Hi [[ session.user.profile.firstName ]]

APT33: New Insights into Iranian Cyber Espionage Group

Recent investigations by FireEye’s Mandiant incident response consultants combined with FireEye iSIGHT Threat Intelligence analysis have given us a more complete picture of a suspected Iranian threat group, that we believe has been operating since at least 2013. 
Join us in a live webinar as we discuss this threat group whom we asses to be involved in a long-term, resource intensive cyber espionage operation motivated by the prospect of collecting strategic intelligence, including information related to the aviation and energy industries, which would ultimately benefit a nation-state or military sponsor.
Register today to gain deeper insights into this threat group!
Recorded Sep 21 2017 49 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Stuart Davis, Director, Mandiant; Nick Carr, Senior Manager, TORE Detection & Analysis
Presentation preview: APT33: New Insights into Iranian Cyber Espionage Group
  • Channel
  • Channel profile
  • M-Trends 2020: Insights into Today’s Cyber Attacks Mar 12 2020 3:00 pm UTC 60 mins
    Nick Bennett, Managing Director, FireEye Mandiant; Jon Ford, Director, FireEye Mandiant; Steven Stone, Director, FireEye
    Protect your organization against today’s most dangerous attackers.

    Explore the latest developments behind today’s attacker techniques, behaviors, and motivations sourced from the M-Trends 2020 Report - our annual publication based on FireEye Mandiant’s frontline investigations of the most interesting and impactful cyber attacks in 2019.

    Join us for this webinar on Thursday, March 12th at 8 a.m. PT/11 a.m. ET, as FireEye Mandiant experts discuss highlights and case studies from this year’s edition, including:
    • Global perspectives on trending attacks and how to combat them
    • Details on the most active attack groups in 2019
    • Malware family trends
    • The rise of malicious insiders
    • Insights from cloud investigations, along with common weaknesses and best practices
    • Case studies with practical security lessons

    Register for the webinar
  • Mida, mejore y optimice su ciberseguridad con FireEye Mar 11 2020 11:30 am UTC 45 mins
    Lluis Coma, EMEA Consulting Sales Engineer, FireEye
    FireEye ha desarrollado una plataforma que permite evaluar con precisión la postura de seguridad de una empresa. Con Mandiant Validation Solution, FireEye amplía su capacidad ayudando a sus clientes a adoptar un enfoque proactivo en la identificación y mitigación de riesgos debido a configuraciones incorrectas, ineficiencias en los productos y/o procesos de seguridad establecidos.

    Regístrese al seminario web y descubra cómo Mandiant Validation Solution permite:

    •Evaluar su postura de seguridad afin de priorizar las inversiones;
    •Optimizar la configuración de sus tecnologías para maximizar el retorno de la inversión;
    •Comparar su seguridad con los estándares del mercado como MITRE ATT&CK Framework y otros;
    •Probar el correcto funcionamiento de sus herramientas de tipo DLP;
    •Medir la seguridad de sus procesos de seguridad en la NUBE;
    •Validar el correcto funcionamiento de sus herramientas de Endpoint;
    •Confirmar la segmentación de red en entornos IT/OT/SCADA.

    El resultado puede ser extremadamente interesante para gerentes de SOC, CISOs y para el Consejo de Administración.

  • Are You Compromised (and would you really know)? Mar 5 2020 11:00 am UTC 45 mins
    Michael Trevett, UKI Mandiant Director
    At a time when cyber-attacks are mounting year after year—with companies of all industries being targeted—the chances that your organization has been compromised are growing. Further, given the sophistication and agility of attackers, you often don’t know you’ve been breached until weeks or—maybe—months later.

    In such cases, having your environment assessed for indicators of an attack can be invaluable. The assessment will give you an understanding of the current security state, and either notify that there is (or has been) a breach or provide your organization with a clean bill of health at the time of the assessment. In either case, you come out ahead.

    On Thursday, March 5th @ 11AM GMT, join Michael Trevett, UKI Mandiant Director at FireEye, as he shares his experience for the benefits of Compromise Assessments and why the most security-conscious organizations use them.

    During the webinar, Michael will touch on various topics discussed in our whitepaper, Enemies in the Midst, including:
    · Lifecycle of a targeted attack
    · Once a target, always a target
    · How to identify if your organization has been compromised
    · Compromise Assessment techniques and benefits
  • Cybersécurité 2020 : horizons et perspectives d'une nouvelle décennie Recorded: Feb 4 2020 47 mins
    David Grout, CTO EMEA à FireEye
    À l'aube de cette nouvelle décennie, nous avons déjà une bonne idée de ce que les acteurs de la cybercriminalité nous réservent. Face à des attaquants de plus en plus ingénieux et professionnalisés, la protection des organisations passe par une bonne préparation.

    Le 4 février à 14h30 (heure de Paris), retrouvez David Grout, CTO EMEA à FireEye, dans une session dédiée aux prédictions cybersécurité 2020. Au cours de ce webinaire, David s'attardera sur certains points abordés dans notre rapport ‘ Cybersécurité 2020 : horizons et perspectives d'une nouvelle décennie ‘. Suivez notre session afin d’en apprendre plus sur :

    •Les motivations géopolitiques des attaquants;
    •La déstabilisation d’entreprise via l’extorsion et les rançons;
    •L’adoption du Cloud et ses impacts;
    •L’accélération des stratégies étatiques. 

    Inscrivez-vous et découvrez-en plus sur les prédictions 2020 afin d’adapter votre stratégie sécurité.
  • Cyber Security: orizzonti e prospettive per il 2020 e oltre Recorded: Jan 29 2020 22 mins
    Marco Riboli, VP Southern Europe & BeLux di FireEye
    In questo nuovo anno, sappiamo che cosa gli attori del crimine informatico hanno in serbo per noi e quali saranno le minacce e le tendenze nel 2020 e oltre. Di fronte ad attaccanti sempre più ingegnosi e sofisticati, la protezione delle organizzazioni richiede una buona preparazione.
    Martedì 28 gennaio alle 14:30, Marco Riboli, Vice President Southern Europe & Belux di FireEye, farà il punto sulla cyber security nel 2020. Durante questo webinar, si concentrerà su alcuni argomenti emersi nel nostro Report "The Road Ahead: Cyber Security in 2020 and Beyond". Partecipa per saperne di più su:
    •Le motivazioni geopolitiche degli attaccanti;
    •La destabilizzazione del business attraverso estorsioni e riscatti;
    •L'adozione del Cloud e i suoi impatti;
    •L'accelerazione delle strategie degli Stati.

    Registrati subito per scoprire cosa ci attende nel 2020 e come possiamo proteggerci.
  • FireEye's Perspective on Iranian Attacks and Practical Mitigations Recorded: Jan 13 2020 50 mins
    Benjamin Read, Senior Manager, Cyber Espionage Analysis, FireEye
    FireEye's Perspective on Iranian Attacks and Practical Mitigations
    Make Better-Informed Decisions and Protect Your Organization

    The recent tension between Iran and the U.S. has increased the likelihood of Iranian action against U.S. and Gulf entities. While the exact nature, timing, and targets of any response from Iran is uncertain, FireEye Threat Intelligence analysts assess with moderate confidence that it will include a cyber component.

    Watch this complimentary on-demand webinar, as Ben Read, Sr. Manager, Cyber Espionage Analysis provides:
    •An overview of FireEye’s perspective on the current threat landscape from Iran
    •Tactics recently employed by Iranian groups like APT33, APT34 and others
    •Recommended mitigations to protect your organization from these groups
  • Not If, but When: Persistent Security Challenges Recorded: Dec 3 2019 17 mins
    Kevin Taylor, Mike Hart, Simon Moor, Mike Trevett
    Cyber breaches are inevitable because attackers constantly change their tools, techniques and procedures (TTPs). Everyone is affected in different ways, whether from compromised systems or supply chains to the financial implications of non-compliance and breach notification.

    Join our EMEA execs as they discuss the breach inevitability and consequences, how this defines the day job of a security leader, cyber risk in the boardroom and the evolving role of CISOs and their challenges.
  • The Road Ahead: Cyber Security in 2020 and Beyond Recorded: Nov 21 2019 55 mins
    Sarah Geary, Manager of Intelligence for Executives, FireEye
    As 2019 comes to a close, we walk away armed with even more knowledge about the threat actors and trends we can expect to continue in 2020 and beyond. Attackers innovate and grow more sophisticated, but there is a lot we can still do to prepare for upcoming compromise attempts and get ahead of the threats.

    On Thursday, November 21st at 8a PT/11a ET, join Sarah Geary, Manager of Intelligence for Executives at FireEye, as she shares her thoughts about cyber security in 2020. During the webinar, Sarah will touch on various topics discussed in our report, The Road Ahead: Cyber Security in 2020 and Beyond, including:

    • Geopolitics driving threat actors
    • Cyber influence operation developments
    • New criminal tactics in the underground
    • Trends in ransomware and supply chain attacks
  • Mesurer, améliorer et rationaliser les investissements en cyber sécurité Recorded: Nov 14 2019 49 mins
    David Grout, EMEA, CTO, FireEye
    La sécurité aujourd’hui est confrontée à une formule qui ne tient plus ses promesses. Toujours plus d’investissements, toujours plus de ressources et à l’arrivée des incidents majeurs toujours présents. Il est temps pour l’industrie de cesser de baser la sécurité sur des hypothèses de fonctionnement et de se mettre à évaluer les outils déployés de manières répétitives et comparables afin d’améliorer le niveau de protection de manière tangible.

    Inscrivez-vous au webinaire et découvrez comment Verodin Security Instrumentation Platform permet :

    •D’évaluer les outils déployés afin de priotiser les investissements.
    •D’améliorer la configuration des outils en place.
    •De comparer sa sécurité à des standards marchés comme MITRE ATT&CK Framework.
    •De tester la bon fonctionnement des ses outils de types DLP
    •De mesurer la sécurité de ses process sécurité pour le CLOUD
    •De valider le bon fonctionnement de ses outils Endpoints.
    •De confirmer la segmentation réseau entre des zones OT et IT.

    Inscrivez-vous au webinaire des MAINTENANT!
  • Simplification: The Better Option for Financial Cyber Security Recorded: Nov 5 2019 22 mins
    Kevin Taylor, Jens Monrad, Simon Moor, Mike Trevett
    The financial services industry remains among the most targeted industrial sectors. From banks to brokerages, threat actors target financial institutions to steal your employee, customer and business data. They threaten both your credibility and integrity as they capitalise on insider trading through data theft or monetise stolen payment card information.

    State based attackers and criminal elements use a variety of advanced email and network attack methods to compromise organisations. As financial institutions engage in mergers and acquisitions (M&A) activity, adopt new technologies like mobile payment systems, and expand operations, they significantly increase their risk footprint.

    Join this video webinar and hear our EMEA executives discuss the top cyber security challenges for financial organisations, as well as solutions to minimise risks.
  • Die Cloud ist sicher, Ihre Konfiguration ist es möglicherweise nicht! Recorded: Oct 22 2019 44 mins
    Maximilian Bode, Sales Engineer, FIreEye
    Wussten Sie, dass Angreifer die eDiscovery-Funktionen von Office 365 verwenden, um nach vertraulichen Daten zu suchen? FireEye nutzt Regeln, die z.B. speziell auf die Verwendung von eDiscovery und den Export von eDiscovery abzielen, welche in einem regulären Büroalltag im Allgemeinen selten sind.

    Nehmen Sie an diesem Webinar teil, um mehr über FireEye‘s Security Maßnahmen in O365 zu erfahren. FireEye’s Sales Engineer Maximilian Bode teilt:

    Einblicke in Microsoft Azure Events
    - Azure Audit und Azure AD
    - MS Exchange und Office365

    Schaffen Sie Transparenz: Durch Erkennung von Anomalien in Logs kann der Diebstahl von Anmeldeinformationen identifiziert werden. Wir zeigen Ihnen, wie Sie verdächtige Ereignisse und kritische Konfigurationen durch die Verwendung von Regeln erkennen.
  • Misurare e migliorare l’efficacia degli investimenti cyber con FireEye/Verodin. Recorded: Oct 2 2019 43 mins
    Marco Riboli, Vice President, Southern Europe, FireEye e Gabriele Zanoni, Systems Engineer, Italia, FireEye
    Verodin ha sviluppato una tecnologia di “Security Instrumentation” per valutare l’efficacia dei sistemi di sicurezza. Con Verodin, FireEye estende la propria capacità di aiutare i clienti ad adottare un approccio proattivo nell’identificazione e nella mitigazione dei rischi dovuti ad errate configurazioni, ad inefficienze nei prodotti o processi di sicurezza in azienda.
    Verodin mette alla prova i sistemi di security come SIEM, FW,Proxy, Endpoint, Email, DLP, Cloud etc… e suggerisce le attività di Remediation; rimuove i presupposti e permette di valutare oggettivamente l’esposizione agli attacchi, grazie al monitoraggio ed al test dei prodotti e dei processi di sicurezza.

    Registrati al webinar e scopri come FireEye grazie alle nuove funzionalità Verodin:
    •Valuta la priorità sugli investimenti Security in relazione all’esposizione alle minacce.
    •Fornisce uno strumento per massimizzare gli investimenti già fatti con indicazioni su come ottimizzare i prodotti sia On-Premise sia in Cloud.
    •Fornisce Allarmi su cambiamenti non tracciati o non voluti che potrebbero comportare un aumento del rischio di attacchi sia On-Premise sia in Cloud.
    •Estende il perimetro ai sistemi Scada e ICS, verificando le comunicazioni fra le reti OT ed IT e dando prova delle effettive restrizioni.
    •Permette di verificare le Golden Image aziendali e gli Endpoint rispetto ad attacchi distruttivi come quelli Ransomware.
    •Permette di verificare la bontà dei sistemi DLP e di effettuare test automatizzati e replicabili di Data Exfiltration.

    Il risultato è di estremo interesse per i SOC Manager, i CISO e il Board.

    Registrati al webinar ORA!
  • Да се справим с най-напредналите заплахи чрез технологиите на FireEye Recorded: Oct 1 2019 60 mins
    Zlatomir Milanov, System Engineer, Computer 2000
    Все някога може да се случи някой от вашата организация по невнимание да стане брънка във веригата от събития, водещи до кибератака. Някой може да отвори злонамерен имейл, 90% от кибератаките започват с ЕДИН ИМЕЙЛ! Заплахите могат да влизат и през крайните точки и да се движат през Вашата мрежа, повишавайки неправомерно правата на потребителите, провеждайки разузнаване и крадейки данни.

    Само технологията сама по себе си не е достатъчна за борба с киберзаплахите. FireEye използват уникален иновационен цикъл, който комбинира технологии с доказано световно качество, безпрецедентна техническа и разследваща експертиза, придобити директно от „фронтовата линия“, включително услуги от световен клас, както и информация за новите заплахи, която никой друг не успява да събере!

    Екосистемата FireEye съчетава пълен набор от възможности за откриване, защита и разследване чрез Network, Endpoint, and Email Security Solutions!
    Присъединете се към този уебинар, по време на който системният инженер от КОМПЮТЪР 2000 България Златомир Миланов ще разкаже и демонстрира как заплахите в дадена организация могат да бъдат открити с помощта на технологията FireEye за мрежи, крайни точки и електронна поща, показвайки сценарии за атаки от различни гледни точки, както и как разузнаването допълва технологията.
  • How to Resolve the Cyber Skills Gap Recorded: Sep 30 2019 18 mins
    Kevin Taylor - Senior VP EMEA; Mike Trevett - Director, Professional Services, UKI; Simon Moor, VP, NEUR
    There is a very prevalent human factor to the success of cyber security; behind the technology lies a team of professionals with a range of technical and specialist skills used to implement defense and proactive hunting strategies. While technology has a big part to play in the war against cyber attacks, it is the human element which is both the catalyst for attack and defense.

    There are an estimated 3.5 million unfilled cyber security positions forecasted for 2021 and research suggests it’s only getting worse. Security leaders must spend far too much time finding, hiring and retaining staff. When leaders cannot find appropriately skilled talent, they are often forced to hire junior employees. Less experienced and untested staff can dramatically increase the risk of a cyber breach.

    Join this webinar as our executives discuss the cyber security skills crisis in line with the evolving threat landscape and near- and longer-term options to mitigate the risk of a security breach.
  • FireEye Chat - Front and Center on SOC optimization Recorded: Sep 26 2019 24 mins
    Vasu Jakkal, EVP & CMO, FireEye; Seth Summersett, Chief Scientist, FireEye & Chris Schreiber, Product Strategist
    FireEye Chat, our quarterly talk show, brings guest experts front and center to cover today’s most important cyber security topics.

    In this episode, our FireEye panel discusses the complexity of security operations and its impact on organizational risk. A typical U.S. company uses an average of 85 security tools that generate over 10,000 alerts each day. With a little luck, organizations might discover a breach only after the attacker has been in their systems for an average of 78 days. The potential damage and risk as a result of operational inefficiencies is jaw-dropping.

    Join our host, Vasu Jakkal, Chief Marketing Officer, as she talks with Seth Summersett, Chief Scientist and Chris Schreiber, Product Strategist about why you need to work smarter, not harder. They will highlight:

    • How technology only solutions often cause security issues
    • What simple mindset shift is required to improve operational efficiency
    • The FireEye approach to help focus on high impact tasks and gain access to industry expertise
  • Visibilité et sécurisation du cloud avec FireEye Helix Recorded: Sep 26 2019 41 mins
    David Grout, CTO, EMEA, FireEye et Arnaud Garnier, Systems Engineer, FireEye, France
    La migration des infrastructures dans le cloud pose de nouveaux enjeux sur la sécurisation des données. Les attaques comportent de moins en moins de malware et les entreprises doivent pour cela s’adapter et trouver des outils adéquates pour combler le vide laissé par les équipements de sécurité traditionnels.
    FireEye Helix permet de:
    gagner de la visibilité sur les infrastructures cloud ;
    confronter tous les évènements anormaux à l’expertise FireEye héritée de FireEye Mandiant et de FireEye Threat Intelligence.
    Fort de cette expérience terrain, la solution FireEye Helix apparaît comme la solution la mieux adaptée pour répondre à ces nouveaux enjeux.
    Durant ce webinaire de 45 minutes, David Grout, CTO EMEA, et Arnaud Garnier, Systems Engineer, France, reviendrons sur la nécessité de gagner en visibilité sur les infrastructures cloud afin de pouvoir détecter les nouvelles méthodes d’attaques et ainsi les contrecarrer.
  • More Cloud, More Problems? Recorded: Sep 23 2019 53 mins
    Martin Holste, Cloud CTO, FireEye
    The cloud is more pervasive in our organizations and our lives. But security operations centers (SOCs) can keep up, even when their organization adopts multiple public cloud and SaaS solutions.

    Join this webinar to ensure that your organization’s cloud strategy is less of a problem than you might think. Expert Martin Holste, Cloud CTO at FireEye, shares:

    • Trade-offs and nuances between cloud providers
    • Considerations that can affect your strategic direction
    • Seasoned guidance on how to optimize your cloud migration
  • An Executive Perspective on the Current Cybersecurity Landscape in MEA Recorded: Sep 19 2019 15 mins
    Mohammed Abukhater, MEA VP, FIreEye
    Mohammed Abukhater, FireEye’s Vice President of MEA, discusses the current cyber security landscape in the Middle East and Africa.
    From years of experience being on the front lines of cyber security in one of the most-attacked regions in the world, Mohammed touches on key concerns for organizations in both the private and public sector, including best practices on how to stay armed against the most intelligent cyber attackers.
  • Cyber Threats Impacting Healthcare Today Recorded: Sep 17 2019 58 mins
    Luke McNamara, Principal Intelligence Analyst, FireEye & Lauren T. Winchester, Breach Response Services Manager, Beazley
    For some time, the healthcare sector has faced a wide range of threat actors and adversary motivations. Today, data held by healthcare organizations—patient records, medical research, and more—remains at risk from cyber criminals and espionage groups. More disruptive cyber attacks can even hamper operations within healthcare providers.

    Join us on September 17 at 9 a.m. PT/12 p.m. ET, as FireEye and Beazley present a webinar that discusses the latest breach and threat landscape trends for this sector.
  • Double Dragon: APT41, a Dual Espionage and Cyber Crime Operation Recorded: Aug 29 2019 56 mins
    Jacqueline O'Leary,Principal Analyst; Raymond Leong, Principal Threat Analyst; Dan Perez, Principal Threat Analyst
    Defending the frontlines of cybersecurity is a never-ending battle, with new advanced persistent threat (APT) groups lurking to steal data, compromise infrastructure, and interfere with victim business operations. FireEye’s newly named threat group, APT41 is no exception. Their aggressive and consistent mode of operation, and highly sophisticated tactics, distinguishes them from other adversaries making them a double threat to contend with.

    APT41 uniquely balances espionage activity concurrently with financially motivated activity driven by personal gain. Since 2012 FireEye has observed APT41 conduct in a wide range of operations including data theft, innovative supply-chain attacks, and the use of unique tools and targeting techniques.

    Join this webinar to hear FireEye Threat Intelligence experts, Jacqueline O’Leary, Raymond Leong and Dan Perez, provide:

    •Insights into attribution and shared tactics between espionage and financially motivated operations
    •Supply chain compromises attributed to APT41 activity
    •Unique malware capabilities and techniques
    •Details on connections to identified personas
Technology, Intelligence and Expertise
FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,700 customers across 67 countries, including more than 50 percent of the Forbes Global 2000.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: APT33: New Insights into Iranian Cyber Espionage Group
  • Live at: Sep 21 2017 12:00 pm
  • Presented by: Stuart Davis, Director, Mandiant; Nick Carr, Senior Manager, TORE Detection & Analysis
  • From:
Your email has been sent.
or close