The threat hunting practice has helped security teams detect and reduce dwell time of stealth threats. But most hunting expeditions focus on threats - leaving the adversary free to launch another set of attacks with different tactics. We need to evolve threat hunting into a hunt for the adversary. The deep and dark web, and other closed sources, provide valuable insights into the motivations and activities of threat actors. Over the course of this session, we will understand the motivation behind the actions of these actors, their social networks, and how to anticipate their next steps.
Today’s security organizations simply cannot effectively manage the huge amount of data points they need to digest. Whether you are a financial institution trying to cope with the ever-increasing volumes of leaked credit cards, a hospital looking to patch its critical vulnerabilities or an enterprise hoping to prevent the next data breach- the current approach is becoming more obsolete by the minute.
Threat Intelligence is a foundational cybersecurity component, yet too many organizations struggle with threat intelligence collection, processing, analysis, and response. To truly modernize their threat intelligence programs, CISOs must think creatively and not only address current challenges but also find ways to use threat intelligence more proactively through all cybersecurity processes and within all technology controls.
Join Jon Oltsik, Senior Principal Analyst from ESG, and Omer Carmi, VP of Intelligence at Sixgill as they discuss the common challenges organizations encounter in their cyber-risk and threat management and creating the right mix of threat intelligence people, processes, and technologies.
- Threat intelligence analysis and operationalization challenges
- Why now, more than ever, you should introduce agility and modernize threat intelligence programs and methodologies
- What’s needed in order to truly modernize your threat intelligence
- Why creating an architecture built for integration is essential - and how to achieve it
Join technological leaders JR Reicherts of K&U, and Sumukh Tendulkar of Sixgill, to learn how to leverage the strengths and capabilities of Sixgill Darkfeed and King & Union Avalon in order to accelerate time-to-intel and improve cyber collaboration.
In this webinar you will learn:
- How Darkfeed and Avalon work together to make incident response investigations lightning fast and efficient.
- How to use Darkfeed stream of IOCs to perform a collaborative investigation.
- Best practices for deep and dark web investigation and analysis.
- How SOC, Fraud and AML, physical security, brand damage, and insider threat teams can turn data into meaningful insights and measurable actions.
Dov Lerner (Sixgill) and John Hall (ThreatConnect)
At any given moment, threat actors buy and sell domain names on deep and dark web forums and marketplaces. Any purchased domain can be transformed into a phishing page, malware site, or command-and-control server - eventually compromising your data, your infrastructure, and your reputation.
Join us on Wednesday, July 15th at 11 am EDT / 8 am PDT / 4 pm BST, as John Hall, Solutions Engineer at ThreatConnect, and Dov Lerner, Security Research Lead at Sixgill, discuss how Sixgill Darkfeed automatically collects malicious IOCs from the deep and dark web and provides ThreatConnect users with actionable insights, to proactively block threats before they are deployed.
In this webinar you will learn:
- The unique and preemptive intelligence Sixgill Darkfeed provides
- The benefits of responding to SIEM alerts based on Darkfeed findings
- How ThreatConnect Playbooks coupled with Sixgill intelligence elevate threat hunting for emerging infrastructures.
December 2019 has thrown a curve ball at humanity in the form of the Coronavirus pandemic. It is yet to be seen how we’ll recover from this crisis. The public-health constraints that countries have put into place to stop the spread of the coronavirus, or at least flatten its curve, have crippled economic activity all over the world.
In an effort to adapt, one major global reaction was the shift to work-from-home. Millions of employees (and employers) have discovered the joys of telecommuting; unfortunately the criminal underground has discovered it as well. With digital cooperation becoming quickly the new normal for threat actors, and as crime is switching from street corners to the dark alleys of the web, the underground economy is booming: Hey, after all, crises are opportunities in disguise.
Join us on June 23rd at 11:00 am ET / 8:00 am PT as Brian Hussey, VP of Cyber Threat Detection & Response at Trustwave and Omer Carmi, Sixgill’s VP Intelligence discuss:
- How threat actors are adapting to the Corona times
- New dark web trends and patterns uncovered in Sixgill’s latest threat intelligence report
- Tips and best practices on how organizations can better protect their most critical assets
Please join us to explore how Sixgill and Cortex XSOAR (previously Demisto) are enabling customers to scale and accelerate their incident prevention and response by combining deep and dark web intelligence with automation. Building simple, automated & effective cyber security, and executing it to the fullest extent, is critical in order to get the best outcomes and maximize business impact.
Learn how combined Cortex XSOAR and Darkfeed can:
- Automatically integrate and enrich a data stream of industry-related indicators of compromise (IOCs) from closed-access sources in the cyber underground
-Receive automated early warnings of new threats before they are deployed in the wild
-Hunt for malicious IOCs on corporate networks from a single dashboard
Darkfeed is a feed of indicators of compromise (IOCs), including malicious domains, URLs, IP addresses, and file hashes.
These IOCs are automatically extracted from Sixgill’s deep, dark and surface web sources. Darkfeed is automated, meaning that IOCs are extracted and delivered in real-time, and it is actionable, in that you will be able to receive and block items that threaten your organization.
There is a flourishing online marketplace where your account information, email credentials, and personal details are being sold for just a few cents per piece. The dark web provides fraudsters with intelligence that enables them to infiltrate your accounts without raising any suspicions - and do with it as they please. This elaborate and competitive online marketplace is a major force behind the increasing sophistication of account takeovers (ATOs) that the market has witnessed over the last three years.
Join us on Wednesday, April 22nd at 1pm ET, as leading analysts Gabi Taubes, Fraud Analyst Team Leader at Forter, and Benji Preminger, Product Manager at SixGill, reveal insights and details about how fraudsters are leveraging the dark web marketplaces and the processes by which online criminals are monetizing these types of attacks.
In this webinar you will learn:
-How online marketplaces are offering even more tools (like monetization and localization data) to help fraudsters improve their attacks.
-Why legacy fraud tools cannot detect sophisticated methods of attacks like ATO.
-How merchants and consumers can better protect their personal data from would-be fraudsters.
As people are constantly depending on their cell phones, cybercriminals have also focused their efforts and mobile banking malware has increasingly become a threat. In this webinar, Edan Cohen will discuss the two main types of mobile banking malware, mobile banking trojans and rogue banking applications, and also talk about how their capabilities can extend far beyond just stealing your banking credentials.
Credit card sniffers are malicious scripts that are injected onto payment pages of e-commerce sites and scrape customer payment information, including credit card data. They have been identified as the highest-impact threat to the retail sector, accounting for 88 significant breaches in 2018, including the Magecart attack against British Airways.
In this webinar, Dov Lerner will discuss discourse on the dark web surrounding credit card sniffers, and what this teaches us about the broader cybercrime enterprise.
Organisations have too much information in their hands, and not enough contextual intelligence to act upon. Omer Carmi, VP Intelligence, Sixgill will explain how machine learning, automation and valuable information from the dark and deep web can finally solve this acute problem from a new angle.
Sixgill VP Marketing, Barry Spielman, discusses some of the highlights of the June 2019 Gartner Cyber Summit in National Harbor, MD and Gartner naming Sixgill a Cool Vendor in its May 2019 Report on Security Operations and Threat Intelligence.
In late 2018 we saw the release of a massive amount of leaked credentials "dumps". These expertly-curated collections highlight the risk posed by credentials leaked from large organizations. Join this webinar to understand how even most novice threat actors have the access and ability to exploit billions of sensitive corporate credentials, and how this threat affects your organization.
Cyber threat actors find a seemingly limitless supply of hacking tools and products in deep and dark web markets and forums. How far can an attacker go with a ready-made hacking tool that was bought on the dark web? Where would the attacker be from? And what are the most popular off-shelf hacking product these days?
Cybercriminals always strive to stay ahead of the curve. In this webinar, Alex Karlinsky will shed some light on the latest techniques they employ to stay under the radar of cyber security firms and law enforcement agencies.
What pieces of your personal information are most valuable in the underground and how is the data leveraged for financial gain? What can you do to protect yourself? The answers to these questions may surprise you
Sixgill is a cyber threat intelligence company that covertly and automatically analyzes Deep and Dark Web activity helping to detect and prevent cyber-attacks and sensitive data leaks before they occur. Utilizing advanced algorithms, Sixgill’s cyber intelligence platform provides organizations with continuous monitoring, prioritized real time alerts and actionable intelligence