Name: Linux Threats: A Black Hat 2022 Hot Topic?
Start: 2022-08-26T20:31:00Z
End: 2022-08-26T20:31:35.000Z
Location: BrightTALK
Rating: 0

BlackBerry (NYSE: BB; TSX: BB) provides intelligent security software and services to enterprises and governments around the world. The company secures more than 500M endpoints including 150M cars on the road today. Based in Waterloo, Ontario, the company leverages AI and machine learning to deliver
innovative solutions in the areas of cybersecurity, safety and data privacy solutions, and is a leader in the areas of endpoint security management, encryption, and embedded systems. BlackBerry’s vision is clear — to secure a connected future you can trust.

For more information, visit BlackBerry.com and follow @BlackBerry.

Malware is a vehicle to fulfill goals and should not be considered solely malicious code. Based on BlackBerry Cylance telemetry and our in-house cyber threat intelligence (CTI) analysis, we have identified the most prominent threat actors targeting automotive, healthcare, financial and other industries worldwide. Who are they? What are their tactics, techniques and procedures (TTPs) and what tools do they use to target Windows, macOS, Linux, and Android devices?

CTI Insights: Q4 2022 Cyberthreats Landscape – What have we seen?

The nature of work has fundamentally changed, magnifying the importance of secure, high-performance, and flexible remote access. Many organizations discovered that their legacy VPNs weren’t up to supporting the increased use of cloud services, the swing to remote and hybrid work models, and the need to enable third-party access to internal applications.

Watch cybersecurity experts from BlackBerry and ESG as they discuss:
-The vulnerabilities of VPN
-The importance of a VPN replacement strategy
-What ZTNA is, and why so many organizations turning to ZTNA

Please join the discussion with:

John Grady, Sr. Analyst, Enterprise Strategy Group
Mark Mariani, Sr. Product Marketing Manager, BlackBerry
Sriram Kirshnan, Sr. Director of Product Management, BlackBerry

How to Enable Zero Trust Secure Access in the Era of Work From Anywhere

BlackBerry recently commissioned Forrester Consulting to conduct a Total Economic ImpactTM Study of CylancePROTECT®. In this session, we focus on key market trends that impact endpoint security from both the industry and customer perspectives.  

Key topics include:  

-Massive growth in attacks 
-The anywhere work impact 
-Vendor landscape  
-Doing more with less 
-Reducing integration complexity 
-How telemetry is critical 
-XDR distraction versus the need for prevention first

Understanding Endpoint Security Market and Customer Trends

Let’s go back, way back to 2013 when AV was AV, whitelisting was whitelisting, and EDR ads were taking over airport terminals. Ah, the good old days.

News Flash! Dr. Emmett Brown just showed up and he’s got urgent news from the future. No matter how good your incident response capabilities are, they cannot stand on their own (sort of like Biff, who was nothing without his buddies).

To be effective, incident response (IR) must be part of an overarching strategy that includes prevention and detection. It must be integrated with and supported by SOC and adjacent services that identify, prevent, and detect threats regardless of source and location, internal and external, or on network or off.

Join SANS Instructor Greg Scheidel and BlackBerry’s vCISO Robert Fink as they discuss what we’ve learned about prevention, detection, and response in the past, what we can glean about the future of enterprise IT, and what it means for the future of your endpoint protection strategies.

Back to the Future: What Will Endpoint IR Really Look Like?

What is the difference between endpoint detection and response (EDR), extended detection and response (XDR), and managed XDR (MXDR)? And which approach makes the most sense for your organization? Sorting through these cybersecurity solutions can offer insights and ideas about the strategy that would most rapidly and easily increase an organization’s security posture.

Watch Patrick Slattery, Global Director of Managed Detection and Response (MDR) Services at BlackBerry, as he shares his expertise on these cyber solutions and how each can benefit organizations of all sizes.

EDR vs. XDR vs. Managed XDR: Which Makes Sense for You?

Ransomware attacks are no longer “drive-by” events. Encryption is only one of the problems among a list of others that include operational disruption and data exfiltration for extortion, ransom, sale, and re-sale.

Join SANS Senior Instructor Jake Williams, SANS Instructor and BlackBerry Principal Incident Response Consultant Ryan Chapman, and BlackBerry Most Distinguished Threat Researcher Dmitry Bestuzhev as they dissect and analyze today’s typical ransomware operation. They will look at initial access, local privilege escalation, lateral movement, and much more, closing with advice on detection and prevention opportunities.

SANS Anatomy of a Ransomware Operation

XDR technology claims are rampant. Many fail to deliver on expectations. CylanceGUARD® delivers the security promise of XDR by blending people and technology to meet your needs. And it offers measurable gains in real-time detection, coordinated response, and recovery times.

XDR – Where Do I Start? Focus On Security Outcomes Not Technology

Join BlackBerry CISO John McClurg and former Gartner Sr. Director Analyst Paul Webber to discuss the top cybersecurity threats and responses. You’ll learn adversary tactics, AI, transitioning from reactive protection to preventative tactics, merging physical and cybersecurity preparedness, and more.

BlackBerry Security Summit 2022 | Top 2022 Cybersecurity Trends & Takeaways

The security perimeter is everywhere, yet invisible. And it’s under siege. Learn how our Zero Trust Security Model secures your business assets and our behavioral intelligence offers smarter security, privacy, and trusted access to any business app on any managed or unmanaged device–anywhere.

BlackBerry Security Summit 2022 | Unpacking Of Zero Trust Network

Security environments are continuously becoming more complex, burdening security professionals with endless alerts and maintenance. All the while, cybersecurity professionals are becoming scarcer. But, upgrading your endpoint environment shouldn't equate to more complexity. Watch this on-demand webinar to learn more about the new capabilities within CylancePROTECT® 3 – to enhance and improve your security posture with an automated approach to security. 

In this session, you'll learn: 

-How to enhance and automate your security.
-Why you should upgrade to CylancePROTECT 3.
-How customers are leveraging the advantages of new CylancePROTECT features to ensure cyber resiliency.

Update CylancePROTECT 3 to Automate and Simplify Your Endpoint Security

As enterprise infrastructures have expanded in scope and complexity, so too have the cyberthreats that target them. In today’s digital-first environment, legacy security controls are unlikely to be able to stand up to the volume and sophistication of these attacks. Even newer security software may be overwhelming and require nuanced human intervention, which is not always accessible due to the continuing security skills shortage. To address this, some organizations are turning to managed extended detection and response (XDR) services, to strengthen their cybersecurity capabilities.

Managed XDR can be useful not just for greater technological heft, but also for advanced strategies and expert assistance. Security programs must simultaneously handle prevention, detection, response, and recovery, in order to reduce the impact of any potential cyberattack. ESG has found that, by outsourcing to an experienced managed XDR vendor, organizations have reported both improved security efficacy and operational efficiency. From noise and cost reduction to security program development, identifying the right partner could make all the difference in your security outcomes.

In this webinar from BlackBerry and ESG, industry experts will assess the full impact that managed XDR can have on security programs.

Tune in to learn more about:
— The challenges security operations teams are facing today
— What makes a managed XDR service different from a traditional MDR service
— How managed XDR can be leveraged in high-risk situations, in real time
— What the security program long game could look like, with XDR support
— And much more

Strengthening Security Program Outcomes with Managed XDR

A cybersecurity protocol can commonly be broken down into three stages: prevention; detection & response; and recovery. By implementing effective protocols at the beginning of the funnel, companies can dramatically reduce the number of threats that require an active response. Yet many organizations have decided to focus on the bottom of the funnel, resigning themselves to handle a large volume of cyberthreats. This will be a resource drain, no matter how efficient your detection and recovery systems are.

Effective prevention has historically been challenging, but new technology has dramatically changed what is now possible. With the right behavior-targeting software in place, machine learning and AI can be leveraged to great effect. What’s more, concerns around access management can also be tackled through a new approach: Zero-Trust. The possibilities are so great for Zero-Trust, that ESG research found that more than two-thirds of surveyed companies plan to replace existing endpoint security solutions in support of ZT.

Tune into this webinar from Blackberry and ESG to deep dive into the evolution of endpoint security and uncover the wide-ranging impact that Zero-Trust could have on your business. Expert speakers will tackle:
— The limitations of current prevention strategies
— The most effective ways to shape your cybersecurity funnel
— How ZT fits into your network
— And much more

Shape your cybersecurity funnel with Zero Trust: Benefits & impact

A few months ago, in a joint collaboration with Intezer, we discovered a new, previously undetected malware that acts in a parasitic nature and affects Linux® operating systems. It appears to have been written to target the financial sector in Latin America. We have aptly named this malware Symbiote.

Symbiote is a highly evasive malware whose main objective is to capture credentials and to facilitate backdoor access to infected machines. Once on the host machine, it cleverly hides itself, its network traffic, and any other malware used by the threat actor. Because it operates as a userland level rootkit, detecting a Symbiote infection may be nearly impossible. What makes Symbiote different from other Linux malware is its ability to infect running processes, rather than using a standalone executable file to inflict damage. Symbiote is one of the most sophisticated Linux threats we’ve seen in recent times, but trends we’ve observed in the current threat landscape suggest it won’t be the last.

Please join our Most Distinguished Threat Researcher Dmitry Bestuzhev on this deep dive to learn more about Symbiote and how to protect your users and your network environment against it.

Symbiote 101: How to Secure Users Against this Advanced Linux Malware

Fact: 4 in 5 infosec leaders say their software supply chains were exposed to cyberattacks in the last 12 months.

That’s just one of many surprising stats from BlackBerry’s new research exposing the magnitude of software supply chain vulnerabilities in today’s organizations. Join experts from BlackBerry’s Product Security, Critical Event Management, and Cybersecurity Threat Research & Intelligence teams at our next BlackBerry LIVE webcast for a deeper dive into the state of software supply chains. They'll discuss potential vulnerabilities, the impact of a supply chain breach, and what you can do to secure your organization against them.

Magnitude of Software Supply Chain Vulnerabilities Exposed

BlackBerry’s Research and Intelligence Team is on the cusp of something big: Be among the first to find out. Join host Steve Kovsky and threat researchers Ismael Valenzuela and Dmitry Bestuzhev for a live conversation as they reveal new ways for security teams to stay on top of cyber threat activity and anticipate threat actors’ next moves.

Level Up Your Cyber Defense

There are usually a few cyberthreat trends that seem to emerge as important themes at each year’s Black Hat conference. And this year, the increase in Linux threats may be one of them.

This may come as unwelcome news to infosec pros who are used to the Linux® operating system (OS) largely flying below the radar of most threat actors, and as a result, rarely becoming a target for infection or attack. But that is changing rapidly, as we learned during our BlackBerry LIVE chat focusing on the increase in threats and threat actors specifically targeting Linux and the critical systems that depend on it.

The LinkedIn Video session was a preview of “Stories from the Blindspot: Linux Implants – A Silent, Long-living Threat,” being presented at Black Hat on Aug. 10 & 11 at 1:00 pm, at the BlackBerry Booth, #1232. 

Watch the video below, hosted by Ismael Valenzuela, BlackBerry vice president for threat research and intelligence. He is joined by Dmitry Bestuzhev, a BlackBerry most distinguished threat researcher, and Ryan Chapman, principal incident response & forensics consultant, as they share new Linux research details, including prevention, response, and risk mitigation.

Linux Threats: A Black Hat 2022 Hot Topic?

Cyber Incident Response

BlackHat

Threat Hunting

Cyber Security

Welcome to the virtualization community on BrightTALK! Whether it affects servers, storage, networks, desktops or other parts of the data center, virtualization provides real benefits by reducing the resources needed for your
infrastructure and creating software-defined data center components. However, it can also complicate your infrastructure. Join this active community to learn best
practices for avoiding virtual machine sprawl and other common virtualization pitfalls as well as how you can make the most of your virtualization environment.

Virtualization

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Practicing business intelligence allows your company to transform raw data into sets of insights for targeted business growth. The business intelligence and analytics community on BrightTALK is made up of thousands of data scientists, database administrators, business analysts and other data professionals. Find relevant webinars and videos on business analytics, business intelligence, data analysis and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Business Intelligence and Analytics

The storage community on BrightTALK is made up of thousands of storage and IT professionals. Find relevant webinars and videos on storage architecture, cloud storage, storage virtualization and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Storage

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

Welcome to the big data and data management community on BrightTALK. Join thousands of data quality engineers, data scientists, database administrators and other professionals to find more information about the hottest topics affecting your data. Subscribe now to learn about efficiently storing, optimizing a complex infrastructure, developing governing policies, ensuring data quality and analyzing data to make better informed decisions. Join the conversation by watching live and on-demand webinars and take the opportunity to interact with top experts and thought leaders in the field.

Big Data and Data Management

Get powerful marketing data and analytics insights from influential experts. Connect with thought leaders and colleagues to get the most up-to-date knowledge on the analytics that quantify your investments.

Data and Analytics

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Linux Threats: A Black Hat 2022 Hot Topic?

Presented by

About this talk

More from this channel