The Best Defense Against Cyber Attacks You’ve Never Heard Of...

あなたの従業員は防衛戦略を成功させる鍵です

Emotetは、日本の多くの組織にとって深刻なフィッシングの脅威になっています。ボットネットはセキュアEメールゲートウェイ（SEG）を回避するように進化し、これらの高度に巧妙に細工された標的型攻撃は従業員をだまして悪意のあるメールを操ります。ネットワークは危険にさらされており、会社のセキュリティ侵害に対する露出とリスクが高まっています。

悪意のある脅威がテクノロジー(セキュリティ製品)によってブロックされていない場合、どのようにして組織を防御すれば良いでしょうか？

メールボックス内のフィッシングメールを検出して対応する方法をトレーニングすることにより、従業員を防御チームの最前線に活用しましょう。 Cofenseのセキュリティ専門家である藤田平氏がCofenseのインテリジェンスチームと研究チームによって観測された、攻撃者と長年にわたる脅威の進化についての詳細なレビューをご紹介します。

ウェビナーに参加して以下の点を習得しましょう：
• EmotetがセキュアEメールゲートウェイ（SEG）を回避するために使用するさまざまなス. タイルとテクニックを理解する
• 今日の組織を標的としたフィッシング脅威の状況に関する洞察を得る
• 増大する脅威からよりよく防御するための戦略とベストプラクティスを学ぶ

Presenter: 藤田 平, CISSP, Principal Engineer, Japan, Cofense
Moderator: 小熊 慶一郎, CISSP, Director of Business Development, Japan, (ISC)²

2020 has been quite the year. And it’s not over yet! If you’re still trying to get a grip on what has happened in the phishing threat landscape - from COVID-themed phishing attacks to data stealing ransomware and everything in between – you aren’t alone. We are all getting through this together and uniting to fight phishing.

Join us on 14 October at 14:00 BST to hear from Cofense Security Solutions Advisor, Tonia Dudley and Senior Director of Sales Engineering, David Mount. They’ll walk you through the threats observed by Cofense, the predictions we’re making for the remainder of the year, and the lessons we’ve learned on how to protect organizations from the phishing threats that evade perimeter defences.

Highlights will include:
• Insights of various phishing campaigns that evaded SEGs and reached end users, delivering credential phish and malware.
• How threat actors are evolving and adapting their tactics, making it more difficult for end users to know what’s safe and what’s not.
• Expert predictions of what is coming in the remainder of 2020 and into 2021.

On Wednesday 19th August at 14:00 BST, the ISF will be joined by Cofense for cybersecurity expert insight into the challenges of defending against sophisticated phishing attacks, specifically, how to defend against the phishing email that evades your secure email gateways.

Cofense Senior Director of Sales Engineering, David Mount, and Sales Enginer, Alain Salesse, will be sharing insight into the current threat landscape as seen through the eyes of the end user and how threat actors are getting past security perimeter controls.

Highlights will include:
- Insights of various phishing campaigns that evaded SEGs and reached enterprise end users, delivering credential phish and malware.
- How threat actors are using trusted services, such as online business surveys and document sharing platforms, to evade SEGs.
- Expert predictions of what we will continue to see through the remainder of 2020.

Phishing continues to be the most successful attack technique used by cyber criminals today. Rules-based “secure” email gateways (SEGs) have become front-line technology for catching malicious emails. However, surveys show that phishing emails regularly bypass SEGs, leaving organizations more exposed to compromise.

In this webinar, listen in as Ed Amoroso, CEO & Analyst at TAG Cyber, joined by Cofense CTO & Co-Founder, Aaron Higbee, and Security Solutions Advisor, Tonia Dudley, discuss the results of a recent global survey regarding the efficacy of SEGs and how a layered phishing defense approach can benefit your business.

To defend against phishing, your organization needs to understand the key trends and top threats. Cofense’s Intelligence Team spends every day analyzing phishing threats including credential theft, ransomware campaigns, and more. Learn about the top threats that define today’s phishing landscape and how to defend your organization against them.

- See what tactics are successfully evading secure email gateways and reaching enterprise end users.
- Learn what is trending when it comes to malware delivered via phishing, including ransomware.
- Receive tips for ensuring your phishing defense strategy is proactive and well-coordinated.

Leveraging Human Sensors to Detect and Remediate Phishing Attacks in Minutes

As businesses adjusts to having their employees work from home, they are also working hard to support it. However, new working conditions has opened up new security gaps that challenge the status quo and questions the business’s resiliency to defend against polymorphic phishing attacks. The changing face of phishing emails continuing to evade Secure Email Gateways has threat actors adapting their tactics to exploit businesses who are unprepared.

Are you ready to accelerate your security practice to respond to these types of attacks?

Join Cofense security expert Ryan Jones and (ISC)² on Jul 8, 2020 (Wed) at 14:00 (GMT +8) for an in-depth review of the current phishing threat landscape, as seen through the eyes of those on the front line – your end users.

Highlights will include:
• Insights into the porous nature of SEGs and the latest tactics and techniques delivering credential phish and malware today
• How to identify and defend against polymorphic phishing emails within a remote environment
• Strategies and tools to adopt that will strengthen your security practices and reduce the workload of your SOC teams

Presenter: Ryan Jones, Principal Sales Engineer, APAC, Cofense
Moderator: Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²

Secure email gateways (SEGs) are meant to protect your organization and your employees from the dangers of phishing attacks. Instead, they provide a false sense of security, as phish continue to swim past these gates and land in your end user’s inbox every day.

In this webinar, Cofense co-founder and CTO, Aaron Higbee, and Security Solution Advisor, Tonia Dudley, discuss the technology gaps that keep SEGs from being 100% “secure”, the methods threat actors use to evade them, and how organizations can leverage technology and human intelligence to succeed where SEGs fail.

Listen in to hear:
• What SEGs are, what they aren’t, and why they fail to keep threats out of your inbox.
• Insights on the phishing campaigns that consistently get past SEGs and reach end users.
• Details on specific credential phish and malware threats we’re seeing and the impact a breach could have on your business
• How Cofense is helping organizations stop email threats that are getting past email gateways – and what you can do to keep your business truly secure.

貴社の従業員をこれまで以上にフィッシング防御の最前線へ

COVID-19のリスクを軽減するため世界中で外出自粛の要請が行われている中、多くの従業員はリモートワークを余儀なくされ、それを受けて新しい働き方に対しITのインフラにおける準備およびサポートの提供で各企業は大変なことと存じます。しかしながら、企業は外部から自社へのネットワーク接続、特に業務遂行に欠かせないEメールに関しては完全にロックダウンすることはできません。例えば、フィッシングメールは引き続きセキュリティEメールゲートウェイ をすり抜け、攻撃者はこの絶好の機会を悪用し様々な戦術を使用してきます。企業はCOVID-19やリモートワークに関するフィッシングメールの急増によって脅威にさらされているのです。

あなたのチームは戦う準備はできていますか？

セキュリティのエキスパートである藤田 平の話を聞きましょう。彼は最新のフィッシング脅威の状況についての詳細なレビューを提供し、フィッシング防御の最前線での新しい形態である”従業員”の受信トレイやその目を通して知り得た情報をお話しします。

このWebinarに参加すると:
• セキュリティEメールゲートウェイをすり抜け受信トレイに到達し、クレデンシャルフィッシングやマルウェアを送りつける様々なフィッシング攻撃についての洞察を得ることができます。
• フィッシングの攻撃者がセキュリティEメールゲートウェイをすり抜ける為にオンラインのビジネス調査やドキュメントの共有プラットフォームなどの信頼できるサービスをどのように活用するのかを知ることができます。
• 2020年のQ2や下半期に弊社が引き続き注視していく専門家としての予測に関する洞察を得ることができます。

Presenter: 藤田　平, Principal Engineer, Japan, Cofense
Moderator: 小熊　慶一郎, CISSP, Director of Business Development, Japan, (ISC)²

Alors que le monde se confine pour atténuer les risques de COVID-19, de nombreux employés continuent leur adaptation au télétravail. Les entreprises comme la vôtre, s’efforçant de les soutenir, ne peuvent pas complètement fermer leurs réseaux. Par exemple, les emails de Phishing continuent d’échapper aux « Secure Email Gateways – SEGs », car les attaqueurs adaptent leurs tactiques pour exploiter la crise en cours. Les menaces de phishing se sont multipliées due au COVID-19 et au télétravail.

Rejoignez-nous pour entendre les experts en sécurité de Cofense Andy Spencer, Ekbal Gharbi et Jean-Marc Valat, donner un aperçu approfondi du paysage actuel des menaces de phishing, vu à travers les boîtes de réception et les yeux de ceux qui sont en première ligne - vos utilisateurs.

Au programme :
- Aperçu de diverses campagnes de phishing qui ont échappé aux SEG et atteint les boites de réception de vos utilisateurs, comprenant des logiciels malveillants et phishing d’identification.
- Comment les attaquants utilisent des services de confiance, tels que des enquêtes commerciales en ligne et des plateformes de partage de documents, pour échapper aux SEG.
- Comment les solutions de défense anti-phishing robustes de Cofense sont conçues pour vous aider à renforcer votre stratégie.

As the world locks down to mitigate the risks of COVID-19, many employees are still adjusting to working from home, and companies like yours are working hard to support it. However, organizations cannot completely lock down their networks. For example, phishing emails continue to evade Secure Email Gateways, with threat actors adapting their tactics to exploit the ongoing crisis. Businesses are threatened by a surge of phish related to COVID-19 and remote work. Join Cofense and (ISC)2 on June 9, 2020 at 1:00PM BST as Cofense security experts David Mount and Andy Spencer provide an in-depth review of the current phishing threat landscape, as seen through the inboxes and eyes of those on the front line – your end users, the new face of your front-line phishing defence. Highlights will include:


· Insights of various phishing campaigns that evaded SEGs and reached enterprise end users, delivering credential phish and malware.


· How threat actors are using trusted services, such as online business surveys and document sharing platforms, to evade SEGs.


· Expert predictions of what we will continue to see through the end of Q2 and the remainder of 2020.

Bad things happen to good companies. Even companies with excellent employee training and top shelf email security can still experience a breach due to a phishing attack. Let’s face it – some of these attackers can write a very convincing spear phishing message.

This 20/20 webcast with SC Media looks at some of the tactics you can employ after a breach is identified to limit damage and reduce the impact on your company, employees and customers.

In this time of remote work, phishing threats are targeting workers and preying on unfamiliar routines, technology learning curves and distracted employees.

In this webinar, join Cofense Chief Technology Officer & Co-Founder, Aaron Higbee, and Cofense Security Solutions Advisor, Tonia Dudley, as they lead a 45-minute Q&A session to answer your top questions about evolving Remote Work phishing attacks and the best ways to stop attacks that are getting past even the most sophisticated secure email gateways (SEGs).

A sudden rush to work remotely has left organizations scrambling to deploy technology, update policies, and train employees. Phishing threat actors are taking advantage of the confusion and gaps in coverage to attack – slipping their malicious emails through secure email gateways and into the inboxes of anxious users.

Attend this webinar to learn:
• How attackers are abusing legitimate technology brands
• Why corporate communications are especially ripe for spoofing today
• Examples of real phish targeting employees working remotely
• How to fill the gaps by raising awareness of phishing attacks and developing trust in official communications

Join Aaron Higbee, Cofense CTO and Co-founder, and Security Solutions Advisor Tonia Dudley to keep your employees safe from phishing—now and in the months to come.

Get your questions answered by our experts! Join Cofense Chief Technology Officer & Co-Founder, Aaron Higbee, and Cofense Security Solutions Advisor, Tonia Dudley, as they lead a 45-minute Q&A session to answer your top questions about evolving Coronavirus phishing attacks and the best ways to stop phishing threats that are getting past even the most sophisticated secure email gateways (SEGs).

Cofense has created the Coronavirus Phishing Infocenter to provide security and awareness teams useful tools to combat the escalating scourge of email threats preying on people's pandemic fears. The site includes the latest examples of real COVID-19 related phishing emails reported by Cofense users – all of which have evaded perimeter controls like Secure Email Gateways (SEGs).

Cofense has created the Coronavirus Phishing Infocenter to provide security and awareness teams useful tools to combat the escalating scourge of email threats preying on people's pandemic fears. The site includes the latest examples of real COVID-19 related phishing emails reported by Cofense users – all of which have evaded perimeter controls like Secure Email Gateways (SEGs).

Join Cofense Chief Technology Officer & Co-Founder, Aaron Higbee, and Cofense Security Solutions Advisor, Tonia Dudley, as they lead a 45-minute discussion on evolving Coronavirus attacks and the best ways to stop phishing threats that are getting past even the most sophisticated SEGs.

It has become cliché to say that the user is the weakest link in cybersecurity. However, it is also true that the user is often the last line of defense — phishing and other potential security attacks often depend on a person clicking on a link or malware-laden file to launch an attack. While a company might have a top notch cybersecurity operations team, without having an equally trained user base the company is essentially defending itself with one hand tied behind its virtual back.

This SC Magazine 20/20 editorial webcast looks at how CISOs can augment their professional cybersecurity team and security operations center with a highly aware user base to identify and defeat potential breaches.

While the fourth quarter of 2019 saw a decrease in total malware volume, Emotet (also known as Geodo) took the spotlight with email reply chains, macro-laden attachments, and convincing phishing templates. Of course, Emotet is just one of many threats currently facing organizations. Defenders need to understand both the current phishing landscape and how it may change in the future to best safeguard themselves from compromises and breaches.

Join Cofense Intelligence for expert analysis of the latest threats and a look at the tactics, techniques, and procedures attackers may use in the coming year.

You will learn:
• The top emergent threats of Q4 2019
• Changes in the phishing threat landscape
• Predictions for the rest of 2020

The threat landscape continues to evolve at a rapid pace, with new threat vectors emerging and increasing in sophistication. With the new year on the horizon, how can organisations prepare to defend against new and emerging attacks? Join James Hickey and David Mount in our webinar as they share their thoughts on what we can expect in 2020 and beyond. Based on insights collected from our research teams, our speakers will touch on trends positioned to dominate the threat landscape next year so you can strengthen your organisational defence.

Attend the webinar and learn:
• How ransomware is evolving and becoming more targeted to reap more sizeable payouts
• Why healthcare and genetic testing organisations will be a rich target for monetising data
• Why cryptocurrency will find itself in the crosshairs
• How human intuition, a powerful weapon against phishing, will also prove essential as information warfare heats up

Don’t miss this timely event—register today!

As the phishing threat landscape continues to evolve at a pace that technology is unable to keep up with, organizations are turning to phishing awareness and simulation programs to plug the gap. Is your phishing awareness program keeping up with this changing landscape?

Join Cofense as we explore the attributes of a modern phishing awareness program and see what our data, based on millions of phishing simulations, shows about awareness programs and simulation exercises.

You will learn:
- The statistical advantage of using an email reporting tool
- The important role the end user plays in active defense
- How often you need to send simulations for maximum resiliency
- The advantages of basing simulations on active threats, not random dangers
- Why ‘phish testing’ is the enemy of true phishing defense