Hi [[ session.user.profile.firstName ]]

Taking Down the World's Largest Botnets: An Inside Look at Grum

Botnets are controlled by sophisticated cybercriminals. Grum, the world's third-largest botnet, included a network of hundreds of thousands of infected computers perpetrating cybercrime and online fraud, impacting consumers and organizations worldwide.

Hear directly from a FireEye malware expert who led the effort to take down Grum, including:

• Distinct strategies for botnet takedowns
• Evolution of Grum
• Role of the research community in finding Grum master CnC servers
• A blow-by-blow account of how the criminals tried to salvage Grum and what's next

Learn how botnets operate and how research and technology from FireEye played a key role in dismantling four of the world's largest botnets since 2008, including Grum, Rustock, Ozdok/Mega-D, and Srizbi.
Recorded Aug 14 2012 49 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Atif Mushtaq, Sr. Staff Scientist, FireEye
Presentation preview: Taking Down the World's Largest Botnets: An Inside Look at Grum
  • Channel
  • Channel profile
  • Crisis Communication after an Attack Oct 19 2016 3:00 pm UTC 60 mins
    Chris Leach, Chief Technologist (HPE). Vitor De Souza, VP, Global Communications (FireEye)
    Are you prepared?
    It’s headline news. Cyber attackers are increasingly more sophisticated and data breaches are becoming common place. Some say “it’s not a question of if you’ll be breached, but when”. You need a plan.

    Even the most security-conscious organizations are not prepared for the necessary actions needed to gain control after a cyberattack. Preparing an emergency response communication plan keeps stakeholders informed following a breach. Taking an early communication approach will combat rumor and conjecture. The breach is now a business problem. From employees and customers to partner and suppliers – people need to be confident the situation is being addressed, managed, and resolved.

    Communication is key.
    Smart organizations view their security crisis-communication plan as an ongoing necessity. Get ahead of the reactive situation and decrease the uncertainty. Involve the company’s top leaders across the cross-functional organization. Create a framework for answering questions honestly and with integrity. Share information up front and often. Frequent detailed communication couple with action timelines creates confidence.

    Get operational in real time.
    You can’t control the communication cycle without having done some work in advance. A well-developed crisis response plan with different scenarios will train your team to operate in real time when the inevitable occurs. You can take control of the situation with timely communications.

    Be prepared. Join us for our upcoming webinar to learn how to build a strong crisis-communication foundation for your organization.

    See you online!

    The HPE FireEye Team
  • Security-as-a-Service: New Threat Landscape Demands a New Paradigm Sep 27 2016 5:00 pm UTC 60 mins
    Rudy Araujo, VP, Product & Solutions Marketing
    The security paradigm for nearly two decades has been to increasingly invest in technology. These solutions have not only failed to solve the problem but have made the challenge more complex. Even if true threats are detected, they are lost in a sea of alerts and lack the context to prioritize and build response. This security posture is only exacerbated by the skills deficit currently facing the industry.

    In this webinar, we look at the emergence of a new security-as-a-service paradigm and the capabilities required to help organizations reduce risk and time to protection. The discussion will cover how the cost, specialization and complexity of cyber defense have positioned security to follow other markets in adopting an “as-a-service” paradigm.

    We will also address the capabilities that define an ideal security-as-a-service partner such as:

    •the availability of security expertise
    •a broad intelligence capability and
    •flexible deployment options

    Not only does this approach improve a security posture and reduce risk but it does so with a lower total cost of ownership (TCO). Register today to learn more about this emerging security-as-a-service model.

    The FireEye Team
  • COPE-ing with Cyber Risk Exposures Recorded: Sep 22 2016 58 mins
    Ron Bushar, VP - Global Government Services, Mandiant. Russ Cohen, Director of Cyber/Privacy Services, Chubb.
    As cyberattacks become more frequent, more sophisticated, and more costly, businesses are increasingly turning to cyber insurance to transfer some of the risk. In turn, insurance underwriters are challenged by the complexity of assessing cyber risk, and need a simple yet objective methodology to assist in decision making.

    In response to this, Chubb has developed a new model for cyber underwriting, Cyber COPETM. Intended to simplify and improve the assessment of both cyber and privacy risks, this methodology is based on COPE, a time-tested underwriting model that has been used by property underwriters to analyze risk for nearly 300 years.

    Mandiant Consulting has teamed with Chubb to create a Cyber Risk Insurance Assessment Process that aligns with the new Cyber COPETM methodology to allow a more effective evaluation of an insured’s cyber and privacy risk.

    In this webinar, experts from Mandiant Consulting and Chubb will discuss the Cyber COPETM methodology, Mandiant's new CIRA service, and how organizations can use both to better understand their cyber and privacy risks.

    As usual, we'll leave plenty of time for Q&A.
  • Know Your Enemy: New Financially-Motivated & Spear-Phishing Group Recorded: Aug 18 2016 50 mins
    Steve Elovitz, Manager, Consulting Services (Mandiant), Ian Ahl, Manager, Incident Response (Mandiant)
    Beginning in January 2016, Mandiant identified a financially-motivated threat actor that launched several tailored, spear-phishing campaigns—targeting industries that process large volumes of consumer credit cards such as retail, restaurant, and hospitality. To date, Mandiant has seen this group at over 150 organizations. This group is interesting due to the large number of organizations they quickly targeted, how quickly they shift tools, tactics, and procedures (TTPs), and their unusual persistence in attempting to re-compromise an organization after remediation.

    During this conversation, we will walk through examples from several Mandiant investigations of this groups activity. We will take a technical look at this threat actor's TTPs as well as talk about what to look for to determine if they are active in your environment.

    Register for this webinar as our experts share key insights on this new cyber threat group!
  • Place Your Bets on Securing Your Network Against Advanced Threats Recorded: Aug 16 2016 56 mins
    Gary Fisk (Solutions Architect, FireEye), Robert McNutt (Director, Strategic System Engineer, ForeScout)
    According to the latest M-Trends report, 53 percent of network compromises are identified by an external organization rather than the internal IT department. This is especially apparent in the hospitality industry where massive amounts of customer data and credit card information are stored. Now more than ever, it’s critical to understand the security posture of your network and implement comprehensive security solutions that help you rapidly detect, analyze and contain potential threats.

    Join us and learn how a Fortune 500 company Gaming/Hospitality company gained instant visibility of previously unknown devices and deployed policy-based access controls in days. Our special guest customer will comment on the state of threats to hospitality companies and discuss how FireEye Network Threat Prevention Platform (NX Series) and ForeScout CounterACT® work together to provide a holistic approach to risk mitigation and threat management.

    Gain visibility into what and who is on your network—especially un-managed devices. Improve your defenses against advanced threats and create a policy based automated response to potential threats.

    Register today [link] to learn how!
  • Connected Health Devices – Biomed Benefit or Biohazard? Recorded: Jul 28 2016 58 mins
    Dan McWhorter, Chief Intelligence Strategist, FireEye, John Klassen, Sr. Director, Solutions Marketing, FireEye
    Medical devices (biomed) introduce many cybersecurity challenges into healthcare delivery organizations, but what can you do? Connecting medical devices to your network and in turn to your physicians and EMR system increases clinical workflow while opening security holes. Much is out of your control. Device manufacturers control patch cycles and vulnerabilities persist so you segment your network which introduces administration overhead and increases the possibility of breaches due to misconfigurations. As you try harder to improve efficiency, is your environment becoming less secure due to improved connectivity? And what about patient safety when medical devices are connected directly to patients?

    Join Dan McWhorter, Chief Intelligence Strategist at FireEye, and John Klassen, Sr Director Solutions Marketing, on this webinar to learn:

    •The impact on Healthcare cybersecurity from complex medical device ecosystems
    •What kind of attacks connected medical devices are vulnerable to
    •Strategies and tools to lower your risk from compromised devices

    Register today to understand this emerging threat landscape.

    The FireEye Healthcare Team
  • Passive Detection Doesn’t Work: Non-Reactive Approaches To Incident Response Recorded: Jul 27 2016 59 mins
    Devon Kerr, Incident Response Manager, Professional Services, Mandiant
    Intrusion investigations are a response to the detection of a threat in the environment. Organizations are investing heavily in technology, training, and personnel who can quickly detect and respond to threats after they’ve gained some amount of access to their environments. It’s this process that leads to containment and gives businesses back control.

    Companies are getting better at detecting threats as a result, but actors may still have been in the environment for several months before that critical moment when tools and personnel finally detect the bump in the night and the investigative process can begin.

    During this conversation, we’ll look at the security ecosystem and some of the reasons why technologies that react to threat activity may not be adequate in this golden age of cyber threats. We’ll also discuss a few of the most important skillsets necessary to cultivate and why personnel and expertise are your secret weapons. Lastly, we’ll suggest some of the most effective sources of evidence to examine as well as some of the analysis techniques you should be using to filter through the noise.

    Register today!
  • Cybersecurity Challenges, Risks, Trends and Impacts: Key Survey Insights Recorded: Jul 21 2016 59 mins
    Julian Dana (Director, Latin America, Mandiant), Chris Leach (Chief Technologist, HPE)
    No question about it: Information security—or, more precisely, the lack of it—is firmly on the radar for business and information-technology leaders in organizations of all sizes and in every sector. Many executives and managers fear that their companies are ill-prepared to prevent, detect, and effectively respond to various types of cyber attacks, and a shortage of in-house security expertise remains of widespread concern.

    Those are among the initial findings of the Cybersecurity Challenges, Risks, Trends, and Impacts Survey, conducted by MIT Technology Review Custom in February 2016. Commissioned by Hewlett Packard Enterprises Security Services and FireEye, join our experts as they discuss this industry survey to uncover:

    •Implications of breach impacts for organizations
    •Benefits of a risk management strategies
    •Current trends in information-security threats

    Register for this webinar today!
  • Cyber Risk Conversation: Security Trends & Best Practices Recorded: Jun 28 2016 54 mins
    Ron Bushar, Managing Director, Mandiant (a FireEye company)
    Over the last decade, cyber security has evolved from a niche concern confined to IT professionals to a major priority for CEOs and boards of directors. Company leaders are now charged with managing cyber risk with the same urgency that they have managed traditional business risk.
    The emergence of cyber risk as a centerpiece of risk management is being fueled by new and increasingly complex threats. Organizations must deal with a quickly evolving set of threats to their information systems and data. Many of these threats were unimaginable just a few years ago.

    In this discussion, we explain the different forms of cyber risk and show how the threat level has risen in recent years. We also provide a basic framework for managing cyber risk, and finally, we pose five key questions business leaders should ask themselves to ensure their security posture is sufficiently robust and resilient to meet evolving threats.

    Register for this webinar today. As usual, we’ll leave time for Q&A.
  • MobileIron + FireEye: Uncovering Security Threats to Enforce Policies on Mobile Recorded: Jun 16 2016 64 mins
    Mike Resong (Dir, Tech Alliances, FireEye) David Schwartzberg (Sr. Mgr., Security & Privacy, MobileIron)
    Mobile technology is driving a massive shift in the IT department’s ability to support the way people want to work and collaborate. In this era of enterprise mobility management (EMM), modern enterprises must deliver native mobile experiences that are available to users anywhere and anytime while ensuring that IT can secure corporate information everywhere.

    In this webinar, MobileIron and FireEye experts will speak to:

    - What trends we're seeing in the updated mobile security landscape
    - How joint customers are leveraging their integrated solution in their corporate environments
    - An overview of MobileIron and FireEye's combined solution

    This session will also include a preview of what’s coming with FireEye Security Orchestrator and MobileIron’s integration with FireEye’s newest product.
  • Breach Readiness: Next Generation of Incident Preparedness Recorded: Jun 7 2016 56 mins
    Russell Teague, Managing Director, Mandiant, a FireEye Company
    Are you ready to handle a security breach? Russell Teague, Managing Director, Mandiant, a FireEye Company, will discuss the Next Generation of Incident Preparedness. Mandiant is the world leader in Incident Response Management; no other company is involved in more of today's largest breaches. Russell will discuss what companies need to do to be breach ready, and how being proactive in your incident preparedness is essential and could save you from devastating cost.

    Incident preparedness is more than having an incident response plan, it's more than having skilled personnel on staff. Come join us in an eye-opening discussion on key elements that every company should consider. Major security breaches have become part of everyone's daily news feed, from the front page of the newspaper to the top of every security blog, you can’t miss the steady flood of new breaches impacting the world today. In today’s every changing world of business and technology, breaches are inevitable, you must be prepared before they happen. Learn how to become prepared from the industry leader in breach management and ultimately control your cost in post breach recovery.

    Register now for this compelling discussion on Next Generation Incident Preparedness.
  • Privileged Accounts and the Cyber Attack Life Cycle Recorded: May 24 2016 44 mins
    Adam Bosnian, EVP, Global Business Dev, CyberArk, Milan Gavran, TAP Sales Mgr, FireEye
    Mandiant Consulting’s 2016 M-Trends report once again shows that cyber attacks follow a regular pattern of crashing through perimeter defenses, obtaining a credential and then using the acquired access to move laterally throughout the network and escalate privileges to complete their primary objective. Once attackers obtain privileged credentials, they can slowly gain control of the entire organization’s IT environment.

    This session will focus on how attackers find their way to the heart of enterprises, the role privileged credentials (passwords and SSH keys) play in an active cyber attack, and how the integration of CyberArk Privileged Account Security Solution and the FireEye Threat Analytics Platform (TAP) can help organizations detect, alert and rapidly respond to cyber attacks.

    The audience will be walked through a few data breach examples and shown how combining intel from both systems is used to assist in detection and response acceleration. Attendees can expect to gain an advanced understanding of how they can start leveraging their enterprise-wide data and privileged threat analytics to quickly identify and disrupt the most critical in-progress attacks.

    Register today.
  • The Eye of The Security Cyberstorm Recorded: May 11 2016 50 mins
    Chris Olive, Vormetric & Kevin Jackson, FireEye
    It doesn’t matter what industry vertical you are in or how big or small your business is, we are all plagued by the same concern, the security of your most valuable asset – your data. Moreover, the threat is sometimes the ones that you trust most, namely people that have access to your privileged information and data. This insider threat can be your customers, partners and even your employees that accidentally or purposefully release or acquire sensitive data and use it for something other than what it was meant for.

    Just imagine if you had a complete and panoramic scene sizeup along with the ability to proactively address potential threats of both the traditional threat vector of outsiders gaining information as well as the increasingly common and dangerous internal threat. Join us as we discuss this important topic as well as how you can ensure that your organization does not find itself in the eye of the security cyberstorm..
  • Relatório M-Trends 2016 Recorded: Apr 14 2016 59 mins
    Luiz Eduardo Dos Santos, Diretor Técnico da FireEye para a América Latina
    Em 2015, os consultores da Mandiant, uma empresa da FireEye, respondeu um grande número de incidentes cibernéticos causados por grupos de ciber-criminosos espalhados por todo o mundo. Com base nessa experiência, os consultores criaram um relatório especial conhecido como M-Trends 2016 focado no que vem acontecendo no panorama das ameaças.
    Participe juntamente com o Diretor Técnico da FireEye para a América Latina, Luiz Eduardo Dos Santos neste webinário onde ele apresentará:
    •As principais descobertas das investigações da Mandiant em 30 verticais distintos
    •Tendências e dados que suportam a evolução dos grupos de ameaças no ultimo ano
    •Campanhas para efetuar o roubo de dados pessoais/confidenciais das organizações
    •Ataques diretamente a dispositivos de redes, - roteadores, switches e firewalls
    Aprenda como melhor analisar e responder às técnicas de persistência de malwares em 2016.
    Inscreva-se hoje.

    Equpe da FireEye
  • Informe M-Trends 2016 Recorded: Apr 13 2016 62 mins
    Luiz Eduardo Dos Santos, Director Tecnico de LatinoAmerica de FireEye
    En 2015, los consultores Mandiant, una empresa de FireEye, respondieron a una amplia variedad de incidentes cibernéticos creadas por grupos de atacantes alrededor del mundo. Con base en esa experiencia, los consultores crearon un informe especial titulado M-Trends 2016 que muestra cual es la prespectiva con respecto al panorama de las amenazas.

    Únase al Director Tecnico de LatinoAmerica de FireEye, Luiz Eduardo Dos Santos en este seminario donde abordara los siguientes puntos:
    • Las principales conclusiones de las investigaciones Mandiant a través de 30 industrias
    • Tendencias y datos que apoyan la forma avanzada que los ciber-criminales han evolucionado a lo largo del año pasado
    • Campañas para robar información personal
    • Los ataques a dispositivos de redes empresariales-routers, switches y firewalls
    Aprende a analizar y responder mejor a las técnicas de persistencia de malware en 2016.

    Regístrese hoy.

    El equipo de FireEye
  • Inflection Point: Sandworm Team and the Ukrainian Power Outages Recorded: Mar 8 2016 57 mins
    Dan Scali, Sr. Mgr., ICS Security (Mandiant), Sean McBride, Critical Infrastructure Lead (iSIGHT)
    In the first publicly documented power outage attributed to a cyber attack, the Russian-nexus Sandworm Team caused blackouts in several regions of Ukraine. iSIGHT Partners has tracked this group since October 2014, documenting its targets, tools, attack infrastructure and motivations. In August 2015 we noted Sandworm had infiltrated Ukrainian electricity providers; and, in November we warned that Ukraine was a hot spot for ICS-related activity.
    In this Webinar, Sean McBride, Critical Infrastructure Lead Analyst, and Dan Scali, Senior Manager of Mandiant’s ICS Security Consulting Practice, will tell you what happened to the victim utilities and what could have been done to prevent it.
  • Healthcare Webcast: So Many Devices, So Much Risk Recorded: Nov 18 2015 51 mins
    Asad Baheri, Product Sales Specialist, Mobile Threat Prevention
    Mobile devices are ubiquitous in today's society. The number and types of devices used by physicians, nurses, clinicians, specialists, administrators, and staff – as well as patients and visitors – are growing at healthcare organizations across the country. Providing anywhere/anytime network access is essential, particularly when instant communication is required to ensure quality patient care. But the mobile devices are launched daily with upgraded versions of operating systems that are ripe for infection.

    FireEye Mobile Threat Prevention identifies and stops mobile threats. Rather than relying on signatures, which are powerless against today’s constantly changing threats, FireEye Mobile Threat Prevention executes applications within the FireEye MVX engine to protect mobile devices against compromise.

    During this webcast, we will discuss the benefits of a mobile security strategy and identify how FireEye Mobile Threat Prevention (MTP):

    - Offers real-time visibility of threats on mobile devices
    - Displays play-by-play analysis of suspicious applications
    - Provides an index of pre-analyzed applications
    - Generates threat assessments for custom applications.

    Join our webcast today to hear about the latest developments in mobile threats for healthcare.
  • When Things Get Reel---You Just Got Phished Recorded: Nov 10 2015 61 mins
    Alec Randazzo, Sr. Incident Response Consultant, DJ Palombo, Consultant, Mandiant
    Email is an essential tool of today’s business. In 2012, firms sent and received an estimated 89 billion emails every day. Email has also become a vector for cyber crime; phishing emails—with and without correct spelling—account for a significant portion of today’s attacks.

    What happens when a targeted victim falls for a phish email and the attacker gains access to a network? Alec Randazzo and DJ Palombo from the Mandiant incident response team will examine an attacker’s step-by-step process, using real world examples. Recommendations will be provided on how to limit an attacker’s success within a network.

    Join us for this webinar to gain critical insights from our experts in the field.
  • Zero Day, Zero Effect: Examining the Clandestine Wolf Zero-Day Recorded: Sep 22 2015 43 mins
    Ben Withnell, Incident Analyst, FireEye as a Service
    Triage and remediation of attacks utilizing zero-day vulnerabilities requires technology, intelligence, and expertise that is often beyond the capabilities of most security teams today. With Clandestine Wolf, the name our security team gave to a recent zero-day campaign exploiting an Adobe Flash vulnerability, our analysts were able to validate the alert and begin response within minutes after first observing the attack.
    In this webinar Ben Withnell, a FireEye as a Service (FAAS) incident analyst, will discuss how the Clandestine Wolf campaign was discovered, triaged, and remediated across the FireEye as a Service customer base. Throughout the webinar he will also share his insights into how our analysts handle APT threats, the attacker lifecycle, and remediation tactics.

    Register today for this exclusive insight!
  • The Email Threat Vector – Defending Your Users from Targeted Attacks Recorded: Aug 13 2015 42 mins
    Brian Schwarz, FireEye Product Manager
    Do you want to stop the complaints from upper management about malicious emails slipping through your current antivirus and antispam gateways? Has your IT team had enough of dealing with scourges such as CyptoWall? Are you tired of hearing that the “next big thing” from various IT security vendors will solve these problems only to see the products fail when put to the test? If you have any or all of these problems, this webinar is for you.

    According to Verizon’s 2015 Data Breach Investigations Report, 77% of infections originate from emails containing malicious attachments or URLs–emails that should be stopped at the perimeter. FireEye can make that happen.

    Join us on August 13 for a demonstration of how our proven Multi-Vector Virtual Execution (MVX) technology can help protect your organization from known and unknown threats. The webinar will also cover the threat landscape and provide information on:

    •How FireEye’s MVX behavior analysis technology works
    •What differentiates FireEye’s MVX technology from the traditional signature-based antivirus approach
    •How FireEye can protect your email in the cloud and in your data center

    As always, we’ll leave plenty of time for Q&A. Register today.

    The FireEye Team
The leading provider of next generation threat protection
FireEye is the world leader in combating advanced malware, zero-day and targeted attacks that bypass traditional defenses, such as firewalls, IPS and antivirus.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Taking Down the World's Largest Botnets: An Inside Look at Grum
  • Live at: Aug 14 2012 6:00 pm
  • Presented by: Atif Mushtaq, Sr. Staff Scientist, FireEye
  • From:
Your email has been sent.
or close