Name: Widespread SMS phishing attack thwarted with Cloudflare Zero Trust and YubiKeys
Start: 2022-12-07T17:00:00Z
End: 2022-12-07T17:00:56.000Z
Location: BrightTALK
Rating: 4.9

Yubico (Nasdaq First North Growth Market Stockholm: YUBICO), the inventor of the YubiKey, offers the gold standard for phishing-resistant multi-factor authentication (MFA), stopping account takeovers in their tracks and making secure login easy and available for everyone. Since the company was founded in 2007, it has been a leader in setting global standards for secure access to computers, mobile devices, servers, browsers, and internet accounts. Yubico is a creator and core contributor to the FIDO2, WebAuthn, and FIDO Universal 2nd Factor (U2F) open authentication standards, and is a pioneer in delivering hardware-based passwordless authentication using the highest assurance passkeys to customers in 160+ countries. 

Yubico’s solutions enable passwordless logins using the most secure form of passkey technology. YubiKeys work out-of-the-box across hundreds of consumer and enterprise applications and services, delivering strong security with a fast and easy experience.

As part of its mission to make the internet more secure for everyone, Yubico donates YubiKeys to organizations helping at-risk individuals through the philanthropic initiative, Secure it Forward. The company is headquartered in Stockholm and Santa Clara, CA. For more information on Yubico, visit us at www.yubico.com.

Phishing attacks continue to rise but is the advent of AI predicting dramatic increases in sophistication and number of attacks? Legacy authentication such as username and passwords and mobile-based authentication, while already hackable, may be pushed to become obsolete with AI making them even less effective. Learn about the present and future state of AI phishing and how to tackle both today's and tomorrow's cyber threats.

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

AI cyber threats: 30 minutes to midnight

Most cyber breaches originate from stolen credentials, often from phishing attacks, which further solidifies that usernames and passwords are not a sufficient method to secure user access. There is a crucial need to move to passwordless phishing-resistant MFA. Whether you have started on your passwordless journey, or are trying to figure out how to begin, you are in the right place.

Attendees will learn about:
- How to begin your journey to passwordless authentication
- How to secure your infrastructure with phishing-resistant and passwordless MFA
- How YubiKeys advance an enterprise’s passwordless strategy with easy-to-use, modern device-bound passkeys 

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Phishing-resistant MFA accelerates enterprises to passwordless

Microsoft and Yubico will explore the seamless adoption of phishing-resistant multi-factor authentication (MFA) through Microsoft’s new Entra ID passkey (FIDO2) provisioning APIs. Designed for enterprises and agencies worldwide, these APIs empower organizations to deploy security keys quickly and effectively, ensuring robust phishing-resistant authentication from Day 1 while facilitating recovery options. 

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Streamline Phishing-Resistant MFA: Simplified Passkey Provisioning with Microsoft and Yubico

Despite marked advancements in security technologies and processes, sophisticated malicious actors are able to easily circumvent controls and compromise user credentials through phishing and social engineering attacks. And with the evolution of AI these threats are becoming even more effective. Organizations and individuals need strong phishing-resistant MFA to stay ahead of these threats. Join this session to learn about the evolving threat landscape and how becoming a phishing-resistant user and using the right passkey approach can help stop account takeovers in their tracks.  

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Navigate the evolving threat of phishing and social engineering with passkeys

Welcome to our exclusive webinar tailored for the Middle East, where we will discuss the critical cybersecurity challenges facing government and enterprises in today’s digital landscape.

During this session, we will explore the ever-growing cyber threats and the essential role that enterprise multi-factor authentication (MFA) plays in enhancing security. Discover how Yubico’s cutting-edge hardware and Versasec’s powerful credential management work together to create a comprehensive strategy for deploying and managing MFA across your enterprise.

Key Takeaways:
- A deeper understanding of the diverse cyber threats impacting organizations today
- Key drivers for adopting passwordless MFA, including evolving cyber threats, regulatory compliance, remote access, and user convenience
- Best practices for the efficient and secure deployment of YubiKey and Versasec credential management  in your infrastructure

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Yubico and Versasec: Strengthening Cybersecurity in the Middle East

[For our bilingual, Spanish speaking audience]
En este webinar, explicaremos cómo proteger de manera eficaz los entornos donde el uso de dispositivos móviles está restringido por razones de seguridad, privacidad o por la naturaleza del entorno. Muchas organizaciones, desde call centers hasta plantas de fabricación y entornos de retail, enfrentan desafíos únicos al no poder utilizar la autenticación móvil. A medida que los ciberdelitos continúan aumentando, es crucial desarrollar estrategias de seguridad robustas para estos espacios sensibles.

Únase a nosotros para aprender:
- Las mejores prácticas de seguridad para entornos con restricciones móviles.
- Estrategias para mejorar la postura de seguridad y los flujos de trabajo de los usuarios.
- Cómo maximizar la seguridad frente a las amenazas modernas, mejorar la experiencia del usuario y aumentar la productividad.

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Autenticación Segura: Innovaciones y Estrategias en Entornos Sin Dispositivos Móviles

Cybersecurity threats and phishing scams aren’t just after big companies or high-profile targets—they're going after everyone. With AI making these attacks more advanced and effective, it's crucial for all of us to stay alert, both at home and at work. Join us to dive into how cybersecurity impacts our daily lives and businesses, and learn about the risks of poor security practices. We’ll break down what makes a solid cybersecurity plan that covers both personal and professional spaces, including tips on using stronger authentication methods to fend off phishing attempts. Staying aware and adopting best practices is key to keeping yourself safe from the ever-changing world of cyber threats.

Confidentiality and Data Processing: The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

2024 State of Global Authentication: Tackling Cyberthreats at Work & Home

Cyber resilience is in the news again in the wake of the Crowdstrike outage, when organizations of all sizes were unable to access their systems for hours. High availability and disaster recovery, while often designed and planned from top to bottom in the application stack, are often overlooked in the authentication space. Organizations often cede control to a vendor's Identity Provider and simply rely on their SLA. An outage in the authentication space can be just as big as the Crowdstrike outage. When working with Identity-as-a-Service (IDaaS) solutions, the resilience of the service is usually outside the control of the organization, but organizations have some control with their authentication approach.

User authentication methods are a critical part of your cyber resilience posture. Join us as we investigate lessons learned from incidents such as Crowdstrike and MGM Grand, and examine different passkey solutions and how they fit into building a resilient, phishing-resistant organization.

Attend this webinar to learn about:
- Passkey implementations including synced passkeys and device-bound passkeys
- Characteristics of resilient authenticators and authentication methods with Entra ID
- Considerations when designing account onboarding, authentication and account recovery flows
- How to begin your journey towards a resilient phishing-resistant organization
    - How you can leverage the new Entra ID FIDO2 registration API
    - Preparing for the Azure MFA Mandate

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Build cyber resilience with Yubico and Microsoft to accelerate to passwordless

In today's ever changing cyber-threat landscape, moving from passwords to a phishing resistant solution is imperative. YubiKeys offer a powerful hardware-backed phishing resistant MFA solution. But rolling out YubiKeys at scale in large organizations presents both opportunities and challenges.

In this follow up webinar, we will focus on operators and end users. The webinar will investigate:

- The undeniable benefits: Secure your access, eliminate password phishing, and streamline user experience.
- Potential pitfalls: Managing logistics, user adoption, and ongoing support - what you need to know.
- Introducing Intercede MyID: Your key to YubiKey success. Discover how MyID simplifies deployment, streamlines lifecycle management, and empowers administrators.

Join us for this in-depth session as we navigate the YubiKey journey, equipping you with the knowledge and tools to elevate your organization's rollout strategy with confidence especially focused on end users and operators.

Don't fall victim to a phishing attack. Embrace the security revolution with YubiKeys and Intercede MyID CMS.

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Securing Your Organization with YubiKeys at Scale - Part Two

Our conversation will begin by exploring the hacker’s perspective, examining prevalent attack techniques like Password Spraying or Pass-the-Ticket. Paula will demonstrate these attacks live, while David will showcase how to mitigate them using FIDO2 solutions.

Key segments of the webinar include:
- MFA Bypass and Prevention: We will demonstrate how attackers bypass Multi-Factor Authentication, and how FIDO2 and YubiKey can prevent these bypass attempts.
- Password Spraying and MFA Solutions: You will see the mechanics of a password spraying attack, and we will follow up by explaining how implementing MFA with YubiKey can effectively thwart such attacks in your infrastructure.
- Reverse Engineering Data Protection API: We will show how hackers exploit the Data Protection API, and how YubiKey protect credentials from being compromised.

Throughout the webinar, Paula will showcase real-life examples and cybersecurity stories, offering practical advice to help you understand AD security better and minimize threats effectively.

Join us for this informative session to enhance your AD security management skills and safeguard your organization’s critical assets.

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Active Directory Security Management: From Threat Detection to Effective Response

To keep the personal and sensitive data of citizens and employees protected from cyber criminals, the City of Southgate took a stand to digitally transform.

City of Southgate is an innovator, deploying modern passwordless authentication across their user base to eliminate the burdens of passwords and to drive compliance to evolving regulations such as CJIS and PCI DSS 4.0. The city deployed YubiKeys with Microsoft's Entra ID Certificate-Based Authentication to offer modern passwordless authentication to their user base including office workers, leadership and public safety officers.

Join us for a candid discussion with Jason Rucker, Director of IT, City of Southgate, and Robb Ervin, Sr Solutions Engineer, Yubico to learn about the goals, timelines, obstacles and wins along their passwordless deployment journey.

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Going passwordless and meeting CJIS at City of Southgate

Join us for an informative webinar on the latest advancements in secure identity management
for federal agencies. This session will delve into the processes and benefits of issuing PIV-
Compatible and derived credentials using Axiad Cloud, a FedRAMP solution, in conjunction with
YubiKeys. Attendees will gain a comprehensive understanding of how they can streamline the
credentialing process and ensure compliance with federal standards while enhancing security
and efficiency.
 
Key topics include:
- An overview of PIV-Compatible and derived credentials and their significance in federal identity management.
- Step-by-step guidance on leveraging Axiad Cloud for seamless credential issuance and lifecycle management.
- The role of Yubico authenticators to enhance security and provide phishing-resistant multi-factor authentication.
- Best practices for integrating these technologies into existing federal IT infrastructures.

This webinar is essential for IT security professionals, federal agency representatives, and
anyone involved in government credentialing processes. Join us to learn how to fortify your
security posture with cutting-edge solutions from Axiad and Yubico.

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Enhancing Federal Security: Issuing PIV-Compatible Credentials

Passwordless authentication can significantly reduce the risk of breaches and phishing attacks by eliminating passwords altogether from the equation. And device-bound passkeys offer a way to accelerate to passwordless as more organizations consider the move away from passwords and broken MFA and towards enhanced security and operational benefits with phishing-resistant MFA. But modern organizations are increasingly thinking past phishing-resistant authentication as a technology and are instead laser focused on the user. Strong authentication and going passwordless starts and ends with the user and phishing-resistant users in turn create phishing-resistant enterprises that can accelerate to enhanced security and operational efficiency, all within a modern passwordless environment. 

Attendees will learn about:
- What phishing-resistant users are and their role in creating phishing-resistant enterprises
- How the move to phishing-resistant users helps enterprises accelerate their passwordless strategy
- How YubiKeys advance an enterprise’s passwordless strategy with easy-to-use, modern device-bound passkeys
- Key considerations when going passwordless and how customers have overcome deployment challenges

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Create phishing-resistant users and accelerate your enterprise to passwordless

With phishing attacks on the rise, organizations and governments are seeing an unprecedented rise in phishing attacks that no amount of user training can help prevent. Two important and related ways to drive effective cyber defense and prevent successful attacks are ensuring that cyber insurance plans with good coverage are in place alongside ensuring phishing-resistant users. Yet, many cyber insurance providers are reducing coverage and increasing premiums.

Join us on July 11 for a moderated panel discussion on these two crucial topics. Our panel of industry experts will discuss the current cybersecurity and cyber insurance landscape, and how leaders of today and tomorrow should be planning for the new age of cyber offense without breaking the bank.

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Build robust cybersecurity postures with cyber insurance & modern authentication

The election ecosystem is a prime target for cybersecurity threats and the 2024 United States election cycle will be no different. Though many security improvements have been made in recent years, bad actors continue to become more sophisticated in gaining access to private information – most often driven by phishing attacks. Join Yubico and Defending Digital Campaigns for this webinar as they dive into their recent survey results that detail better how voters perceive cybersecurity ahead of the 2024 U.S. elections, the impact of Artificial Intelligence (AI) and the concerns voters have about the cybersecurity of political campaigns, regardless of party affiliations.

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

The importance of cybersecurity and the impact of AI on the 2024 elections

Most cyber breaches originate from stolen credentials, often from phishing attacks,  which further solidifies that usernames and passwords are not a sufficient method to secure user access. There is a crucial need to move to phishing-resistant, passwordless authentication. 

Whether you have started on your passwordless journey, or trying to figure out how to begin, you are in the right place. Join this webinar to discover how Yubico’s latest innovations in YubiKey 5.7 enhance enterprise security, streamline authentication processes, account setups, and fast-track your journey towards a secure, passwordless future. Learn how you can embrace a passwordless-first approach to modern authentication by leveraging these new features to deploy confidently, enforce PIN policies, and meet compliance standards.

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Unlocking the future: Fast-tracking modern enterprises to passwordless

Various forms of passkey implementations exist today, including synced passkeys and device-bound passkeys, but there are nuances that can make or break a deployment across the financial services industry, dependent on internal employee or external customer-facing use cases as well as regulatory requirements. Josh Cigna, Solutions Architect, Yubico, discusses the pros and cons of different types of passkey approaches financial services institutions should consider in their move away from legacy authentication.

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Accelerating financial services from legacy MFA to modern passkey authentication

Passkeys offer a more secure alternative to passwords and a road to modern passwordless authentication. While there are many roads to a passwordless state including Smart Card/PIV and FIDO-based approaches, one size may not fit all. Enterprises need to consider the complete authentication lifecycle that helps move them from delivering phishing-resistant authentication to enabling phishing-resistant users. And with the latest release of YubiKeys, containing the highest assurance device-bound passkeys, rolling out passkeys in the enterprise just got better at scale. 

Join this webinar to learn about the benefits of passkeys in the landscape of passwordless options, life cycle considerations for achieving a successful passwordless rollout at scale and the latest enterprise-centric updates for YubiKeys.

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Unlocking the future: Navigating passkeys to passwordless security at scale

In July 2022, Cloudflare prevented a breach by an SMS phishing attack that targeted more than 130 companies; these attacks received mainstream media coverage and truly illustrated the vulnerabilities in basic MFA. 

While some Cloudflare employees opened the phishing messages, Cloudflare was able to thwart the attack due to the company’s use of Cloudflare Zero Trust paired with modern YubiKey MFA. At Cloudflare, phishing-resistant hardware keys are issued to every employee and required to access all Cloudflare applications.

In this webinar, you will learn:


Real world examples and values of these joint security technologies
Best practices for implementation with popular IAM and/or ZTNA platforms
Learnings from a cross-company deployment
How physical security keys played a crucial role in not allowing Cloudflare to be another victim in this widespread phishing attack. 

Furthermore, discover the broad uses and functionality of YubiKeys, YubiEnterprise Subscription for YubiKey-as-a-Service flexible purchasing, and YubiEnterprise Delivery for fulfillment of physical security keys to distributed workforces. 

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Widespread SMS phishing attack thwarted with Cloudflare Zero Trust and YubiKeys

Security

Multi-Factor Authentication

Authentication

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Health IT

Healthcare

Join this new, vibrant community to learn and connect with top thought leaders, startups and banks who are disrupting the financial services industry. Keep up with the latest news and trends in Fintech and take part in lively debates on topical issues and challenges.

Fintech

The accounting and finance community on BrightTALK features presentations from leading accountants and finance professionals. The accounting community includes tax planning strategies, QuickBooks webinars and other accounting webinars, while the finance community features presentations on financial capital regulations and forensic data analytics. Join the conversation by attending live financial and accounting presentations and connecting with industry thought leaders.

Widespread SMS phishing attack thwarted with Cloudflare Zero Trust and YubiKeys

Presented by

About this talk

More from this channel