Recent investigations by FireEye’s Mandiant incident response consultants combined with FireEye iSIGHT Threat Intelligence analysis have given us a more complete picture of a suspected Iranian threat group, that we believe has been operating since at least 2014.
APT34 are involved in long-term cyber espionage operations largely focused on the Middle East. This threat group has conducted broad targeting across a variety of industries, including financial, government, energy, chemical, and telecommunications.
Join us in a live webinar as we discuss this threat group whom we assess to be working on behalf of the Iranian Government, with a mission that would benefit nation-state geopolitical and economic needs. APT34 uses a mix of public and non-public tools, often conducting spear phishing operations using compromised accounts from trusted third parties, sometimes coupled with social engineering tactics.
Register today to gain deeper insights into this threat group!
RecordedDec 19 201764 mins
Your place is confirmed, we'll send you email reminders
L'année 2018 s’achève et aura été forte en activité sur le front de la sécurité informatique, il est temps maintenant de faire place aux prédictions et grandes tendances cyber auxquelles il faut s’attendre en 2019.
Nous savons que les attaquants vont continuer leurs activités et que les équipes sécurité seront toujours sollicitées pour stopper ces intrusions. Cependant une vision proactive du risque est un facteur primordial dans l’anticipation de la menace permettant des prises de décisions stratégiques sur les politiques sécurités à déployer.
Retrouvez David Grout, CTO EMEA à FireEye, dans une session dédiée aux prédictions cybersécurité 2019. Au cours de ce webinaire, David explorera les points évoqués dans notre rapport ‘Cyber Security in 2019 and Beyond’, construit à l’aide de nos analystes iSIGHT Intelligence, de nos équipes de Réponse à Incidents Mandiant et nos chercheurs FireEye. Suivez notre session afin d’en apprendre plus sur :
1.Comment les méthodes d’attaques évoluent-elles pour toujours mettre en difficultés les équipes sécurité
2.Quelles seront les tendances 2019 en ce qui concerne les enjeux géopolitiques et stratégiques
3.Les menaces sur l’industrie aéronautique, notamment en cyber espionnage et cyber crime
Inscrivez-vous et découvrez-en plus sur les prédictions 2019 afin d’adapter votre stratégie sécurité.
In der Cybersicherheitsbranche sind wir häufig so beschäftigt, dass der Jahreswechsel fast unbemerkt bleibt. Dies gibt Anlass, über die Entwicklungen und Erfahrungen aus den vergangenen zwölf Monate zu reflektieren und Strategien zur Bewältigung von Herausforderungen zu entwickeln.
In der IT-Sicherheits-Branche ist es zudem wichtig, neue und potenzielle Trends zu erkennen, die in Zukunft eine Rolle spielen könnten. Mike Hart, VP Central Europe bei FireEye, gibt Einblick zur Cybersicherheit im Jahr 2019.
Erfahren Sie mehr über:
- Bedrohungen für die Luftfahrtindustrie, einschließlich Cyberspionage und Cyberkriminalität.
- Was Sie von Angreifern aus etablierten und aufstrebenden Schwellenländern erwarten können.
- Wie Bedrohungsakteure ihre Taktiken ändern, um ihrem Gegenüber immer einen Schritt voraus zu sein.
In diesem Webinar erfahren Sie, wie Sie Cybersicherheitsbedrohungen immer einen Schritt voraus sein können.
Il 2018 sta volgendo al termine e, come di consueto, ecco il nostro aggiornamento sull’evoluzione del mondo della cyber security nel 2019 e oltre. Sappiamo che gli attaccanti attaccheranno e che i difensori faranno di tutto per fermarli. Dobbiamo però essere pronti ad affrontare le minacce imminenti, oltre a restare un passo avanti rispetto agli attaccanti, se non addirittura precederli.
Marco Riboli, VP Southern Europe di FireEye, offrirà una panoramica sulla sicurezza del mondo cyber nel 2019. In questo webinar, Marco affronterà diversi punti trattati nel report ‘Facing Forward: Cyber Security in 2019 and Beyond’, frutto dell’esperienza e delle conoscenze dei nostri senior leader, degli analisti di FireEye iSIGHT Intelligence, degli esperti di Incident Response di Mandiant, e dei Labs di FireEye. Partecipa per saperne di più su:
•Minacce nel settore dell’aviazione, compreso lo spionaggio informatico e il cybercrime
•Come le grandi nazioni e i paesi emergenti affronteranno i rischi cyber
•Come gli attaccanti stanno modificando le loro tattiche per essere sempre un passo avanti rispetto alle strategie di difesa
Registrati subito per scoprire cosa ci riserva il futuro della cyber security.
Christopher Porter, Chief Intelligence Strategist, FireEye
As the door closes on 2018, we walk away armed with knowledge about what’s to come in 2019 and beyond. We know attackers will attack and defenders will be tasked with stopping them, but there is a lot more we can do to be prepared for upcoming threats and ensure we’re innovating faster than bad actors.
Join Christopher Porter, Chief Intelligence Strategist at FireEye, as he shares his thoughts about cyber security in 2019. During the webinar, Christopher will touch on various topics discussed in our Facing Forward: Cyber Security in 2019 and Beyond report, which was developed based on insights from our senior leaders, FireEye Threat Intelligence, Mandiant incident responders, and FireEye Labs. Tune in to learn about:
•Threats to the aviation industry, including cyber espionage and cybercrime
•What to expect from established and emerging nation states
•How threat actors are changing their tactics to stay ahead of defenders
Register today to learn what lies ahead and stay one step ahead of cyber security threats.
Ron Bushar, VP & Gov. CTO, FireEye, Michael Trevett, Director, FireEye & Heather Sussman, Partner, Ropes & Gray
As the cyber threat landscape evolves, lawmakers are prompting organizations to protect their networks and handle sensitive information more mindfully with cyber security and breach notification laws that are stricter, carry higher penalties and result in further enforcement.
Companies are spending more time and resources managing cyber security risks—but where should organizations focus their time, talent and spend? And how does a multinational organization navigate these complex regulatory requirements?
Join Ron Bushar, VP and CTO of Government Solutions at FireEye, Michael Trevett, Director of Professional Services at FireEye Mandiant, and Heather Sussman, Partner at Ropes & Gray, as they share their security and legal expertise:
• Executive perspectives on the impact changing security regulations has on how organizations are thinking about cyber security
• Regional overviews of existing and upcoming regulations in North America, EMEA, and APAC
• Impact of GDPR on regional business landscapes since its formal release in May
• Influence of the SEC’s recent interpretive guidance on security risks and incident disclosures
• Best practices for making cyber security a strategic priority and a competitive advantage
Also don't miss "Leading with Threat Intelligence – How to Select the Right Security Provider," the first webinar in this two-part series aimed to help you be better prepared for what's to come in 2019. Register Now - https://www.brighttalk.com/webcast/7451/342393
Misha Sokolnikov, Director of Product Marketing, FireEye
As cyber threats continue to proliferate and expand, so does the arsenal of tools organizations employ to protect against the attackers. With most security solutions equipping to solve only narrow problems, it has become the norm for organizations to deploy an unbearable amount of technologies. Join Misha Sokolnikov, Director of Product Marketing, FireEye as he provides:
• An overview of why security solutions today are not integrated and cause complexity, inefficiencies and excessive alert noise
• The tactics that threat actors use to take advantage of disjointed, complex security technologies
• The most critical threat vectors and how the consolidation and integration of security tools can help you improve your security posture
Kevin Taylor, EMEA VP; Sandra Joyce, VP, Global Intel Operations; Stuart McKenzie, EMEA Mandiant VP; Simon Moor, NEUR VP
Cyber threats plague the financial services industry:
• Advanced persistent threat (APT) actors seek to support economic reforms and reach state goals
• Financial threat actors seek financial gain through the direct theft of funds or the sale of stolen information
• Disruptive threat actors and hacktivists seek to gain publicity, divert banks' attentions, or demonstrate a political motive
Any one of these threats would increase activity in an industry, but the presence of all three likely accounts for the large number of intrusions in financial services organizations.
Join us for a live video panel and get executive insights for critical topics relevant to the financial services industry, including the:
• Nature of threats, as well as their motivations and tactics, techniques and procedures (TTPs)
• Ripple effect consequences of geopolitics
• Cost of a breach and importance of risk awareness in the boardroom
• Need to keep GDPR a high priority
David Grout, Director Technical, South EMEA, FireEye
Mandiant responded to an incident in 2017 at a critical infrastructure organisation where an attacker deployed malware designed to manipulate industrial safety systems. The targeted systems provided emergency shutdown capability for industrial processes. This malware, called TRITON, is an attack framework built to interact with Triconex Safety Instrumented System (SIS) controllers.
Join David Grout, our Technical Director for South EMEA, for a live session and get insights into the technical framework details and the potential outcomes.
In many ways, public cloud is more secure than a traditional data center. And yet, assets on the public cloud are still being compromised just as those stored in traditional data centers. Mandiant, the industry leader in incident response consulting, estimates that 15 percent of all of its incident response involves public cloud assets. So, if the cloud is more secure, why is it still getting hacked?
In this session, we will discuss
• the challenges in Cloud Security
• how to design an effective strategy to tackle them
Due to the combination of growing cyber risks threatening critical assets of organizations today, and firmer security regulations enforced by lawmakers across the globe, security leaders are increasingly taking steps improve their risk management processes and key stakeholder communication—to enable better decision-making around security domains and necessary investments.
This includes adoption of new risk management methods to generate realistic risk forecasts, effective metrics techniques, and a clear roadmap for capability improvements.
Join Matthew Keane, Sr. Director of Strategic Services at FireEye, Travis Fry, Sr. Consultant at FireEye, and Michelle Visser, Partner at Ropes & Gray, as they share their security and legal expertise on:
• Security risks across the complete cyber attack lifecycle, not only detection and response
• A simple and proven method for approaching the risk reality facing all organizations
• The rising cyber security insurance market and how it will affect risk management efforts
• Influence of new regulatory requirements and the SEC’s interpretive guidance on disclosure issues
• Using threat intelligence to ensure risk management efforts are based on real-world threats and ongoing adversary activities, not hypothetical or academic scenarios
• Best practice exercises to test your incident response plan based on real-world experiences
• Techniques for effectively reporting risk and capability needs to a Board-level audience
Simon Moor, Director, Northern Europe, FireEye; Duncan Brown, Associate VP, European Infrastructure & Security, IDC EMEA
Despite the continued focus on security and cyber-risk, most organisations demonstrate poor alignment between the business and security in the consideration of risk. This disconnect can start right at the beginning of a business process, where security is often not involved early enough (or at all) in strategic projects. Boardroom visibility of security threats is often weak, while the nature of security threats means that a continuous reassessment of risk is required, but rarely occurs.
This webinar explores the gap between security and business risk, and examines the opportunities for alignment in Digital Trust, as a prerequisite for digital transformation.
Rob van der Ende, VP APJ, Mandiant, a FireEye company & Mimi Yang, Senior Foreign Legal Consultant Ropes & Gray
How prepared are you and your organization to respond to a data breach?
Executives and their teams in PR/Communications, Cybersecurity, IT, (external) Legal Counsel, and others, should all be intimately aware of the Breach Response Plan and practice their tasks regularly through a Cyber Breach Simulation, or Tabletop Exercise.
Ropes & Gray and Mandiant have joined forces to help you evaluate your organization’s ability to respond effectively to a cyber incident before it occurs. The Tabletop Exercise uses gameplay techniques to assess your cyber crisis processes, tools and proficiency from legal, governance and technical perspectives. During the exercise, multiple scenarios based on real-world experience are simulated in a roundtable environment, allowing Ropes & Gray to provide concrete legal advice to your organization based on the results, including advice on potential enhancements to your organization’s cyber breach and incident response preparedness that Mandiant and Ropes & Gray identify through the exercise.
About Ropes & Gray
Ropes & Gray privacy & cybersecurity attorneys have advised and assisted clients in responding to cyberincidents of multiple shapes and sizes, including many of the largest incidents in history, and apply that extensive background to counsel clients on cybersecurity incident preparedness.
Mandiant, a FireEye company, has over 14 years of near-daily interaction with organized, persistent attackers and threat groups around the world. Mandiant consultants spend hundreds of thousands of hours annually working with organizations of all sizes to remediate security breaches, identify vulnerabilities and provide guidance on closing security gaps.
IoT devices have become a mainstream part of our lives. IoT devices are no longer just consumer devices, rather they are interwoven in different parts of corporations.
The August 2016 Mirai botnet attack has shown that security in IoT is required to have overall security. The lack of security in IoT devices not only affects users, but also affects the society in a larger scale. Manufactures of these devices need to follow a set of guidelines to ensure secure developments and deployments.
Moreover, device consumers such as corporations should be aware of their attack surface.
Join us for a live webinar as we address the top security and privacy issues in IoT devices, the threats that are targeting them and recommendations for possible solutions.
Judith Moore, Director & Partner, FleishmanHillard Fishburn; Mark Deem, Partner, Cooley; Mike Trevett, UKI Director, Mandiant
With numerous market-leading companies making negative data breach headlines this year, and attackers constantly evolving their techniques, tactics and procedures, it seems there’s no longer a case of ‘if’ an organisation will be breached, but instead ‘when’.
“Do you know how your team will respond to and remediate a cyber-attack?”, is an increasingly pertinent question that all C-suite leaders should be able to answer—and more importantly, have a role in finding that answer to ensure their organisation’s cyber-security posture and incident response (IR) plan is built for success.
Join and contribute to the conversation as Judith Moore, Director & Partner, Corporate and Crisis at FleishmanHillard Fishburn, Mark Deem, Partner at Cooley LLP and Mike Trevett, UKI Director at Mandiant discuss:
•How to identify security maturity improvement areas before, during and after a breach
•Why constantly-evolving threats require organisations to periodically revisit their crisis communication plans
•What actions organisations should take to ensure they can effectively protect their reputation in the event of a breach
•Which key strategic communication tactics should be considered when reporting a breach
Claudio Scarabello Director Product, APAC FireEye Inc
Artificial intelligence (AI) is a transformative technology that provides organizations with better cyber defense tools but also helps adversaries improve methods of attack. Organizations need to understand how AI will impact cyber security before they rely on it for their defenses.
Watch this webinar as we discuss:
• How AI tools can be used for offensive and defensive purposes in the cyber domain
• Changing geopolitical landscape as threat actors develop and implement AI capabilities
• Enhancement of a businesses’ defensive capabilities through AI technology
• How FireEye uses machine learning to bolster its internal defenses and tools
Tim Wellsmore, Director, Government Security Programs, Mandiant International, a FireEye Company
Most approaches to the global cyber security problem are usually focused locally inside separate organisations, who struggle to look out across the global landscape and effectively respond. National responses from government capabilities can be challenged by capacity and jurisdiction to truly understand the global threat environment, and to effectively respond. This presentation will highlight how FireEye utilises its various capabilities and threat focused teams from all parts of the business to build a cohesive global detection and response capability for the biggest global threats.
This presentation will outline how we tactically respond within our internal capability teams, and across our customer base of 67 countries and how we keep the media, our customers and our government partners informed on the latest information. How we scale quickly to respond to WannaCry or NotPetya to ensure our Community Protection mandate is relentless maintained is an impressive story. This presentation will highlight how our FireEye technology arm and FireEye's subsidiary companies of Mandiant and iSight work seamlessly together in a global cyber threat event to bring our best against the world's most advanced cyber threat actors.
Vasu Jakkal, Executive Vice President and Chief Marketing Officer, FireEye
Executive Vice President and Chief Marketing Officer, Vasu Jakkal, shares what you can expect from the Cyber Resilience Virtual Summit. Learn why the intelligence-led approach matters and what you need to know to prepare, defend and protect your organization from a breach.
Attackers will continue to be effective through an increase in sophistication, but they will also be successful due to the challenges organisations face in recruiting and retaining skilled cyber professionals.
During this webinar we will be discussing the benefits and challenges of inhouse vs. outsourcing of cyber security operations and how this has been effected by a cyber-skills shortage within the industry with ‘on-demand’ resource being readily available when needed with real time insight and expertise of cyber breaches.
Elena Elkina (Aleada Consulting ) | Parnian Najafi Borazjani (FireEye) | Ondrej Krehel (LIFARS) | John Bambenek (ThreatSTOP)
This webinar is part of BrightTALK's Privacy Insights Series and National Cyber Security Awareness Month (NCSAM).
With the proliferation of the Internet of Things into every sphere of our lives, it's now more important than ever to understand the security and privacy risks associated with connected devices. With smart home devices, office tools, children's toys, even medical devices being vulnerable to cyber attacks, becoming cyber aware should be a key priority for everyone.
Join privacy and cyber security experts for an interactive panel roundtable discussion on:
- The privacy and security vulnerabilities and risks stemming from IoT devices
- The basic safety measures you can deploy to protect your home and workplace against cyber threats
- Best practices for privacy and security safeguards
- What to do in the event of a breach
- What the future of privacy looks like
- Elena Elkina, Partner at Aleada Consulting
- Parnian Najafi Borazjani, Senior Analyst, FireEye
- Ondrej Krehel, Digital Forensics Lead, CEO & Founder, LIFARS
- John Bambenek, VP Security Research & Intelligence, ThreatSTOP
Audience members are encouraged to send questions to the speakers to be answered during the live session.
Florian Siebert, Senior Systems Engineer, Global Services & Intelligence
FireEye Managed Defense greift auf langjährige Erfahrung aus unseren Mandiant Incident Response Einsätzen zurück: wir nutzen die Daten und Erkenntnisse aus der Abwehr realer Angriffe, um Bedrohungen schneller zu erkennen und abzuwehren. Dadurch können wir Ihnen einen unternehmensweiten Überblick von Bedrohungen in Ihrem Netzwerk in Echtzeit geben und die Fähigkeit Ihres bestehendes CERT, Security Operation Center oder Sicherheitsteams ergänzen oder erweitern.
FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organisations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 6,000 customers across 67 countries, including more than 40 percent of the Forbes Global 2000.
APT34 - New Targeted Attack in the Middle EastSTUART DAVIS | DIRECTOR EUROPE, MIDDLE EAST & AFRICA; DAN CABAN | PRINCIPAL CONSULTANT, MIDDLE EAST & AFRICA[[ webcastStartDate * 1000 | amDateFormat: 'MMM D YYYY h:mm a' ]]64 mins