Name: Threat Alert: New Babuk Ransomware Discovered
Start: 2023-02-28T20:35:00Z
End: 2023-02-28T20:35:28.000Z
Location: BrightTALK

Morphisec offers prevention-first cybersecurity from endpoint to the cloud. Morphisec provides real-time risk visibility and secures device memory at runtime to stop the most damaging, undetectable attacks. This includes ransomware, supply chain attacks, fileless attacks, zero-days, and other advanced, stealthy, evasive attacks. Morphisec's Automated Moving Target Defense (AMTD) technology provides a lightweight, Defense-in-Depth security layer to augment solutions like NGAV, EPP, and EDR/XDR and close their runtime memory security gap against undetectable cyberattacks.

Supply chain, data theft, spyware, ransomware, and other malicious attacks against Linux servers have increased by over 35 percent in 2021, especially against legacy systems, applications, and distributions. Many of these attacks use remote, unauthorized, or weaponized code execution, living off the land (LotL) or man-in-the-middle (MitM) privilege escalation, polymorphic defense evasion, and other advanced tactics. This webinar examines how attackers are bypassing traditional security defenses to establish command and control (C&C), exfiltration, and malicious access to mission-critical information on Linux servers. An understanding of how these attacks are executed can help you improve security measures and create a strong defense-in-depth strategy to prevent significant financial impacts, lawsuits, and brand damage.

This webinar will cover:
* Why attackers are targeting Linux servers at a much higher rate with more sophisticated tactics and techniques
* How attackers are bypassing traditional security defenses to establish command and control (C&C), exfiltration, and malicious access
* How to create a strong defense-in-depth strategy to prevent significant financial impacts, lawsuits, and brand damage

Linux: How to Defend the New Cyberattack Frontier

We’re all too familiar with the increasing risk of cybersecurity crime. Automated Moving Target Defense (AMTD), a proven technology championed by Gartner and protecting over 9 million endpoints offers the next step in the evolution of endpoint security. AMTD fortifies NGAV/EPP and EDR/XDR systems to stop the most advanced and undetectable attacks they don't, with no performance impact, no extra staff needed, and up to 95% reduction in false positives.

Hear from a virtual peer panel with IT leaders at leading enterprises that use AMTD today, as well as a technical explanation of AMTD from a leading expert.

Join this virtual event to learn about:  
* The 30% cybersecurity gap existing in current NGAV/EPP and EDR/XDR solutions
* What AMTD is and how it closes the security gap
* How AMTD relieves the deluge of false positive alerts
* How AMTD protects legacy Windows and Linux systems where traditional EPP and EDR tools struggle

CISO Panel: The Future of Cyber Is Automated Moving Target Defense

CISOs and their teams at banking and financial institutions understand it’s not a matter of if they will be attacked, but when. The average cost of a data breach in the financial sector is approaching $6 million in 2022.

Watch this virtual panel of peers and experts as Morphisec addresses the threats and security needs of the banking, financial services, and insurance industries. Speakers include fellow cybersecurity leaders in the banking and finance industry, including Bryan Nash, CIO for McHenry Savings Bank, and Richard Kirschner, Manager of Information & Access Security for Merrick Bank.

Topics will include:
* What CISOs are doing to protect their infrastructure and their customers’ data
* How to deal with an expanding attack surface
* What a best-in-class cybersecurity tech stack looks like
* How to prevent Defense-in-Depth from becoming Expense-in-Depth
* How to neutralize threats once they’ve entered your organization

Virtual Summit: Banking & Finance Cyber Security

Microsoft recently announced the end of life (EOL) for Windows 7, 8, 8.1, 2008 R2, and their embedded variants. Windows 2012 is slated for EOL in October 2023.  

EOL versions account for 13 percent of global Windows desktops, I.e., hundreds of millions of endpoints run vulnerable operating systems. Well-loved Windows 7 leads the way at nearly 10 percent, with estimates that over 150 million endpoints still run the unsupported operating system.  

Join Microsoft expert Adam Gordon from ITProTV for a deep dive into how legacy systems impact organizations, and how to improve their security.

We will cover:
* The security risks of running legacy systems  
* Which is a greater legacy challenge—endpoints or servers 
* Why it’s so difficult to migrate legacy endpoints to modern operating systems 
* Why traditional EPP and EDR tools struggle to protect legacy systems 
* Practical recommendations for improving legacy systems’ security posture

Windows Legacy Systems - Don't Be Caught Unprotected

Morphisec Threat Labs researchers have seen an uptick in attack campaigns using open-source malware. As software development open-source communities grow, so does the malware community, offering free and publicly available malicious tools. Our Threat Labs researchers have analyzed data from nearly nine million endpoints to provide an in-depth analysis of the current state of open-source malware.

This webinar will cover the different open-source malware we see in the wild, how attackers use it, and ways to protect against these attacks. Our researchers also show real-world open-source malware delivery examples from APT groups (advanced persistent threat) and seasonal attackers. 

Watch to learn:
* The current state of open-source malware and attacks 
* Several categories of open-source malware 
* Different delivery techniques for open-source malware 
* Real-world examples from APT groups and seasonal hackers 
* Advice for an effective prevention strategy

Open-Source Malware: An Evolving Landscape & Technical Analysis

Microsoft identifies Office documents originating from an email attachment or the internet with a Mark of the Web (MOTW). Used by other applications such as Windows Defender SmartScreen, and other security tools as well, MOTW labels a document as being from an untrusted location to an application opening the file, enabling it to block macros and active content, and to apply other policies to the file.  This fall, Microsoft announced it would block macros by default in Office documents downloaded from the internet, and on November 8th Microsoft announced that MOTW will propagate into file containers such as .ISO, .IMG, .ZIP and other archives.

While these policies improve security, MOTW is prone to vulnerabilities, and threat actors are adapting their tactics to continue using weaponized content as a primary attack vector on organizations.  

Watch this webinar on-demand to hear directly from our Threat Labs team. In this virtual event, Morphisec's expert threat researchers review Microsoft’s new policies, the security efficacy provided by MOTW, and present methods attackers use to bypass these mechanisms. These include tampering with the file certificates to avoid MOTW inspection, social engineering, and other techniques. We provide technical explanations with real-world examples based on Morphisec’s Threats Lab data, so you can understand how threats are shifting, and plan accordingly.

Mark of the Web (MOTW) - Challenges, Bypass Methods, and Solutions

Morphisec has discovered a brand-new variant of Babuk ransomware. The new variant uses the Babuk ransomware source code leaked on Russian language hacker forums last year, combined with new evasive techniques based on open-source loaders.

Threat actors used this previously unseen variant to target a large manufacturing company with more than 10,000 workstations and server devices. The attack bypassed the customer’s next generation anti-virus (NGAV) and endpoint protection platform (EPP). The new variant could also evade industry-leading endpoint detection and response (EDR) solutions at the time of the attack.

Watch this special 30-minute virtual session to hear exclusive details about the attack, including: 
* Technical analysis of the ransomware, including indications of compromise (IOCs) and the differences between the original Babuk ransomware and the new variant  
* Techniques the ransomware uses to evade NGAV, EPP, and EDR solutions
* Recommendations for adjusting your security posture to protect against the new threat

Threat Alert: New Babuk Ransomware Discovered

Even with continued investments, the outcome remains the same. Successful cyberattacks keep escalating and ransomware attacks occur every ten seconds. It is time to move from defense to offense when it comes to maintaining the utmost security in healthcare.

Join our panel of peers and experts as we address the threats and security needs of the healthcare industry.

Highlights include:
* How ransomware groups evade even the best detection-based security at healthcare organizations.
* Proactive breach prevention strategies for better security.
* How Zero Trust Architecture and Moving Target Defense technology—included in the 2021 Gartner Emerging Technologies and Trends Impact * Radar for Security—can help protect your company.

With ransomware increasingly targeting the healthcare sector, the costs of falling victim to an attack are too hefty to ignore.

Healthcare Cybersecurity: Prevention is Better Than the Cure

This discussion with CTO Michael Gorelik looks at how ransomware attacks and bad actors have evolved to become more successful than ever this year.

Ransomware and Resiliency – To Trust or Not Trust? Cyber Security Round Table

This discussion will focus on the tools, policies, and best practices that can be done in preparation for ransomware attacks. Ransomware-as-a-service changes the way many cyber leaders think about this topic, and changes some of the economics related to it. Sensitive data is put at risk, huge sums of money are in the balance, and organizations must struggle between expediency and the bottom line.

This discussion focuses on PRE-ATTACK scenarios. While everyone needs to take a “not if, but when” approach - there are tools, policies, and best practices that can be done in preparation and have led to the prevention of nasty attacks.

By watching this on-demand session, you will learn:
* How Biden's warning to U.S. businesses to strengthen their cybersecurity defenses increases the need for technologies like Moving Target Defense.
* How attackers bypass current security defenses.
* How Moving Target Defense has been proven to be an effective defense against ransomware.

Ransomware Prevention: Pre-Attack Practices with Michael Gorelik

Michael Gorelik, CTO at Morphisec, will cover advanced ransomware attacks and how to leverage a defense-in-depth model to close your security gap.

Ransomware Alert! Boost NGAV & EDR with Defense in Depth - Stop Advanced Attacks

Cyber Security

Information Security

Threat Analysis

Threat Assessment

Threat Hunting

Cyber Attacks

Ransomware

Threat Detection

Cyber Crime

Cyber Incident Response

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Get powerful end user computing insights from influential EUC experts. Connect with thought leaders and colleagues to get the most up-to-date knowledge on effective approaches to get non-programmers to create working applications.

End User Computing

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Threat Alert: New Babuk Ransomware Discovered

Presented by

About this talk

Morphisec