Hi [[ session.user.profile.firstName ]]

2016 Q1 Malware Review: Ransomware Trends and Tactics

During the first quarter of 2016, the PhishMe Intelligence team generated 612 Active Threat Reports detailing waves of phishing emails that delivered malware to victims around the world each day. What stood out the most was the proliferation of encryption ransomware. It has grown to become the most common type of malware utilized through soft targeting and massively distributed attacks. This webcast will discuss the spread of ransomware and why it is so successful. Join Brendan Griffin, Senior Threat Intelligence Analyst, PhishMe to learn about:

•Trends in ransomware
•Tactics used to bypass your defenses
•Stopping the threat
Recorded Jun 9 2016 30 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Brendan Griffin, Threat Intelligence Manager, PhishMe
Presentation preview: 2016 Q1 Malware Review: Ransomware Trends and Tactics
  • Channel
  • Channel profile
  • The Best Defense Against Cyber Attacks You’ve Never Heard Of... Nov 9 2016 5:00 pm UTC 60 mins
    Scott Crawford, Research Director of Information Security, 451 Research | Allan Carey, VP of Business Development, PhishMe
    With all the attention paid to the technological sophistication of cyber attacks, as well as to the new technologies arising to strengthen defense, one fact often gets overlooked: Security is fundamentally about people.

    The adversary is an intelligent actor – while the target is often human as well. The compromise of sensitive information or functionality may be in the crosshairs, but it’s people that are often targeted to gain a foothold inside the victim organization, through techniques such as phishing or social engineering. But here’s the secret: In this targeting lies one of the most unsuspected – but potentially rich – assets to defense an organization can have.

    In this webcast, Scott Crawford, Research Director of Information Security for 451 Research, and Allan Carey, Vice President of Business Development from PhishMe take a closer look at:

    •How the targeting of people through phishing, impersonation attacks and social engineering can be leveraged to improve security and resistance to attack
    •New tactics and tools that make the most of human engagement to defend organizations against these exploits
    •Ways to enhance incident response by incorporating human interactions with malicious activity into the evidence chain
  • Enterprise Susceptibility Trends – Can conditioned employees turn the tide again Nov 3 2016 4:00 pm UTC 45 mins
    John ‘Lex’ Robinson, Principal Client Engagement Manager at PhishMe
    Phishing (including spear phishing), persists as the #1 attack vector used by hackers today. So far in 2016, spear-phishing attacks are up 55%, Ransomware attacks are up 4X and Business Email Compromise (BEC) losses are up 1300%.

    PhishMe analyzed customer responses to over 56 million simulated phishing emails sent between 2015-2016 to identify various phishing susceptibility trends amongst employees. Join John “Lex” Robinson, Principal Client Engagement Manager to learn more about –

    · Emotional motivators that cause employees to be more susceptible to phishing emails

    · How baselining phishing risk to your organization improves your threat response.

    · The value of repetition in changing user behaviors from susceptibility to reporting.
  • Make The Most Out Of Your Email Security Data Recorded: Sep 20 2016 58 mins
    Kelley Mak, Former Forrester Analyst | Scott Greaux, PhishMe
    Email remains an essential tool for business communication and collaboration as well as customer engagement. Because of its pervasiveness and business importance, it is a common – even preferred – attack vector for both cybercriminals and fraudsters that can result in devastating breaches and other financial losses. Yet, security teams can leverage the data from email to enhance their ability to detect, analyze, and respond to critical email security incidents, as well as leverage the threat intelligence for other security technologies.

    In this webinar, former Forrester Analyst Kelley Mak will join Scott Greaux from PhishMe to:
    •Provide an overview of today's email security challenges across on-premise and hosted cloud email deployments
    •Discuss the need for in-depth email incident response capabilities, including internal and external threat analysis, prioritization, and rapid response
    •Provide recommendations on how security teams can refine the email events in their enterprise into valuable threat intelligence
  • 2016 Q2 Malware Review: Ransomware Maturity and Evasion Techniques Recorded: Aug 24 2016 34 mins
    Brendan Griffin, Threat Intelligence Manager, PhishMe
    During the second quarter of 2016, ransomware has firmly established itself as a mature business model, showing no outward signs of diminishing. Encryption ransomware now accounts for 50% of all malware delivery configurations, meaning that it is no longer considered simply a means for making a quick profit, but a permanent fixture on the threat landscape.
    This webcast will discuss how ransomware has now become a successful business and reveals findings on the use of steganography and ciphers in malware delivery. Join Brendan Griffin, Threat Intelligence Manager, PhishMe to learn about:
    •Encryption Ransomware
    •Rise in Evasion Techniques
    •How simple attacks can still inflict massive harm
  • Technology Is Not Enough! Why Building a Human Defense is the Key to Fighting Recorded: Jul 19 2016 61 mins
    Nick Hayes, Senior Analyst, Forrester Research | Rohyt Belani, Founder & CEO, PhishMe
    For too long the human element has been wildly underutilized in protecting valuable assets and defending against prolific cyber-attacks. Security awareness initiatives are often sporadic, employing uninspired materials that yield little to no results – ultimately rendering security technologies useless due to easily avoidable human mistakes. A continued focus on security awareness alone is a plan doomed to fail. Instead, by shifting our focus to conditioning workforce behaviors through immersive experiences, security best practices become ingrained in daily workflow, helping to not only recognize and report on attack attempts, but weaponizing human intelligence to assist security operations, incident response and security event management in eliminating phishing threats.

    Join guest speaker Nick Hayes, security analyst at Forrester Research, and Rohyt Belani, CEO and co-founder of PhishMe, as they demonstrate how building the right defense programs and teams can effectively change security culture, evolving from awareness to sophisticated strategies that achieve real results. In this webinar, you’ll learn:

    •Why security awareness alone is failing the enterprise
    •How to unlock the power of human driven intelligence
    •Tips on speeding incident response
  • Why you need Phishing Incident Response Recorded: Jul 12 2016 42 mins
    William Galway, Director of Product Management, PhishMe, Jesse Lands, Triage Security Engineering Manager, PhishMe
    Even with all your processes and technology in place, phishing attacks containing ransomware and other malware continue to penetrate your defenses. With 91% of all attacks on enterprise networks being the result of successful phishing attempts, organizations need an efficient and effective phishing incident response plan.

    PhishMe Triage enables SOC and IR teams to quickly process and analyze real phishing threats to their organizations. PhishMe Triage customers have been able to quickly find and remediate attacks in progress and improve phishing threat analysis efficiency from hours to mere minutes. PhishMe Triage also frees up the manual resources previously needed to process the thousands of malicious emails reported by employees.
    Join PhishMe experts to learn more:
    - How PhishMe Triage creates fast and effective phishing incident response process
    - Real customer use cases and successes using PhishMe Triage
    - PhishMe Triage integration with multiple security solutions
  • 2016 Q1 Malware Review: Ransomware Trends and Tactics Recorded: Jun 9 2016 30 mins
    Brendan Griffin, Threat Intelligence Manager, PhishMe
    During the first quarter of 2016, the PhishMe Intelligence team generated 612 Active Threat Reports detailing waves of phishing emails that delivered malware to victims around the world each day. What stood out the most was the proliferation of encryption ransomware. It has grown to become the most common type of malware utilized through soft targeting and massively distributed attacks. This webcast will discuss the spread of ransomware and why it is so successful. Join Brendan Griffin, Senior Threat Intelligence Analyst, PhishMe to learn about:

    •Trends in ransomware
    •Tactics used to bypass your defenses
    •Stopping the threat
  • Activating the Human: Transforming your biggest risk into your biggest asset Recorded: May 19 2016 62 mins
    Aaron Higbee, CTO & Co-Founder, PhishMe + Scott Greaux, Vice President, Product Management, PhishMe
    In 2015, phishing related breaches dominated security news headlines, and the trend continues into 2016 with a rise in ransomware incidents. Even with record spending on security technology solutions, phishing remains the greatest threat to organizations.

    As phishing success depends on human error, organizations need to better leverage their most important resources in the battle – their employees. The phrase “All it takes is one” no longer has a negative meaning when all employees are empowered as the last line of security defense after the malicious email passed through porous security systems in place. And, not only can employees be fortified to resist phishing attempts, they also hold the key to providing IT and Security teams with timely company-specific attack intelligence.

    In this webinar, PhishMe’s Aaron Higbee and Scott Greaux will discuss:

    · The success and failure of technology systems

    · How conditioning – not awareness – empowers employees to identify and report phishing attacks

    · How critical attack intelligence generated from employees can be used to detect attacks – in progress
  • Phishing Awareness: Why employees get hooked by phishing emails Recorded: May 17 2016 61 mins
    Adrian Davis (ISC)², Jim Hansen, John ‘Lex’ Robinson, PhishMe
    Phishing has been well established as the top entry method for hackers attempting to breach corporate networks and proliferate data. Yet, in spite of record spending on security technology, data breach reports continue to highlight the substantial lag between incident occurrence and detection.

    Those investments are failing while organisations continue to neglect their final and best line of defense – their employees. Employees hold the key to fortifying the last line of defense and providing IT and Security teams with critical real-time attack intelligence. But it begs the question – do you know how to properly protect your employees and your organisation’s assets? What motivates employee behavior to fall for such attacks?

    In this webinar, PhishMe’s Jim Hansen and John “Lex” Robinson will discuss:
    •The current state of phishing
    •The success and failure of technology systems and how human systems can protect the last mile
    •How conditioning – not training – empowers employees to identify and report phishing attacks
    •Factors that impact an employee's susceptibility to fall victim to an attack
    •Keys to building a successful Human Phishing Defense

    Moderator: Adrian Davis, MD, (ISC)² EMEA
    Speakers: Jim Hansen, COO, PhishMe; John ‘Lex’ Robinson, Principal Client Engagement Manager, PhishMe
  • APT Threat Actors Prefer Phishing Recorded: Mar 31 2016 31 mins
    Brendan Griffin, Threat Intelligence Manager & Hugh Docherty, Product Management Director
    APT threat actors frequently have access to advanced resource and sponsors with deep pockets yet their preferred attack vector continues to be through phishing. This presentation explores the motivations, toolset, and attack surfaces of some of the world’s most prolific APT groups. Examples of recent attacks and case studies are used to demonstrate the effectiveness of distinct types of phishing attacks and their expected results.
  • Phishing, Malware and Incidents – Oh my! How to handle the daily deluge. Recorded: Mar 23 2016 59 mins
    David MacKinnon, Director of Research and William Galway, Product Manager and former Incident Responder
    No one understands the strain of constant battle better than those in Incident Response (IR). Daily cyber assaults require an unattainable perfect response – every time. However, teams are constantly working within constraints and breaches continue to occur in record number. Technology has been introduced to help but has failed time and time again. Breach identification takes an exorbitantly long time. And above all, attackers continue to target that last line of defense – the vulnerable, easily fooled human assets. When that last line of defense is surpassed, the IR team is expected to catch the attacks in progress – wading through millions of false alerts while attackers continue to hone their approach and deliver evolved malicious payloads.

    It’s enough to make you wonder why you got into this line of work!

    Join PhishMe’s David MacKinnon and Will Galway to hear why it’s not all doom and gloom. Previous to PhishMe, both David and Will worked as incident responders in the Fortune 500 market, collecting years of security operations insight and best practices to share. In this session, you’ll gain tips and knowledge around new threats and solutions for Incident Responders such as:

    •The new wave of malware to watch for and trends and threats collected from 2015
    •The evolution of phishing emails, their targets and the payloads they deliver
    •How to forge a new line of defense and triage potential attacks – quickly and easily
  • Latest Attack Trends: Why Employees get Hooked by Phishing Emails Recorded: Jan 21 2016 60 mins
    John ‘Lex’ Robinson, Principal Client Engagement Manager, PhishMe & John Washko, Product Manager, PhishMe
    Phishing (including spear phishing), persists as the #1 attack vector used by hackers today – and they continue to launch more sophisticated tactics to gain access to corporate networks and assets. But, did you know these alarming statistics?

    -87% of the employees who opened a phishing simulation email did so on the same day it was sent – which means organizations have little time to catch a targeted attack aimed at multiple employees
    -Behavioral conditioning decreased susceptible employees’ likelihood to respond to malicious email by 97% after just 4 simulations
    -The most effective phishing emails contain a business communication theme and subject line, such as “File from Scanner” or “Unauthorized Activity/Access”

    This webinar, based on PhishMe’s recently released Enterprise Phishing Susceptibility Report, will help you understand how complexity and context impact the phishing susceptibility of employees in an organization, and how a continuous security training program has proven to significantly change employee security behavior. This data was collected from our study conducted with 400+ customers across 23 industries by sending over 8 million phishing-simulation emails to more than 3.5 million employees.
  • Humans - the weakest link or your greatest asset? Recorded: Oct 27 2015 45 mins
    Jeffrey Rogers, VP, Customer Success, PhishMe
    91% of breaches can be traced back to a phishing message that deceives a user into unleashing the attacker’s payload. Having infiltrated the network, it then takes an average 205 days for the threat group’s presence to be detected. For organisations to stand a chance of protecting their data assets, they need to get better at preventing threat actors from accessing their infrastructure and reduce the time it takes to identify their presence. But how?

    The reason phishing has such a high success rate is that it targets people. Can you turn than your weakest link into a human force field that protects the network and provides actionable intelligence?

    During this webinar, Jeffrey Rogers, VP of Customer Success at PhishMe, will reveal statistics about the phishing threat, detail how phishing has evolved, and explore how to engage users to develop better security habits and become human sensors.
  • User Anti-Phishing Training: How to Build a Successful Program Recorded: Sep 30 2015 47 mins
    Diana Garcia, Customer Onboarding and Training Manager, PhishMe
    As spear phishing continues to be one of the top security threats, enterprises have looked to user training programs to bolster their defenses. One of the main challenges security awareness professionals face is implementing a phishing training program which shows continuous improvement and value to their organization. How do you start and build upon a training program to showcase continuous success?

    The key to implementing an effective program is to focus on the biggest threats and leverage behavioral metrics to drive your program. During this webinar, Diana Garcia, Manager, Customer Onboarding and Training, will cover:

    -How do you implement a phishing awareness program and run it continuously?
    -What are the key elements of a successful program and what does it look like?
    -How do you show the value this program and your trained users add to the security organization?
  • Intelligence Mixology: Strive for a Balanced Approach Recorded: Jun 9 2015 60 mins
    Will Galway, Director of Product Management at PhishMe, & guest speaker Rick Holland, Principal Analyst at Forrester Research
    The security space is abuzz with threat intelligence; the latest elixir to solve all security problems. If your organization is rushing to consume external threat feeds without internal context, more than likely it will end up with a large bill and an intelligence hangover. Many organizations fail to realize that the best source of threat intelligence comes from within and resides in their own organizations’ security incidents. What information are you collecting from the attacks within your own enterprise?

    Tune into PhishMe’s webinar with Will Galway, Director of Product Management, and guest speaker Rick Holland, Principal Analyst at Forrester Research, to discuss the current threat environment and learn how organizations are leveraging insight from internal incidents to create actionable intelligence.
  • 2015 CyberThreat Defense Report: Phishy Findings Edition Recorded: Apr 14 2015 40 mins
    Mark Bouchard, CyberEdge, and Allan Carey, PhishMe
    With over 70% of organizations reportedly suffering at least one data breach in 2014, the prospect of more data breaches in the foreseeable future remains a reality. Seemingly almost as inevitable is the belief that users will cause those breaches by unwittingly falling for phishing emails. While the first truth may be unavoidable, can we do something to change users’ security behavior?

    In this webinar, CyberEdge’s Mark Bouchard will be joined by PhishMe’s Allan Carey to discuss the data from the CyberEdge’s 2015 CyberThreat Defense Report and how organizations can capitalize on a trained workforce to improve incident response and mitigate the damage from data breaches.
  • See something say something: A humanistic approach to security intelligence Recorded: Mar 26 2015 25 mins
    Ronnie Tokazowski, Senior Researcher and Shyaam Sundhar, Senior Researcher, PhishMe
    Attackers are constantly trying to find new exploits to penetrate network defenses and bypass security controls. In 2014, Mandiant’s M-Trends report indicated that it takes an average of 229 days to detect the presence of a threat actor on an enterprise network. Organizations are starting to realize that the evolution in technologies alone cannot stop such incidents, as the actors continue to change their tactics.

    Organizations need to consider supplementing their security technologies and processes with their people. By leveraging employees as human sensors, we not only adopt “see something, say something”, but we are able to add an extra layer of defense and exponentially reduce detection time as well.

    In this webinar, PhishMe’s Senior Researchers Ronnie Tokazowski and Shyaam Sundhar will discuss:

    • Engaging human sensors as a layer of defense
    • Utilizing user reports to detect malware
    • Real use cases of user detection within our enterprise
  • All Your Metadatas Are Belong To Me: Reverse Engineering Emails on an Enterprise Recorded: Oct 29 2014 38 mins
    Ronnie Tokazowski, Senior Researcher, PhishMe
    Although enterprises receive high volumes of phishing emails daily, many security teams still lack the ability to effectively analyze them. By using forensic techniques such as reverse engineering, companies can quickly answer questions about the malicious nature of phishing emails they receive. In this presentation, Ronnie will share new reverse engineering techniques that show:

    · How to parse and pivot on metadata within an email
    · Use custom signatures to detect malicious logic
    · Provide general visibility into phishing emails
    Performing these techniques will provide answers to questions such as “Have I ever seen this MD5 sent to me in email over the last year?” or “Have the bad guys ever used this domain against us?” that will allow organizations to proactively respond to phishing attacks.
  • Proactive Phishing Reporting for Incident Response Recorded: Apr 23 2014 48 mins
    Javvad Malik, 451 Research, and Allan Carey, PhishMe
    Spear phishing is widely recognized as one of the most dangerous threats to enterprise security. Whether the attackers are criminals looking for easy access to credit information or nation states and APT groups more interested in sensitive intellectual property, the result of the attack is the same: gaining access to the victim’s network in order to steal information. From this foothold they employ sophisticated malware to extend their presence, identify valuable data, and exfiltrate that information for their use.

    From an incident response (IR) perspective, time is of the essence. Timely and actionable intelligence is needed to minimize the window of exposure and mitigate. During this webinar, Javvad Malik of 451 Research and Allan Carey of PhishMe will discuss:

    • How you can reduce the risk of phishing attacks compromising your environment.
    • The value of various threat intelligence sources to aid the IR process.
    • A new method for leveraging trained staff as part of your attack detection system, increasing visibility of real phishing efforts.
  • Resurrection of the Data Entry Attack Recorded: Mar 12 2014 42 mins
    Aaron Higbee, CTO and Co-Founder, PhishMe
    Since the 1990’s, data entry-based attacks have been utilized to social engineer credentials from users for network access. There was a period of time when they were forgotten or overlooked by information security teams due to the prevalence of Trojans, worms, DDoS, and other malware attacks. Well, data entry attacks are back in fashion as reported in recent high-profile breaches. This session will provide some history, highlight examples, and demonstrate the latest techniques to develop and detect data entry-based phishing attacks.
Human Phishing Defense
PhishMe is the leading provider of human-focused phishing defense solutions for organizations concerned about their susceptibility to today’s top attack vector — spear phishing. PhishMe’s intelligence-driven platform turns employees into an active line of defense by enabling them to identify, report, and mitigate spear phishing, malware, and drive-by threats.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: 2016 Q1 Malware Review: Ransomware Trends and Tactics
  • Live at: Jun 9 2016 4:00 pm
  • Presented by: Brendan Griffin, Threat Intelligence Manager, PhishMe
  • From:
Your email has been sent.
or close