Cyber Evolution: En Route to Strengthening Resilience in Asia-Pacific

網路安全正面臨前所未有的挑戰。幾乎每一天，都有新的威脅暴露出公司的脆弱性，迫使他們購買更 多產品並僱用更多的人才。這些反應式方法導致複雜性不斷升級，使得另一個漏洞攻擊者可以趁機利用。「資安監控」無論大或小都需要全面和基礎的方法。

近日由於大眾對COVID-19的廣泛興趣，犯罪分子和間諜威脅者都在散佈著圍繞COVID-19大流行為主題的惡意文件。

網路犯罪分子和間諜行為者都借助這次危機來達到其目標。 在這網路研討會中，我們的專家會分享這些參與者到底在做什麼，以及如何阻止他們。

Protect your organization against today’s most dangerous attackers.

Explore the latest developments behind today’s attacker techniques, behaviors, and motivations sourced from the M-Trends 2020 Report - our annual publication based on FireEye Mandiant’s frontline investigations of the most interesting and impactful cyber attacks in 2019.

Join us for this webinar on Thursday, March 12th at 8 a.m. PT/11 a.m. ET, as FireEye Mandiant experts discuss highlights and case studies from this year’s edition, including:
• Global perspectives on trending attacks and how to combat them
• Details on the most active attack groups in 2019
• Malware family trends
• The rise of malicious insiders
• Insights from cloud investigations, along with common weaknesses and best practices
• Case studies with practical security lessons

Register for the webinar

FireEye's Perspective on Iranian Attacks and Practical Mitigations
Make Better-Informed Decisions and Protect Your Organization

The recent tension between Iran and the U.S. has increased the likelihood of Iranian action against U.S. and Gulf entities. While the exact nature, timing, and targets of any response from Iran is uncertain, FireEye Threat Intelligence analysts assess with moderate confidence that it will include a cyber component.

Watch this complimentary on-demand webinar, as Ben Read, Sr. Manager, Cyber Espionage Analysis provides:
•An overview of FireEye’s perspective on the current threat landscape from Iran
•Tactics recently employed by Iranian groups like APT33, APT34 and others
•Recommended mitigations to protect your organization from these groups

As 2019 comes to a close, we walk away armed with even more knowledge about the threat actors and trends we can expect to continue in 2020 and beyond. Attackers innovate and grow more sophisticated, but there is a lot we can still do to prepare for upcoming compromise attempts and get ahead of the threats.

On Thursday, November 21st at 8a PT/11a ET, join Sarah Geary, Manager of Intelligence for Executives at FireEye, as she shares her thoughts about cyber security in 2020. During the webinar, Sarah will touch on various topics discussed in our report, The Road Ahead: Cyber Security in 2020 and Beyond, including:

• Geopolitics driving threat actors
• Cyber influence operation developments
• New criminal tactics in the underground
• Trends in ransomware and supply chain attacks

FireEye Chat, our quarterly talk show, brings guest experts front and center to cover today’s most important cyber security topics.

In this episode, our FireEye panel discusses the complexity of security operations and its impact on organizational risk. A typical U.S. company uses an average of 85 security tools that generate over 10,000 alerts each day. With a little luck, organizations might discover a breach only after the attacker has been in their systems for an average of 78 days. The potential damage and risk as a result of operational inefficiencies is jaw-dropping.

Join our host, Vasu Jakkal, Chief Marketing Officer, as she talks with Seth Summersett, Chief Scientist and Chris Schreiber, Product Strategist about why you need to work smarter, not harder. They will highlight:

• How technology only solutions often cause security issues
• What simple mindset shift is required to improve operational efficiency
• The FireEye approach to help focus on high impact tasks and gain access to industry expertise

The cloud is more pervasive in our organizations and our lives. But security operations centers (SOCs) can keep up, even when their organization adopts multiple public cloud and SaaS solutions.

Join this webinar to ensure that your organization’s cloud strategy is less of a problem than you might think. Expert Martin Holste, Cloud CTO at FireEye, shares:

• Trade-offs and nuances between cloud providers
• Considerations that can affect your strategic direction
• Seasoned guidance on how to optimize your cloud migration

For some time, the healthcare sector has faced a wide range of threat actors and adversary motivations. Today, data held by healthcare organizations—patient records, medical research, and more—remains at risk from cyber criminals and espionage groups. More disruptive cyber attacks can even hamper operations within healthcare providers.

Join us on September 17 at 9 a.m. PT/12 p.m. ET, as FireEye and Beazley present a webinar that discusses the latest breach and threat landscape trends for this sector.

Did you know that attackers are using Office’s eDiscovery features to search for sensitive data? FireEye has rules that look specifically for eDiscovery use and exports from eDiscovery, which are generally rare in an uncompromised organization.

Listen to Martin Holste, FireEye’s CTOas he discusses the security for Office365:
• Visibility into Azure event sources:
o Azure audit
o Azure AD
o MS Exchange
o Office365
• Leverage visibility into cloud events to identify credential theft using anomaly detection
• Using rules to spot risky configuration and suspicious events
• OneDrive advanced file security

With an ever-changing threat landscape and an increase in the sophistication of the attack techniques used by attackers and to add to that, humongous amounts of alerts generated by the myriad security tools, makes it easy for attackers to hide in the noisy alerts. A proverbial cherry on top – lack of skilled resources to investigate the alerts and resolve them confidently and reduce business risk. Quickly. Who will guide the teams? Who will give them the right context? The right picture? And how?

Watch the webinar to find out more

Defending the frontlines of cybersecurity is a never-ending battle, with new advanced persistent threat (APT) groups lurking to steal data, compromise infrastructure, and interfere with victim business operations. FireEye’s newly named threat group, APT41 is no exception. Their aggressive and consistent mode of operation, and highly sophisticated tactics, distinguishes them from other adversaries making them a double threat to contend with.

APT41 uniquely balances espionage activity concurrently with financially motivated activity driven by personal gain. Since 2012 FireEye has observed APT41 conduct in a wide range of operations including data theft, innovative supply-chain attacks, and the use of unique tools and targeting techniques.

Join this webinar to hear FireEye Threat Intelligence experts, Jacqueline O’Leary, Raymond Leong and Dan Perez, provide:

•Insights into attribution and shared tactics between espionage and financially motivated operations
•Supply chain compromises attributed to APT41 activity
•Unique malware capabilities and techniques
•Details on connections to identified personas

The overall objective of the SOC is stop or reduce the impact of cyber-attacks and this objective is lost in the midst of a cloud of confusing claims and statements about a SIEM. Although, a SIEM is central to SOC operations, a mechanical approach in its adoption has failed to provide any real value.

Join Shashwath Hegde, Solution Architect, for this webinar, as he discusses a shift in mindset in thinking beyond a SIEM and adopting a platform approach and cite practical examples from the field that helps stop the bad guys.

Did you know that attackers are using Office’s eDiscovery features to search for sensitive data? FireEye has rules that look specifically for eDiscovery use and exports from eDiscovery, which are generally rare in an uncompromised organization.

Listen to Martin Holste, FireEye’s CTOas he discusses the security for Office365:
• Visibility into Azure event sources:
o Azure audit
o Azure AD
o MS Exchange
o Office365
• Leverage visibility into cloud events to identify credential theft using anomaly detection
• Using rules to spot risky configuration and suspicious events
• OneDrive advanced file security

這些數字令人印象深刻。每日有超過20億個商業用戶發送2810億封電子郵件。而所有網路攻擊中有91％是以電郵作序幕，當中只需要1個人對您的組織有惡意企圖就會影響到整家公司。隨著入侵者使用層出不窮的方法，各組織很難再獨善其身。

在此網路研討會中，專家將會討論：　
- 針對電子郵件安全的網路環境的狀態
- 多向量攻擊如何隨著嶄新策略，技術，程序而進化，以及隨著變化需要注意的內容
- 為什麼FireEye能更有效地捕捉不斷演變的攻擊以及對您的益處

Front and Center with Colin Carmichael and Jason Martin on the Cyber Security Skills Shortage

FireEye Chat, our quarterly talk show, brings guest experts front and center to cover today’s most important cyber security topics.
In this episode, we address the growing cyber security skills gap, which is expected to reach 3.5 million by 2021.

The rise of technology, combined with more complex cyber security products and cyber threats, have gradually increased the demand for experienced, trained experts to fill a growing number of critical security roles in industry and government worldwide.

Join us as our FireEye Chat panel discusses:

• An overview of the cyber skills gap
• Current proposed solutions
• A breakdown of how FireEye thinks about the challenge, as both a technology company and a security provider