The previous Hacking Exposed episodes introduced you to many of the tools and techniques real-world adversaries use to evade endpoint security products. We will put these concepts into practice and conduct full-scale, multi-phased, endpoint compromises. The techniques and tactics you will learn in this Hacking Exposed session will provide valuable tools for testing the effectiveness of your current defenses.
This September BrightTALK will be hosting some of the industry's leading cyber speakers as they discuss Network Security & Hacking.
Click below to register for the Summit:
As organizations adopt cloud computing, the perimeter moves into unprotected territory within these new environments. Where IT sees the cloud as an opportunity, security sees a new attack surface. Most companies have heavily invested in traditional multi-layer, security appliances—like firewalls and intrusion prevention systems which help with “north-south” protection. But, these controls are less effective in securing lateral or “east-west” traffic where the new perimeters sit. Worse, they were not designed to handle the sheer volume of cloud traffic--a significant operational hurdle.
Join this interactive webinar to learn more about:
- The latest cloud attack methods every security team should understand
- Anatomy of specific attack types including cross cloud, cross workload, cross data center, cross tenant, as well as, orchestration and serverless attacks
- Best practices on how to guard your enterprise
Patient health is at grave risk in the current digital era, as sophisticated adversaries utilize technology to perform digital attacks that can result in physical harm. While Healthcare IT typically prioritizes protecting patient records (PHI), this omits the crucial overall healthcare mission of championing patient health against possible attacks against the healthcare digital ecosystem.
This webinar will present and analyze real world attack scenarios against the healthcare ecosystem, the mindset of hackers, and the complexity of constraints facing health IT security.
Join us for this webinar as we:
• Discuss why patient health is at risk and why it is a target for sophisticated adversaries
• Investigate the complexity of constraints facing Health IT and the barriers that must be overcome to succeed in this effort
• Highlight key findings from ISE’s groundbreaking research study, Hacking Hospitals*, including the types of healthcare systems investigated, the nature of the investigation, and the objectives of the assessments
• Present a blueprint with actionable steps that IT Security leaders can follow to properly secure and protect their hospital IT infrastructure, sensitive information, and their patients
*ISE’s research study, Hacking Hospitals - http://www.securityevaluators.com/hospitalhack/
BrightTALK caught up with KPN Telecom's Jaya Baloo for an in-depth conversation on the current state of information security, today's threatscape and a discussion on the cyber industry.
Topics up for discussion:
- The WannaCry attacks and what it means for the ransomware landscape
- 'Hacking back' and the ethical considerations that need to be taken
- Nation state attacks and the future of cyber warfare
- How to improve security culture amongst your troops on the ground
- AI & machine learning and how effective the techniques can be when assessing big security data sets
- The explosion of the IoT and how to protect connected devices and the overall network - from a telecoms standpoint
In politics today, there is no hotter topic than election hacking. Information technology is vulnerable, the Internet is global, and hackers rarely get caught. Therefore, politicians, soldiers, and spies have every incentive to leverage malware in an effort to tip the polls their way. Nonetheless, election hacking has been difficult to prove. At a minimum, security researchers need at least one of two things: tactical forensics acquired at the local level, or strategic analysis of a global dataset. The research presented in this webinar takes the latter approach. Comodo Cybersecurity's Chief Research Scientist, Dr. Kenneth Geers, will examine
- In-country malware detection in the context of dozens of national-level elections held over the past 18 months
- Detected malware types and families for each election, using both timelines and geolocation.
This research serves as a warning for the upcoming U.S. Election in November 2018. First, it demonstrates a strong correlation between modern elections and malware. Second, it shows security administrators what kind of malware they are most likely to see during a campaign – and when.
- BrightTALK at CRESTCON & IISP Congress -
BrightTALK caught up with Symantec's Tarah Wheeler for an in-depth conversation on the current state of information security, today's threatscape and a discussion on the cyber industry.
Topics up for discussion:
- The ethics of 'hacking back'
- AI & Machine learning and the influence it'll have on security
- Cyber security in the financial sector
- Cyber warfare and the new tactics coming through
- Vulnerabilities in the IoT and what we can do about them
Earlier this year Department of Homeland Security’s US-CERT issued Technical Alert TA18-074A called ‘Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors’. This alert provided information on Russian government actions targeting U.S. Government entities as well as organizations in the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors. It also contained indicators of compromise (IOCs) and technical details on the tactics, techniques, and procedures (TTPs) Russian government cyber actors use to compromise their victims’ networks.
In this webinar we will go over those TTPs and put them to use. Specifically, we will demonstrate how easy it is to leverage Server Message Block (SMB) protocol authentication session to obtain user’s credential hash and then crack it in real-time revealing the actual password. We will show multiple ways of using this approach and attempt to reproduce Russia’s success in our environment. No product pitches, just good old live hacking!
Guy Meoded is a Senior Security Researcher at Nyotron. Prior to Nyotron, Guy was a Trojan Analyst at RSA.
Rene Kolga, CISSP, is a Sr. Director of Product and Marketing at Nyotron. Rene has over 20 years of industry experience, including expertise in endpoint protection, insider threat, encryption and vulnerability management. Rene run Product teams at multiple Silicon Valley startups as well as Fortune 500 companies, including Symantec, Citrix, Altiris and ThinAir. Earlier in his career, Rene managed Customer Success and QA teams. Rene earned his Computer Science degree from Tallinn University of Technology. He also received an MBA from University of Utah.
Cryptojacking, the latest form of malware spreading across the globe, is a credible threat with a growing impact on enterprise security. Left ignored, the costs associated with not addressing this threat and its associated vulnerabilities can be much higher than the actual cure.
In this webinar, independent information security consultant and author of Hacking For Dummies, Kevin Beaver and consultant and Virtual CIO Andrew Baker will discuss cryptojacking and its tangible business risks. Join this discussion to learn not only what cryptojacking is about but how you can detect it, prevent it, and address it in the context of your endpoint security controls.
Cisco® Security solutions help you adopt the cloud, endpoint and network with confidence and better manage security for the way the world works today. Cisco’s cloud security is a cohesive and complementary solution that includes both Cisco Umbrella and Cisco Cloudlock. Cisco Umbrella secures access to the cloud while Cloudlock secures usage of the cloud. This combines both breadth and depth to provide you with the security you need, where you need it; to protect users against threats anywhere they access the Internet and secure your data and applications in the cloud. With Cisco’s cloud security, you gain visibility into Internet activity across cloud applications, all office locations, and roaming devices. You can also detect and respond to threats faster. Cisco Security provides an effective security platform that is open, automated, and simple to use.
With the widespread use of connected devices, hackers have configured new ways to access your smartphones and laptops, even without you knowing. The Pineapple is a router that stages a fake WIFI access point, compromising the security of any smart device that unknowingly connects to it. During the live webinar, Johan Hybinette, CISO at HOSTING, will be going over the following discussion points:
- The technical makeup of the pineapple router
- How the Pineapple hacks into connected devices
- What personal information is at the most risk
- What you can do to protect yourself from this malicious form of identity theft
Join this roundtable of experts as the discuss they latest and greatest in growth hacking for user growth. They plan to open the kimono on their own best practices that have generated repeatable and scalable growth. No time for theoretical discussions, this is hands on stuff!
- Digital marketing vs. growth hacking: what’s the difference?
- How to identify, acquire, and engage your target audience
- Ways to turn your fans, followers and likes into qualified leads (even sales)
- Beyond the basics: advanced social media and growth tactics for the pros
- Best kept community management secrets will be revealed
Panel: To be Announced Soon!
What's all the hype really about? Join Natascha as she tells you more about the trend of growth hacking and why this concept may be a game changer for your organization.Read more >
Growth-hacking rose to prominence in 2010 as a model to rapidly grow a company through unconventional techniques. The concept caught on with marketers at large and small companies as well as its fair share of detractors. In this spirited interview, Christine Crandell discusses with Greg Ott, Intuit’s VP of Marketing for QuickBooks Online, growth-hacking’s applicability to larger organizations and if it can help to reverse Marketing’s cred as corporate bad boy.
The 20 minute video interview with 10 minute audience Q&A will also explore how technology drives change companies may not be ready for and how marketers can turn to their advantage.