Name: Remote Workers Spell Trouble for InfoSec
Start: 2022-07-08T15:00:00Z
End: 2022-07-08T15:00:46.000Z
Location: BrightTALK
Rating: 0

Infoblox unites networking and security to deliver unmatched performance and protection. Trusted by Fortune 100 companies and emerging innovators, we provide real-time visibility and control over who and what connects to your network, so your organization runs faster and stops threats earlier.

As email protection has increased, criminals have moved to attack users through SMS and other text messaging services.  The cost to consumers of SMS scams alone was $330 million in the US last year, double that of 2021; this is not to mention phishing for credentials and distribution of malware. Additionally, Infoblox has seen a steady rise of attacks against Multi-Factor Authentication (MFA) via SMS since mid-2022. Over the last 6 months, Infoblox has detected 60-130 MFA “lookalike” domains every week, and we know that recent high-profile attacks on Retool and MGM involved MFA account takeovers. Finally, to evade detection, actors are using malicious link shorteners to hide their true intent. Infoblox recently published original research on Prolific Puma, a DNS threat actor who controls a massive network of domains and supports the criminal economy. This work was reported by Krebs on Security, Darknet Diaries, Bleeping Computer, and many other outlets. 
 
Join this Infoblox webinar and learn how Infoblox detects threats that are used in SMS attacks. We will cover:

- How Infoblox discovered Prolific Puma where others did not, and how blocking threats like Prolific Puma at DNS resolution disrupts the cybercriminal economy
- How Infoblox discovered the DNS threat actor Open Tangle, which uses SMS and lookalike domains to steal consumer credentials
- How Infoblox detects and tracks other DNS threat actors, including the multiple Chinese threat actors currently targeting text messaging apps and the US postal service
- Trends that Infoblox sees in MFA SMS phishing activities, including common targets and TTPs
 
Cybersecurity awareness training alone will not protect consumers and organizations from the onslaught of attacks being levied through SMS and texting apps. This webinar will show you what is happening and why DNS detection and response matters in combating SMS cybercrime.

SMS Cybercrime: A DNS Perspective

Today’s networks have evolved from static, centralized environments to a highly distributed infrastructure spanning multi-cloud, on-premises, edge, and IoT/OT environments. With this increasing complexity, the ability to provide comprehensive protection has become an enormous challenge trying to stay ahead of the pace and volume of ongoing attacks. Traditional security approaches have limitations in addressing these growing complexities, leaving security teams to struggle with a lack of visibility and control, and limited access to critical data that can prioritize the most critical threats while accelerating the ability to identify the users/devices affected. 

Leveraging DNS as part of a Detection and Response security strategy offers a unique solution that augments traditional security with new capabilities protecting everything connected to the network. You can combine the protective capabilities of DNS along with visibility and automation to safeguard your network. DNS threat intelligence can track adversary infrastructure even before the bad actors launch their campaigns. 

Join  and Chris Kissel, Research Vice President, Security & Trust Products at IDC, and Anthony James, Vice President, Product Marketing at Infoblox, for this webinar to learn more about: 

- The evolving challenges of protecting distributed networks
- How traditional approaches have limitations in protecting your complete network infrastructure
- Why DNS should be part of your Detection and Response strategy 
- The key capabilities of DNS Detection and Response as a comprehensive network security strategy

Evolving DNS as Part of Your XDR Strategy

In an era where aligning technology with business goals is paramount, learn why modernizing critical network services can save IT teams time while delivering unparalleled uptime and availability. 

Join this webinar featuring results from the 2023 commissioned Forrester Consulting Total Economic Impact™ DDI Study to learn how 95% of surveyed respondents have reduced overhead and operating costs between 10%-74% using Infoblox DDI including:

- Uptime: Gain insight on how IT teams dramatically improved their uptime from an average of 88% to 99.995% after three years
- Productivity: Unlocked the potential for IT helpdesk efficiency gains, saving over $3.5 million through ticket reduction and issue resolution acceleration.
- Scalability: Discover how one IT team reduced the networking footprint from over 200 servers to just 30 while adopting a standardized platform and integrated centralized database
- Visibility: Learn how customers gain up to 18% savings by moving legacy infrastructure to a consolidated environment, improving visibility and saving $7.1 million over a three-year period
- Automation: See how network engineers realize a 70% increase in time savings by scaling DDI management tasks and how the majority of survey respondents who reported labor savings with DDI task automation saved an average of 6 hours per week through network automation
- Innovation: Understand how using Infoblox DDI saves teams over 28% in admin labor costs, improving resource redeployment and time for innovation

Total Economic Impact: How Integrated DDI Can Save Costs and Give You the Edge

Threats from lookalike domains are devious and spreading rapidly. Along with direct monetary costs, they can also inflict lingering damage to your brand. Learn how to stop these insidious threats in their tracks—before they cause harm. Join us for Episode 2 of our InfobloxInsights Security Webinar Series.

Attend and get the latest research and practical strategies on:

- Suspicious Domains—being proactive in blocking phishing and malware
- Lookalike Domains—how to spot attempts to impersonate your company or your supply chain
- Domain Takedown—next steps after discovering a domain with criminal intent

Protect your brand from Lookalike domains

Your organisation’s security posture depends on your ability to stop threats as soon as possible, ideally well before they are identified as malicious. Discover how suspicious threat feeds empower your SecOps to do just that. Join us for Episode 1 of our Infoblox Insights Security Webinar Series, Secure Sooner with Suspicious Threat Feeds.

Attend and learn:
- The unique ways that suspicious threat feeds empower you to anticipate attacks weeks and months ahead of time
- What suspicious threat feeds consist of, how they are and why they deliver such low false positives
- How seamless integration with your existing security stack and third-party tools empowers SecOps to shift left

Secure Sooner with Suspicious Threat Feeds

Nous vous invitons à suivre notre série mensuelle intitulée Infoblox Insights Security Series. Lors de chaque épisode, nous vous proposons un aperçu de différents cas d’usage de la cybersécurité pouvant renforcer votre posture de sécurité, réduire le risque d'infection et vous aider à réagir plus rapidement.

Regardez le webinaire à la demande de l'épisode 1 où nous vous présenterons les innovations Infoblox permettant de mieux anticiper et prévenir les menaces de façon proactive, avant qu’elles ne surviennent. Vous découvrirez comment la Threat Intelligence DNS Infoblox vous permet de bloquer des millions de noms de domaines suspects à un stade précoce, des semaines ou des mois avant qu’ils ne soient signalés comme malveillants, et ce avec un taux de faux positifs rapporté proche de zéro.

À travers des démonstrations et divers exemples de campagnes de malwares récemment dévoilées, vous découvrirez:

- Les caractéristiques uniques de la Threat Intelligence DNS Infoblox, la façon dontelle complète et s'intègre à vos autres sources d’intelligence et à votre système de sécurité existant.
- Comment les listes de domaines suspects vous permettent d'arrêter au plus tôt les menaces émergentes et celles évoluant rapidement, de faire ainsi gagner un temps précieux aux équipes SecOps.
- Comment prévenir les infections bien avant qu'elles ne se produisent de manière simple, fiable et efficace.
Accédez au webinaire à la demande de l'épisode 1 pour découvrir toute la puissance d’Infoblox.

Bloquez les noms de domaine suspects pour une détection des campagnes d'attaque

Abbiamo il piacere di invitarti alla nostra serie di webinar mensile Infoblox Insights dedicata alla sicurezza. In ogni episodio riceverai informazioni dettagliate su diversi casi d’uso di cybersecurity che possono aiutarti a rafforzare la postura di sicurezza, ridurre il rischio di infezioni e consentire alla tua azienda di reagire più velocemente.

Guarda l'episodio 1 on demand, dove spiegheremo come trasformare l’approccio alla sicurezza da reattivo a proattivo, bloccando le minacce prima che si verifichino. Scopriremo come la Threat Intelligence di Infoblox fornisce feed accurati sulle attività sospette. Queste consentono di identificare attività potenzialmente dannose settimane o mesi prima che vengano classificate come malevoli e con una percentuale di falsi positivi irrilevante.

Attraverso dimostrazioni ed esempi di campagne di malware scoperte di recente potrai imparare come:

- Bloccare le minacce in anticipo, permettendo al team SecOps di risparmiare tempo prezioso – settimane o addirittura mesi – offrendo una visibilità senza precedenti
- Le caratteristiche uniche della Threat Intelligence di Infoblox, si integrano e complementano altre sorgenti di intelligence del tuo security stack esistente
- Eventuali minacce e infezioni possono essere anticipate in modo semplice, affidabile ed efficiente

Feed sui nomi di dominio sospetti per bloccare gli attacchi prima che avvengano

Te invitamos a participar en nuestra serie de webinars mensuales Infoblox Insights dedicados a la seguridad. En cada episodio, te ofreceremos una visión detallada de diferentes casos de uso de ciberseguridad que te ayudarán a reforzar tu seguridad, reducir el riesgo de infección y acelerar tu respuesta ante incidentes.

Accede al episodio 1 on-demand, en el que te explicaremos cómo puedes cambiar tu enfoque de seguridad reactiva a seguridad proactiva, y detener así las amenazas antes de que se produzcan. Aquí descubrirás cómo funcionan los múltiples recursos y una inteligencia de amenazas tratada de dominios sospechosos y cómo te ayudarán a encontrar amenazas de forma temprana, semanas o meses antes de que se categoricen como maliciosas y con un porcentaje irrelevante de falsos positivos.

Mediante demostraciones y diversos ejemplos de campañas de malware recientemente descubiertas, podrás aprender las siguientes lecciones:

- Cómo la inteligencia de dominios sospechosos permite detener campañas de amenazas de forma temprana, ahorrando al equipo de SecOps un tiempo valioso (semanas o incluso meses) y proporcionando una visibilidad sin precedentes.
- Las características únicas de la inteligencia de amenazas tratada de Infoblox y cómo complementan y se integran con tu ecosistema de seguridad actual.
- Cómo anticipar las amenazas y las infecciones de forma sencilla, fiable y eficiente.

Accede al webinar on-demand y descubre el valor de la inteligencia de dominios sospechosos.

Detén ataques antes de que ocurran con la Inteligencia de dominios sospechosos

Haben Sie unser Live-Webinar verpasst? Kein Problem! Sie können jetzt das OnDemand-Video unserer ersten Episode der Infoblox Insights Security Serie ansehen. Entdecken Sie, wie Sie Ihre Sicherheitsstrategie durch proaktive Warnmeldungen revolutionieren können.

In diesem OnDemand-Webinar erfahren Sie:

- Wie die einzigartigen, von Infoblox kuratierten Warnmeldungen Ihnen helfen können, Bedrohungen Wochen und sogar Monate im Voraus zu erkennen.
- Die Beschaffenheit von Warnmeldungen, ihr Kuratierungsprozess und warum sie so wenige Falschalarme verursachen.
- Wie eine nahtlose Integration mit Ihrem vorhandenen Security Stack und Drittanbieter-Tools Ihrem IT-Sicherheitsteam ermöglicht, proaktiver zu agieren und Bedrohungen effektiv zu managen.

Revolutionieren Sie Ihre Sicherheitsstrategie mit proaktiven Warnmeldungen

The world of cybersecurity laws is growing bigger and more complex by the day. The complexity is further amplified when considering that no individual product on the market can fully satisfy all the legal requirements. As a security professional, it's crucial to understand these cybersecurity regulations and developments to help design a comprehensive and adaptive security strategy that aligns with the global legal landscapes. 

Join Cricket Liu, Chief DNS Architect, as he moderates this live webinar with Wei Chen, General Counsel at Infoblox, William Long, co-chair of Privacy and Cybersecurity practice and head of the EU Data Protection group at Sidley Austin LLP and Srikrupa Srivatsan, Director of Product Marketing at Infoblox. Together, they will provide a comprehensive global perspective on existing and emerging cybersecurity regulations.

Register now to learn more about: 

- How these regulations impose stricter cybersecurity requirements on a broader range of sectors
- Why non-compliance carries substantial fines and potential criminal liability for company executives
- How new regulations mandate faster incident reporting, with lower notification windows
- How implementing DNS security controls could help your organization reduce the cyber risks identified in regulatory-mandated risk assessments
- How DNS security capabilities can help address some of the regulatory requirements through frameworks such as CAF, ISO 27000, NIST, and others

Quick Guide to Global Cyber Laws: Be Informed, Not Overwhelmed

The broad adoption of multiple cloud providers has given rise to a “hybrid multi-cloud infrastructure for many organizations, which has increased security, compliance, and network management complexity. For instance, multi-cloud expands the attack surface, orphaned cloud assets create greater costs, and CSP-specific networking services (including DNS) propagate still more silos of point tools.  

Doug Cahill, Enterprise Strategy Group (ESG) Senior VP and Analyst, reviews ESG’s exclusive research findings on multi-cloud adoption and explains how to alleviate these challenges in this Custom Talk with Infoblox.

Watch this expert session to overcome your current multi-cloud networking challenges with Cahill’s guidance from years of in-depth market experience, as well as the following:

- ESG’s predictions for future multi-cloud adoption trends
- Methods of tackling top app management challenges resulting from multiple CSPs
- How to integrate security visibility with network control & cloud agility
- How Infoblox’s portfolio eliminates complexity with unified visibility, cost management, DNS management, and cybersecurity use cases.

ESG Analyst Best Practices for Multi Cloud Network Management and Security

Since the inception of DNS, cyber attacks that leverage the protocol have mushroomed. More than 90% of malware uses DNS in some form. The ubiquity of DNS, coupled with its historic lack of security controls have made it a prevalent attack vector today.

Knowledge of DNS is crucial for security teams. Understanding its vulnerabilities and how to leverage the protective capabilities of DNS can help you mitigate those threats.

Join Cricket Liu, Chief DNS Evangelist, and a panel of experts as they explore:

- How malware uses DNS and threat actors leverage DNS
- Why governments are implementing regulations recommending protective DNS services for public and private industry
- How DNS can be leveraged in zero trust architectures
- How to leverage your DNS infrastructure to improve your security posture

Why Security Professionals Should Care About DNS

In April 2023, Infoblox disclosed the discovery of Decoy Dog, a malware toolkit that uses the domain name system (DNS) to perform command and control (C2). Decoy Dog had operated for over a year before detection. Since then we continued our research to understand the nature and severity of this threat. What we found is both alarming and mysterious. The toolkit is based on Pupy, an open-source remote access trojan (RAT), but is far more sophisticated than the pen tester’s tool. While this traffic looks like Pupy, Decoy Dog is a fundamentally new, previously unknown, malware with many features to persist on a compromised device.

Join this Infoblox webinar and learn how, using DNS, Infoblox was able to not only discover Decoy Dog, but determine it was an advanced persistent threat run by actors who are highly motivated to maintain access to their victims. The topics will include:

- What is Decoy Dog and why should we care 
- How Infoblox used DNS to discover and analyze Decoy Dog
- How Infoblox used DNS to determine that Decoy Dog was operated by multiple actors, estimate the number of compromised devices, and understand the nature of the communications – all without the malware itself 
- How actors responded to the Infoblox disclosure to continue their operations 
- What research data Infoblox has released to the security community to help identify compromised devices and stop the malware

Decoy Dog is No Ordinary Pupy: Separating a Sly DNS Malware from the Pack

The threat landscape is evolving, and attackers are spending a lot of time planning and setting up infrastructure well in advance to launch persistent attacks such as SMS Phishing (smishing) attacks, which have increased significantly in the last year. On the other side of the equation is the increasing trends of hybrid work, cloud adoption, IoT deployments, and mainstream AI, which have made securing these networks more challenging  than ever before. 

DNS Detection and Response is a new approach to detection and response that combines Protective DNS capabilities with device context and integrations to stop attacks others miss, stops attacks earlier, and protects businesses everywhere  while helping transform your security effectiveness. DNS Detection and Response acts as a first point of contact eliminating malicious traffic effectively. 

Join founder and principal analyst of ZK Research, Zeus Kerravala, and Infoblox Senior Director of Product Marketing, Krupa Srivatsan, for this webinar to learn more about:

- The challenges security professionals face in a hyperconnected world 
- The role of DNS Detection and Response as the first point of contact for inbound traffic 
- The benefits of a protective DNS model
- Recommendations for businesses to enhance their security posture

Transform Security Effectiveness with DNS Detection and Response

The business disruptions from the COVID surge have had a profound effect on information security for organizations around the world, and the U.S. has grappled right along with the rest of the world. A new report from the CyberRisk Alliance and Infoblox brings those effects into sharp focus—and in an easily consumable way.

The report, 2022 Global State of Security Report, gives you a one-of-a-kind picture of the global state of security at the end of the second year of the pandemic, with a focus on the U.S. as it has also had to contend with the ongoing economic instability brought about by a labor market in turmoil. 

Join Bob Hansmann, Sr. Product Marketing Manager at Infoblox, and Nina Lund, Forrester TEI Consultant, for this webinar and learn more about: 

- The measures organizations worldwide took to mitigate risks associated with a remote workforce
- The most urgent security challenges posed by remote and hybrid work—and which ones U.S. organizations are prioritizing for mitigation
- Which attack vectors malicious actors targeted the most

Remote Workers Spell Trouble for InfoSec

Cyber Security

Cyber Attacks

Cyber Crime

Cyber Defense

Cloud Security

Remote Workforce

Cyber Risk Management

Cyber Risk

Information Security

Security Attacks

Welcome to the mobile computing community on BrightTALK! With the consumerization of IT and the widespread adoption of mobile devices across the globe, mobile computing has become an important part of many people's lives in a culture of bring your own device (BYOD). With mobile devices doubling as work phones and more employees working from home, businesses need to provide secure access to data and work applications from anywhere at any time. Join this growing community and hear from industry thought leaders in webinars and videos as they share their insight on mobile computing research and trends.

Mobile Computing

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Practicing business intelligence allows your company to transform raw data into sets of insights for targeted business growth. The business intelligence and analytics community on BrightTALK is made up of thousands of data scientists, database administrators, business analysts and other data professionals. Find relevant webinars and videos on business analytics, business intelligence, data analysis and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Business Intelligence and Analytics

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Remote Workers Spell Trouble for InfoSec

Presented by

About this talk

More from this channel