Hi [[ session.user.profile.firstName ]]

Review of Cyberattacks Leveraging the COVID-19 Pandemic

Never let a crisis go to waste. That’s the attitude of most attackers being played out in cyberspace in the past few months. In this webinar we are going to review the types of attacks that specifically leverage the coronavirus pandemic. From phishing to BEC, from ransomware to state-sponsored disinformation campaigns and more. Whether you are in healthcare or in tax and accounting, no one seems to be safe.

Awareness is the first step in preparing your organization for the possible impact and making plans to bolster your defenses.

Speaker:
Ira Winkler is one of the world’s most influential security professionals and a repeat speaker at the RSA Conference. He has designed and implemented security awareness programs at organizations around the world. Ira began his career at the National Security Agency as an Intelligence and Computer Systems Analyst.
Recorded May 21 2020 60 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Ira Winkler, Security Evangelist
Presentation preview: Review of Cyberattacks Leveraging the COVID-19 Pandemic

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • From Ransomware to Leakware Jul 14 2020 6:00 pm UTC 45 mins
    Ira Winkler, Security Evangelist & Nir Gaist, Founder/CTO
    Just like legitimate businesses adapt, transform and innovate, cybercriminals behind major strains of ransomware are updating their business model. Ransomware crooks are no longer just scrambling your data and demanding you to pay up to get it back. They’re upping the ante by stealing your data first and only then encrypting it. That way the criminals hit you with two reasons to pay: buy back the decryption key AND prevent us from telling the world we hacked you (or selling your data to the highest bidder).

    Join our webinar to learn about the history of this transformation, hear the latest examples of organizations affected by this type of leakware (aka doxware) and see a live demo of exfiltration-enabled ransomware.
  • Why Israel is the Pioneer in Cybersecurity? Recorded: Jun 10 2020 38 mins
    Michael Kenney, VP of Strategy & Corporate Development at Ingram Micro Cloud and Nir Gaist, Founder/CTO of Nyotron
    Israel, a country of 9 million people, created 300+ cybersecurity startups, exporting billions worth of cybersecurity products every year and convincing more than 30 multinationals to open local R&D centers. Why and how did this become possible?

    In this talk Michael Kenney, Vice President; Strategy & Corporate Development at Ingram Micro Cloud will interview Nir Gaist, Founder and CTO of Nyotron, an Israeli-born endpoint security startup. In 2018, Ingram Micro Cloud partnered with MassChallenge to launch the Comet Competition - an annual challenge to discover the world’s most talented B2B ISVs. Not surprisingly, a number of Comet's winners come from Israel.

    Speaker:
    Nir Gaist, Founder and CTO of Nyotron, is a recognized information security expert and ethical hacker. He started programming at age 6 and began his studies at the Israeli Technion University at age 10. Nir has worked with some of the largest Israeli organizations, such as the Israeli Police, the Israeli parliament and Microsoft’s Israeli headquarters. He also wrote the cybersecurity curriculum for the Israel Ministry of Education. Nir holds patents for the creation of a programming language called Behavior Pattern Mapping (BPM) that enables monitoring of the integrity of the operating system behavior to deliver threat-agnostic protection.

    Moderator:
    Michael Kenney, Vice President; Strategy & Corporate Development at Ingram Micro Cloud. Michael leads M&A and investment strategy for Ingram Micro - world's largest distributor of information technology products serving more than 200,000 customers in approximately 160 countries.
  • NGAV or EDR. What Should We Trust? Recorded: Jun 2 2020 43 mins
    Nir Shafrir, VP of Global Field Engineering and Customer Success
    Are you still using “traditional” antivirus to protect your endpoints? Are you losing sleep over what to do next, and how to better protect your organization from ransomware and other advanced attacks? Your colleagues have probably told you about so-called NGAV product migration and tuning nightmares. You have also heard about Endpoint Detection and Response (EDR), but wonder if you can afford it from both staffing and budgetary perspectives.

    Join this webinar to get the clear breakdown of all options on the table with the corresponding pros and cons. If you are looking for ways to augment or replace your AV, this webinar is for you.

    Speaker:
    Nir Shafrir leads field engineering and customer success for Nyotron. He has experience across endpoint and network security, starting from a small Israeli cybersecurity startup through larger companies like Trusteer (now an IBM company). Shafrir earned a bachelor’s degree in Computer Science from the Open University.
  • How Does Ransomware Fool Top Antivirus Products? Recorded: May 27 2020 45 mins
    Nir Gaist, Founder and CTO of Nyotron
    Ransomware, ransomware, ransomware. Why are our current endpoint defenses so inefficient? We will take three leading endpoint security (antivirus) products and demonstrate live how ransomware developers use trivial techniques to bypass all of them. Often a single line of code is all that’s needed to render antivirus ineffective and all data lost.

    NOTE: This webinar is applicable to technical audience only. We will be digging right in the source code and compiling ransomware on the fly.

    Presenter:
    Nir Gaist, founder & CTO of Nyotron, is a recognized security expert and ethical hacker. Nir has worked with and pentested some of the largest Israeli organizations, such as banks, police and the parliament. He also wrote the cybersecurity curriculum for the Israel Ministry of Education.
  • Review of Cyberattacks Leveraging the COVID-19 Pandemic Recorded: May 21 2020 60 mins
    Ira Winkler, Security Evangelist
    Never let a crisis go to waste. That’s the attitude of most attackers being played out in cyberspace in the past few months. In this webinar we are going to review the types of attacks that specifically leverage the coronavirus pandemic. From phishing to BEC, from ransomware to state-sponsored disinformation campaigns and more. Whether you are in healthcare or in tax and accounting, no one seems to be safe.

    Awareness is the first step in preparing your organization for the possible impact and making plans to bolster your defenses.

    Speaker:
    Ira Winkler is one of the world’s most influential security professionals and a repeat speaker at the RSA Conference. He has designed and implemented security awareness programs at organizations around the world. Ira began his career at the National Security Agency as an Intelligence and Computer Systems Analyst.
  • COVID-19 - What Will Attackers Do? Recorded: Mar 31 2020 58 mins
    Chris Roberts, Rod Soto, Nir Gaist, Ira Winkler
    The COVID-19 Coronavirus pandemic provides cyberattackers with opportunities to wreak havoc. The key to thwarting their attacks is knowing how they are leveraging the crisis for their nefarious purposes. And whom better to ask than experts who know how threat actors think and operate?

    Join us for a community webinar with three renowned whitehats who will predict the attack vectors and tactics blackhats will use to take advantage of the fact employees are struggling with fear, uncertainty and isolation while working from home. You will gain invaluable insight into the attacker’s mindset and learn how to harden your organization’s defenses.

    Panelists:
    Chris Roberts is one of the world's foremost experts on counter threat intelligence and vulnerability research within the information security industry. Robert was part of Attivo Networks, LARES, Acalvio Technologies, among others.

    Rod Soto is a Security Researcher and co-founder of HackMiami and Pacific Hackers conferences. Rod spent over 15 years in IT and security in organizations like Akamai, Splunk and JASK. He is a frequent speaker at cybersecurity conferences.

    Nir Gaist, founder & CTO of Nyotron, is a recognized security expert and ethical hacker. Nir has worked with and pentested some of the largest Israeli organizations, such as banks, police and the parliament. He also wrote the cybersecurity curriculum for the Israel Ministry of Education.

    Ira Winkler is the Lead Security Principal for Trustwave. He has designed and implemented security awareness programs at organizations around the world. Ira began his career at the National Security Agency as an Intelligence and Computer Systems Analyst.
  • Right of Cyber Boom Recorded: Mar 26 2020 46 mins
    Ira Winkler, Security Evangelist
    Every time a cyberattacker tricks a user into clicking on a malicious link or downloading a malicious file, all the blame falls on the user’s shoulders. The experts insist the solution is more education and training to increase user’s awareness levels. This is like saying that if a canary dies in a coalmine, we need to make canaries healthier. With 90%+ of successful attacks supposedly the result of user action, we need to reconsider how we look at these attacks. Using counterterrorism and safety science strategies, we break attacks down into 3 phases: Left of Boom, Boom, and Right of Boom. We then focus on Right of Boom, and go into strategies to mitigate potential loss initiated by the user actions.

    The reality is that no matter how well prepared your users are, there will always be some action that initiates loss. Consider that even if users are 100% aware, there will always be a malicious user, where awareness helps their attacks. This presentation addresses the inevitable and lays out a multi-tiered strategy to proactively mitigate loss.

    Presenter:
    Ira Winkler is recognized as one of the world's experts in Internet security, information warfare, information-related crime investigation, and industrial espionage. Mr. Winkler began his career at the National Security Agency (NSA), where he performed cryptanalysis and was responsible for systems design and implementing security for intelligence collection and analysis systems. He is the author of multiple cybersecurity books.
  • Cybersecurity Challenges and Solutions in Healthcare Recorded: Mar 5 2020 40 mins
    Michael Osterman, Osterman Research
    The healthcare industry is a high-value target for cyber criminals. They can’t pass up the myriad opportunities to extort ransom payments, breach sensitive health data for insurance fraud, and find disaffected patients for class action suits. What can healthcare organizations do to strengthen their defenses? Michael Osterman, President of Osterman Research, will provide the answers in our webinar.

    Michael will present the findings of his firm’s latest research:
    -Types of threats targeting healthcare organizations
    -Why is this industry so attractive to malicious actors
    -What attack trends to expect next
    -How can healthcare organizations avoid being the next victim

    Presenter:
    Michael Osterman, CEO and Founder of Osterman Research, will host this interactive session. He will present the findings of his firm’s latest research, provide his expert advice on how to become more proactive in identifying and thwarting threats, and answer your questions.
  • Introducing the Human Security Officer Recorded: Feb 19 2020 56 mins
    Ira Winkler, Security Evangelist
    Verizon research finds that more than 90% of data breaches result from user failures. The industry’s response has long been to recommend implementing employee awareness training programs, but that’s has proven to be largely ineffective. Even after undergoing training, users will inevitably make mistakes. Awareness also does nothing to prevent malicious user actions.

    In this webinar, I will introduce you to someone who can help: the Human Security Officer.

    I’ll explain why your organization should create the position of Human Security Officer - someone who is responsible for identifying any business processes that are susceptible to data breaches resulting from human vulnerabilities, and determining the technology, process and awareness countermeasures to prevent and mitigate the losses. I will also cover the processes to identify the underlying vulnerabilities and then prioritize the countermeasures.

    Presenter:
    Ira Winkler is recognized as one of the world's experts in Internet security, information warfare, information-related crime investigation, and industrial espionage. Mr. Winkler began his career at the National Security Agency (NSA), where he performed cryptanalysis and was responsible for systems design and implementing security for intelligence collection and analysis systems. He is the author of multiple cybersecurity books.
  • Cybersecurity Challenges and Solutions for State & Local Governments Recorded: Jan 29 2020 45 mins
    Michael Osterman, Osterman Research
    The public sector is under attack. Ransomware and other malware besiege government agencies, municipalities, law enforcement and utilities nationwide every day.

    In this webinar, based on the research performed by Osterman Research, we will address the following:
    -Types of threats targeting state & local organizations
    -Why is this industry so attractive to malicious actors
    -What attack trends to expect next
    -How can state & local organizations avoid being the next victim

    Michael Osterman, CEO and Founder of Osterman Research, will host this interactive session. He will present the findings of his firm’s latest research, provide his expert advice on how to become more proactive in identifying and thwarting threats, and answer your questions.
  • Steganography + Malware - a Match Made in Hacker Heaven Recorded: Jan 15 2020 46 mins
    Ira Winkler, Security Evangelist
    Steganography has been used for centuries to hide a secret message in an otherwise harmless container. Its latest iteration is a malware delivery vehicle.

    In this webinar we will review how malware developers use steganography for their devious purposes. Traditionally, steganography was leveraged for covert communication (e.g., exfiltration of sensitive data from an organization in the way that bypasses DLP and other security controls). More recently, it has become a carrier for malware. For example, in the latest attack targeting a Nyotron customer, that our endpoint prevention and response (EPR) solution detected and blocked, the Ursnif banking trojan attempted to use steganography to insert a malicious Powershell script into the organization.

    Join us for a brief overview of steganography, its use in the physical and digital worlds, followed by a step by step walkthrough and demo of a recent attack leveraging steganography.

    Presenter:
    Ira Winkler is recognized as one of the world's experts in Internet security, information warfare, information-related crime investigation, and industrial espionage. Mr. Winkler began his career at the National Security Agency (NSA), where he performed cryptoanalysis and was responsible for systems design and implementing security for intelligence collection and analysis systems.
    Ira Winkler is the author of multiple cybersecurity books.
  • “RIPlace” - Does It Make Ransomware Unstoppable? Recorded: Dec 12 2019 39 mins
    Nir Gaist, Founder and CTO of Nyotron
    Remember WannaCry - the ransomware attack that two years ago infected Windows devices across 150 countries and resulted in an estimated damage of $4B?. We now know that WannaCry was completely preventable. Microsoft had issued a patch two months prior to the attack. If you think WannaCry was bad, brace yourself: We have discovered a technique that attackers may use to deliver ransomware that most organizations have no way to detect or prevent.

    This webinar will cover a Windows evasion technique called “RIPlace” that, when used to maliciously alter files, bypasses most existing ransomware protection technologies. In fact, even Endpoint Detection and Response (EDR) products are blind to this technique, which means these operations will not be visible for future incident response and investigation purposes.

    The technique leverages an issue at the boundary between a Windows design flaw and improper error handling of an edge-case scenario by filter drivers of security products. While not a vulnerability per say, the technique is extremely easy for malicious actors to take advantage of with barely two lines of code. RIPlace abuses the way file rename operations are (mis)handled using a legacy Windows function.

    We will review existing ransomware detection methods, the workflow of a typical ransomware and provide a live demo of RIPlace bypassing a number of anti-ransomware technologies.

    Presenter: Nir Gaist, Founder and CTO of Nyotron.
    Nir Gaist is a recognized information security expert and ethical hacker. He has worked with some of Israel’s largest public and private sector organizations, such as the Israeli Police, the Israeli parliament and Microsoft’s Israeli headquarters. He also wrote cybersecurity curriculum for the Israel Ministry of Education. Nir holds patents for the creation of a programming language called Behavior Pattern Mapping (BPM) that enables monitoring of the integrity of the operating system behavior to deliver threat-agnostic protection.
  • ISSA International Series: Breach Response - Humans in Security Recorded: May 28 2019 117 mins
    ISSA International
    At the end of the day it is not about the technology that runs the system but the humans that detect, respond, and or are co-opted to circumvent it. This session will provide insight into attacks as well as the human breach interactions.
  • Endpoint Detection and Response - Past, Present and Future Recorded: May 7 2019 48 mins
    Michael Osterman, Osterman Research & Rene Kolga, Sr. Director of Product
    Overview:
    Endpoint Detection and Response (EDR) has been rising in popularity after the realization of major gaps in the anti-malware technologies. But is EDR already becoming obsolete?

    Join this webinar to be the first to get the results of the latest Osterman Research survey on EDR.

    Guest speaker Osterman Research Founder Michael Osterman and Nyotron Sr. Director of Product Rene Kolga will review the survey findings and discuss the critical role of EDR in modern organizations, and how it must evolve to keep pace with the ever-changing threat landscape.

    Attendees will learn:
    •Why organizations are turning to EDR
    •Ranking of EDR features
    •Possible concerns about deploying EDR solutions
    •What questions you should ask an EDR vendor
    •Why the future of EDR is spelled E-P-R
  • Can ILOVEYOU Still Infect You? Recorded: Mar 21 2019 49 mins
    Rene Kolga, Sr. Director of Product and Robert Zamani, Director, Solutions Architect, Nyotron
    Most security solution buyers assume they’re protected against known malware. Numbers like 99.9% are common in vendors’ marketing materials. Hence, efficacy conversations tend to focus instead on the solution’s performance against the unknown, zero-day threats. However, with between half a million and one million new pieces of commodity malware created every day, how are antivirus solutions keeping up? Where is this database of signatures, hashes, reputation and behavior stored for over a billion of known pieces of malware? Is the 99.9% number an illusion or reality?

    In this webinar we will leverage a study of three leading antivirus products against 60,000 pieces of known new and old malware. The results will surprise you...

    Does the ILOVEYOU virus from the year 2000 still pose a threat? You’ll have to join this webinar to find out.
  • Beyond the Marriott Breach - What to Expect in 2019 Recorded: Dec 19 2018 64 mins
    Speakers: Nir Gaist, CTO/Founder and Robert Zamani, Director of Solutions Architect. Moderator: Rene Kolga, Product
    What will 2019 bring for the security landscape? How many Marriott-like breaches should you expect? What new types of attacks are you likely to see, and what can you do now to prepare for them? Nyotron’s team of security experts will have the answers for you during our December 19th live webinar.

    Making informed predictions first requires thinking back on 2018 with a critical eye. We will review a few of the most significant vulnerabilities and data breaches that made national headlines, from the City of Atlanta to Meltdown and Spectre, to the Marriott debacle and why the healthcare industry appears unable to defend itself. Our panel will also discuss the issues and trends they expect will dominate 2019, including adversarial artificial intelligence (AI) and destructive attacks on ICS.

    We will wrap up with ideas on how you can make an effective case for additional security budget and how to educate yourself about the changing threat landscape (and to get those CPE’s before the year’s end).
  • How to Boost Endpoint Security in 2019 Recorded: Nov 29 2018 42 mins
    Holger Schulze, Founder and CEO of Cybersecurity Insiders and Rene Kolga, Sr. Director of Product at Nyotron
    As the security perimeter has moved to the endpoint, protecting these devices has become a real challenge. A recent study conducted by Cybersecurity Insiders and Nyotron finds only 50% of organizations are confident they can stop over 75% of attacks, and 21% estimate they can thwart less than half. Over three quarters of the cybersecurity professionals we polled believe the importance of endpoint security is increasing, so how can they convince their stakeholders to budget for appropriate endpoint defenses in 2019? This live webinar will answer that question.

    In this live data-driven webinar, cybersecurity experts Rene Kolga from Nyotron and Holger Schulze from Cybersecurity Insiders will explore:
    -Why only half of organizations have confidence in their current endpoint security posture
    -What organizations are doing to boost endpoint security
    -What you can do in 2019 to better mitigating the risks
  • Security is Easy - How I've Mapped All Legitimate OS Behavior Recorded: Oct 15 2018 39 mins
    Nir Gaist, Founder and CTO, Nyotron
    The "enumeration of badness" approach to security has failed for two major reasons. First, the amount of "badness" is practically infinite. Second, it's unrealistic to detect all future "badness" based on the past. Yet, the majority of products are still based on this method. The Spectre and Meltdown vulnerabilities reveal the unpredictability of future "badness".

    However, "goodness" is actually finite. So, is it possible to create a map of all legitimate OS behavior? The answer is yes, and I have designed a new language called Behavior Pattern Mapping (BPM) that accomplishes this.

    As I demonstrated during my Black Hat 2018 presentation, BPM can be implemented as deterministic finite automata (DFA). If you missed my presentation, join me for this webinar and see BPM's threat-agnostic defense in action. Maybe security is easy after all?

    About the speaker: Nir Gaist, Founder and CTO of Nyotron, is a recognized information security expert and ethical hacker. He started programming at age 6 and began his studies at the Israeli Technion University at age 10. Nir has worked with some of the largest Israeli organizations, such as the Israeli Police, the Israeli parliament and Microsoft’s Israeli headquarters. He also wrote cybersecurity curriculum for the Israel Ministry of Education. Nir holds patents for the creation of a programming language called Behavior Pattern Mapping (BPM) that enables monitoring of the integrity of the operating system behavior to deliver threat-agnostic protection.
  • Live Hacking Using Russia’s Favorite TTPs Recorded: Sep 26 2018 47 mins
    Guy Meoded, Senior Security Researcher at Nyotron and Rene Kolga, Sr. Director of Product
    Earlier this year Department of Homeland Security’s US-CERT issued Technical Alert TA18-074A called ‘Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors’. This alert provided information on Russian government actions targeting U.S. Government entities as well as organizations in the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors. It also contained indicators of compromise (IOCs) and technical details on the tactics, techniques, and procedures (TTPs) Russian government cyber actors use to compromise their victims’ networks.

    In this webinar we will go over those TTPs and put them to use. Specifically, we will demonstrate how easy it is to leverage Server Message Block (SMB) protocol authentication session to obtain user’s credential hash and then crack it in real-time revealing the actual password. We will show multiple ways of using this approach and attempt to reproduce Russia’s success in our environment. No product pitches, just good old live hacking!

    About speakers:
    Guy Meoded is a Senior Security Researcher at Nyotron. Prior to Nyotron, Guy was a Trojan Analyst at RSA.

    Rene Kolga, CISSP, is a Sr. Director of Product and Marketing at Nyotron. Rene has over 20 years of industry experience, including expertise in endpoint protection, insider threat, encryption and vulnerability management. Rene run Product teams at multiple Silicon Valley startups as well as Fortune 500 companies, including Symantec, Citrix, Altiris and ThinAir. Earlier in his career, Rene managed Customer Success and QA teams. Rene earned his Computer Science degree from Tallinn University of Technology. He also received an MBA from University of Utah.
  • Should More Protection Really Equal More False Positives? Recorded: Aug 15 2018 30 mins
    Nir Gaist, Founder & CTO, Nyotron
    Security professionals accept the paradigm of “more protection equals more false positives (FPs)” as a fact of life. The tighter they make the “screws” of the security policies in their DLP, Web or Email Gateways, UEBA, application control/whitelisting and AV tools, the higher the likelihood something benign is misclassified as malicious. That’s why it is not uncommon to see false positive rates exceed 5% using the most aggressive settings.

    What if we were thinking about this wrong? Can we break this correlation between more security and more FPs?

    During this webinar we will briefly review the definition of false positives, false negatives, true positives and true negatives, as well as the history of “more protection = more FPs” paradigm. Then we will turn the paradigm on its head and discuss how more protection can actually mean fewer FPs.


    About the Speaker
    Nir Gaist, Founder and CTO of Nyotron, is a recognized information security expert and ethical hacker. He started programming at age 6 and began his studies at the Israeli Technion University at age 10. Nir has worked with some of the largest Israeli organizations, such as the Israeli Police, the Israeli parliament and Microsoft’s Israeli headquarters. He also wrote cybersecurity curriculum for the Israel Ministry of Education. Nir holds patents for the creation of a programming language called Behavior Pattern Mapping (BPM) that enables monitoring of the integrity of the operating system behavior to deliver threat-agnostic protection.
The Industry's First Automatic EDR With Real-Time Protection
Nyotron pioneers a new generation of automatic Endpoint Detection and Response with integrated protection called Endpoint Prevention and Response (EPR). Our product prevents damage from malware that evades existing security layers and offers granular visibility into the attack. Based on the OS-Centric Positive Security, Nyotron's PARANOID automatically whitelists trusted operating system behavior and rejects everything else. No manual threat hunting, baselining, machine learning or cloud connectivity required. With PARANOID organizations gain true defense-in-depth protection against the most advanced attacks. Nyotron is headquartered in Santa Clara, CA with an R&D office in Israel. To learn more, visit www.nyotron.com.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Review of Cyberattacks Leveraging the COVID-19 Pandemic
  • Live at: May 21 2020 7:00 pm
  • Presented by: Ira Winkler, Security Evangelist
  • From:
Your email has been sent.
or close