Hi [[ session.user.profile.firstName ]]

Unraveling supply chain attacks and the ongoing Microsoft Exchange fallout

More supply chain attacks and vulnerabilities. Rarely identified CIA malware detailed by Kaspersky. Is Kaspersky compromised due to its connection to Russia and its HQ in Moscow? Discussions around the ethics of recent FBI actions to clean up Exchange on the heels of international law enforcement community actions to disrupt Emotet.

Presenters:
Joel Bork, IronNet Senior Threat Hunter
Peter Rydzynski, IronNet Threat Analysis Lead
Joey Fitzpatrick, IronNet Threat Intel Analyst
Recorded May 27 2021 51 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Joel Bork, Senior Threat Hunter, Peter Rydzynski, Threat Analysis Lead & Joey Fitzpatrick, Threat Intel Analyst
Presentation preview: Unraveling supply chain attacks and the ongoing Microsoft Exchange fallout

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Ask the experts: Detecting ransomware before the payload Jul 7 2021 3:00 am UTC 45 mins
    Jon Perez, Director of Threat Research, IronNet and Anthony Grenga, VP Cyber Operations, IronNet
    Read the full research or executive summary ahead of time and bring your questions. IronNet threat researchers analyzed multiple lab-detonated ransomware variants and discovered commonalities in the artifacts and metadata that may prove helpful in detection. Factors such as east/west vs. north/south traffic and data file entropy will be discussed.

    Full Research:
    https://www.ironnet.com/blog/detecting-ransomware-three-research-based-recommendations

    Executive Summary:
    https://www.ironnet.com/blog/ransomwares-malevolent-heyday
  • Building in the Cloud? Working in the Cloud? Oh.We need to monitor in the Cloud? Jun 23 2021 5:00 pm UTC 45 mins
    Joel Bork, IronNet Senior Threat Hunter & Josh Trout, IronNet Software Engineering Manager
    Every organization is scrambling to enable Network Detection and Response capabilities into their enterprise network since the Solarwinds/Solarigate incident. Unfortunately this incident was not directed ONLY to enterprise networks - it impacted cloud and hybrid environments alike.

    If that is the case, then how do you get the network traffic out of a hybrid or cloud environment?

    This is a question we hear often and in this talk we are answering exactly that and how we at IronNet are using it to monitor our cloud-based build system and devops efforts.
  • How (not) to steal Tesla’s trade secrets, ransomware Whack-a-Mole & ... Recorded: Jun 3 2021 43 mins
    Peter Rydzynski, IronNet Threat Analysis Lead & Joey Fitzpatrick, IronNet Threat Intel Analyst
    How (not) to steal Tesla’s trade secrets, ransomware Whack-a-Mole, & Iran vs. Israel

    It’s a storyline straight out of (the best show on the planet) The Americans: A Russian citizen attempts to pay a Tesla employee to install malware at the company’s Nevada electric battery plant to steal company secrets for ransom. And IronNet’s threat analysis lead Peter Rydzynski muses: What would Phillip and Elizabeth have done? In other news, our analysis on the Iranian attack on Israel, and if ransomware groups are backing out of ransomware, where will they resurface?

    Speakers:
    Joel Bork, IronNet Senior Threat Hunter
    Peter Rydzynski, IronNet Threat Analysis Lead
    Joey Fitzpatrick, IronNet Threat Intel Analyst
  • Cloud (in)security: Avoiding common cloud misconfigurations Recorded: Jun 2 2021 45 mins
    David Lathrop, VP Utility Strategic Business, Unlimited Technology, Christopher Walcutt, VP of Strategy, DirectDefense
    Cloud migration is on nearly every technology company’s docket...and whether those plans were accelerated at the onset of the COVID-19 pandemic or accelerated now after being put on hold, the rush can result in misconfigurations that introduce security vulnerabilities. Learn about how a new, streamlined approach — from assessment, to network and endpoint security, to services and staffing — can help you efficiently tackle these and other infrastructure security challenges.

    Speakers:
    David Lathrop, VP Utility Strategic Business, Unlimited Technology,
    Christopher Walcutt, VP of Strategy, DirectDefense
    Joel Bork, Senior Threat Hunter, IronNet
  • Unraveling supply chain attacks and the ongoing Microsoft Exchange fallout Recorded: May 27 2021 51 mins
    Joel Bork, Senior Threat Hunter, Peter Rydzynski, Threat Analysis Lead & Joey Fitzpatrick, Threat Intel Analyst
    More supply chain attacks and vulnerabilities. Rarely identified CIA malware detailed by Kaspersky. Is Kaspersky compromised due to its connection to Russia and its HQ in Moscow? Discussions around the ethics of recent FBI actions to clean up Exchange on the heels of international law enforcement community actions to disrupt Emotet.

    Presenters:
    Joel Bork, IronNet Senior Threat Hunter
    Peter Rydzynski, IronNet Threat Analysis Lead
    Joey Fitzpatrick, IronNet Threat Intel Analyst
  • How to use the MITRE ATT&CK® Framework to prioritize cyber initiatives Recorded: May 20 2021 33 mins
    Adam Pennington, ATT&CK Lead & Bill Swearingen, IronNet Cyberstrategist & former CISO
    Security leaders who are new to the MITRE ATT&CK Framework will learn how to make better use of the framework to identify security weak spots — and where to prioritize budget and project planning, from IR and threat intelligence to SOC operations. Cybersecurity analysts already know how ATT&CK can help identify adversaries by mapping TTPs and behaviors across the framework. In this application, ATT&CK has become a daily tool for hunters and analysts to better connect and anticipate multi-stage or nation-state attacks. But the MITRE ATT&CK framework can also be used to assess your level of strategic coverage and prioritize how you build out your cyber organization.
  • Evolving Cybersecurity Policy in the Aftermath of Major Cyber Hacks Recorded: May 19 2021 49 mins
    Ted Schlein, Managing Partner of Kleiner Perkins and Bill Welch, Co-CEO IronNet
    Evolving Cybersecurity Policy in the Aftermath of Major Cyber Hacks: A View from the VC Community and C-Suite

    In the aftermath of a series of major cyber incidents, from SolarStorm and Microsoft Exchange to Pulse Secure and Colonial Pipeline, there is much debate about what the government and industry can and should do to improve our nation’s approach to cybersecurity. Please join us as Jamil Jaffer, a former senior advisor on Capitol Hill, talks to Ted Schlein, the managing partner of Kleiner Perkins, one of Silicon Valley’s most storied venture capital firms, and Bill Welch, the co-CEO of IronNet Cybersecurity, a leading leading collective cyber defense company.
  • How Collective Defense can create a more robust threat intelligence program Recorded: May 6 2021 51 mins
    George Lamont, IronNet CIO & CISO, Dean Teffer, IronNet VP, Detection & Featured Guest, Brian Kime, Forrester Senior Analyst
    There’s a sea of threat intelligence available for cybersecurity analysts —yet the struggle is real to ensure it’s being maximized and is operational enough to add tangible value. As security professionals pivot from one attack to the next, they’re also under the gun to prove their threat intel investments are paying off. In this IronNet webinar, we will be joined by guest speaker Forrester senior security and risk analyst Brian Kime, to discuss:

    Moving from single-stream to a collective approach to threat intelligence
    What capabilities to look for in a threat intelligence vendor
    How can threat intelligence be truly integrated and operationalized?
    What is the role of security analysts in improving the quality of threat intelligence?
    What can organizations do to refine and optimize threat intel to prioritize investigations?

    Presenters:
    George Lamont, IronNet CIO/CISO
    Dean Teffer, IronNet VP of Detection and Prioritization
    Oliver Wai, IronNet VP Product Marketing
    Featured Guest: Brian Kime, Forrester Senior Analyst
  • Your SOC. Multiplied Recorded: May 5 2021 47 mins
    Maj Gen USAF (Ret.) Brett Williams IronNet Co-Founder & Cyber Strategist and Dr. Ania Kacewicz, IronNet Senior Data Scientist
    Alert fatigue. The lack of senior analysts. Cyber talent turnover. An ever-expanding threat landscape. What if you could automate some threat investigation steps so your analysts can spend time more strategically? Join our senior threat hunter, senior data scientist, and cybersecurity strategist to discuss the power of machine learning + human insights in leveling up your cyber defense via an automated expert system for threat detection.

    Speakers:
    Maj Gen USAF (Ret.) Brett Williams, IronNet Co-Founder & Cyber Strategist
    Dr. Ania Kacewicz, IronNet Senior Data Scientist
    Joel Bork, IronNet Senior Threat Hunter
  • Unraveling supply chain attacks and the ongoing Microsoft Exchange fallout Recorded: May 4 2021 51 mins
    Joel Bork, Senior Threat Hunter, Peter Rydzynski, Threat Analysis Lead & Joey Fitzpatrick, Threat Intel Analyst
    More supply chain attacks and vulnerabilities. Rarely identified CIA malware detailed by Kaspersky. Is Kaspersky compromised due to its connection to Russia and its HQ in Moscow? Discussions around the ethics of recent FBI actions to clean up Exchange on the heels of international law enforcement community actions to disrupt Emotet.

    Presenters:
    Joel Bork, IronNet Senior Threat Hunter
    Peter Rydzynski, IronNet Threat Analysis Lead
    Joey Fitzpatrick, IronNet Threat Intel Analyst
  • How to apply threat intelligence to drive business outcomes Recorded: Apr 20 2021 51 mins
    Levi Gundert, Recorded Future SVP Global Intelligence & Maj GEN (Ret.) Brett Williams, IronNet Co-Founder & Cyber Strategist
    Cyber threat intelligence is inherently designed to reduce risk — but is it as actionable as it needs to be to match the speed and frequency of attacks? Join IronNet and our friends at Recorded Future as we explore the people, process and technology of threat intelligence. We’ll examine how to operationalize threat intelligence, use it to turbocharge other risk reduction controls, and apply it to drive measurable business outcomes.

    Speakers:
    Levi Gundert, Recorded Future SVP Global Intelligence
    Maj GEN (Ret.) Brett Williams, IronNet Co-Founder & Cyber Strategist
    Bill Swearingen, IronNet Cyber Strategist
  • Securing a Singapore sovereign wealth fund: The Temasek story Recorded: Apr 15 2021 47 mins
    Jon Allaway, Temasek Chief Technology Officer and GEN (Ret.) Keith Alexander, IronNet Founder and Co-CEO
    As an investment company with a net portfolio value of S$306 billion (US$214 billion), Temasek faces a complex security challenge. Driven by the goal to build resilience into their portfolio companies, cybersecurity is a top-3 agenda item. How does an organization of that scale even start to think about a cyber defense-in-depth strategy? IronNet welcomes Jon Allaway, Temasek’s Chief Technology Officer, to discuss the regional, corporate, and technological considerations of protecting itself and its portfolio companies.

    Speakers:
    Jon Allaway, Temasek Chief Technology Officer
    GEN (Ret.) Keith Alexander, IronNet Founder and Co-CEO
    Russ Cobb, IronNet CMO
  • Cloud (in)security: Avoiding common cloud misconfigurations Recorded: Apr 8 2021 45 mins
    David Lathrop, VP Utility Strategic Business, Unlimited Technology, Christopher Walcutt, VP of Strategy, DirectDefense
    Cloud migration is on nearly every technology company’s docket...and whether those plans were accelerated at the onset of the COVID-19 pandemic or accelerated now after being put on hold, the rush can result in misconfigurations that introduce security vulnerabilities. Learn about how a new, streamlined approach — from assessment, to network and endpoint security, to services and staffing — can help you efficiently tackle these and other infrastructure security challenges.

    Speakers:
    David Lathrop, VP Utility Strategic Business, Unlimited Technology,
    Christopher Walcutt, VP of Strategy, DirectDefense
    Joel Bork, Senior Threat Hunter, IronNet
  • Data sharing in cyber: Myths and realities Recorded: Apr 7 2021 45 mins
    Maj Gen USAF (Ret.) Brett Williams IronNet Co-Founder & Cyber Strategist and David Foelber, IronNet Senior Software Engineer
    Threat data and intelligence sharing is a topic often surrounded in a swirl of controversy and questions of privacy, trust, and regulation. But in the cybersecurity space, operationalizing the real-time sharing of threat data is the only way to get ahead of attacks. It can be done safely, and anonymously — and we’ll show you how.

    In this webinar you’ll learn about:
    Data minimization and how IronNet handles it
    How IronDome participants can control what is shared, and with whom
    How the resulting “radar” view can help identify broad cyber campaigns like SUNBURST

    Speakers:
    Maj Gen USAF (Ret.) Brett Williams, IronNet Co-Founder & Cyber Strategist
    David Foelber, IronNet Senior Software Engineer
    Joel Bork, IronNet Senior Threat Hunter & Advisor
  • The April Cyber Lookback: MS Exchange, the PRODAFT chapter, & a hackback debate Recorded: Apr 2 2021 56 mins
    Peter Rydzynski, IronNet Threat Analysis Lead and Joey Fitzpatrick, IronNet threat Intel Analyst
    Refusing to be pushed around by the Russians, Swiss security firm PRODAFT hacked back after being compromised by the SolarWinds attack. Our threat hunters and analysts debate this aggressive response, and welcome your views! We’ll also provide a professorial (as in, your favorite, hippest professor) analysis to compare and contrast the TTPs and cyber attack motives of Russia and China — and, of course, catch up on the latest Microsoft Exchange news.

    Presenters:
    Joel Bork, IronNet Senior Threat Hunter
    Peter Rydzynski, IronNet Threat Analysis Lead
    Joey Fitzpatrick, IronNet threat Intel Analyst
  • The March Cyber Lookback: Mac Malware and More Recorded: Mar 5 2021 49 mins
    Brett Fitzpatrick, IronNet Threat Hunter, Peter Rydzynski, IronNet Threat Analysis Lead & Joel Bork, IronNet Sr Threat Hunter
    Researchers are still anticipating the jump-scare of the mystery malware that is running natively on Apple’s new M1 chip; but justice is coming for 3 North Korean hackers indicted for activity related to WannaCry ransomware deployments and attacks on Sony and other media companies. Join IronNet threat hunters to discuss and debate these and other cyber news items closer to go-live time.
  • Data sharing in cyber: Myths and realities Recorded: Feb 18 2021 46 mins
    Maj Gen USAF (Ret.) Brett Williams IronNet Co-Founder & Cyber Strategist and David Foelber, IronNet Senior Software Engineer
    Threat data and intelligence sharing is a topic often surrounded in a swirl of controversy and questions of privacy, trust, and regulation. But in the cybersecurity space, operationalizing the real-time sharing of threat data is the only way to get ahead of attacks. It can be done safely, and anonymously — and we’ll show you how.

    In this webinar you’ll learn about:
    Data minimization and how IronNet handles it
    How IronDome participants can control what is shared, and with whom
    How the resulting “radar” view can help identify broad cyber campaigns like SUNBURST

    Speakers:
    Maj Gen USAF (Ret.) Brett Williams, IronNet Co-Founder & Cyber Strategist
    David Foelber, IronNet Senior Software Engineer
    Joel Bork, IronNet Senior Threat Hunter & Advisor
  • The next four years...in cyber Recorded: Feb 9 2021 59 mins
    GEN (Ret) Jack Keane, Chairman, ISW, Former Vice Chief of Staff, US Army, GEN (Ret) Keith Alexander, IronNet Founder & Co-CEO
    With the U.S. election only one week away, the security posture of the nation’s future is on the minds of these two top-ranked former military leaders. Join General (Ret) Keith Alexander, General (Ret) Jack Keane, and IronNet CMO Russ Cobb as they analyze what the next four years could look like with regards to cybersecurity threats from nation states like China, Russia, and Iran. Tap into their combined experience and intelligence access as we tackle questions such as:
    Is Russia holding true to their claim not to interfere in the U.S. election? Are they likely to interfere?
    How might cybersecurity policy and strategy look in the next four years?
    Should the U.S. adopt an all-of-nation approach to cybersecurity, similar to China and Russia, to even the playing field? What would that look like?
    Which adversaries pose risk and where are the most likely confrontations to occur in the next four years ?

    Speakers:
    GEN (Ret) Jack Keane, Chairman, Institute for the Study of War, Former Vice Chief of Staff, US Army
    GEN (Ret) Keith Alexander, IronNet Founder & Co-CEO
    Russ Cobb, IronNet CMO
  • The February Cyber Lookback: Solarwinds Aftermath Recorded: Feb 5 2021 60 mins
    Peter Rydzynski, IronNet Threat Analysis Lead & Brett Fitzpatrick, IronNet Threat Hunter
    Keeping it all straight, in the SolarWinds Aftermath. Joel Bork, Peter Rydzynski, and Brett Fitzpatrick, will be deep diving into what has occurred since IronNet’s January Cyber Lookback Edition - analyzing associated malware including SuperNova, SunSpot, and Teardrop, and the associated data leaks - what are they and do they impact you? How do the claims about Jetbrains and Teamcity play into the analysis of the SUNBURST attack?

    Speakers:
    Joel Bork, IronNet Senior Threat Hunter
    Peter Rydzynski, IronNet Threat Analysis Lead
    Brett Fitzpatrick, IronNet Threat Hunter
  • SUNBURST retrospective: Changing the outcome with Collective Defense Recorded: Feb 5 2021 43 mins
    Anthony Grenga, VP Cyber Operations, Peter Rydzynski, Threat Analysis Lead, and Joel Bork, Senior Threat Hunter
    Unless you’re living off the grid, you’ve heard of the SUNBURST attack by an elite Russian adversary that affected more than 18,000 companies. The 18,000 companies worked individually to protect their network. Imagine now, if security analysts for these companies had been working together at network speed and sharing crowdsourced knowledge, leveraging their collective expertise to defend themselves, their industries, and the nation. The end results would likely be very different.

    IronNet first detected the initial SUNBURST behaviour months ago on May 31st 2020, in near real-time on a customer’s network. The intel was correlated and shared into IronDome, IronNet’s Collective Defense platform that significantly increases IronNet’s customers’ ability to detect threats and take actionable steps. Join IronNet’s cyber operations experts Anthony Grenga, Joel Bork and Peter Rydzynski to unpack the latest and ongoing analysis of this egregious attack, and learn how you can stand a chance against future threats.
The Leader in Collective Defense
Our mission is to deliver the power of collective cybersecurity to defend companies, sectors, and nations so that people, companies, and nations can live and work with peace of mind in cyberspace.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Unraveling supply chain attacks and the ongoing Microsoft Exchange fallout
  • Live at: May 27 2021 12:00 pm
  • Presented by: Joel Bork, Senior Threat Hunter, Peter Rydzynski, Threat Analysis Lead & Joey Fitzpatrick, Threat Intel Analyst
  • From:
Your email has been sent.
or close