Name: Mitigating APT: The Human Way
Start: 2013-12-04T17:00:00Z
End: 2013-12-04T17:47:20.000Z
Location: BrightTALK
Rating: 4.41

Millions of Ransomware, Business Email Compromise and Credential Harvesting attacks are bypassing expensive email security solutions every year. Cofense is the only company that combines a global network of 32 million people reporting phish with advanced AI-based automation to stop phishing attacks fast. That’s why over half of the Fortune 500 and thousands of other organizations trust us to help them stay ahead of breaches. 

About Us
Cofense® is the leading provider of phishing detection and response solutions. Designed for enterprise organizations, the Cofense Phishing Detection and Response (PDR) platform leverages a global network of nearly 32 million people actively reporting suspected phish, combined with advanced automation to stop phishing attacks faster and stay ahead of breaches. 

When deploying the full suite of Cofense solutions, organizations can educate employees on how to identify and report phish, detect phish in their environment and respond quickly to remediate threats. With seamless integration into most major TIPs, SIEMs, and SOARs, Cofense solutions easily align with existing security ecosystems. 

Across a broad set of Global 1000 enterprise customers, including defense, energy, financial services, healthcare and manufacturing sectors, Cofense understands how to improve security, aid incident response and reduce the risk of compromise. For additional information, please visit www.cofense.com .

Threat actors are masquerading as business tools and communication platforms to slip past perimeter controls that are programmed to block known threats. Once they make it through, human detection and threat analysis become an integral part of the process to thwart an attack.

When technologies aren’t programmed to catch the latest threats, are your users enabled to rapidly respond to unknown phishing attacks?

Attend this webinar to join Tonia Dudley, Strategic Advisor, Cofense, as she casts a net around what enterprise security teams must do to better prepare users for the items that are most likely to make it to their inbox and:

  - Get insights on the returning, emerging, and new email phishing threats to be aware of;
  - Learn how you can benefit from a global ‘Network Effect’, and see how it works;  
  - Learn how to drive better efficiency in your SOC while increasing productivity and reducing costs;
  - Grab your copy of the 2021 Annual State of Phishing Report.

You Can’t Stop Human Attackers without Human Reporting and Analysis

If we learned anything from 2020, it’s that threat actors’ abilities to quickly adjust their methods to world events can be lightning fast. From Emotet to Ryuk, and let’s not forget COVID-19, Cofense and our Cofense Labs and Intelligence teams worked overtime.

In our Annual State of Phishing Report we discussed how 2020 saw an increase in both volume and variety of threat activity. Threat actors continued to advance their tactics, techniques, and procedures to ensure their emails would reach end users throughout the year.

Join Cofense CTO & Co-Founder, Aaron Higbee, and Security Solutions Advisor, Tonia Dudley, as they dive into the details of what malware phishing attacks kept the Cofense team busy and what we might see this year.

You'll learn: 

  - Why empowering your people to detect & report phish is more important than ever
   - The latest tactics being used by threat actors that are making it into your users' inboxes
   - How to continuously protect your business from costly phishing attacks

Protect Against Malware Phishing Campaigns that Continue to Evolve and Innovate

Rapid phishing detection and response has never mattered more.  Our Annual State of Phishing Report is a comprehensive view of the 2020 phishing threat landscape, threat actors, and more.

Watch the on-demand webcast recently held by Cofense experts, Tonia Dudley, Cofense Strategic Advisor and Aaron Higbee, Cofense Chief Technology Officer as they share what they’ve learned about phishing, phishing attacks, threat actors, malware, and secure email gateways.

Learn how:

  - Attackers are diversifying the malware used in phishing campaigns
  - The COVID-19 pandemic reshaped the phishing landscape
  - Threat actors are finding new ways to monetize phishing
  - You can't stop human attackers without human reporting and analysis

2021 State of Phishing Webinar

あなたの従業員は防衛戦略を成功させる鍵です

Emotetは、日本の多くの組織にとって深刻なフィッシングの脅威になっています。ボットネットはセキュアEメールゲートウェイ（SEG）を回避するように進化し、これらの高度に巧妙に細工された標的型攻撃は従業員をだまして悪意のあるメールを操ります。ネットワークは危険にさらされており、会社のセキュリティ侵害に対する露出とリスクが高まっています。

悪意のある脅威がテクノロジー(セキュリティ製品)によってブロックされていない場合、どのようにして組織を防御すれば良いでしょうか？

メールボックス内のフィッシングメールを検出して対応する方法をトレーニングすることにより、従業員を防御チームの最前線に活用しましょう。 Cofenseのセキュリティ専門家である藤田平氏がCofenseのインテリジェンスチームと研究チームによって観測された、攻撃者と長年にわたる脅威の進化についての詳細なレビューをご紹介します。

ウェビナーに参加して以下の点を習得しましょう：
• EmotetがセキュアEメールゲートウェイ（SEG）を回避するために使用するさまざまなス. タイルとテクニックを理解する
• 今日の組織を標的としたフィッシング脅威の状況に関する洞察を得る
• 増大する脅威からよりよく防御するための戦略とベストプラクティスを学ぶ

Presenter: 藤田 平, CISSP, Principal Engineer, Japan, Cofense
Moderator: 小熊 慶一郎, CISSP, Director of Business Development, Japan, (ISC)²

Emotetの台頭–日本のフィッシング脅威の進化

2020 has been quite the year. And it’s not over yet! If you’re still trying to get a grip on what has happened in the phishing threat landscape - from COVID-themed phishing attacks to data stealing ransomware and everything in between – you aren’t alone.  We are all getting through this together and uniting to fight phishing.   

Join us on 14 October at 14:00 BST to hear from Cofense Security Solutions Advisor, Tonia Dudley and Senior Director of Sales Engineering, David Mount. They’ll walk you through the threats observed by Cofense, the predictions we’re making for the remainder of the year, and the lessons we’ve learned on how to protect organizations from the phishing threats that evade perimeter defences.

Highlights will include: 
•	Insights of various phishing campaigns that evaded SEGs and reached end users, delivering credential phish and malware. 
•	How threat actors are evolving and adapting their tactics, making it more difficult for end users to know what’s safe and what’s not. 
•	Expert predictions of what is coming in the remainder of 2020 and into 2021.

Phishing Defence in 2020: What the Heck Just Happened & What's Next?

On Wednesday 19th August at 14:00 BST, the ISF will be joined by Cofense for cybersecurity expert insight into the challenges of defending against sophisticated phishing attacks, specifically, how to defend against the phishing email that evades your secure email gateways. 

Cofense Senior Director of Sales Engineering, David Mount, and Sales Enginer, Alain Salesse, will be sharing insight into the current threat landscape as seen through the eyes of the end user and how threat actors are getting past security perimeter controls. 

Highlights will include: 
- Insights of various phishing campaigns that evaded SEGs and reached enterprise end users, delivering credential phish and malware. 
- How threat actors are using trusted services, such as online business surveys and document sharing platforms, to evade SEGs. 
- Expert predictions of what we will continue to see through the remainder of 2020.

Why Secure Email Gateways are not enough: Defending against phishing threats

Phishing continues to be the most successful attack technique used by cyber criminals today. Rules-based “secure” email gateways (SEGs) have become front-line technology for catching malicious emails. However, surveys show that phishing emails regularly bypass SEGs, leaving organizations more exposed to compromise.

In this webinar, listen in as Ed Amoroso, CEO & Analyst at TAG Cyber, joined by Cofense CTO & Co-Founder, Aaron Higbee, and Security Solutions Advisor, Tonia Dudley, discuss the results of a recent global survey regarding the efficacy of SEGs and how a layered phishing defense approach can benefit your business.

Analyst Insight: Too Many Phish in Your Inbox? Your SEG May Be the Problem.

To defend against phishing, your organization needs to understand the key trends and top threats. Cofense’s Intelligence Team spends every day analyzing phishing threats including credential theft, ransomware campaigns, and more. Learn about the top threats that define today’s phishing landscape and how to defend your organization against them.

- See what tactics are successfully evading secure email gateways and reaching enterprise end users.
- Learn what is trending when it comes to malware delivered via phishing, including ransomware.
- Receive tips for ensuring your phishing defense strategy is proactive and well-coordinated.

Know the Threat to Stop the Threat: The Perils of Phishing in 2020

Leveraging Human Sensors to Detect and Remediate Phishing Attacks in Minutes

As businesses adjusts to having their employees work from home, they are also working hard to support it. However, new working conditions has opened up new security gaps that challenge the status quo and questions the business’s resiliency to defend against polymorphic phishing attacks. The changing face of phishing emails continuing to evade Secure Email Gateways has threat actors adapting their tactics to exploit businesses who are unprepared.

Are you ready to accelerate your security practice to respond to these types of attacks?  

Join Cofense security expert Ryan Jones and (ISC)² on Jul 8, 2020 (Wed) at 14:00 (GMT +8) for an in-depth review of the current phishing threat landscape, as seen through the eyes of those on the front line – your end users. 

Highlights will include:
• Insights into the porous nature of SEGs and the latest tactics and techniques delivering credential phish and malware today
• How to identify and defend against polymorphic phishing emails within a remote environment
• Strategies and tools to adopt that will strengthen your security practices and reduce the workload of your SOC teams

Presenter: Ryan Jones, Principal Sales Engineer, APAC, Cofense
Moderator: Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²

The Art of Polymorphic Phishing Attacks – Are You Ready to Respond?

Secure email gateways (SEGs) are meant to protect your organization and your employees from the dangers of phishing attacks. Instead, they provide a false sense of security, as phish continue to swim past these gates and land in your end user’s inbox every day.

In this webinar, Cofense co-founder and CTO, Aaron Higbee, and Security Solution Advisor, Tonia Dudley, discuss the technology gaps that keep SEGs from being 100% “secure”, the methods threat actors use to evade them, and how organizations can leverage technology and human intelligence to succeed where SEGs fail.

Listen in to hear:
• What SEGs are, what they aren’t, and why they fail to keep threats out of your inbox.
• Insights on the phishing campaigns that consistently get past SEGs and reach end users.
• Details on specific credential phish and malware threats we’re seeing and the impact a breach could have on your business
• How Cofense is helping organizations stop email threats that are getting past email gateways – and what you can do to keep your business truly secure.

Still getting Phished? Uncovering the Fallacy of "Secure" Email Gateways.

貴社の従業員をこれまで以上にフィッシング防御の最前線へ

COVID-19のリスクを軽減するため世界中で外出自粛の要請が行われている中、多くの従業員はリモートワークを余儀なくされ、それを受けて新しい働き方に対しITのインフラにおける準備およびサポートの提供で各企業は大変なことと存じます。しかしながら、企業は外部から自社へのネットワーク接続、特に業務遂行に欠かせないEメールに関しては完全にロックダウンすることはできません。例えば、フィッシングメールは引き続きセキュリティEメールゲートウェイ をすり抜け、攻撃者はこの絶好の機会を悪用し様々な戦術を使用してきます。企業はCOVID-19やリモートワークに関するフィッシングメールの急増によって脅威にさらされているのです。 

あなたのチームは戦う準備はできていますか？

セキュリティのエキスパートである藤田 平の話を聞きましょう。彼は最新のフィッシング脅威の状況についての詳細なレビューを提供し、フィッシング防御の最前線での新しい形態である”従業員”の受信トレイやその目を通して知り得た情報をお話しします。

このWebinarに参加すると: 
• セキュリティEメールゲートウェイをすり抜け受信トレイに到達し、クレデンシャルフィッシングやマルウェアを送りつける様々なフィッシング攻撃についての洞察を得ることができます。 
• フィッシングの攻撃者がセキュリティEメールゲートウェイをすり抜ける為にオンラインのビジネス調査やドキュメントの共有プラットフォームなどの信頼できるサービスをどのように活用するのかを知ることができます。
• 2020年のQ2や下半期に弊社が引き続き注視していく専門家としての予測に関する洞察を得ることができます。  

Presenter: 藤田　平, Principal Engineer, Japan, Cofense
Moderator: 小熊　慶一郎, CISSP, Director of Business Development, Japan, (ISC)²

従業員をフィッシング防御の最前線に – あなたのチームは戦う準備はできていますか？

Alors que le monde se confine pour atténuer les risques de COVID-19, de nombreux employés continuent leur adaptation au télétravail. Les entreprises comme la vôtre, s’efforçant de les soutenir, ne peuvent pas complètement fermer leurs réseaux. Par exemple, les emails de Phishing continuent d’échapper aux « Secure Email Gateways – SEGs », car les attaqueurs adaptent leurs tactiques pour exploiter la crise en cours. Les menaces de phishing se sont multipliées due au COVID-19 et au télétravail.

Rejoignez-nous pour entendre les experts en sécurité de Cofense Andy Spencer, Ekbal Gharbi et Jean-Marc Valat, donner un aperçu approfondi du paysage actuel des menaces de phishing, vu à travers les boîtes de réception et les yeux de ceux qui sont en première ligne - vos utilisateurs.

Au programme :
- Aperçu de diverses campagnes de phishing qui ont échappé aux SEG et atteint les boites de réception de vos utilisateurs, comprenant des logiciels malveillants et phishing d’identification.
- Comment les attaquants utilisent des services de confiance, tels que des enquêtes commerciales en ligne et des plateformes de partage de documents, pour échapper aux SEG.
- Comment les solutions de défense anti-phishing robustes de Cofense sont conçues pour vous aider à renforcer votre stratégie.

Conditionner les utilisateurs pour lutter contre le Phishing !

As the world locks down to mitigate the risks of COVID-19, many employees are still adjusting to working from home, and companies like yours are working hard to support it. However, organizations cannot completely lock down their networks. For example, phishing emails continue to evade Secure Email Gateways, with threat actors adapting their tactics to exploit the ongoing crisis. Businesses are threatened by a surge of phish related to COVID-19 and remote work. Join Cofense and (ISC)2 on June 9, 2020 at 1:00PM BST as Cofense security experts David Mount and Andy Spencer provide an in-depth review of the current phishing threat landscape, as seen through the inboxes and eyes of those on the front line – your end users, the new face of your front-line phishing defence. Highlights will include:


· Insights of various phishing campaigns that evaded SEGs and reached enterprise end users, delivering credential phish and malware.


· How threat actors are using trusted services, such as online business surveys and document sharing platforms, to evade SEGs.


· Expert predictions of what we will continue to see through the end of Q2 and the remainder of 2020.

Engaging End Users in Phishing Defence – Are your Teams Combat Ready?

Bad things happen to good companies. Even companies with excellent employee training and top shelf email security can still experience a breach due to a phishing attack. Let’s face it – some of these attackers can write a very convincing spear phishing message.

This 20/20 webcast with SC Media looks at some of the tactics you can employ after a breach is identified to limit damage and reduce the impact on your company, employees and customers.

Phishing Incident Response: What's Under Your Network's Hood?

In this time of remote work, phishing threats are targeting workers and preying on unfamiliar routines, technology learning curves and distracted employees.

In this webinar, join Cofense Chief Technology Officer & Co-Founder, Aaron Higbee, and Cofense Security Solutions Advisor, Tonia Dudley, as they lead a 45-minute Q&A session to answer your top questions about evolving Remote Work phishing attacks and the best ways to stop attacks that are getting past even the most sophisticated secure email gateways (SEGs).

Remote Work Phishing Threats and How to Stop Them

A sudden rush to work remotely has left organizations scrambling to deploy technology, update policies, and train employees. Phishing threat actors are taking advantage of the confusion and gaps in coverage to attack – slipping their malicious emails through secure email gateways and into the inboxes of anxious users.

Attend this webinar to learn:
• How attackers are abusing legitimate technology brands
• Why corporate communications are especially ripe for spoofing today
• Examples of real phish targeting employees working remotely
• How to fill the gaps by raising awareness of phishing attacks and developing trust in official communications

Join Aaron Higbee, Cofense CTO and Co-founder, and Security Solutions Advisor Tonia Dudley to keep your employees safe from phishing—now and in the months to come.

Tips To Guard Against Phishing in a Remote Working World

Get your questions answered by our experts! Join Cofense Chief Technology Officer & Co-Founder, Aaron Higbee, and Cofense Security Solutions Advisor, Tonia Dudley, as they lead a 45-minute Q&A session to answer your top questions about evolving Coronavirus phishing attacks and the best ways to stop phishing threats that are getting past even the most sophisticated secure email gateways (SEGs).

Cofense has created the Coronavirus Phishing Infocenter to provide security and awareness teams useful tools to combat the escalating scourge of email threats preying on people's pandemic fears. The site includes the latest examples of real COVID-19 related phishing emails reported by Cofense users – all of which have evaded perimeter controls like Secure Email Gateways (SEGs).

Q&A with Cofense: Coronavirus Phishing Threat Awareness

Cofense has created the Coronavirus Phishing Infocenter to provide security and awareness teams useful tools to combat the escalating scourge of email threats preying on people's pandemic fears. The site includes the latest examples of real COVID-19 related phishing emails reported by Cofense users – all of which have evaded perimeter controls like Secure Email Gateways (SEGs).

Join Cofense Chief Technology Officer & Co-Founder, Aaron Higbee, and Cofense Security Solutions Advisor, Tonia Dudley, as they lead a 45-minute discussion on evolving Coronavirus attacks and the best ways to stop phishing threats that are getting past even the most sophisticated SEGs.

Coronavirus Phishing Threats. A Cofense Webinar.

How would ESET Experts Protect their Business from Malware?

Combating Advanced Threats in the Power & Utilities Industry

Bait the Phishing Hook: How To Write Effective Social Engineering Emails

Stopping the Scam –  Techniques for Defending Against Today’s Social Engineering

Under Attack: Managing Advanced Threats Infiltrating Your Servers

Inside the Mind of a Hacker

Embracing a Federated Consumer Identity Model to Increase Security & User Trust

Validate and Harden Defenses Against Mobile Malware and Botnets

Network Automation for Change, Configuration & Compliance Management

Avoid Death by 1000 Security Alerts

Risk Analytics: Using Your Data to Solve Security Challenges

Automate. Analyze. Act. The 3 Pillars of Advanced Malware Defense

Connected Security: Respond to 2014's Challenges

Addressing Advanced Threats with a Joined-Up Security Approach

Emerging Threats for 2014: An Ethical Hacker’s View

Advanced Persistent Threats – Stepping Back From The Edge

Leverage Mobile to Prevent Malware from Impersonating You

How can your small business make security policies pay off?

The Myth of Advanced Threat Protection vs. the Reality of the Attack Landscape

Thwart the Bad Guys with Advice from the Security Experts!

Emerging Threats – The Top Six Security Threats for 2014

The Role of Social Engineering within Cybercrime

Automating Advanced Threat Detection for Speedier Identification of Next-generat

Cracking the Endpoint: Inside the Head of a Hacker

Information is Leaking Everywhere! Is Encryption the Solution? A Pragmatic View

Lessons Learned in Security Automation

Is Your Organisation Aligned and Prepared for Today’s Cyber-Attacks?

Advanced Malware Better Beware

Cybercrime – Attack of the Cyber Spies

Emerging Threats and Hacker Prevention

The fact that nation state actors and cyber criminals are targeting humans is not exactly breaking news to the Incident Response (IR) industry, and yet we have continually failed to cultivate the human element of security. Where have we gone wrong as an industry? In many cases, the IT department doesn’t see the security value in humans at all, and if it does, security awareness takes the form of posters and boring training. It’s no surprise then, that our efforts to improve behavior have failed. This presentation will discuss effective ways to train employees that will not only lower your organization’s risk profile, but also turn employees into intrusion detection sensors that save IR time and limit the damage caused by advanced threats.

Mitigating APT: The Human Way

PhishMe

Security

risk

advanced threats

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Mitigating APT: The Human Way

Presented by

About this talk

More from this channel