Name: ToddyCat: an overview of a new APT group
Start: 2023-03-28T05:00:00Z
End: 2023-03-28T05:00:46.000Z
Location: BrightTALK
Rating: 5

Quantum technologies are no longer just theory — they’re evolving fast. And while they promise breakthroughs in science, medicine, and technology, they also carry a serious warning: the power of quantum computers could undermine today’s most trusted security systems. Experts believe a fully fault-tolerant quantum computer might appear within the next decade — and when it does, the cybersecurity landscape will never be the same.

Join this webinar The Quantum Threat: Preparing for Next-Generation Cyber Risks as Sergey Lozhkin, Head of Kaspersky’s Global Research & Analysis Team for META and APAC, to explore:

•            The current state of quantum computing: how advanced are quantum technologies today?
•            The key cybersecurity risks of quantum breakthroughs: what threats should we expect?
•            Preparing for the quantum future: what steps can cyber community take today?

The Quantum Threat Preparing for Next-Generation Cyber Risks

Modern cars are no longer just a means of transportation. Their built-in services can manage everything for drivers and passengers alike from seat heating, to using voice-controlled GPS to find a coffee, or make theater ticket reservations. Along with the development of consumer services, driver safety services have also been developed – distance sensors to neighboring cars, speed limit recognition and the eCall safety system, to name a few.

These hi-tech solutions designed to improve the user experience and make your journey safer, are architecturally based on algorithms and technologies that in themselves carry threats to information security. The wider the user experience, the wider the attack surface for an attacker. 

In this webcast, Cyberthreats to modern automotive industry, Sergey Anufrienko and Alexander Kozlov, security researchers at Kaspersky ICS CERT will discuss:

• Threat landscape: how has changed and evolved over the last 10 years
• Top threats the automotive industry is exposed to
• Standards of automotive security
• Trends in automotive security

Cyberthreats to modern automotive industry

From web portals and email gateways to cloud platforms and local storage, modern businesses depend on a multi-layered IT environment. But each layer can also become a potential entry point for cyberthreats. That’s why having a unified, robust security solution across your entire infrastructure is critical.

Kaspersky Scan Engine is designed precisely for this challenge. Whether your systems are on-premises, in the cloud, or somewhere in between, it delivers powerful threat detection wherever you need it—ensuring consistent protection across your environment.

Join our upcoming live webinar to go beyond product specs and see how leading organizations are using Scan Engine in real-world scenarios. We’ll walk through integration examples, explore common deployment patterns, and share success stories that show how seamlessly the solution fits into complex ecosystems.

In this session, you’ll learn:

- How Scan Engine fits into today’s diverse IT architectures
- Ways to integrate it with tools you already use
- Real-life case studies showing its flexibility and effectiveness

Discover how one powerful engine can secure every part of your digital landscape.

Kaspersky Scan Engine Built to integrate, engineered to protect

In the ever-evolving threat landscape of cybersecurity, true expertise is the key of robust protection. In 2023 alone, Kaspersky products thwarted over 437 million cyber attacks, while detected 411,000 new malicious files daily. What powers these formidable defenses?

Join Oleg Gorobets, Security Evangelist at Kaspersky, and Alexander Liskin, Head of Kaspersky's Threat Research, as they unveil the inner workings of Kaspersky’s five Centres of Expertise (Threat Research, Global Research and Analysis Team, AI Research, Security Services and ICS CERT). Discover their pivotal roles in safeguarding businesses and individuals, and explore real-world case studies demonstrating the impact of Kaspersky's expertise in defending against most complex cyber threats.

Whether you're a cybersecurity professional, a decision-maker, or simply interested in the dynamics of cyber defense, this webinar will provide valuable insights and practical knowledge.

The Cybersecurity Buyer's Dilemma Hype vs (True) Expertise

As the frequency of cyberattacks continues to rise, the ability to swiftly and effectively reverse-engineer malware is paramount. To equip you with the skills needed, we are re excited to invite you to our webinar that delves into the depths of Ghidra – an indispensable tool for InfoSec professionals widely used for malware analysis.

The experts will showcase Ghidra's capabilities through the analysis of the Calypso malware. Throughout the session, our Kaspersky Global Research & Analysis Team (GReAT) experts, Igor Kuznetsov and Georgy Kucherin, will share practical tips and tricks, emphasizing effective analysis of functions utilizing structures and function pointers.

Here’s what our experts will cover during the webinar:
Introduction to Ghidra and its significance in reverse engineering.
Live demonstration: Analyzing the Calypso malware with Ghidra.
Tips and tricks for efficient reverse engineering.
Overview of our newly released online training course “Advanced malware reverse engineering with Ghidra”.
Advanced topics: API function hashing, decompiler scripting, and extending Ghidra's capabilities.
Don't miss out on this opportunity to elevate your reverse engineering skills and gain insights from our experts.

Take Your Reverse Engineering to Another Level with Ghidra

Cybercriminals tend to be secretive and act without disclosing their identity. However, when it comes to ransomware negotiations, the victim and the attacker have to “meet” face-to-face. Moreover, by the time the two sides meet to discuss the price, the attackers have already gained control of a company’s data or network – that puts the victim in a weak position.

What is it like to negotiate with someone who is trying hard to get a ransom whilst remaining in the dark? What can you expect from such negotiations? In this webcast, Insights to Ransomware Tactics and Negotiation, Marc Rivero, senior security researcher, GReAT at Kaspersky will observe various tactics used by ransomware groups, explain how the companies are trying to negotiate with these cybercriminals, and what outcome such negotiations may have.

- What Ransomware as a service (RaaS) model is
- What a data leak portal in RaaS terms is
- About ransomware negotiations: stages, means of communication
- What to do if you have been contacted by a ransomware group

Insights to Ransomware Tactics and Negotiation

Despite all the technological advancements, human factor remains one of the most significant vulnerabilities – as the evolution of the threat landscape is less about sophisticated code and more about ingenious scenarios. The problem is even more acute as there is a significant shortage of qualified cybersecurity specialists in the market. Our latest insightful webinar explores the critical role of human factors in cybersecurity and share strategies to mitigate these risks effectively.

Join Kaspersky expert Oleg Gorobets, as he shares valuable insights and practical advice on enhancing your organization’s defenses and will delve into the following topics:

● Human vulnerabilities: the most common non-IT and IT/InfoSec professionals’ errors and intentional information security policy violations that led to security breaches and how they can be exploited by cybercriminals;
● The impact of InfoSec professionals’ shortage on an organization’s cybersecurity;
● Monotonous work and burnout of InfoSec professionals as the obstacles to reliable company's cyber protection;
● Breakdown of common cyber incidents that occurred over the last two years due to human factors in companies around the world;
● Finding a fitting solution: attention turns to tech and automation.

Don’t miss this opportunity to enhance your cybersecurity knowledge and learn how to effectively mitigate human risks!

Cybersecurity's human factor – more than an unpatched vulnerability

In today’s digital world, securing your customers’ smartphones is absolutely essential. Malware infections, scams, and financial fraud erode customer trust.

Join this webinar Fortify Your Mobile Protection: Building Customer Trust with Advanced Security to discover how the Kaspersky Mobile Security SDK provides powerful protection. We will demonstrate key security features to safeguard user data and stop scams. You will also see how our partners from diverse industries successfully integrate Kaspersky’s technology with their own apps.

Learn to build a truly secure application that your customers can rely on to keep their devices safe, strengthening both security and brand loyalty.

Fortify Your Mobile Protection Building Customer Trust with Advanced Security

Hardly a day goes by without yet another organisation falling prey to a cyberattack or data breach that has led to reputational and financial losses. The security landscape will get even more tumultuous, with APAC organisations expected to continue facing tough security challenges arising from the shortage of talent, new cloud vulnerabilities and the proliferation of surreptitious malware. Against this backdrop, security operations have become more challenging, driving organisations to consider new approaches that improve the timeliness and accuracy of threat detection while automating response actions. 

Hear from the panel experts in Cybersecurity Frontiers: Crafting Future-Ready Defenses in a Connected World as the panellist shares how you can build a resilient culture and prepare for future challenges.

Cybersecurity Frontiers: Crafting Future-Ready Defenses in a Connected World

As cyber threats continue to evolve in complexity, organizations are seeking integrated, proactive, and intelligent ways to protect their IT environments. In this exclusive session, Kaspersky experts and industry leaders come together to explore how a holistic cybersecurity strategy — anchored by Kaspersky’s Cybersecurity Framework and powered by modern SIEM technology (KUMA) — can address today’s security challenges. Learn how to build visibility, automate detection, and future-proof your enterprise’s defences.

Strengthening Cyber Defenses: A Practical Look into Kaspersky’s SIEM & Framework Approach

With the rapid expansion of cloud adoption, security teams are encountering ever-more intricate challenges. While securing the cloud is a critical first step, the focus must now extend to safeguarding workloads. Modern applications and services, frequently developed using containerized solutions, provide developers with enhanced efficiency—yet they introduce significant security complexities. To mitigate these threats, a holistic strategy is essential to protect both cloud environments and the workloads they host.

Mark your calendar for July 23 and join Anton Rusakov-Rudenko, Kaspersky’s Cloud & Network Security Expert, in an exclusive webinar where he will discuss:

• Global cloud migration trends backed by key statistics;
• Major security hurdles in cloud and container-based ecosystems;
• A comparison between emerging DevSecOps methodologies and conventional security models;
• How Kaspersky has advanced cloud workload protection over time;
• A live demonstration of Kaspersky Cloud Workload Security.

Seize this chance to acquire actionable strategies and expert knowledge for strengthening your cloud security!

Kaspersky’s way of cloud workload protection

In the past year, Kaspersky blocked close to 900 million phishing attempts. So, it’s not an overstatement to say their team is made up of experts on email-based threats.

In this webinar, you can hear from 3 of those experts, including Spam Analyst, Anna Lazaricheva, about the latest developments in email security. The group will cover:
• Exclusive highlights from the Kaspersky 2024 Spam and Phishing Report
• Modern email attack tactics 
• How, with advanced detection technologies and threat intelligence, you can identify even the most evasive threats
• Proven, practical defense strategies, including to bolster your email protection with Kaspersky Security for Mail Server 

Whether you’re a cybersecurity expert, IT decision-maker, or business leader, this session will equip you with the latest insights and tools to secure your email environment in today’s threat landscape.

Email Security: Lessons from Blocking 900 Million Phishing Attempts

Cybercriminals tend to be secretive and act without disclosing their identity. However, when it comes to ransomware negotiations, the victim and the attacker have to “meet” face-to-face. Moreover, by the time the two sides meet to discuss the price, the attackers have already gained control of a company’s data or network – that puts the victim in a weak position.

What does it like to negotiate with someone who is trying hard to get a ransom whilst remaining in the dark? What can you expect from such negotiations? In this webcast, Marc Rivero, senior security researcher, GReAT at Kaspersky will observe various tactics used by ransomware groups, explain how the companies are trying to negotiate with these cybercriminals, and what outcome such negotiations may have.

In this webinar, you will learn:
- What Ransomware as a service (RaaS) model is
- What a data leak portal in RaaS terms is
- About ransomware negotiations: stages, means of communication
- What to do if you have been reached by a ransomware group
- Q&A session

Ransomware groups negotiation tactics: what you need to know

Join us for an in-depth webinar that redefines how organizations approach threat detection in cybersecurity. Although detection remains the cornerstone of Security Operations Centers (SOCs), the absence of a formalized cybersecurity program often results in inefficiencies and missed opportunities for optimization.

This webinar will guide you through:
• Developing a structured detection engineering program to enhance efficiency (e.g., engineering lifecycle, best practices, the importance of data modeling, and more)
• Building an optimal team structure to manage and operationalize detections effectively.
• Identifying and leveraging key metrics to measure program success and ensure continuous improvement.

Led by Sarim Rafiq Uddin, a security services expert from Kaspersky SOC consulting, this session is ideal for cybersecurity professionals and SOC leaders seeking to elevate their threat detection capabilities. Don't miss this opportunity to transform your approach from ad-hoc processes to a comprehensive, strategic program.

From chaos to control: streamlining detection engineering in Security Operation Centers

As AI systems based on large language models become more powerful and widespread, more cybersecurity challenges emerge. From jailbreaks to indirect prompt injections, they are vulnerable to a wide array of LLM-specific threats. However, all these problems can be boiled down to one single issue: LLMs are probabilistic algorithms that are inherently unreliable, just like any other ML system. Does it mean they cannot be useful? Absolutely not! In this talk, we will discuss the challenges of secure and reliable LLM-based applications and the way to make them safer and more aligned with your business goals.

Unreliable AI: Addressing the Cybersecurity Risks of LLM-Based System

• Explore the power of Extended Detection and Response (XDR) as a proactive defense strategy against evolving cyber threats.
• Discover how XDR can fortify your defense mechanisms and enhance your cybersecurity posture.

Defend with XDR Strategies

In today's digital landscape, phishing and social engineering attacks have become increasingly sophisticated, posing significant threats to organizations worldwide. According to Kaspersky's 2023 report, spam accounted for an alarming 45.60% of global email traffic. Furthermore, a staggering 77% of companies have fallen victim to cyber incidents in the past two years, with 21% of these incidents attributed to employees succumbing to phishing attacks.

Beyond the mere inconvenience of sorting through spam, these attacks can lead to severe consequences. From compromising confidential data to incurring substantial financial and reputational damages, the implications are vast. Additionally, recipients risk losing personal funds to scam messages, underscoring the urgency for robust email security measures.

Join us for this enlightening webinar where Kaspersky's experts, Anna Lazaricheva and Alexander Rumyantsev, will delve into the most prevalent and current email threats observed over the past year.

• Understand the diverse forms of spam and email threats plaguing organizations today.
• Explore real-world examples and case studies highlighting the impact of phishing and social engineering attacks.
• Discover the advanced features of Kaspersky Security for Mail Servers (KS for Mail Server), designed to combat sophisticated email threats effectively.

Email security: Top threats and how to counter them

Join us for an exclusive deep dive into the key insights from Kaspersky’s 2024 Incident Response Analyst Report! This webinar will unpack the most pressing cyber threats of the past year, drawing from real-world investigations and expert analysis.

You’ll gain a front-row seat to the latest trends in cyberattacks, including the most common attack vectors, high-risk regions, and industry-specific threats. Our expert speaker will break down critical data on attack timelines, adversarial techniques, and emerging tools, while offering practical strategies to strengthen your organization’s defenses.

Whether you’re an incident response specialist, a cybersecurity professional, or simply keen to stay ahead of evolving threats, this session will arm you with actionable knowledge to anticipate, mitigate, and respond to cyber incidents effectively.

Save the date: July 9th—don’t miss this opportunity to stay at the forefront of incident response intelligence!

In-depth analysis of cyberattacks: key findings from Kaspersky's Incident Response report

ToddyCat is a relatively new advanced persistent threat (APT) actor that came to prominence in late 2020, and has been expanding – both technologically and geographically – ever since. The group is notorious for exploiting Microsoft Exchange servers across Europe and Asia, primarily aiming at governmental and military entities, but not confined to them. ToddyCat’s toolkit also became an object of special interest as it contains two brand new pieces of malware – dubbed Samurai backdoor and Ninja Trojan.

Kaspersky experts have been keeping an eye on how the group has been developing and, following a profound report published on Securelist, are ready to share their recent findings on ToddyCat’s ongoing campaign, and some advice on how to battle the group.

During the webinar, Giampaolo Dedola, a security expert at Kaspersky, will shed light on:

- What the ToddyCat group is, including its most outstanding techniques and spheres of interests;
- The group’s first campaign, infection scheme and Samurai backdoor;
- Ninja – a malware deployed by ToddyCat in recent attacks;
- ToddyCat’s new loaders and campaigns discovered during the investigation;
- Victimology and attribution.

ToddyCat: an overview of a new APT group

ToddyCat

Advanced Persistent Threats

Cyber Security

Attribution

Malware

Threat Detection

Security

Threat Analysis

Cyber Attacks

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

ToddyCat: an overview of a new APT group

Presented by

About this talk

Kaspersky APAC