Hi [[ session.user.profile.firstName ]]

Three Windows zero-days in three months: how we found them in the wild

Within just a three-month period, Kaspersky Lab technologies automatically detected a unique occurrence of three zero-day exploits in the wild. All of them were found in APT attacks in the Middle East and Asia.
Attacks that go through zero-day vulnerabilities continue to be among the most dangerous, as they involve the exploitation of an undiscovered and unfixed weakness. This, though, makes them particularly difficult to detect and prevent. If such a vulnerability is found by criminals first, it can be used to create an exploit – a special malicious program that will have open access to an entire system. This “hidden threat” attack scenario is widely used by sophisticated actors in APT attacks and was used across all these three incidents.
Security researcher Anton Ivanov is head of the team of researchers that, in collaboration with Kaspersky Lab GReAT, disclosed zero-day vulnerabilities in Microsoft Windows OS following Kaspersky Lab mechanisms detecting the exploit. In this webinar, Anton will share the details of the work done by his team while working on the following zero-days vulnerabilities:
•CVE-2018-8453
•CVE-2018-8589
•CVE-2018-8611
Anton will elaborate on the technologies that made it possible to detect these exploits and discuss the process of searching and finding such vulnerabilities – including both technical and ethical (such as responsible disclosure) aspects.
Recorded Feb 21 2019 55 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Anton Ivanov - Head of Advanced Threats Research and Detection Team
Presentation preview: Three Windows zero-days in three months: how we found them in the wild

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • IT security vulnerabilities in healthcare. How to avoid losing patient records? Jul 28 2019 11:00 am UTC 57 mins
    Denis Makrushin, Security researcher, Kaspersky Lab; Vitaly Mzokov, Solution Business Lead, Kaspersky Lab
    Personal health information is private and precious. Medical organizations and healthcare professionals hold this data in trust – but is that trust justified? Yuri Namestnikov and Denis Makrushin, security researchers at Kaspersky Lab, have analyzed public sources and uncovered a number of vulnerabilities in healthcare organizations that threaten data. Join the webinar to learn how to secure your business perimeter.

    Please find more by the link – https://securelist.com/time-of-death-%D1%81onnected-medicine/84315/

    Want to know more about underground financial threats? Join our next webinar:
    https://kas.pr/i6vz
  • The end of cyber-threat intelligence. Сriminals’ developing tactics Jul 1 2019 11:00 pm UTC 47 mins
    Vicente Diaz, Security researcher, Kaspersky Lab
    The art of cyber-threat hunting keeps businesses aware of recent or upcoming threats, and enables them to protect the organization from attacks and breaches before it's too late. But what if criminals go totally under the radar? Vicente Diaz, security researcher at Kaspersky Lab, will present the most recent trends in the world of cybercriminals and how they avoid even the most sophisticated threat hunters. Join the webinar to learn how to harvest intelligence when the criminals are completely in the shadows.

    Want to know more about challenges to cyber-threat intelligence? Join our next webinar:
    https://kas.pr/moe1
  • Panel debate: The risks and rewards of transparency in cybersecurity Jun 19 2019 9:30 am UTC 54 mins
    Anton Shingarev, Jan-Peter Kleinhans, Kevin Limonier, Melinda Crane,
    An international panel of leaders and influencers from across the security landscape will explore how the global ICT industry can best build trust and assurance for their products in the current cybersecurity landscape. Among other things, the panel will discuss the need to prove trustworthiness and the risks and benefits of transparency actions such as code reviews.

    Panellists are:
    • Kevin Limonier, Associate Researcher, Castex Chair of Cyberstrategy;
    • Jan-Peter Kleinhans, Project Director, Stiftung Neue Verantwortung;
    • Anton Shingarev, Vice President of Public Affairs, Kaspersky Lab.

    Moderator: Melinda Crane, Chief Political Correspondent, Deutsche Welle
  • The role of threat intelligence in an effective security operation Jun 11 2019 12:00 am UTC 59 mins
    Oleg Glebov, Threat Management and Defense Solution Leader, Alexander Liskin, Heuristic Detection Group Manager Kaspersky Lab
    Experts predict a busy year for cybersecurity threats… a rise in general and accidental malware infections, an increased risk of targeted ransomware attacks and new types of malware and malicious tools all lie ahead.

    Threat intelligence is a key component of any effective security operation. Without exceptional, coordinated threat intelligence, cyber threats simply can’t be reliably identified or stopped.

    Kaspersky Lab is hosting a webinar on the key role of threat intelligence in an effective security operation. The webinar will be presented by Oleg Glebov, solution leader for our Threat Management and Defense portfolio and Alexander Liskin, Kaspersky Lab anti-malware research expert.

    The webinar is aimed at anyone with a professional interest in cybersecurity and threat intelligence, in particular IT security officers, incident response specialists and SOC analysts.

    The webinar will cover the following topics:
    • the current threat landscape – and the methods cybercriminals use to evade detection;
    • the critical role threat data feeds play in protecting you from attack;
    • the increasing importance of proven, established sandboxing – and the capabilities of Kaspersky Lab’s Cloud Sandbox;
    • APT and Financial Threat Intelligence Reporting;
    • how our experts use Threat Lookup for incident investigation;
    • Kaspersky’s Threat Intelligence Services – and how we can help build a comprehensive Incident Response (IR) framework with our Threat Intelligence Portal and Cloud Sandbox.
  • Fraud beyond finance: multi-industrial approach to prevention Jun 4 2019 5:00 am UTC 29 mins
    Tim Ayling, Global Head of Fraud Prevention Solutions, Kaspersky Lab
    When it comes to discussions related to fraud, we think about the finance first. Financial institutions historically have suffered the most being the targets of various criminal schemes, malware, social engineering, money laundering and other fraud vectors.

    However, nowadays we see that organizations across different industries are suffering reputational, financial and other damages caused by fraud. Government agencies, healthcare organizations, retail and e-commerce, loyalty schemes, gaming industry and gambling rooms report cases of account takeover, new account fraud, even money laundering related attacks. Most of them have fraud prevention measures in place to fight or at least to monitor this. But fraud has evolved into a form of organizational crime and attackers offer training and knowledge sharing to help find a way past well-known fraud management solutions.

    At the webinar we are going to cover the most up-to-date threat landscape for different types of businesses and share some real cases of success.
  • Redefining Enterprise Security in an Era of Digital Transformation May 28 2019 1:00 pm UTC 68 mins
    Kaspersky Lab and guests
    In the digital world, effective information security is now a key business success factor. As attackers find new ways to attack digital assets, the ability of the organization to maintain continuity, and the security of the information circulating in it, may be called into question. New attack methods and threat vectors require fundamentally new approaches to corporate protection.

    As part of the World Cyber Security Congress in London on March 27, Kaspersky Lab will be conducting a seminar exploring ways to solve the problem of protection in the digital world, where the risks are so high, and where the only sure defense lies a comprehensive security approach.

    Join us there to:

    • Find out about the threats organizations like yours are currently facing

    • Learn how to build reliable protection in the era of digital transformation

    • See how leading-edge global corporation has built its security on proven technologies

    • Put your questions to our experts


    During the seminar, our Principal Security Researcher in the Global Research and Analysis Team David Emm will talk about contemporary threats in ‘The Top Cyber-threats Facing Your Digital Business’.

    Next, in ‘Cybersecurity as Part of Your Digital Transformation Strategy’, Adam Maskatiya, General Manager, Kaspersky Lab UK & Ireland will outline how to build a cybersecurity system able to respond to highly complex threats.

    The seminar will end in conversation - CTO one of our customer talks about their success story in fighting today’s cyberthreats.
  • Fraud Prevention - IT ain’t what you do (it’s the way that you do it) May 20 2019 1:00 pm UTC 45 mins
    Tim Ayling, Global Head of Fraud Prevention Solutions
    Isn’t it funny how biometrics, a science that has been around for centuries, did not enter the public consciousness until Apple launched Touch ID with the iPhone 5S in September 2013? Now it is seen by many as the solution to our fraud concerns. Of course, this technology, like any other, whilst offering tremendous potential, is not the be-all and end-all of fraud and cybercrime prevention. In this presentation we will look at why Artificial Intelligence and behavioural biometrics, on their own, are not the answer to all your cybersecurity woes.
  • IT security vulnerabilities in healthcare. How to avoid losing patient records? May 20 2019 3:00 am UTC 57 mins
    Denis Makrushin, Security researcher, Kaspersky Lab; Vitaly Mzokov, Solution Business Lead, Kaspersky Lab
    Personal health information is private and precious. Medical organizations and healthcare professionals hold this data in trust – but is that trust justified? Yuri Namestnikov and Denis Makrushin, security researchers at Kaspersky Lab, have analyzed public sources and uncovered a number of vulnerabilities in healthcare organizations that threaten data. Join the webinar to learn how to secure your business perimeter.

    Please find more by the link – https://securelist.com/time-of-death-%D1%81onnected-medicine/84315/

    Want to know more about underground financial threats? Join our next webinar:
    https://kas.pr/i6vz
  • Kaspersky Lab’s Advanced Targeted Threat predictions for 2019 May 15 2019 12:00 am UTC 57 mins
    Vicente Diaz and Costin Raiu, security researchers in Kaspersky Lab’s Global Research and Analysis Team
    Kaspersky Lab will share its predictions for what the world’s major threat actors could have planned for the coming year. The webinar will explore some of the key trends in terms of tools, techniques and processes likely to be used by such groups against government organizations, enterprises, critical infrastructure, society at large, and more – and consider what that means for organizations, the security community and international cyberspace.

    The aim of the webinar is to stimulate debate among IT security professionals in all industries and to increase awareness and understanding that will help them to defend their organization against these threats.
  • Fin7 APT: how billion dollar crime ring remains active after leaders’ arrest May 13 2019 2:00 pm UTC 75 mins
    Felix Aime, Yury Namestnikov
    When Europol and the DoJ announced the arrest of the leaders of the Fin7 and Carbanak cybercriminal group in 2018, it was believed the group would cease its activity. However, recent data indicates that the attacks have not only continued, but have evolved. Fin7 has extended the number of groups operating under its umbrella, sophisticated its methods and even went on the legitimate job market to hire employees who apparently did not suspect they were working for hackers. The main aim behind Fin7’s malicious activities remained the same though – the stealing of financial assets.

    On the 7th of May, cybersecurity experts from Kaspersky Lab’s GReAT team – Yury Namestnikov and Felix Aime – will explain how the new Fin7 activity was detected, which groups are now under its umbrella and how to protect yourself from it.
  • Remote Administration Tools in attacks on industrial enterprises May 7 2019 2:00 pm UTC 75 mins
    Kirill Kruglov, Vyacheslav Kopeytsev
    On May 7, 2019, Kaspersky Lab ICS CERT experts will conduct a webinar focused on a specific type of attack on industrial facilities, where remote administration tools (RATs) have been used or involved. This is a rapidly emerging threat today for ICS facilities, so it is vital to raise awareness and inform businesses how it can affect them.

    The webinar was originally broadcast in October 2018, yet the recording was lost due to technical issues. Following demand, Kaspersky Lab ICS CERT experts will present the webinar again, this time with updated relevant statistics.

    Kirill Kruglov and Vyacheslav Kopeytsev, security researchers in Kaspersky Lab's ICS CERT, will examine a number of real-world incidents which have been investigated by fellow ICS CERT experts. RATs are useful tools, often used by both system administrators and contractors. However, today there is a real risk that the RATs themselves, or the paths created for them, are being increasingly exploited by threat actors – especially against ICS.
    Finally, Vyacheslav and Kirill will discuss statistics from the Kaspersky Security Network and present a few mitigating strategies for industrial environments where RATs are used. For example, Kaspersky Labs offers an ICS Malware Data feed, which helps identify malicious uses of RATs. There will be a Q&A session after the presentation.
  • Sophisticated cyberthreats of 2018 – what matters? May 5 2019 8:00 pm UTC 40 mins
    Costin Raiu, Head of Global Research & Analysis Team (GReAT)
    Join our jargon-free kick-off session to find out what some of the most sophisticated threat actors were up to: their tools, techniques and targets, and how to spot and combat them and keep your business safe.

    Want to know more about cybersecurity in healthcare? Join our next webinar: https://kas.pr/1ryh
  • APT Trends in Q1, 2019 – the latest campaigns, tools and targets Apr 30 2019 1:00 pm UTC 90 mins
    Vicente Diaz and Costin Raiu, security researchers in Kaspersky Lab’s Global Research and Analysis Team
    Kaspersky Lab experts will present their review of advanced persistent threat activity in the first quarter of 2019. They will chart the latest campaigns, tools and techniques deployed by established and emerging threat actors, including a major supply chain compromise, newly discovered cyberespionage operations and the relentless persistence of financially motivated attacks.
  • Playing to Your CyberStrengths: Overcome complexity by evaluating expertise Apr 25 2019 3:30 pm UTC 75 mins
    Rob Cataldo Vice President of Enterprise Sales USA, Kaspersky Lab; Chris Sherman Senior analyst serving security, Forrester
    To get ahead of endpoint cyberthreat complexity and protect their organizations, enterprise security and risk professionals must prioritize threat prevention and detection technologies that don’t require constant maintenance and overly manual workflows. In this webinar, attendees will learn how to identify the right combination of automatic and manual technologies commensurate with their security team’s level of expertise. This will put them in the best position to combat modern threats while also decreasing the amount of friction within their own security organization.
  • SAS for Business: The forces transforming cybersecurity in 2019 and beyond Recorded: Apr 22 2019 55 mins
    Kaspersky Lab and top security leaders.
    Kaspersky Lab is hosting a live online business webinar from Singapore as part of its global Security Analyst Summit 2019

    The summit will feature a presentation by Amin Hasbini, a top security researcher in Kaspersky Lab’s elite Global Research and Analysis Team, on the threats and threat actors that are likely to target enterprises in 2019 and beyond.

    This will be followed by a panel debate that will consider how the rapidly evolving cyberthreat landscape, new technologies such as AI, and geopolitical change will affect enterprises across all business sectors in an increasingly ultra-connected world.

    The panelists are Pedro Deryckere, Team Lead Cyber Threat Research and Information Sharing, CERT.be; Simon Piff, Vice President, IDC APAC Security Practice; Alexander Moiseev, Chief Business Officer, Kaspersky Lab; and Juan Andrés Guerrero-Saade, Staff Security Researcher, Chronicle Security. The panel will be moderated by Tara Seals, senior editor, Threatpost
  • SAS for Business: The forces transforming cybersecurity in 2019 and beyond Recorded: Apr 10 2019 55 mins
    Kaspersky Lab and top security leaders.
    Kaspersky Lab is hosting a live online business webinar from Singapore as part of its global Security Analyst Summit 2019

    The summit will feature a presentation by Amin Hasbini, a top security researcher in Kaspersky Lab’s elite Global Research and Analysis Team, on the threats and threat actors that are likely to target enterprises in 2019 and beyond.

    This will be followed by a panel debate that will consider how the rapidly evolving cyberthreat landscape, new technologies such as AI, and geopolitical change will affect enterprises across all business sectors in an increasingly ultra-connected world.

    The panelists are Pedro Deryckere, Team Lead Cyber Threat Research and Information Sharing, CERT.be; Simon Piff, Vice President, IDC APAC Security Practice; Alexander Moiseev, Chief Business Officer, Kaspersky Lab; and Juan Andrés Guerrero-Saade, Staff Security Researcher, Chronicle Security. The panel will be moderated by Tara Seals, senior editor, Threatpost
  • Rebroadcast: Financial Cyberthreats in 2018 Recorded: Apr 2 2019 47 mins
    Dmitry Bestuzhev, Security researcher, Kaspersky Lab
    Kaspersky Lab will present an exclusive overview of the top cyber-threats targeting financial services, based on the company’s threat intelligence research in 2018.

    The report on financial cyberthreats in 2018 is available here https://securelist.com/financial-cyberthreats-in-2018/89788/
  • Parsing out threat intelligence sources with Kaspersky CyberTrace Recorded: Mar 27 2019 47 mins
    Ilya Markelov, CyberTrace Product Manager and Artem Karasev, Senior Product Marketing Manager
    Our webinar is dedicated to the recent release of CyberTrace, our threat intelligence fusion and analysis tool. During the event, you will learn how to:
    • Define key criteria when choosing threat intelligence sources
    • Determine if the specific feed is relevant for your organization
    • Overcome the challenges of integrating threat intelligence feeds with SIEM:
    - SIEM systems are unable to digest millions of threat indicators
    - Integrating threat intelligence feeds with SIEM is time-consuming and resource-hungry
    - Before matching observables against threat intelligence feeds, SIEM or TIP must expose the obfuscation techniques used by threats to hide malicious activities in logs - but it doesn’t usually do this, resulting in reduced feeds efficiency
    • Reduce false positive rates through whitelisting and filtering of the feeds
    • Effectively leverage threat intelligence if you don’t have SIEM
    • Distill and prioritize sweeping amounts of security alerts and identify alerts that should be escalated to IR teams using Kaspersky Threat Data Feeds and their context.
  • ICS threats in H2 2018: deep dive into attack statistics and security weaknesses Recorded: Mar 20 2019 61 mins
    Kirill Kruglov, senior security researcher at Kaspersky Lab ICS CERT
    The webinar will be helpful for those who wish to know more about current ICS cyberthreats.

    The webinar’s speaker Kirill Kruglov, senior security researcher at Kaspersky Lab ICS CERT, will talk about major threats relevant to industrial control systems that Kaspersky Lab ICS CERT identified in H2 2018. In addition to discussing general statistics on malicious attacks that were detected and prevented by Kaspersky Lab products on industrial computers globally, he will offer a deeper dive into the attacks we saw, TTPs used by attackers, and root cause analysis of major security weaknesses we discovered. In addition, Kirill will discuss the methodology used to collect and analyze the data, which will help the webinar participants to better understand what these figures mean.
  • How to get positive score on training the "negative" topics Recorded: Mar 13 2019 53 mins
    Adam Filler Master Trainer Security Awareness
    Do your employees enjoy security training? Right, no one does. Meanwhile 80 % of cyberincidents are caused by human errors. Cybersecurity is seen as an imposition, a limitation on personal freedom, while it is a critical risk for organizations. Employees' business goals and Security objectives often appear to be contradictory. The right approach to developing cybersecurity awareness can solve this dilemma.
    Learn more about modern e-learning technologies and behavioral psychology that help achieve both targets with Adam Filler co-author of gamified training products and a master trainer of Kaspersky Security Awareness

    From this webinar you will learn:
    - How to fight people’s misconceptions about cybersecurity
    - How to engage people and ensure training effectiveness
    - New technologies that help to deal with challenges a training manager usually faces
Latest on cyberthreats and protection technologies
Top-notch cybersecurity and protection technology experts share their knowledge on how to mitigate the most dangerous cyberthreats that any organization may face. Contact us at https://www.kaspersky.com/about/contact

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Three Windows zero-days in three months: how we found them in the wild
  • Live at: Feb 21 2019 2:00 pm
  • Presented by: Anton Ivanov - Head of Advanced Threats Research and Detection Team
  • From:
Your email has been sent.
or close