Hi [[ session.user.profile.firstName ]]

Double Dragon: APT41, a Dual Espionage and Cyber Crime Operation

Defending the frontlines of cybersecurity is a never-ending battle, with new advanced persistent threat (APT) groups lurking to steal data, compromise infrastructure, and interfere with victim business operations. FireEye’s newly named threat group, APT41 is no exception. Their aggressive and consistent mode of operation, and highly sophisticated tactics, distinguishes them from other adversaries making them a double threat to contend with.

APT41 uniquely balances espionage activity concurrently with financially motivated activity driven by personal gain. Since 2012 FireEye has observed APT41 conduct in a wide range of operations including data theft, innovative supply-chain attacks, and the use of unique tools and targeting techniques.

Join this webinar to hear FireEye Threat Intelligence experts, Jacqueline O’Leary, Raymond Leong and Dan Perez, provide:

•Insights into attribution and shared tactics between espionage and financially motivated operations
•Supply chain compromises attributed to APT41 activity
•Unique malware capabilities and techniques
•Details on connections to identified personas
Recorded Aug 29 2019 56 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Jacqueline O'Leary,Principal Analyst; Raymond Leong, Principal Threat Analyst; Dan Perez, Principal Threat Analyst
Presentation preview: Double Dragon: APT41, a Dual Espionage and Cyber Crime Operation
  • Channel
  • Channel profile
  • Not If, but When: Persistent Security Challenges Recorded: Dec 3 2019 17 mins
    Kevin Taylor, Mike Hart, Simon Moor, Mike Trevett
    Cyber breaches are inevitable because attackers constantly change their tools, techniques and procedures (TTPs). Everyone is affected in different ways, whether from compromised systems or supply chains to the financial implications of non-compliance and breach notification.

    Join our EMEA execs as they discuss the breach inevitability and consequences, how this defines the day job of a security leader, cyber risk in the boardroom and the evolving role of CISOs and their challenges.
  • The Road Ahead: Cyber Security in 2020 and Beyond Recorded: Nov 21 2019 55 mins
    Sarah Geary, Manager of Intelligence for Executives, FireEye
    As 2019 comes to a close, we walk away armed with even more knowledge about the threat actors and trends we can expect to continue in 2020 and beyond. Attackers innovate and grow more sophisticated, but there is a lot we can still do to prepare for upcoming compromise attempts and get ahead of the threats.

    On Thursday, November 21st at 8a PT/11a ET, join Sarah Geary, Manager of Intelligence for Executives at FireEye, as she shares her thoughts about cyber security in 2020. During the webinar, Sarah will touch on various topics discussed in our report, The Road Ahead: Cyber Security in 2020 and Beyond, including:

    • Geopolitics driving threat actors
    • Cyber influence operation developments
    • New criminal tactics in the underground
    • Trends in ransomware and supply chain attacks
  • Mesurer, améliorer et rationaliser les investissements en cyber sécurité Recorded: Nov 14 2019 49 mins
    David Grout, EMEA, CTO, FireEye
    La sécurité aujourd’hui est confrontée à une formule qui ne tient plus ses promesses. Toujours plus d’investissements, toujours plus de ressources et à l’arrivée des incidents majeurs toujours présents. Il est temps pour l’industrie de cesser de baser la sécurité sur des hypothèses de fonctionnement et de se mettre à évaluer les outils déployés de manières répétitives et comparables afin d’améliorer le niveau de protection de manière tangible.

    Inscrivez-vous au webinaire et découvrez comment Verodin Security Instrumentation Platform permet :

    •D’évaluer les outils déployés afin de priotiser les investissements.
    •D’améliorer la configuration des outils en place.
    •De comparer sa sécurité à des standards marchés comme MITRE ATT&CK Framework.
    •De tester la bon fonctionnement des ses outils de types DLP
    •De mesurer la sécurité de ses process sécurité pour le CLOUD
    •De valider le bon fonctionnement de ses outils Endpoints.
    •De confirmer la segmentation réseau entre des zones OT et IT.

    Inscrivez-vous au webinaire des MAINTENANT!
  • Simplification: The Better Option for Financial Cyber Security Recorded: Nov 5 2019 22 mins
    Kevin Taylor, Jens Monrad, Simon Moor, Mike Trevett
    The financial services industry remains among the most targeted industrial sectors. From banks to brokerages, threat actors target financial institutions to steal your employee, customer and business data. They threaten both your credibility and integrity as they capitalise on insider trading through data theft or monetise stolen payment card information.

    State based attackers and criminal elements use a variety of advanced email and network attack methods to compromise organisations. As financial institutions engage in mergers and acquisitions (M&A) activity, adopt new technologies like mobile payment systems, and expand operations, they significantly increase their risk footprint.

    Join this video webinar and hear our EMEA executives discuss the top cyber security challenges for financial organisations, as well as solutions to minimise risks.
  • Die Cloud ist sicher, Ihre Konfiguration ist es möglicherweise nicht! Recorded: Oct 22 2019 44 mins
    Maximilian Bode, Sales Engineer, FIreEye
    Wussten Sie, dass Angreifer die eDiscovery-Funktionen von Office 365 verwenden, um nach vertraulichen Daten zu suchen? FireEye nutzt Regeln, die z.B. speziell auf die Verwendung von eDiscovery und den Export von eDiscovery abzielen, welche in einem regulären Büroalltag im Allgemeinen selten sind.

    Nehmen Sie an diesem Webinar teil, um mehr über FireEye‘s Security Maßnahmen in O365 zu erfahren. FireEye’s Sales Engineer Maximilian Bode teilt:

    Einblicke in Microsoft Azure Events
    - Azure Audit und Azure AD
    - MS Exchange und Office365

    Schaffen Sie Transparenz: Durch Erkennung von Anomalien in Logs kann der Diebstahl von Anmeldeinformationen identifiziert werden. Wir zeigen Ihnen, wie Sie verdächtige Ereignisse und kritische Konfigurationen durch die Verwendung von Regeln erkennen.
  • Misurare e migliorare l’efficacia degli investimenti cyber con FireEye/Verodin. Recorded: Oct 2 2019 43 mins
    Marco Riboli, Vice President, Southern Europe, FireEye e Gabriele Zanoni, Systems Engineer, Italia, FireEye
    Verodin ha sviluppato una tecnologia di “Security Instrumentation” per valutare l’efficacia dei sistemi di sicurezza. Con Verodin, FireEye estende la propria capacità di aiutare i clienti ad adottare un approccio proattivo nell’identificazione e nella mitigazione dei rischi dovuti ad errate configurazioni, ad inefficienze nei prodotti o processi di sicurezza in azienda.
    Verodin mette alla prova i sistemi di security come SIEM, FW,Proxy, Endpoint, Email, DLP, Cloud etc… e suggerisce le attività di Remediation; rimuove i presupposti e permette di valutare oggettivamente l’esposizione agli attacchi, grazie al monitoraggio ed al test dei prodotti e dei processi di sicurezza.

    Registrati al webinar e scopri come FireEye grazie alle nuove funzionalità Verodin:
    •Valuta la priorità sugli investimenti Security in relazione all’esposizione alle minacce.
    •Fornisce uno strumento per massimizzare gli investimenti già fatti con indicazioni su come ottimizzare i prodotti sia On-Premise sia in Cloud.
    •Fornisce Allarmi su cambiamenti non tracciati o non voluti che potrebbero comportare un aumento del rischio di attacchi sia On-Premise sia in Cloud.
    •Estende il perimetro ai sistemi Scada e ICS, verificando le comunicazioni fra le reti OT ed IT e dando prova delle effettive restrizioni.
    •Permette di verificare le Golden Image aziendali e gli Endpoint rispetto ad attacchi distruttivi come quelli Ransomware.
    •Permette di verificare la bontà dei sistemi DLP e di effettuare test automatizzati e replicabili di Data Exfiltration.

    Il risultato è di estremo interesse per i SOC Manager, i CISO e il Board.

    Registrati al webinar ORA!
  • Да се справим с най-напредналите заплахи чрез технологиите на FireEye Recorded: Oct 1 2019 60 mins
    Zlatomir Milanov, System Engineer, Computer 2000
    Все някога може да се случи някой от вашата организация по невнимание да стане брънка във веригата от събития, водещи до кибератака. Някой може да отвори злонамерен имейл, 90% от кибератаките започват с ЕДИН ИМЕЙЛ! Заплахите могат да влизат и през крайните точки и да се движат през Вашата мрежа, повишавайки неправомерно правата на потребителите, провеждайки разузнаване и крадейки данни.

    Само технологията сама по себе си не е достатъчна за борба с киберзаплахите. FireEye използват уникален иновационен цикъл, който комбинира технологии с доказано световно качество, безпрецедентна техническа и разследваща експертиза, придобити директно от „фронтовата линия“, включително услуги от световен клас, както и информация за новите заплахи, която никой друг не успява да събере!

    Екосистемата FireEye съчетава пълен набор от възможности за откриване, защита и разследване чрез Network, Endpoint, and Email Security Solutions!
    Присъединете се към този уебинар, по време на който системният инженер от КОМПЮТЪР 2000 България Златомир Миланов ще разкаже и демонстрира как заплахите в дадена организация могат да бъдат открити с помощта на технологията FireEye за мрежи, крайни точки и електронна поща, показвайки сценарии за атаки от различни гледни точки, както и как разузнаването допълва технологията.
  • How to Resolve the Cyber Skills Gap Recorded: Sep 30 2019 18 mins
    Kevin Taylor - Senior VP EMEA; Mike Trevett - Director, Professional Services, UKI; Simon Moor, VP, NEUR
    There is a very prevalent human factor to the success of cyber security; behind the technology lies a team of professionals with a range of technical and specialist skills used to implement defense and proactive hunting strategies. While technology has a big part to play in the war against cyber attacks, it is the human element which is both the catalyst for attack and defense.

    There are an estimated 3.5 million unfilled cyber security positions forecasted for 2021 and research suggests it’s only getting worse. Security leaders must spend far too much time finding, hiring and retaining staff. When leaders cannot find appropriately skilled talent, they are often forced to hire junior employees. Less experienced and untested staff can dramatically increase the risk of a cyber breach.

    Join this webinar as our executives discuss the cyber security skills crisis in line with the evolving threat landscape and near- and longer-term options to mitigate the risk of a security breach.
  • FireEye Chat - Front and Center on SOC optimization Recorded: Sep 26 2019 24 mins
    Vasu Jakkal, EVP & CMO, FireEye; Seth Summersett, Chief Scientist, FireEye & Chris Schreiber, Product Strategist
    FireEye Chat, our quarterly talk show, brings guest experts front and center to cover today’s most important cyber security topics.

    In this episode, our FireEye panel discusses the complexity of security operations and its impact on organizational risk. A typical U.S. company uses an average of 85 security tools that generate over 10,000 alerts each day. With a little luck, organizations might discover a breach only after the attacker has been in their systems for an average of 78 days. The potential damage and risk as a result of operational inefficiencies is jaw-dropping.

    Join our host, Vasu Jakkal, Chief Marketing Officer, as she talks with Seth Summersett, Chief Scientist and Chris Schreiber, Product Strategist about why you need to work smarter, not harder. They will highlight:

    • How technology only solutions often cause security issues
    • What simple mindset shift is required to improve operational efficiency
    • The FireEye approach to help focus on high impact tasks and gain access to industry expertise
  • Visibilité et sécurisation du cloud avec FireEye Helix Recorded: Sep 26 2019 41 mins
    David Grout, CTO, EMEA, FireEye et Arnaud Garnier, Systems Engineer, FireEye, France
    La migration des infrastructures dans le cloud pose de nouveaux enjeux sur la sécurisation des données. Les attaques comportent de moins en moins de malware et les entreprises doivent pour cela s’adapter et trouver des outils adéquates pour combler le vide laissé par les équipements de sécurité traditionnels.
    FireEye Helix permet de:
    gagner de la visibilité sur les infrastructures cloud ;
    confronter tous les évènements anormaux à l’expertise FireEye héritée de FireEye Mandiant et de FireEye Threat Intelligence.
    Fort de cette expérience terrain, la solution FireEye Helix apparaît comme la solution la mieux adaptée pour répondre à ces nouveaux enjeux.
    Durant ce webinaire de 45 minutes, David Grout, CTO EMEA, et Arnaud Garnier, Systems Engineer, France, reviendrons sur la nécessité de gagner en visibilité sur les infrastructures cloud afin de pouvoir détecter les nouvelles méthodes d’attaques et ainsi les contrecarrer.
  • More Cloud, More Problems? Recorded: Sep 23 2019 53 mins
    Martin Holste, Cloud CTO, FireEye
    The cloud is more pervasive in our organizations and our lives. But security operations centers (SOCs) can keep up, even when their organization adopts multiple public cloud and SaaS solutions.

    Join this webinar to ensure that your organization’s cloud strategy is less of a problem than you might think. Expert Martin Holste, Cloud CTO at FireEye, shares:

    • Trade-offs and nuances between cloud providers
    • Considerations that can affect your strategic direction
    • Seasoned guidance on how to optimize your cloud migration
  • An Executive Perspective on the Current Cybersecurity Landscape in MEA Recorded: Sep 19 2019 15 mins
    Mohammed Abukhater, MEA VP, FIreEye
    Mohammed Abukhater, FireEye’s Vice President of MEA, discusses the current cyber security landscape in the Middle East and Africa.
    From years of experience being on the front lines of cyber security in one of the most-attacked regions in the world, Mohammed touches on key concerns for organizations in both the private and public sector, including best practices on how to stay armed against the most intelligent cyber attackers.
  • Cyber Threats Impacting Healthcare Today Recorded: Sep 17 2019 58 mins
    Luke McNamara, Principal Intelligence Analyst, FireEye & Lauren T. Winchester, Breach Response Services Manager, Beazley
    For some time, the healthcare sector has faced a wide range of threat actors and adversary motivations. Today, data held by healthcare organizations—patient records, medical research, and more—remains at risk from cyber criminals and espionage groups. More disruptive cyber attacks can even hamper operations within healthcare providers.

    Join us on September 17 at 9 a.m. PT/12 p.m. ET, as FireEye and Beazley present a webinar that discusses the latest breach and threat landscape trends for this sector.
  • Double Dragon: APT41, a Dual Espionage and Cyber Crime Operation Recorded: Aug 29 2019 56 mins
    Jacqueline O'Leary,Principal Analyst; Raymond Leong, Principal Threat Analyst; Dan Perez, Principal Threat Analyst
    Defending the frontlines of cybersecurity is a never-ending battle, with new advanced persistent threat (APT) groups lurking to steal data, compromise infrastructure, and interfere with victim business operations. FireEye’s newly named threat group, APT41 is no exception. Their aggressive and consistent mode of operation, and highly sophisticated tactics, distinguishes them from other adversaries making them a double threat to contend with.

    APT41 uniquely balances espionage activity concurrently with financially motivated activity driven by personal gain. Since 2012 FireEye has observed APT41 conduct in a wide range of operations including data theft, innovative supply-chain attacks, and the use of unique tools and targeting techniques.

    Join this webinar to hear FireEye Threat Intelligence experts, Jacqueline O’Leary, Raymond Leong and Dan Perez, provide:

    •Insights into attribution and shared tactics between espionage and financially motivated operations
    •Supply chain compromises attributed to APT41 activity
    •Unique malware capabilities and techniques
    •Details on connections to identified personas
  • FireEye Chat: Cyber Security Skills Shortage Recorded: Jul 23 2019 30 mins
    Vasu Jakkal, EVP & CMO, Colin Carmichael, SVP & CIO and Jason Martin, EVP
    Front and Center with Colin Carmichael and Jason Martin on the Cyber Security Skills Shortage

    FireEye Chat, our quarterly talk show, brings guest experts front and center to cover today’s most important cyber security topics.
    In this episode, we address the growing cyber security skills gap, which is expected to reach 3.5 million by 2021.

    The rise of technology, combined with more complex cyber security products and cyber threats, have gradually increased the demand for experienced, trained experts to fill a growing number of critical security roles in industry and government worldwide.

    Join us as our FireEye Chat panel discusses:

    • An overview of the cyber skills gap
    • Current proposed solutions
    • A breakdown of how FireEye thinks about the challenge, as both a technology company and a security provider
  • How FireEye Protects FireEye Recorded: Jun 20 2019 60 mins
    Matt Shelton, Director, Technology Risk & Threat Intelligence, FireEye
    FireEye relentlessly protects its customers. But who protects FireEye? Join us for an overview of how FireEye uses its own products and services to protect itself from the same threats faced by customers.

    In this webinar, Matt Shelton, FireEye Director of Technology Risk and Threat Intelligence, will reveal how FireEye:

    •Uses threat intelligence to proactively protect the organization
    •Detects threats using FireEye Network Security products
    •Responds to incidents with FireEye Endpoint Security
    •Leverages Helix as its security operations platform
    •Hunts for known and unknown threats within its environment.
  • Top 5 Cloud Security Myths Debunked Recorded: Jun 20 2019 55 mins
    Martin Holste, Cloud CTO, FireEye
    Through 2022, at least 95% of cloud security failures are predicted to be the customer’s fault (Gartner). But change how you think about cloud security, and you can be a success story.

    Join our webinar, which helps debunk several common myths that jeopardize your fast, secure, migration to the cloud:

    • The cloud is unsafe
    • My organization doesn’t use the cloud
    • My cloud provider will keep me secure
    • The cloud is just someone else’s computer
    • Advanced adversaries aren’t attacking the cloud

    You’ll also learn how to identify a trusted advisor for cloud migration so you can confidently take advantage of cloud advancements.


    Presented by: Martin Holste, Cloud CTO at FireEye
  • Help, my users have been hacked! What happened and how do I respond? Recorded: Jun 20 2019 38 mins
    Vinoo Thomas, Product Line Manager, FireEye
    A Breach Investigation Scenario Leveraging FireEye Endpoint Security

    FireEye spends thousands of hours annually investigating the world’s most impactful security breaches - you don’t have to stand alone when this happens to you. In this webinar, we will use a real-life scenario to dive deeper into how breaches are discovered and importantly, what security lessons can be learned.

    Join FireEye’s Vinoo Thomas as we take a closer look at the discovery of credential harvesting and multiple compromised clients from a single compromised endpoint. Learn how investigation can be used to find and contain the impact of a breach in nearly any environment.
  • A Review of Cyber Resilience -- Past, Present, and Future Recorded: Jun 20 2019 45 mins
    Rob van der Ende, VP APJ, FireEye Mandiant & Naureen Rasul, Head of Cyber Practice Asia, Marsh Pacific
    Rapidly evolving threats and infiltration techniques have rendered traditional cyber defense strategies insufficient and ineffective. The emerging threat vectors and speed of change amplified by the digital transformation cannot be addressed by traditional means. Globally, laws are also changing to keep pace as cybercrime evolves, knowing no boundaries. Therefore, organizations must be nimble and agile to keep pace with policy changes, especially when expanding across different jurisdictions

    Join us as we discuss three strategic imperatives to strengthen cyber resilience:
    • Understand (know your threats) – Identify organization- and industry-specific cyber threats and regulations calls for robust strategies that include cross-disciplinary considerations.
    • Measure (know yourself) – Quantify the potential financial impact of cyber exposures to compare against the level of risk appetite acceptable to the board. This will determine the amount of investment necessary to mitigate and transfer any residual risk.
    • Manage (know what you can do) – Proactively manage cyber risks by having clear action plans based on your capabilities and capacities to protect against cyber criminals.

    While cyber-attacks are inevitable, proper preparation is the essential element that sets resilient organizations apart from the rest in managing risk, minimizing damage, and recovering quickly from any incidents.
  • The Cyber Skills Gap: A Practitioner’s Perspective Recorded: Jun 19 2019 52 mins
    Stanley Parret, Principal Consultant, FireEye Managed Defense
    The shortage of cybersecurity workers is a growing concern for the teams who are directly responsible for protecting the organization against cyber threats. It’s estimated that by 2021, 3.5 million cyber security positions will go unfilled.

    Join Stanley Parret, Principal Consultant for FireEye Managed Defense, for a look at the unforeseen challenges and consequences of the growing cyber skills gap, especially around protecting against advanced threats. In this webinar, we’ll discuss:

    -The impact of staffing shortages on security practitioners
    -How they’re being required to protect more with less
    -The options available to security teams who need to extend their capacity

    Register now for the webinar
Technology, Intelligence and Expertise
FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,700 customers across 67 countries, including more than 50 percent of the Forbes Global 2000.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Double Dragon: APT41, a Dual Espionage and Cyber Crime Operation
  • Live at: Aug 29 2019 3:00 pm
  • Presented by: Jacqueline O'Leary,Principal Analyst; Raymond Leong, Principal Threat Analyst; Dan Perez, Principal Threat Analyst
  • From:
Your email has been sent.
or close