APTs: Getting Serious About Zero-Day Threats

Alex Lanstein, Senior Researcher, FireEye
Cyber security remains the #1 priority for IT security executives and practitioners in 2012 for good reason. With cyber-attacks on federal government systems and civilian networks increasing at an alarming rate, the threat posed is only heightened by vulnerabilities in networks that support critical operations and infrastructure. In fact, on a weekly basis, over 95% of organizations have at least 10 malicious infections bypass existing security to penetrate their networks.
In a recent congressional hearing, a former FBI cyber security specialist stated: "I believe most major companies have already been breached or will be breached, resulting in substantial losses in information, economic competitiveness and national security. Many are breached and have absolutely no knowledge that an adversary was or remains resident on their network, often times for weeks, months or even years."
Organizations need real time, dynamic protection from today’s most dangerous threats designed to bypass traditional security defenses. Attend this webcast to learn:
•The new techniques and tactics that make these next-generation attacks successful in the absence of a true defense-in-depth security architecture
•Why conventional security defenses are no match for today’s sophisticated and coordinated attacks
•How to detect and stop Web and email-based attacks that exploit zero-day vulnerabilities—when they first appear on your network
•Key criteria when investigating next-generation threat protection
Jul 19 2012
46 mins
APTs: Getting Serious About Zero-Day Threats
Join us for this summit:
More from this community:

IT Security

Webinars and videos

  • Live and recorded (4543)
  • Upcoming (146)
  • Date
  • Rating
  • Views
  • Successful organizations run on key metrics and IT security should be no different. But which security metrics should operations, management and the boardroom be focused on? Factories focus on “days without an accident” Is the cyber parallel “days without a breach?”
    What to measure, how to measure, and how to communicate performance is key to improving the security team’s effectiveness and standing within the organization. Information like:
    - Which departments have access to which servers?
    - Who are the privileged users and when are they most active?
    - Where are the assets with vulnerabilities that can be reached from outside?
    - When are security defenses like firewalls likely to maxout?
    Join Dr. Larry Ponemon, Chairman & Founder of the Ponemon Institute, for key results of a new research study on security metrics and change management, and Jody Brazil, Founder, President and CTO of FireMon, for a pragmatic perspective on generating actionable metrics from your network security infrastructure and reducing the risks of relentless change.
  • Successful organizations run on key metrics and IT security should be no different. But which security metrics should operations, management and the boardroom be focused on? Factories focus on “days without an accident” Is the cyber parallel “days without a breach?”
    What to measure, how to measure, and how to communicate performance is key to improving the security team’s effectiveness and standing within the organization. Information like:
    - Which departments have access to which servers?
    - Who are the privileged users and when are they most active?
    - Where are the assets with vulnerabilities that can be reached from outside?
    - When are security defenses like firewalls likely to maxout?
    Join Dr. Larry Ponemon, Chairman & Founder of the Ponemon Institute, for key results of a new research study on security metrics and change management, and Jody Brazil, Founder, President and CTO of FireMon, for a pragmatic perspective on generating actionable metrics from your network security infrastructure and reducing the risks of relentless change.
  • You are invited to register for our upcoming COSO webinar, COSO 2013: Mapping Controls to Principles. Transitioning to the New COSO Framework is top of mind for many organizations. How do you get started? How do you map controls to principles or vice versa? What are some of the preliminary findings organizations are seeing as they head down the path to implement the framework?

    Please submit top-of-mind questions during the webinar registration process.

    CPE credits will be provided to qualifying attendees.
  • *On this webcast we're giving away a pass to our partner event: the Chicago Cyber Incident Response Summit, between June 21-23, 2014*

    Let’s face it, there’s unrelenting pressure on IT to enable competitive advantage through new technology and use of data assets‒-but the business is driving initiatives that can push sensitive production data into more and more exposed areas. The key question is ‘How can you enable the business to be agile AND take a more proactive, programmatic approach to security at the same time?’ With the advanced threats that are pervasive today, it’s becoming increasingly dangerous for organizations to deploy new technologies and processes, and then reactively address the implications for data security in the ecosystem. You need a blueprint to reverse this trend in your organization.

    In this webinar, William Stewart, Senior Vice President of Booz Allen Hamilton and Jeff Lunglhofer, Principal of Booz Allen Hamilton–a leading management technology and consulting firm driving strategic innovation for clients–will discuss the top trends in cyber threat mitigation, data privacy, data governance, and data security, with Mark Bower, VP Product Management and Solutions Architecture at Voltage Security.

    Attend this webinar to learn more about how to:
    •Increase responsiveness and security in your IT environment and architecture
    •Fight pervasive threats from inside and outside attack with data-centric technologies
    •Raise your organization’s overall data privacy, compliance, and security profile
    •Implement a new data de-identification framework across production, test & dev, and analytics use cases
    •Proactively enable critical business initiatives
    --Can't attend live? Register below to receive a link to the recorded webcast.
  • The future of work sees changes to how employees work, how managers lead, and how organizations are structured. However, technology still remains the central nervous system of organizations and things like enables flexible work, collaboration, communication, and BYOD. In short, IT helps organizations be competitive. But how is IT changing in the context of new work behaviors and expectations, a multi-generational workforce, the cloud, globalization, and many of the other trends that are shaping the world of work? Join us in this session as a panel of experts debates and explores how IT is changing and what the future of IT looks like.
  • Malware today is very different from just a few years ago. Traditional AV technology is no longer able to consistently and fully remediate or defend against today’s most advanced threats. New and emerging threats such as ransomware, social engineering driven attacks and micro variant financial threats are just some examples of difficult to remediate infections. This presentation will take a look at the malware landscape and explain why these tactics are so effective against traditional AV technology. We will examine three specific families of infections and highlight their tactics to evade detection and what issues occur with remediation. Lastly, we will talk about Webroot’s innovation and how our SecureAnywhere AV solution is capable of defending against, and remediating today’s most advanced threats.
  • Malware today is very different from just a few years ago. Traditional AV technology is no longer able to consistently and fully remediate or defend against today’s most advanced threats. New and emerging threats such as ransomware, social engineering driven attacks and micro variant financial threats are just some examples of difficult to remediate infections. This presentation will take a look at the malware landscape and explain why these tactics are so effective against traditional AV technology. We will examine three specific families of infections and highlight their tactics to evade detection and what issues occur with remediation. Lastly, we will talk about Webroot’s innovation and how our SecureAnywhere AV solution is capable of defending against, and remediating today’s most advanced threats.
  • Join us to hear from product expert Rob Singh to learn more about Mocana Atlas Certificate Enrollment
  • Collaboration is crucial when it comes to your marketing team. No matter if you're based locally or globally, the concept of work and the way we interact is completely changing. With smartphones and tablets taking over our lives, efficient collaboration, coordination, and consistency around marketing campaigns and messaging can be challenging when running a marketing organization.

    Join this webinar to discover:

    - The latest and greatest in marketing automation and file sharing platforms
    - Content collaboration tools that save time and keep branding consistent between teams
    - How centralizing assets can ease global content translation and localization
    - Real-time content and campaign sharing that can spark new ideas and educate your organization
  • Today’s Health IT leaders face a difficult task in handling mobile device security and policy compliance, particularly given the mobile transformation happening in healthcare today. Driven in part by the adoption of new care models like remote patient monitoring and telemedicine, and the Bring Your Own Device, or BYOD trend, the consumerization of IT is driving end-user demand for ubiquitous access – to networks, to clouds, to applications, to everything – from any device, anywhere at any time.

    In this webinar, we will highlight the challenges of mobile device security, management and policy today. We will consider the issues faced by Health IT teams when managing different operating systems across a myriad of devices, some of which are user-owned. Finally we’ll look at how Juniper Networks solutions address a broad spectrum of security and end-user experience issues, as we walk through a day in the life of a mobile clinician. Register now to attend!
  • Channel
  • Channel profile
Up Down
  • Tools of Engagement – Zero Dark 243 Days Apr 24 2014 6:00 pm UTC 60 mins
    Join us for this live webinar where we will walk through a real-world example in which FireEye Managed Defense analysts utilized the FireEye Platform’s MVX virtual machine technology and endpoint response capabilities to identify, alert, and remediate an active Advanced Persistent Threat (APT) attack.

    In this case study we will cover:

    • How the attacker executed a “smash-and-grab” attack aimed at stealing intellectual property.
    • How FireEye detected the attack as it was beginning and re-secured the network and prevented sensitive data from leaving the client’s networks.
    • Best practices for investigating and responding to similar attacks.
  • An Insider Look at the Battle to Protect SMBs Against Advanced Targeted Attacks Recorded: Apr 15 2014 57 mins
    In case you did not know it, your SMB is a prime target for cybercriminals. Unfortunately, networks are routinely infiltrated by cybercriminals through blended attacks that exploit unknown vulnerabilities and steal valuable data. Compounding the problem, traditional security solutions were not designed to stop any of the five stages of an advanced targeted attack.

    Learn how new multi-vector virtual execution technology is able to protect your business against today’s blended attacks in this FireEye and Spiceworks webinar.
  • Highlights and Analysis on FireEye’s Advanced Threat Report 2013 Recorded: Mar 19 2014 60 mins
    In 2013, FireEye Labs analyzed nearly 40,000 unique attacks—all of which bypassed traditional defenses. Find out what this tells us about the attacks taking place today and what this means for 2014 and beyond.

    Join a live webinar featuring a key author of the Advanced Threat Report 2013, and get an in-depth analysis of this year's findings.

    Why you should attend:

    •Learn the 10 most targeted countries and verticals. Discover how and where APTs were involved.
    •Understand the TTPs to watch for in 2014. Know which attack tools are on FireEye's watch list.
    •Get answers to your most pressing questions. Hear directly from FireEye Labs in an interactive Q&A.
  • Defining and Justifying an Advanced Security Program Recorded: Mar 17 2014 45 mins
    With 70% of malware signatures only seen once, attackers are more sophisticated and evasive than ever before. They're at the top of their game, selecting their targets with precision, and moving with lightning speed to get what they want.

    Join us for this webinar with Richard Bejtlich, Chief Security Strategist at FireEye and learn key steps to developing a resilient security program.

    Why you should attend:

    • Know why your organization is at risk of an attack.
    • Learn 13 key points to consider when justifying security programs.
    • Understand how to start thinking strategically about security and the technology you implement.
  • FireEye + Mandiant - 4 Key Steps to Continuous Threat Protection Recorded: Jan 29 2014 59 mins
    On January 2, FireEye announced that it had acquired Mandiant, the leading provider of security incident response management solutions, creating a united front against cyber threats.

    In a live webinar with FireEye and Mandiant executives, learn why traditional security technologies are unable to address today's threat landscape and why complete, continuous threat protection requires real-time detection, contextual threat intelligence, and rapid incident response.

    Why you should attend:
    •Learn about the FireEye acquisition of Mandiant.
    •Understand today's threat landscape, including the damage being caused from new advanced techniques.
    •Discover how FireEye and Mandiant together stop advanced attacks at the earliest phases of the attack lifecycle.
  • New Face of Advanced Cyber Threats: How Vulnerable are Government Agencies? Recorded: Jan 9 2014 64 mins
    Cyber attacks have changed dramatically over just a few years. Broad, scattershot attacks designed for mischief have been replaced by attacks that are advanced, targeted, stealthy, and persistent.

    A compelling new survey from the Center for Digital Government reveals the growing concern of the advanced persistent threat (APT) against government organizations.

    Join us with the Center for Digital Government for a live webinar to hear insightful survey findings and useful advice from your state and local government colleagues across the nation. Some of the conclusions will surprise you.

    - Understand government agencies' degree of cyber-preparedness.
    - Learn what steps one municipality took to protect critical assets.
    - Determine key strategies and tactics to strengthen your cyber posture.
  • Operation “Ke3chang”: A Detailed Look Into a Newly Discovered APT Campaign Recorded: Dec 17 2013 52 mins
    In 2013, Chinese threat actors launched a cyber espionage campaign, called "Ke3chang," that compromised government ministries across Europe. But, as FireEye Labs uncovered, the attackers were active since at least 2010—using the same types of malware to target a wide range of industries.

    Join a live briefing on Operation Ke3chang, including how FireEye researchers were able to infiltrate a critical command-and-control (CnC) server, giving them a rare window into the attackers' techniques.

    Why you should attend:
    - Get Insight into the APT Campaign - Hear what FireEye discovered after gaining access to the CnC server.
    - Learn How the Campaign Evolved - See how the attacks have changed and unfolded over the years.
    - Understand the Tools and Techniques - Learn how the attackers were highly selective in their targets and careful to cover their tracks.
  • Calculate The Real Costs of Advanced Attacks and Secure the Budget to Stop Them Recorded: Nov 21 2013 48 mins
    Even with a seemingly robust security posture, organizations are all too often exposed to breaches because traditional security defenses simply cannot detect today’s advanced attacks. Remediation is possible, but comes at a cost.

    Join Securosis Analyst Mike Rothman for a live webcast explaining how to respond to security incidents, model the costs of cyber attacks, and secure the right budget for a vigorous defense.

    Why you should attend:

    - Learn how to create a detailed process map and remediation plan.
    - Discover how costs can be modeled to assess the economic impact of attacks.
    - Get the budget you need by learning the hidden costs of doing nothing - and how to substantiate the ROI of advanced threat protection.
  • Inside a Malware Supply Chain: Is the Industrial Age of APTs Here? Recorded: Nov 13 2013 57 mins
    Over the last two years, a number of industries were hit by 11 different advanced persistent threat (APT) campaigns. At first pass, these campaigns appeared unrelated—but further investigation by the FireEye Labs research team revealed an eerie pattern: key links in the tools and code that indicated a shared APT development and logistics infrastructure.

    In a live briefing, FireEye Labs delves into these findings and discusses why this model of centralized APT planning and development may suggest a much more sinister and more coordinated threat than most organizations realize.

    Why you should attend:

    - Examine the APT Campaigns - Get a detailed look into the APT campaigns that FireEye investigated.

    - Understand the Organized Threat - Learn how centralized development, logistics, and malware-builder tools are driving APT campaigns today.

    - Know the Targets, Know the Trend - Find out which industries are targets of these interconnected campaigns and what this trend suggests.
  • World War C: Understanding Nation-State Motives Behind Today’s Cyber Attacks Recorded: Oct 17 2013 60 mins
    Cyberspace has become a full-blown war zone as governments across the globe clash for digital supremacy in a new, mostly invisible theater of operations. Once limited to opportunistic criminals, cyber attacks are becoming a key weapon for governments seeking to defend national sovereignty and project national power. From strategic cyber espionage campaigns, such as Moonlight Maze and Titan Rain, to the destructive, such as military cyber strikes on Georgia and Iran, human and international conflicts are entering a new phase in their long histories. In this shadowy battlefield, victories are fought with bits instead of bullets, malware instead of militias, and botnets instead of bombs.

    These covert assaults are largely unseen by the public. Unlike the wars of yesteryear, this cyber war produces no dramatic images of exploding warheads, crumbled buildings, or fleeing civilians. But the list of casualties—which already includes some of the biggest names in technology, financial services, defense, and government —is growing larger by the day.

    This live webinar will describe the unique characteristics of cyber attack campaigns waged by governments worldwide. We hope that, armed with this knowledge, security professionals can better identify their attackers and tailor their defenses accordingly.
  • Continuous Monitoring to Detect Advanced Persistent Threats Recorded: Sep 4 2013 49 mins
    For federal agencies, cyber attacks are a fact of life. Since 2006, the number of cyber incidents reported by federal agencies has increased by 782 percent, according to the Government Accountability Office. And with the emergence of a new generation of advanced malware, zero-day exploits, and targeted advanced persistent threats (APTs), these attacks are becoming increasingly sophisticated and successful. Traditional security defenses are no longer effective. Organizations need an advanced, game-changing technology to enable timely detection and protection.

    Virtual execution techniques for timely signature-less attack identification, coupled with dynamic threat intelligence sharing across the globe, enables proactive continuous monitoring, ensures detection of unauthorized activity during early stages of an attack, and helps minimize damage. Continuous monitoring using these techniques provides for greater situational awareness while also increasing the overall security posture and efficacy of an organization, proven in more than 60 government agencies worldwide.

    In this webinar you will learn:

    * Why Advanced Persistent Threats (APTs) are successful
    * The anatomy of actual attack scenarios and their multi-stage approach
    * How a new model for advanced threat detection can protect your agency
  • Extracting Actionable Cyber Intelligence from a RAT Named Poison Ivy Recorded: Aug 28 2013 58 mins
    Poison Ivy is older than the iPhone, Windows Vista, the Nintendo Wii, and Twitter, yet it remains one of the most popular Remote Access Trojans (RATs) in use today.

    RATs like Poison Ivy make it possible for intruders to do virtually anything on a targeted computer, making it the perfect launchpad for sophisticated APT campaigns. But now there is a way to use data from the RAT to extract intelligence from networks compromised by Poison Ivy.

    Join the FireEye Labs research team for a live briefing on a new FireEye research report and tool package that will enable security professionals to dissect attacks initiated by Poison Ivy.

    Key topics include:

    • How a typical Poison Ivy attack works, including insight into three ongoing cyber attack campaigns using Poison Ivy
    • How to use a new FireEye Calamine tool package that will enable you to decrypt Poison Ivy network traffic
    • How you can use this cyber intelligence to link Poison Ivy-driven activities to broader APT campaigns

    Join this live webcast, and learn how you can arm yourself with the cyber intelligence you need in order to effectively respond to APT campaigns leveraging Poison Ivy.
  • Stopping Advanced Phishing Threats with Next-Gen Solutions and Human Mitigation Recorded: Aug 22 2013 63 mins
    Email represents one of the most frequently used tactics to initiate advanced persistent threat (APT) attacks. It continues to be fertile ground for cybercriminals and a critical area of vulnerability for most organizations simply because of outdated traditional defenses and unwitting end users.

    This webcast will cover recent trends in email threats and propose a multi-layered security strategy to detect advanced threats. You will learn how to leverage technological advances and capitalize on an organization's most widely deployed security asset, its employees.

    Key topics include:

    - Advanced phishing attack tactics
    - How advanced cyber attacks are triggered and staged
    - Importance of combining both technology and people-centric security strategies
  • SANS WhatWorks in Detecting and Blocking Advanced Threats Recorded: Aug 6 2013 63 mins
    Learn how a large research organization ensures effective operations and cybersecurity capabilities, and how advanced threat protection from FireEye helps get the job done.

    A leading research organization must allow users to collaborate online, manage their own IT environments, and rely on the Internet to perform their day to day activities—all high risk activities. The desire to take a more aggressive approach to detecting security incidents prompted them to look at new threat detection systems. The team found that FireEye performed as a proactive advanced threat protection platform that actively inspected traffic on their high speed networks and detected malicious events that were unseen by other installed network security systems. The FireEye solution installed easily, is monitored and maintained with very little personnel overhead, and has a very low rate of false positives.

    Hear a real-world user story in an interview webcast between SANS Director of Emerging Security Trends, John Pescatore, and a cybersecurity analyst.
  • An In-Depth Study on Advanced Malware and APT Attacks Recorded: Aug 1 2013 50 mins
    Today, advanced malware is overrunning traditional security defenses, leaving attackers with unfettered access to company networks and business critical data.

    As the pervasiveness of malware continues to increase, it is critical that security teams better understand today’s cyber-attack landscape to protect against advanced attacks.

    View this webinar with FireEye to learn:
    •What are the traits of Advanced Malware
    • How does a system get infected with APT malware
    • Why traditional security defenses fail to stop advanced attacks
    • What strategies can enterprises use to ensure detection
    • We will conclude with a demonstration that will showcase the capabilities of such malware attacks.

    Gain a new perspective on today's advanced malware.
  • Top 10 Mistakes Incident Response Teams Make Recorded: Jun 28 2013 47 mins
    When it comes to organizations experiencing some form of cyber-attack, the adage still rings true: it’s not a question of if but when. Advanced malware, zero-day exploits, and targeted advanced persistent threats (APTs) have kept organizations on their heels and searching for ways to protect themselves. Incident Response teams are being forced to re-examine their existing IT security defenses and attempt to stay ahead of the attack curve. Surprisingly, many incident response teams aren’t doing themselves any favors with the current processes and tools they have in place.

    Attend this webinar to learn the top 10 mistakes that Incident Response teams make around their processes and tools and how FireEye can enable effective incident response.
  • How Does a Modern Malware Attack Defeat a Layered Security Design? Recorded: Jun 12 2013 48 mins
    In this webinar,Jason Steer will present a deeper dive into some very recent malware attacks and what can we learn from them to increase our security posture.
  • Closing the Loop: Automating Security Response Recorded: Jun 7 2013 44 mins
    Anthony Di Bello, Strategic Partnerships Manager with Guidance Software will discuss the benefits and technical implementation of an automated incident response workflow leveraging EnCase and FireEye technology. You will see how the two technologies work together to deliver an industry-first approach to detect, respond to and remediate today’s cyber-attacks. The integrated solution is designed to:

    · Dramatically reduces time-to-discovery and time-to-response
    · Enables security analysts to clearly prioritize their response based on threat severity
    · Delivers the next evolutionary step of the security stack with data-driven, automated actions
    · Reduces the risks and high costs associated with cyber-attacks through an end-to-end approach from detection to recovery
  • BYOD - A Layered Approach to Mitigate Security Incidents Recorded: Jun 7 2013 49 mins
    BYOD is the most radical shift in client computing for business since the rise of PCs. Allowing personally owned devices in corporate environments poses many security challenges. A user can very easily bring a compromised mobile device into the office causing a security incident. During this session Presidio will cover some of the current BYOD threats and trends as well as discuss strategies for building a layered security architecture to help detect and prevent security incidents and allow organizations to securely support BYOD adoption.
  • Investigating and Remediating Security Incidents: How Prepared Are You? Recorded: Jun 7 2013 38 mins
    Do you suspect you have a security incident? Time is of the essence. Your initial approach can determine how much damage the cyber security incident does—or does not do—to your organization.

    What if you could reduce the time it takes to investigate and remediate a security incident from days to minutes? Join us for this webcast to learn how you can improve your incident response by:

    •Locating every instance of a suspicious file across your endpoints and servers
    •Knowing if the malware executed, when, and what it did
    •Stopping an attack and preventing it from happening again
    •Analyzing files that arrive on your endpoints and servers to quickly determine their risk
The leading provider of next generation threat protection
FireEye is the world leader in combating advanced malware, zero-day and targeted attacks that bypass traditional defenses, such as firewalls, IPS and antivirus.
Try a powerful marketing platform for your videos and webinars. Learn more  >

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: APTs: Getting Serious About Zero-Day Threats
  • Live at: Jul 19 2012 5:00 pm
  • Presented by: Alex Lanstein, Senior Researcher, FireEye
  • From:
Your email has been sent.
or close
You must be logged in to email this