In this webinar, we break down a recent string of attacks against Polish banking institutions, which share traits with the 2014 assault on Sony Corp linked to the Lazarus Group.
The example we examine reveals how this attack on the Polish Financial Supervision Authority is part of a larger international hacking effort.
We run a live investigation of the attack and discuss key learnings including how:
Host Pair data sets were crucial to confirming relationships to the KNF site that hosted the malicious iframe that pointed at two malicious URLs
RiskIQ virtual users provide an understanding of exactly what happens when a page is loaded, uncover stealthy attacks that happen behind the scenes, and speed up confirmation and mitigation of threats
Security teams can prevent and proactively investigate website compromises like this
The recent WannaCry ransomware attack was unprecedented in scale. With over 230,000 computers infected in over 150 countries, it is the largest cyberextortion scheme ever. More importantly, some experts fear that the danger is far from over.
Join this panel of security leaders as they discuss:
- What is WannaCry?
- Why did it spread so quickly and at such a scale?
- How can we protect our companies against this and similar cyber attacks?
- Threatscape: What can we expect to see in the future?
- Lance Cottrell, Chief Scientist at Ntrepid Corp.
- Brian Minick, CEO of Morphick
- Sven Krasser, Chief Scientist at CrowdStrike
- RJ Gazarek, Product Manager at Thycotic
Cyber-attacks can originate from anywhere, but there appears to be an unabated trend of pointing the finger on either "sophisticated attackers" or, more blatantly, naming and blaming nation-states like Russia, China and now North Korea (alright, maybe even Iran).
The truth about attribution (who is the attacker) is often overlooked for something more dramatic, especially in situations where sensitive information or brand reputation is at risk.
The tactic is simple. Switch the focus from internal bad practices and shift the blame to “sophisticated, nation states and or criminal gangs.” Lazy, but effective.
Join Amar Singh and Joseph Carson, from Thycotic, as they both discuss the real reason behind why cyber attacks succeed (no - not because of Russia or China)and the steps you can take to make the job of hackers, both sophisticated and otherwise, much harder.
This session will provide insight into what we’ve observed from today’s threat landscape by continuous monitoring of our clients’ security estates. The data, gathered from analysis of trillions of security relevant logs, six billion attempted attacks, global honeypots and sandboxes located in over 100 different countries and 10,000 clients networks across five continents, equips us to advise on the key recommendations that organisations can adopt to assist in bolstering their cyber defences in the digital age.Read more >
Focus of the talk:
The current global political climate and the increased number of cyber attacks associated with nation states and revelations from whistleblowers such as WikiLeaks. The strategies and potential reasons for such attacks – We are seeing a focus shifting from financial gain
to political power, control and mass surveillance.
A view of the technologies utilised and targeted to perform the attacks such as malware targets such as iPhones, Android devices and smart TVs and malware on Windows, Osx, Linux etc
The talk is aimed at those with a general interest in Cyber Security and how political gain is firmly intertwined and a tool utilised in state sponsored cyber attacks indiscriminately against corporations, criminals and citizens alike.
Indy possesses over 14 years’ experience, having worked in both
operational and consulting positions at FTSE100 and Fortune 500
organisations including AXA, Deutsche Bank, PwC, Accenture,
Mercedes-Benz, Jaguar Land Rover and many other world leading
His experience includes leadership positions in information/
cybersecurity transformation, risk assurance, crisis management
(pre and post incident), assurance, audit, governance, risk and
This presentation goes into details of BlackEnergy3+ and SocialBots attacks and how we use forensics and CyberNSight to reduce Risks based on Data Breach exposure and analysis. This presentation discusses the differences in Threat and Risk Intelligence and how Hakdefnet has changed security by creating a unique Actionable Risk Intelligence platform / solution.
Hakdefnet is a cyber-security Start-up company that gives customers the opportunity to protect themselves more comprehensively, cheaper and easier than ever before. We analyze security gaps, find stolen data - including the Darknet, and can individually protect Critical Infrastructure, VIPs and Enterprises globally. Based on CyberNSight, VCISO and our RIP (Risk Intelligence Platform) Subscriptions, our customers not only know if but also how they were attacked, and what happened with their data. This (we believe) is the only way to really minimize the damage caused by cyber attacks and avoid them in the future.
Michael Goedeker is an author and researcher at the front end of cyber warfare, espionage and crime, and he researches for academia, press and security professionals globally.
Michael A. Goedeker is a German American researcher, born in 1971 in New York City. He has worked in the IT Security field for over 16 years, training and consulting for fortune 500 companies. He has worked on worldwide security projects for Accenture, Avande, Microsoft, IBM, Symantec and Sophos.
A brute force attack is one of the more common types of attack that malicious actors use to try and gain access to your IT servers, applications and data. In theory, a brute-force attack can be used to attempt to decrypt any encrypted data (except for data encrypted in an information-theoretically secure manner). These attacks are relatively simple for attackers to implement and they can wreak havoc on your organization when successful. However, many IT security teams may not be aware that they are at risk from these attacks, or what to do about them.
Join us for a live demo where we'll demonstrate how the AlienVault Unified Security Management (USM) approach, delivered as a SaaS solution with our USM Anywhere offering, can help you detect and investigate these types of attacks.
- How attackers can use brute force attacks to gain access to your network
- Steps you can take BEFORE an attack to identify systems or applications that may be at greater risk
- How USM Anywhere can alert you immediately of brute force attacks targeting your cloud, hybrid cloud and on-premises environments
- How to use USM Anywhere to investigate brute force attacks and identify compromised assets
About the Presenter:
Sacha Dawes is responsible for the technical marketing of the AlienVault Unified Security Management (USM) family of solutions. He brings multiple years of experience from product management, product marketing and business management roles at Microsoft, NetIQ, Gemalto and Schlumberger where he has delivered both SaaS-delivered and boxed-product solutions that address the IT security, identity and management space.
With DDoS cyber attacks rapidly increasing in both size and speed, as well as attacks that are crafted for a specific application or service, it’s never been so critical to ensure your basic availability is sound. Mitigation services can no longer be ‘one size fits all’. Organisations now need a tailored platform for the specific application or service to ensure 100% availability. Without availability ensured then other security overlays are meaningless.
This webinar will look at attack trends and case studies and provide top tips on how to stay ‘always on’ in the face of cyber attacks.
5-Part Webinar Series: Endpoint Protection…what really matters?
Part 3 of 5: Zero-Day Attacks and What To Do About It?
All applications have vulnerabilities and attackers are incented to find them. Once the vulnerability has been discovered, the longer it remains unpatched, the greater the risk of a breach, potential loss of information, and damage to reputation.
Join us to learn what can be done to block exploit attacks on day zero:
• What behaviors and techniques are used to block attacks
• Why exploit prevention plays a critical part in endpoint protection
• How Memory Exploit Mitigation works
Then see Memory Exploit Mitigation in action with a demo Symantec Endpoint Protection.
• Symantec Endpoint Protection 14 Webinar Series Part 1 of 5: Addressing Unknown Threats with Advanced Machine Learning http://bit.ly/SEP14Series0126
• Symantec Endpoint Protection 14 Webinar Series: Part 2 of 5: Block The Risk Of Ransomware http://bit.ly/Part2Webinar0223
Prevent Phishing and the Abuse of Stolen Credentials
In this session, we will present the unique attack life-cycle for credential-based attacks. Using real-life examples from Unit 42, we will demonstrate what you can do today to stop credential theft and abuse
Cybercriminals have refined their attacks to increase frequency, efficiency and profits. Cybercrime costs will reach $6 trillion per year globally by 2021, up from $3 trillion in 2015. Every industry and government is at risk, highlighting the need for stronger cyber defence.
This is a live panel discussion focused on the cyber attack trends seen by SonicWALL and this panel of expert; where are cyber criminals improving? Are we seeing an evolution in their tactics? And how can businesses protect themselves more effectively?
These questions and many more will be discussed by our panel of experts.
The adoption of Internet of Things (IoT), Software-Defined Networks, and Microservices without proper security controls have created a broader attack surface for cyber adversaries, whereby a few infiltration vectors account for most compromises while facing less common and hard to detect infiltration vectors. In this context, Artificial Intelligence (AI) can bolster defenses by analyzing vast volumes of data and assist cyber security professionals in their day-to-day operations. However, the same tools can be leveraged by hackers to find their targets faster and launch attacks quicker to disrupt business operations and attack industrial controls.
In this webinar, renowned cyber security expert Dr. Srinivas Mukkamala will discuss how “malicious AI” could make today’s “cyber carnage” even worse. He will share result from a research study that RiskSense conducted to illustrate how human expertise in combination with AI can be leveraged to mimic a human hacker to find vulnerable threat pairs and launch exploits at scale. Dr. Mukkamala will also discuss how to transition from the traditional human expert model to an AI-based interactive, and iterative model to defend against machine-driven high frequency attacks.
About the Presenter:
Dr. Srinivas Mukkamala is co-founder and CEO of RiskSense. He has been researching and developing security technologies for over 15 years, working on malware analytics (focuses on medical control systems and nontraditional computing devices), breach exposure management, Web application security, and enterprise risk reduction. Mukkamala was one of the lead researchers for CACTUS (Computational Analysis of Cyber Terrorism against the US). He has been published in over 120 peer-reviewed publications in the areas of information assurance, malware analytics, digital forensics, data mining, and bioinformatics. He has a patent on Intelligent Agents for Distributed Intrusion Detection System and Method of Practicing.
You’ve heard a lot about using artificial intelligence and machine learning to change the odds in your favor in cyber-attacks. Unfortunately it turns out that the bad-guys have great AI too, and with each click they can stealthily adapt, morphing into a new hard-to-detect form. But what if we apply learning in real time, on every endpoint, and allow the endpoints to collaborate to identify the threat?
In this talk Simon Crosby, co-founder and CTO of Bromium, will explore how this new approach can give defenders the edge in an era of targeted attacks.
About the Presenter:
Simon Crosby is a co-founder and CTO of Bromium Inc. – the pioneer of micro-virtualization, which enables PCs to defend themselves by design from all malware. Previously Simon was CTO, Data Center & Cloud at Citrix Systems, which acquired XenSource, where he was co-founder and CTO. He was formerly a Principal Engineer at Intel where he led strategic research on platform security and trust, and founder & CTO of CPlane Inc., a pioneer in Software Defined Networking. He was a faculty member in the Computer Laboratory at the University of Cambridge, UK from 1994-2000. He holds a PhD in Computer Science from the University of Cambridge, UK, and is author of more than 50 peer reviewed papers and patents.
Time is not on your side when managing security for a global enterprise and facing down a relentless barrage of cyber attacks. So when confronted with multiple suspect alerts flagged by your SIEM solution, you need a way to easily sift through and identify the attacks that will most likely impact key business processes – and quickly take action.
Presented by renowned industry expert Prof. Avishai Wool, this new webinar will cover security best practices for introducing business context into your organization’s incident response processes, and prioritizing and automating remediation efforts accordingly. This insight will give you the intelligence you need to reduce the time and cost of mitigating cyber attacks by orders of magnitude.
In this webinar Professor Wool will cover how to:
- Augment incident triage with critical business context to assess the severity, risk and potential business impact of an attack
- Prioritize incident remediation efforts based on business risk
- Neutralize impacted systems through zero-touch automation
- Limit the lateral movement of an attacker in, out and across your network
- Keep all stakeholders involved in the remediation process to reduce disruption to the business
The Distributed Denial of Service (DDoS) attack launched Friday, October 21, against Dyn - one of the largest managed DNS infrastructure providers - was the most destructive attack to date launched from an IoT botnet. The threat of mega attacks launched from infected connected devices is now a reality that dramatically changes the paradigm for mobile and fixed operators whose core infrastructure is susceptible to global attacks that are large enough to significantly disrupt subscriber quality of experience (QoE).
Join us in this webinar to learn:
•The impact of IoT driven DDoS mega attacks
•Architectural approaches to volumetric DDOS mitigation
•How to measure and maintain subscriber quality of experience during an attack
Recent reports and media coverage have reinforced the message and danger around Logical Attacks on ATMs. These attacks are increasing in frequency and sophistication. Further, the attacks are now seen in every region.
Join this informational webinar where NCR experts will provide more details on these attacks and provide you with the strategies for reducing your risks.