Name: Insights into the ProxyLogon Exchange Vulnerabilities & related attack activity
Start: 2021-03-23T05:00:00Z
End: 2021-03-23T05:01:03.000Z
Location: BrightTALK
Rating: 0

Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. By scaling decades of frontline experience, Mandiant helps organizations to be confident in their readiness to defend against and respond to cyber threats. Mandiant is now part of Google Cloud.

The cyber threat landscape is constantly evolving, and defenders have the challenging task of keeping up. By exploring the trends we see today, we can improve our cyber readiness and be better prepared for the year ahead. 

To help organizations navigate the cyber landscape in 2024, security expert Andrew Kopcienski is presenting a deep-dive session to cover many of the topics discussed in the latest Google Cloud Cybersecurity Forecast 2024 report, including:

- Tactics and tools to steal credentials
- SMS phishing, notably to access environments
- Increasing use of zero-days
- More targeting of edge and other devices  

Register for the webinar, and read the Google Cloud Cybersecurity Forecast 2024 report: https://cloud.google.com/resources/security/cybersecurity-forecast

Google Cloud Cybersecurity Forecast 2024

Attack surface data is the ever-increasing amount of information that attackers can use to exploit vulnerabilities in an organization's systems and networks. One of the biggest challenges in parsing through attack surface data is its sheer volume and complexity. Attackers are constantly developing new techniques and tools to exploit vulnerabilities, and organizations need to be able to keep up. 
This means that security teams need to be able to quickly and accurately identify and prioritize vulnerabilities, even if they are buried in a sea of data.

Join the Mandiant team for a live discussion on outcome-based asset discovery, an easy-to-use method of understanding attack surface exposures. The team will discuss and demo:
- How to define the outcomes or success criteria of asset discovery 
- The various use cases external attack surface management can solve for
- The different ways to operationalize attack surface findings across the organization

Register Now!

Attack Surface Discovery at Scale

The manufacturing industry is a prime target for cyber attackers, who are increasingly using multi-faceted extortion and espionage tactics to gain access to sensitive data and disrupt operations. This webinar will provide an overview of cyber threats targeting the manufacturing industry, including:

1) Trends and data observed with multi-faceted extortion attacks
2) Cyber espionage campaigns targeting the sector
3) How the sector might be used as a jump point via supply chain attacks to other sectors

The webinar will feature cyber security intelligence and advisory experts in the manufacturing industry who will discuss the following topics:

1) How to use cyber threat intelligence to ensure better outcomes
2) Why context is vital when prioritizing alerts and threats

This webinar is essential for anyone who is responsible for cyber security at a manufacturing company. You will learn about the latest threats facing your industry and how to protect your organization from these attacks.

The Cyber Security Threat Landscape Targeting the Manufacturing Industry

In this session, explore how you can modernise Security Operations with Google Cloud's cloud-native Security Operations platform. Learn how you can deliver modern threat detection, investigation, and hunting at unprecedented speed and scale along with ushering in a new era of productivity for security teams with AI. 

We will show you  how you can elevate your team’s talent and productivity with generative AI and fill in skill gaps with expert help when you need it - before, during, and after an incident.

Modernising SecOps

Disinformation campaigns are unfortunately both incredibly pervasive and surprisingly common. Whether it is spreading propaganda or discrediting political opponents, they can have a dramatic impact on nations when left unchecked. Come join Mandiant as we dive into several pro People’s Republic of China (PRC) disinformation campaigns, including DRAGONBRIDGE and HAIENERGY. 

We will examine how they work, how widespread they can be, what they are trying to achieve, and how patiently tracking them can help us understand the actors behind them.

WHO DIS? Analysing Pro-PRC Propaganda Campaigns

The best method for breach preparation is ASSUMED as opposed to the initial IF which then moved onto WHEN. Security teams should approach validation using a trusted actor methodology by simulating breaches as authorized users. 

This will identity business risks generated from security weaknesses, vulnerabilities and mis-configurations. The ultimate target is having the ability to assess the impact on organization's critical data and assets.

Join this session to learn more about how to be best prepared for a breach, by managing your initial assumptions.

Assume Breached!

M-Trends 2023 is packed with timely data from Mandiant’s frontline incident response investigations and unparalleled threat intelligence, offering an inside look into trending response metrics and attacker operations from some of the most impactful breaches around the world.

Join this session to hear from Yihao Lim, APAC Manager, Threat Intelligence for Mandiant, as he walks you through what these findings mean and how they can significantly affect your security approach.

M-Trends 2023 by the Numbers: Today's Top Cyber Developments and Attacks LIVE

Don’t let assumptions be your achilles heel. 

25.8% of initial access comes from exploitation of public facing applications while 17% comes from supply chain compromise.  

It’s important for the organisation to understand;
What do we have? 
What are we running? 
And what are the risks? 

By understanding how the attacker sees you, you are able to prioritize and reduce your attack surface. Attend this session to learn how to to build your cyber backbone, and minimise your achilles heel.

Have a backbone. Not an achilles heel.

To proactively mitigate risks from cyber exposures, you need to know who's targeting you and what you need to protect. Yet, many don’t know where to start.

Join David Sutton and Megan DeBlois for a live discussion on Mandiant’s approach to scoping the cyber threat landscape and how it can help you make more intelligence-led decisions. David and Megan will cover:
 - How to scope the threat landscape 
 - The types of intelligence sources needed 
 - How to successfully operationalize intelligence across the security stack
 - The positive impacts of making intelligence-led decisions

Threats! Exposures! Oh, my!

Join Ryan Roobian and Alexa Rzasa for a live discussion on how to better understand your unique threat landscape and attack surface to proactively identify and mitigate your organization's cyber exposure. Ryan and Alexa will discuss the essentials to building a proactive strategy; including how to achieve:
 - Expanded and centralized visibility
 - Intelligence-led prioritization
 - Validated preparedness
 - Faster remediation and optimization 
 - Incident response readiness

Building a Proactive Strategy to Exposure Management

The M-Trends 2023 report is packed with timely data from Mandiant’s frontline incident response investigations and unparalleled threat intelligence, offering an inside look into trending response metrics and attacker operations from some of the most impactful breaches around the world. 

Join us on May 25, 2023 at 11:00am SGT as we walk you through what these findings mean and how they can significantly affect your security approach. This session particularly features cyber security trends and insights in APAC sharing APAC organizations useful guidance and ensuring they are well prepared with evolving threats.

Topics for discussion will include:
 - Global and APAC Dwell Times
 - Detection by Source Trends
 - Industry Targeting Metrics
 - New and Notable Threat Groups
 - Top Infection Vectors and Malware Families
 - Most Prevalent Attacker Techniques
 - And more!

Today's Top Cyber Developments and Attacks : M-Trends 2023 APAC Views

Tracked since 2018, Mandiant assesses with high confidence that APT43 is a moderately-sophisticated cyber operator that supports the interests of the North Korean regime. The group’s focus on foreign policy and nuclear security issues supports North Korea’s strategic and nuclear ambitions. 

Join this webinar to find out more about:
 - APT43's toolkit and technique that characterize their operations
 - Unique targeting activities that differentiate APT43's operations
 - How APT43 fits into North Korea's cyber capability and their relationship to other groups.

APT43: Prolific Cyber Operator Linked to the North Korean Regime

Mandiant Managed Defense provides customers with the solution to the problem, not alerts.

This presentation will provide a background to Mandiant Managed Defense. We’ll also explore how our customers benefit from Managed Defense service to receive earlier sign of initial compromise and avoid bigger threats

Protect and Defend with Mandiant Managed Defense

This session is the fourth in our multipart virtual series that will provide helpful insights and best practices surrounding the six critical functions of cyber defense that make up The Defender’s Advantage.  

In this webinar, join Mandiant experts for a discussion on how to properly Respond to resume normal business operations and effectively remove threats from the environment. Also learn how to proactively Hunt for evidence from a previous or existing compromise to enhance future response capabilities and realize new methods of threat detection.

Respond to Resume Operations & Hunt to Prevent Compromise- Webinar Series Part 4

This session is the third in our multipart virtual series that will provide helpful insights and best practices surrounding  the six critical functions of cyber defense that make up The Defender’s Advantage.  

In this webinar, join Mandiant experts for a discussion on how to effectively contextualize, categorize, and prioritize cyber security incidents to rapidly Detect malicious activity and identify significant business risks. Also learn how to Validate your security control ecosystem to ensure the optimization and success of the detection process to ultimately protect your critical assets.

Detect Risks & Validate Security Controls - Webinar Series Part 3

Over the last few years, Mandiant has observed a rise of cyber attacks from ransomware attacks to more sophisticated and persistent cyber threats known as Advanced Persistent Threats (APTs). These can dramatically impact people, organizations, and governments; as well as the society if critical infrastructures are targeted.

The implementation of a robust cybersecurity program (human, technical, and strategic) enables organizations and governments to prepare their environment to detect malicious activities, identify, and respond to them to limit the impact (e.g., reputational, business continuity, financial, legal, etc.).

This presentation provides an explanation on how organizations can use threat intelligence to proactively identify threats targeting them, as well as to drive incident response process to effectively determine the scope of the cyber attack to remediate it. Moreover, the incident response process will be discussed to demonstrate how to investigate and respond to a large-scale cyber incidents while limiting the impact.

The presentation will conclude on how the traditional digital forensics science could support and improve the incident response process.

Intelligence Driven Incident Response

This session is the second in our multipart virtual series that will provide helpful insights and best practices surrounding the six critical functions of cyber defense that make up The Defender’s Advantage.  

In this webinar, join Mandiant experts for a discussion on how to understand and effectively implement your collective Threat Intelligence to make the right security decisions. We will also dive into the establishment of Command and Control to orchestrate the prioritization of activities performed by all six cyber defense functions to achieve security resilience and reduce the overall impact of cyber attacks.

Who should attend:
CISOs
Cyber defense directors
SOC managers
Seasoned and new cybersecurity practitioners

Utilize Threat Intelligence, Establish Command & Control - Webinar Series Part 2

Learn how to activate the six critical functions of Cyber Defense to optimize your security program in the face of harmful adversaries. Building a best-in-class cyber defense organization will provide confidence in your ability to protect, defend and respond to sophisticated [and inevitable] threats that can cripple business operations. 

As outlined in Mandiant’s award-winning book,“The Defender’s Advantage” organizations are defending against adversaries within their very own environment. Because the defender owns the environment in which they go head-to-head with these ruthless attackers, it’s important to remember that the defender has a fundamental advantage–however many  organizations struggle to capitalize on it.

This multipart webinar series will provide helpful insights and best practices surrounding the six critical functions of cyber defense that make up The Defender’s Advantage.  

Register for this first session to receive an executive overview of The Defender’s Advantage and its six critical functions of cyber defense—Threat Intelligence, Command and Control, Detect, Validate, Respond and Hunt. Each of these functions represents different responsibilities focused on distinctive goals, while collectively working together to rapidly identify and effectively respond to threats. 

Who should attend:
CISOs
Cyber Defense Directors
SOC Managers
Seasoned and new Cybersecurity Practitioners

Take Control of Your Cyber Defense with The Defender’s Advantage Series, Part 1

Speakers:
• Steve Ledzian, CTO & VP, APAC - FireEye
•	Yihao Lim, Principal Intelligence Enablement Consultant, APAC - Mandiant
•	Vinoo Thomas, Senior Product Line Manager - Endpoint, APAC - FireEye
•	Ryan Delany, Senior Technical Marketing Manager - SaaS Endpoint - FireEye

Regardless of your organization’s size, industry, or locale, there are steps that you can take to identify Exchange exploitation in your environment.

In this session, we address the following questions:
•	What’s happening with this attack?
•	What do we know about the threat actors so far?
•	How does this attack impact my organization?
•	What can—and should—I do right now?

Join us to discuss these attacks on Microsoft Exchange servers. Our goal in this session is for you to walk away with concrete next steps to assess your environment.

Insights into the ProxyLogon Exchange Vulnerabilities  & related attack activity

FireEye

Mandiant

Vulnerabilities

Cyber Attacks

Cyber Crime

Ransomware

Vulnerability Intelligence

Vulnerability Management

Vulnerability Scanning

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Get powerful insights to run your business. CEOs, CFOs, CMOs, COOs, CTOs and CIOs are among the leaders in this community who connect with peers and experts to grow their businesses.

CxO Strategy

In the business management community, commercial experts will be sharing webinars and videos on an array of subjects. From sales and marketing, to finance, productivity and growth, this content will help you stay up-to-date with the current economic environment and provide timely management insight to drive business growth.

Insights into the ProxyLogon Exchange Vulnerabilities & related attack activity

Presented by

About this talk

More from this channel