人惊讶的是,犯罪分子利用了已知的网页Apache Struts漏洞发动攻击,而“漏洞补丁”早在数月前就已被公布及可下载使用。

    频繁发生问题的根源是:网路的管控和漏洞的可视度十分有限,导致未能及时修补漏洞!

    这次以Apache Struts漏洞为案例, 给大家演示Nessus 漏洞扫描工具以及持续安全监控平台SCCV所能提供的完整IT 和 IoT资产的报表,安全感知,以及法规状态,让漏洞及时呈现且得到完全修补。

    参加Tenable 和 (ISC)² 在11月8日下午2:00至3:00的在线论坛《Equifax:又一启重大数据外泄事件!分析事件根源、探讨解决方案》,聆听专家对时下安全威胁的解读,还等什么?赶紧加入我们吧。
  • 了解安全威胁态势和凭证盗用(撞库)攻击
    了解安全威胁态势和凭证盗用(撞库)攻击 演講人: 李文涛, 阿卡迈(Akamai)大中华区解决方案部门总经理, 萧锦明, Akamai亚太高级企业安全系统架构师; 主持人: 阎光,(ISC)² 上海分会主席,德勤风险咨询副总监 Recorded: Sep 27 2017 62 mins
    安全威胁态势不断变化,并且极为迅速。因此,组织应持续了解最新的攻击信息,以此来确定在当前的威胁态势下应该寻找的应对方式并预计攻击在未来变化的方式,从而免受该类威胁的影响。这一点至关重要。

    在今天的会议当中,Akamai 将基于已发布的《2017 年第二季度互联网安全现状》报告,与大家分享有关安全威胁态势的深度见解。

    近些年来,凭据滥用(撞库)攻击已成为一种普遍的威胁,而且复杂性正日益增加。我们也将对此进行详细介绍。凭据滥用(撞库)攻击活动一旦成功,用户将遭受无法访问、数据泄露或欺诈性交易等损失。Akamai 将揭示这些攻击活动中使用的技术以及难以检测出这些活动的原因。我们还将展示抵御此类攻击的方法和解决方案,从而使您的组织不再遭受此类攻击的影响。

    参加Akamai 和 (ISC)² 在09月27日下午2:00至3:00的在线论坛《了解安全威胁趋势和凭证盗用(撞库)攻击》,聆听专家对时下安全威胁的解读,还等什么?赶紧加入我们吧。
  • IoT와 웹 보안 위협의 실체와 대응방안
    IoT와 웹 보안 위협의 실체와 대응방안 Yongkhi Paek, Senior Security Sales Specialist, Akamai Technologies Korea Recorded: Sep 14 2017 59 mins
    최근 빈번하게 발생하고 주목해야 하는 보안 공격들의 패턴 및 특이사항들에 대해 살펴보고, 기업의 비즈니스 연속성과 안전성을 위해 이러한 공격 위협들에 대해 어떤 효과적이고 효율적인 방법으로 대응 및 대비해야 하는지 알아봅니다.

    1. 최신 웹 보안의 트렌드
    2. 2분기 주요 웹 애플리케이션 공격 분석
    3. 2분기 주요 디도스 공격에 대한 통계
    4. IoT 보안 공격 양상
    5. 웹 보안의 변화 추이
    6. 요약 및 질의답변
  • Improving Credential Abuse Threat Mitigation
    Improving Credential Abuse Threat Mitigation Or Katz, Principal Lead Security Researcher, Akamai & James Tin, Principal Enterprise Security Architect, Akamai Recorded: Aug 30 2017 58 mins
    Credential abuse attacks have become a prevalent threat in recent years, and a successful credential abuse attack campaign can result in damaging consequences such as losing access and control over the accounts, data breach and fraudulent transactions.

    Many of the accounts being abused are compromised account, which are the result of information breach in vulnerable web applications. The problem starts once visitors of highly-secured web applications create login credentials and then recycle those credentials to access another potentially vulnerable web application.

    In this webinar, Akamai will present our latest research on malicious activity that sheds new light on credential abuse attack campaigns characteristics. The research reveals the techniques that are being used and what make these campaigns difficult to detect over long periods of time. We will show how collaboration of attack evidence on different targets can become a solution to mitigate such attacks.

    The speakers will also share key attack data and trends observed from the latest Akamai Q2 2017 State of the Internet Security Report.

    Join Akamai and (ISC)² on Aug 30 (Wed) at 13:00 (Singapore time) to learn more about improving credential abuse threat mitigation.

    Presenters:
    - Or Katz, Principal Lead Security Researcher, Akamai
    - James Tin, Principal Enterprise Security Architect, Akamai

    Moderator:
    - Clayton Jones, Managing Director, APAC, (ISC)²
  • The Evolution of Vulnerability Management – Program Trends and Solutions
    The Evolution of Vulnerability Management – Program Trends and Solutions Michael Aboltins, Technical Product Manager Tenable Asia Pacific, Tenable Network Security Recorded: Jul 19 2017 61 mins
    Frequent cyber security attacks spreading around the world and affecting systems everywhere has become the "new norm". Recent changes in IT architecture such as virtual, mobile & cloud services, plus increasingly sophisticated cyber threats are forcing enterprise security practices and principles to be re-evaluated. Analyst research data shows that system vulnerabilities are still the largest contributing factor in enterprise data breaches. Thus, identifying vulnerable systems on your network and applying mitigations to them must continue to be a strong priority.

    This webinar will provide you with insight into how successful organisations have evolved their Vulnerability Management programs to gain a deeper understanding of their overall Security posture. The presentation will share ideas to boost the effectiveness of your security program now and in future, taking into account the major new IT paradigms including Cloud, Containers & DevOps.

    Join Tenable and (ISC)² on July 19 (Wed) at 14:00 (Singapore time) to learn more about the evolution of vulnerability management.
  • Research Findings: Quantifying ROI for Application Security
    Research Findings: Quantifying ROI for Application Security Shelly Yao, Security Architect – South East Asia, Hewlett-Packard Enterprise Recorded: Jul 12 2017 53 mins
    Continuous delivery of application is the new norm. Businesses recognize that applications are a competitive differentiator so they are creating and pushing them out at a lightning pace, thus putting a lot of pressure on development and security teams. HPE Enterprise Security, together with Mainstay Partners, studied data collected from a broad set of Fortify customers to quantify the business value they are experiencing by building security into each phase of development.

    Join HPE and (ISC)² on July 12 (Wed) at 13:00 (Singapore time) to learn about the key findings from the research. Discover the ROI of application security practices for your organization to scale confidently for business growth.

    Presenter: Shelly Yao, Security Architect – South East Asia, Hewlett-Packard Enterprise
    Moderator: Clayton Jones, Regional Managing Director, Asia-Pacific, (ISC)²
  • The Evolution of Vulnerability Management 進化を迫られる脆弱性管理
    The Evolution of Vulnerability Management 進化を迫られる脆弱性管理 花檀 明伸 (Akinobu Kadan), Senior System Engineer, Tenable Network Security Recorded: Jun 28 2017 61 mins
    現代のサイバーセキュリティ攻撃は全世界規模で発生し、数時間で数百万台のシステムが被害を被るケースもあります。短時間で大規模な被害が発生する要因のひとつにIT環境の変化があると、テナブルは考えています。仮想化やクラウドサービス、モバイル技術などの新しいテクノロジーの普及はサイバー攻撃の可能性を拡大し、従来型のエンタープライズ向けセキュリティ対策では十分な対応をおこなうことができません。一方で、システムが持つ脆弱性がセキュリティ侵害の最大の原因となっていることが、さまざまな調査から明らかになっています。新しい時代のITインフラに適応した総合的な脆弱性管理を実現し、攻撃のリスクを軽減することが求められているのです。

    このセッションでは、 IT環境の変化が必要とする脆弱性管理製品の新たな要件についてご紹介します。

    - 包括的な脆弱性管理の重要性
    - 脆弱性管理は定期診断から継続的監視へ
    - 継続的な脆弱性管理の効果 〜 統合化された分析、可視化機能と、コンプライアンス評価
    - 新しいインフラへの対応 〜 モバイル、仮想化、クラウド、コンテナ

    テナブルは、可視化やリスクの優先度評価、必要となるアクション、セキュリティコンプライアンスへの準拠状況などを包括的に管理するソリューションを提供して、IT資産に対するセキュリティの向上に貢献します。
  • The Dangers Within: 6 Hidden Signs of Cybersecurity Insider Threats
    The Dangers Within: 6 Hidden Signs of Cybersecurity Insider Threats Jon Piercey, SVP Security & Intelligence APAC, Nuix Recorded: Jun 28 2017 61 mins
    Threats from within the enterprise can pose the biggest cybersecurity risk to the organisation. Whether intentionally or accidentally, users with legitimate credentials can go about the network without triggering suspicion or alert, making their unauthorised activity difficult to detect. Insider threat activity can sometimes hide in plain sight, but what happens when people deliberately cover their tracks?

    In this webinar, you will learn:

    - Where to look for suspicious activity
    - How to set up traps that will catch malicious insiders
    - What finding paths across seemingly disparate data can reveal.

    According to a 2016 industry report, employees cause 77 percent of internal security breaches. Find out who is causing yours.

    Join Nuix’s and (ISC)² on Jun 28 (Wed) at 13:00 (Singapore time) and uncover the six hidden signs that help you detect the presence of insider threat activity.

    Presenter: Jon Piercey, SVP Security & Intelligence APAC, Nuix
    Moderator: Ir. Tejinder Singh, Senior Development Expert,T-Systems Malaysia SGA Security Engineering

Embed in website or blog