FireEye’s Dynamic Threat Intelligence (DTI) has identified a wave of emails containing malicious attachments being sent to multiple banks in the Middle East region. The threat actors appear to be performing initial reconnaissance against would-be targets, and the attacks caught FireEye’s attention since they were using unique scripts not commonly seen in crimeware campaigns.
FireEye now invites you to learn more about what happened from its Director of Mandiant Services in the Middle East. Stuart will elaborate on these targeted attacks, detailing the tools, tactics, techniques and procedures used as well as to discuss the intelligence gained from them to help you better protect your organisation against similar natured attacks now and in the future.
RecordedJun 26 201646 mins
Your place is confirmed, we'll send you email reminders
David Grout, Director Technical, South EMEA, FireEye
Mandiant responded to an incident in 2017 at a critical infrastructure organisation where an attacker deployed malware designed to manipulate industrial safety systems. The targeted systems provided emergency shutdown capability for industrial processes. This malware, called TRITON, is an attack framework built to interact with Triconex Safety Instrumented System (SIS) controllers.
Join David Grout, our Technical Director for South EMEA, for a live session and get insights into the technical framework details and the potential outcomes.
Due to the combination of growing cyber risks threatening critical assets of organizations today, and firmer security regulations enforced by lawmakers across the globe, security leaders are compelled to improve their risk management processes and key stakeholder communication—to enable better decision-making around security domains and necessary investments.
This requires adoption of new risk management methods to generate realistic risk forecasts, effective metrics techniques, and a clear roadmap for capability improvements.
Join Matthew Keane, Sr. Director of Strategic Services at FireEye, Travis Fry, Sr. Consultant at FireEye and Michelle Visser, Partner, Ropes & Gray, as they share their security and legal expertise on:
• Security risks across the complete cyber attack lifecycle, not only detection and response
• A simple and proven method for understanding the risk reality facing all organizations
• The rising cyber security insurance market and how it will affect risk management efforts
• Influence of the SEC’s recent interpretive guidance on security risks and incident disclosures
• Using threat intelligence to ensure risk management efforts are based on real-world threats and ongoing adversary activities, not hypothetical or academic scenarios
• Best practice exercises to test your incident response plan based on real-world experiences
• Techniques for effectively reporting risk and capability needs to a Board-level audience
IoT devices have become a mainstream part of our lives. IoT devices are no longer just consumer devices, rather they are interwoven in different parts of corporations.
The August 2016 Mirai botnet attack has shown that security in IoT is required to have overall security. The lack of security in IoT devices not only affects users, but also affects the society in a larger scale. Manufactures of these devices need to follow a set of guidelines to ensure secure developments and deployments.
Moreover, device consumers such as corporations should be aware of their attack surface.
Join us for a live webinar as we address the top security and privacy issues in IoT devices, the threats that are targeting them and recommendations for possible solutions.
Pierre Buijsman, Director, System Engineers, Northern Europe
Attackers will continue to be effective through an increase in sophistication, but they will also be successful due to the challenges organisations face in recruiting and retaining skilled cyber professionals.
During this webinar we will be discussing the benefits and challenges of inhouse vs. outsourcing of cyber security operations and how this has been effected by a cyber-skills shortage within the industry with ‘on-demand’ resource being readily available when needed with real time insight and expertise of cyber breaches.
Elena Elkina (Aleada Consulting ) | Parnian Najafi Borazjani (FireEye) | Ondrej Krehel (LIFARS) | John Bambenek (ThreatSTOP)
This webinar is part of BrightTALK's Privacy Insights Series and National Cyber Security Awareness Month (NCSAM).
With the proliferation of the Internet of Things into every sphere of our lives, it's now more important than ever to understand the security and privacy risks associated with connected devices. With smart home devices, office tools, children's toys, even medical devices being vulnerable to cyber attacks, becoming cyber aware should be a key priority for everyone.
Join privacy and cyber security experts for an interactive panel roundtable discussion on:
- The privacy and security vulnerabilities and risks stemming from IoT devices
- The basic safety measures you can deploy to protect your home and workplace against cyber threats
- Best practices for privacy and security safeguards
- What to do in the event of a breach
- What the future of privacy looks like
- Elena Elkina, Partner at Aleada Consulting
- Parnian Najafi Borazjani, Senior Analyst, FireEye
- Ondrej Krehel, Digital Forensics Lead, CEO & Founder, LIFARS
- John Bambenek, VP Security Research & Intelligence, ThreatSTOP
Audience members are encouraged to send questions to the speakers to be answered during the live session.
Florian Siebert, Senior Systems Engineer, Global Services & Intelligence
FireEye Managed Defense greift auf langjährige Erfahrung aus unseren Mandiant Incident Response Einsätzen zurück: wir nutzen die Daten und Erkenntnisse aus der Abwehr realer Angriffe, um Bedrohungen schneller zu erkennen und abzuwehren. Dadurch können wir Ihnen einen unternehmensweiten Überblick von Bedrohungen in Ihrem Netzwerk in Echtzeit geben und die Fähigkeit Ihres bestehendes CERT, Security Operation Center oder Sicherheitsteams ergänzen oder erweitern.
Michelle Drolet (Towerwall) | Dave Klein (GuardiCore) | Matthias Maier (Splunk) | Mike Trevett (FireEye)
Does your organization have a data breach response plan? Discover the best practices for breach response and how to strengthen your organization's cyber resilience.
Join this interactive Q&A panel with top security experts as they discuss:
- The latest trends in data breach protection
- Who's most at risk
- How to detect breaches faster
- What to do and not to do when it comes to breach response
- Recommendations for CISOs for improving security
- Michelle Drolet, CEO, Towerwall
- Dave Klein, Sr. Director Engineering & Architecture, GuardiCore
- Matthias Maier, Technical Evangelist, Splunk
- Mike Trevett, Director, UK&I, FireEye
An organization suffering a breach is no longer a question of "if," but "when" and "how big." Attackers are becoming more sophisticated in exploiting vulnerabilities, acquiring hacking tools on the dark web and leveraging automation, making traditional defense strategies antiquated and obsolete.
Join Alister Shepherd, our Mandiant Director for EMEA, for insights into:
- Recent APT intrusion activity from different regional threat actors,
- Current attack techniques that have been successful during these intrusions,
- Detections and investigations conducted by Mandiant,
- Lessons learned for defenders.
Kevin Taylor, EMEA VP; Sandra Joyce, VP, Global Intel Operations; Stuart McKenzie, EMEA Mandiant VP; Simon Moor, NEUR VP
Cyber threats plague the financial services industry:
• Advanced persistent threat (APT) actors seek to support economic reforms and reach state goals
• Financial threat actors seek financial gain through the direct theft of funds or the sale of stolen information
• Disruptive threat actors and hacktivists seek to gain publicity, divert banks' attentions, or demonstrate a political motive
Any one of these threats would increase activity in an industry, but the presence of all three likely accounts for the large number of intrusions in financial services organizations.
Join us for a live video panel and get executive insights for critical topics relevant to the financial services industry, including the:
• Nature of threats, as well as their motivations and tactics, techniques and procedures (TTPs)
• Ripple effect consequences of geopolitics
• Cost of a breach and importance of risk awareness in the boardroom
• Need to keep GDPR a high priority
Cyber threat intelligence is an essential weapon for detecting and preventing advanced attacks from well-funded attackers with specific agendas and targets.
The adoption of Cyber Threat Intelligence (CTI) is increasing across organizations like yours—adding value to all segments of security operations and the business.
CISOs often face serious challenges communicating information security issues to business managers, top executives and boards of directors. CTI provides information that can put a face on adversaries and translate cyber threats into business risks, using terms that are meaningful to non-technical executives.
Watch this interview with Sandra Joyce, head of global threat intel, and Igors Konovalovs, Director for iSIGHT Intelligence EMEA, as they answer some of the most practical and pressing questions about cyber threat intelligence.
Kevin Taylor, EMEA VP; Stuart McKenzie, EMEA Mandiant VP; Simon Moor, NEUR VP; Richard Weaver, Data Privacy Officer
Cyber breaches are inevitable because attackers constantly change their tools, techniques and procedures (TTPs). Everyone is affected in different ways, whether from compromised systems or supply chains to the financial implications of non-compliance and breach notification.
Join us for a live video panel on trending topics in cyber security:
-Breach notification sources, dwell time and industries mostly likely to be compromised and retargeted by attackers
-Importance of understanding cyber attackers and their motives
-Red teaming to improve security effectiveness
-Cyber security skills gap
-Direct and indirect costs of a breach
-Requirements, processes and policies to handle the GDPR
Third and final part of our 'Breach Response Preparedness Series', a 3-part series on state-of-the-art incident investigation techniques and breach response strategies.
Recovering from a large-scale incident is not an easy task. When compromised by an Advanced Persistent Threat, one must plan the efforts ahead of time to succeed in fully remediating and eradicating the attacker from the environment.
During this webinar, we will discuss:
- How to best remediate from such an event;
- The different stages of the preparation, when it is the best time to remediate, and how to classify actions;
- Examples of real investigations and remediation efforts to illustrate common complications like remediating too early, remediating partially and working with third party IT providers
Join your host Manfred Erjak, Professional Services Consultant, for a 25-minute webinar to discuss the latest incident remediation trends.
Second part of our 'Breach Response Preparedness Series’, a 3-part series on state-of-the-art incident investigation techniques and breach response strategies.
Statistics (from M-Trends 2018) show that the median dwell time (time between initial intrusion, and detection) for EMEA organisations in 2017 was 175 days. A 175 days roaming free inside the victim’s infrastructure; a large portion of which likely would have been with administrator privileges, thereby having the keys to the kingdom. To be able to respond to such breaches effectively and efficiently, Mandiant applies a structured approach, relying on its scalable technology platform, and threat intelligence collected over the last 14 years.
Join your host Jeroen Herlaar, Mandiant Regional Director, for a 25-minute webinar to discuss the Mandiant incident response approach, and why it matters to your organisation if you are confronted with a serious compromise.
First part of our 'Breach Response Preparedness Series', a 3-part series on state-of-the-art incident investigation techniques and breach response strategies.
Mandiant responds to hundreds of breaches on a yearly basis, across all industries and geographies, thereby gaining insights into the different threat actor groups and their TTPs. This also provides us with valuable insights into the how and why of the failing defences of the organisations we support in time of crisis.
Join your host Jeroen Herlaar, Mandiant Regional Director, for a 25-minute webinar to share our thoughts on what we experience on a daily basis while responding to the breaches that matter.
Mit FireEye Threat Analytics in kürzester Zeit das eigene SIEM realisieren.
Die Erfahrungen mit klassischen SIEM-Lösungen haben immer wieder gezeigt, dass durch deren Implementierung recht schnell große Datenmengen und gleichzeitig viele Alarme erzeugt werden. Damit werden noch lange nicht alle für die Cyber-Sicherheit relevanten Probleme gelöst
Wir zeigen Ihnen, wie Sie schnell zu einer SIEM-Lösung kommen, die einen entscheidenden Mehrwert aus dem Daten-Dschungel bietet um:
•Kostspielige und aufwändige Installation zu vermeiden
•Die hohe Anzahl an Alarmen und der damit verbundene Aufwand zu priorisieren
•Angriffe und Aktivitäten in Ihrem Netzwerk sofort zu erkennen
Ergänzen Sie Ihre bestehende SIEM-Lösung und steigern Sie damit deutlich das Cyber-Security-Niveau Ihrer Organisation.
Chaque année, les experts FireEye à travers les équipes Mandiant répondent à une grande variété d'incidents informatiques à travers le monde, ces attaques sont dans la plupart des cas orchestrées par des groupes d’attaquants avancés. Ce retour d’expérience, fruit d’heures d’analyses et d’investigations, est résumé dans le rapport annuel M-Trends qui d’années en années nous donne une visibilité sur le changement et l’évolution de la menace et des techniques utilisées lors des attaques mais aussi sur les progrès et les capacités que les entreprises mettent en place pour y répondre.
Au cours de ce webinaire, notre Directeur Technique, David Grout, discutera de plusieurs sujets incluant :
• Les tendances dans le paysage actuel des menaces et ces évolutions
• Les principaux groupes APT ayant fait parler d’eux en 2017
• Les risques de récurrence d’attaques
• Mais aussi de sujets plus ouverts comme la recherche de talents et la complexité de recruter, les architectures ciblées et leurs faiblesses ou encore la préparation possible à travers des exercices de type Red Teaming.
David Grout, Technical Director for Southern Europe, FireEye
Cyber criminals have always been attracted to cryptocurrencies, which provide a certain level of anonymity and can be easily monetised. In recent years, criminals have gone beyond using cryptocurrencies as a payment method for illicit tools and services. Seeing their value and growing popularity, many actors are targeting cryptocurrency operations and exchanges with attacks such as malicious cryptocurrency mining, collection of cryptocurrency wallet credentials and extortion.
Join your host David Grout, Technical Director for Southern Europe, for a 45-minute webinar to discuss the latest cryptocurrency threats and trends.
Ruediger Weyrauch, Director, Central Europe System Engineering
Sicherheitsexperten in aller Welt stehen auch 2018 vor zahlreichen Herausforderungen. Viele Unwägbarkeiten, aber auch Chancen begleiten uns. Ein großes Thema dabei ist, dass es keine international verbindlichen Regeln für Operationen im Cyberspace gibt.
In diesem Live-Webinar stellt Rüdiger Weyrauch, Director Central & Eastern European System Engineering, die neuesten Trends vor, die unsere aktuelle Bedrohungslandschaft definieren. Die Erkenntnisse und Schlussfolgerungen basieren auf Untersuchungen von Mandiant zu den einflussreichsten Cyber-Angriffen im vergangenen Jahr.
Unsere Themen im Einzelnen:
-Neue Advanced Persistent Threat (APT) Gruppen, die 2017 aufgetaucht sind
-Der Anstieg von Cyber-Angriffen durch Bedrohungsakteure aus dem Iran
-Ein detaillierter Einblick auf die Risiken durch das Remote Desktop Protokoll (RDP)
-Incident Response Untersuchungen resultierend aus Sarbanes-Oxley (SOC) Audits
-Die wachsende Lücke zwischen Cyber-Sicherheitsanforderungen und Fachkräften
Marco Rottigni, Sr Product Marketing Manager, EMEA
Ogni anno i consulenti di Mandiant, una società FireEye, rispondono ad un gran numero di
attacchi informatici sferrati da gruppi di hacker provenienti da tutto il mondo.
Questi episodi sono sintetizzati nel rapporto annuale M-Trends, che analizza i cambiamenti nel panorama delle minacce informatiche.
Durante il webinar, Marco Rottigni, Sr Product Marketing Manager, EMEA interverrà sui seguenti temi:
-L'evoluzione del panorama attuale delle minacce
-L'insorgenza di gruppi APT sempre più sofisticati e pericolosi
-Quali organizzazioni hanno più probabilità di essere colpite dai pirati informatici
-La carenza di personale qualificato e quanto questa influisca sulla sicurezza delle aziende
-La correlazione tra sistemi di sicurezza deboli ed una maggiore esposizione al rischio
-Le migliori prassi del Red Team per una protezione più efficace
Yazan A. Hammoudah, Manager, Systems Engineering, Middle East & Africa
WEBINAR DELIVERED IN ARABIC
FireEye announced the release of its annual M-Trends report which found that in 2017 attackers were present in EMEA organisations' networks a median of 175 days before being detected. This is an increase of almost 40 percent from the same measurement the year before which stood at 106 days.
The report is based on information gathered during investigations conducted by FireEye's security analysts in 2017 and uncovers emerging trends and tactics that threat actors used to compromise organisations.
For more information, join us in the upcoming webinar.
FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organisations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 6,000 customers across 67 countries, including more than 40 percent of the Forbes Global 2000.