Hi [[ session.user.profile.firstName ]]
Sort by:
    • Protect and Prevent: 3 strategies for blocking fileless attacks and exploits
      Protect and Prevent: 3 strategies for blocking fileless attacks and exploits Jack Danahy, CTO, Barkly Recorded: Nov 28 2017 6:00 pm UTC 49 mins
    • Ransomware continues to experience record growth in 2017. Traditional solutions aren't enough and can't keep up with hundreds of thousands of new malware versions created daily. File-less attacks and exploits are now the most common vectors for successful ransomware attacks and most companies aren't protected.

      Learn the three strategies Avidia Bank implemented to shut out today's sophisticated threats and how you can apply them to protect your own organization:

      Register now to learn more on:

      - How ransomware is going fileless to get past protection
      - What makes everyone a target
      - Three protection strategies to minimize the risk to your organization


      Jack Danahy is the co-founder and CTO of Barkly, the Endpoint Protection Platform that delivers the strongest protection with the fewest false positives and simplest management. A 25-year innovator in computer, network and data security, Jack was previously the founder and CEO of two successful security companies: Qiave Technologies (acquired by Watchguard Technologies in 2000) and Ounce Labs (acquired by IBM in 2009). Jack is a frequent writer and speaker on security and security issues, and has received multiple patents in a variety of security technologies. Prior to founding Barkly, he was the Director of Advanced Security for IBM, and led the delivery of security services for IBM in North America.

      Read more >
    • Prevention Week Part 2: Defeat Zero-Day Exploits by Automating Prevention
      Prevention Week Part 2: Defeat Zero-Day Exploits by Automating Prevention Michael Moshiri | Director, Advanced Endpoint Protection at Palo Alto Networks Recorded: Jul 19 2016 5:00 pm UTC 61 mins
    • Your endpoint security should easily prevent known threats. But can it also prevent unknown threats from compromising your environment? More importantly, can it automate this prevention so you don’t have to assign scarce resource to investigate alerts?

      In this webinar, you’ll discover a revolutionary approach to defeating zero-day exploits. We’ll examine current approaches to exploit prevention, discuss the top 10 zero-day exploits of 2015, and analyze unknown threats on the day they became known.

      You’ll learn:
      •How to future-proof your endpoint security to protect your users from unknown threats
      •Why other approaches to endpoint protection cannot prevent zero-day exploits
      •Which applications were targeted by the top 10 zero-day exploits discovered in 2015
      •How to automate threat prevention through a natively-integrated, next-generation security platform

      Read more >
    • Petya Variant Ransomware: How to Detect the Vulnerability and Exploits
      Petya Variant Ransomware: How to Detect the Vulnerability and Exploits Sacha Dawes, Principal Product Marketing Manager. Chris Doman, Threat Engineer Recorded: Jun 27 2017 6:35 pm UTC 32 mins
    • As you've likely heard, a variant of the Petya malware is spreading rapidly and is known to have affected organizations worldwide, regardless of size. This variant of Petya follows a similar attack method to last month's WannaCry ransomware, though it uses the PsExec and WMI services for distribution.

      Once compromised, the ransomware will overwrite the Master Boot Record (MBR), encrypt individual files that match a list of file extensions (including documents, archives, and more), and after a reboot of the system will present the user a message requesting a ransom in Bitcoin to decrypt the system. As with WannaCry, the ETERNALBLUE exploit toolkit (which was released by the Shadow Brokers group in April 2017) is suspected to be a key part of the attack.

      Join us for a 30-minute technical webcast to learn more about this Petya variant, and how the unified security controls in AlienVault USM Anywhere can help you quickly identify vulnerable systems and attacks.

      You'll learn:

      What the AlienVault Labs security research team has uncovered about this threat
      How to scan your environment (cloud and on-premises) for critical vulnerabilities with AlienVault USM
      How AlienVault USM leverages threat intelligence for early detection of threats like this variant of Petya
      How built-in response orchestration capabilities in AlienVault USM can stop the threat from spreading

      Read more >
    • Exploit Kits and Ransomware in State & Local Governments & Education
      Exploit Kits and Ransomware in State & Local Governments & Education Brad Duncan - Threat Intelligence Analyst - Palo Alto Networks Recorded: Oct 26 2016 4:00 pm UTC 53 mins
    • Criminal groups use exploit kits as one of the main distribution methods to infect Windows hosts with malware. Exploit kits are designed to work behind the scenes while you are browsing the web. During the past year, the most common malware distributed by exploit kits has been ransomware.

      In most cases, a potential victim visits a compromised website as the first step in an infection chain. Behind the scenes, the victim is redirected to an exploit kit. The exploit kit gathers information about the victim's system, determines the appropriate exploit, and infects any vulnerable hosts.

      In this presentation, Brad Duncan reviews fundamental concepts of exploit kit activity for the SLED vertical and demonstrates how ransomware infections happen through this method. Brad also discusses preventative measures people and organizations can take to combat this very real threat.

      Read more >
    • Exploit Kits Don't Stop, Neither Should Your Business.
      Exploit Kits Don't Stop, Neither Should Your Business. Proofpoint Recorded: Dec 8 2016 12:30 am UTC 41 mins
    • Exploit kits don’t stop. Neither should your business with CERT Australia.

      Ransomware has one goal: to get your money. It locks away files until payment is made.
      Webinar invitation: December 8th at 11:30am AEST

      Join Chris Firman, Technical Adviser at CERT Australia and Jennifer Cheng, Director, Product at Proofpoint for a live webinar about Ransomware. They will address:

      •Ransomware evolution
      •Why ransomware is surging
      •Where it comes from
      •How are actors bypassing common security controls
      •Should you pay or not? What to consider
      •CERT recommended migrations

      Read more >
    • Staying Ahead of Hackers with NSS CAWS Advanced Exploit Testing
      Staying Ahead of Hackers with NSS CAWS Advanced Exploit Testing Brendan Patterson, director of product management, and Rob Johnson, sales engineer Recorded: Nov 17 2016 5:00 pm UTC 40 mins
    • Over 90% of all breaches are enabled by a few hundred commercial exploit kits that hackers share and sell in the black market. The typical IT environment may have thousands of unpatched vulnerabilities, but at any given time, only a small handful of vulnerabilities are being actively exploited. To stay ahead of these attacks, WatchGuard participates in NSS exploit testing using CAWS (Cyber Advanced Warning System) - a cloud hosted software service that actively monitors and harvests live cyber threats and attacks, and then tests them against environments protected by the most widely used security solutions in the industry.

      Join Brendan Patterson, director of product management at WatchGuard, and Rob Johnson, sales engineer at NSS Labs, for a behind the scenes look at the CAWS test system, and how it helps enable WatchGuard to stop hackers in their tracks.

      Read more >
    • How Hackers Exploit Your Windows Tools, Part 2: The WMI Threat
      How Hackers Exploit Your Windows Tools, Part 2: The WMI Threat Lee Lawson, Special Operations Researcher, SecureWorks Counter Threat Unit Recorded: Sep 13 2017 1:00 pm UTC 51 mins
    • Windows Management Instrumentation (WMI) is a Microsoft Windows administrative tool that has access to all system resources, making it powerful for both legitimate and illegitimate use. Via WMI you can do things like execute, delete and copy files; change registry values; and identify which security products are installed to aid in bypassing them.

      The malicious use of WMI and other legitimate tools continues to grow and was identified as a top trend in a recent SecureWorks Threat Intelligence Executive Report. Like PowerShell, WMI is often used to create file-less attacks that are difficult to identify and stop with technology alone. This makes WMI the perfect tool for threat actors to use as camouflage while acting inside your organisation.

      Join Counter Threat Unit - Special Operations Researcher, Lee Lawson, for the second webcast in our two-part series on how threat actors are exploiting Windows tools in “living off the land” attacks.

      You will learn:

      - Why WMI is so risky
      - Tips to identify malicious use of WMI
      - How threat actors hide their tracks and how you can unmask them
      - WMI threats identified by SecureWorks researchers
      - How you can avoid becoming a victim to this growing threat vector

      Read more >
    • How Hackers Exploit Your Windows Tools, Part 1: The PowerShell Risk
      How Hackers Exploit Your Windows Tools, Part 1: The PowerShell Risk Lee Lawson, Special Operations Researcher, SecureWorks Counter Threat Unit Recorded: Aug 24 2017 1:00 pm UTC 49 mins
    • In a recent SecureWorks engagement, 98.5% of the 3,477 commands executed by threat actors were native to the Windows operating system.

      PowerShell is a popular tool that Microsoft has been including with the Windows OS since 2009, but malicious PowerShell use is rivalling ransomware in popularity with threat actors. Security products focused on preventing endpoint threats are often not enough to differentiate legitimate from malicious PowerShell use.

      In the first webcast of a two-part series on how threat actors are exploiting Windows tools in “living off the land” attacks, SecureWorks Counter Threat Unit - Special Operations Researcher, Lee Lawson, will discuss why PowerShell is so risky, how SecureWorks researchers identify PowerShell threats, and how you can defend your organisation.

      You Will Learn:

      - What PowerShell is and how it is used in “living off the land” attacks
      - Why built-in tools like PowerShell are so attractive to threat actors
      - Examples of malicious PowerShell use
      - How to defend your organisation against common methods threat actors use to evade prevention and detection

      Read more >
    • WannaCry Ransomware: How to Detect the Vulnerability and Exploits
      WannaCry Ransomware: How to Detect the Vulnerability and Exploits Sacha Dawes, Principal Product Marketing Manager, AlienVault Recorded: May 14 2017 8:20 pm UTC 57 mins
    • As you've likely heard, WannaCry is a new ransomware variant that takes advantage of a vulnerability in the Windows operating system (MS17-010) to encrypt the infected computer’s data and hold it hostage until a ransom is paid. In addition, the vulnerability enables WannaCry to quickly spread to other machines in the same environment – all without any human intervention. While Microsoft issued a patched to the vulnerability in March 2017, millions of computers have not been updated and remain susceptible to the attack.
      Join us for a technical webcast to learn more about WannaCry, and how the unified security controls in AlienVault USM Anywhere can help you quickly identify vulnerable systems and attacks.
      What the AlienVault Labs security research team has uncovered about this threat
      How to scan your environment (cloud and on-premises) for the vulnerability with USM Anywhere
      How USM Anywhere leverages threat intelligence for early detection of threats like WannaCry
      How built-in response orchestration capabilities in USM Anywhere can stop the threat from spreading

      Read more >