Browse communities
Browse communities
Presenting a webinar?

APTs: Getting Serious About Zero-Day Threats

Alex Lanstein, Senior Researcher, FireEye
Cyber security remains the #1 priority for IT security executives and practitioners in 2012 for good reason. With cyber-attacks on federal government systems and civilian networks increasing at an alarming rate, the threat posed is only heightened by vulnerabilities in networks that support critical operations and infrastructure. In fact, on a weekly basis, over 95% of organizations have at least 10 malicious infections bypass existing security to penetrate their networks.
In a recent congressional hearing, a former FBI cyber security specialist stated: "I believe most major companies have already been breached or will be breached, resulting in substantial losses in information, economic competitiveness and national security. Many are breached and have absolutely no knowledge that an adversary was or remains resident on their network, often times for weeks, months or even years."
Organizations need real time, dynamic protection from today’s most dangerous threats designed to bypass traditional security defenses. Attend this webcast to learn:
•The new techniques and tactics that make these next-generation attacks successful in the absence of a true defense-in-depth security architecture
•Why conventional security defenses are no match for today’s sophisticated and coordinated attacks
•How to detect and stop Web and email-based attacks that exploit zero-day vulnerabilities—when they first appear on your network
•Key criteria when investigating next-generation threat protection
Jul 19 2012
46 mins
APTs: Getting Serious About Zero-Day Threats
Join us for this summit:
More from this community:

IT Security

  • Live and recorded (5371)
  • Upcoming (110)
  • Date
  • Rating
  • Views
  • CyberEdge Group, a premier information security research firm, recently announced the results of its 2015 Cyberthreat Defense Report. Designed to complement Verizon’s annual Data Breach Investigations Report, this report provides a 360-degree view of organizations’ security threats, current defenses, and planned investments. Over 800 security decision makers and practitioners from across North America and Europe were surveyed in December 2014. Attend this insightful webinar to learn:

     How many were affected by a successful data breach in 2014
     How many think they’ll be victimized in 2015
     What portion of IT spending is dedicated to security
     Which cyberthreats concern security professionals the most
     Which security defenses are present or planned for acquisition
     Plus two dozen additional insights from security professionals just like you
  • CyberEdge Group, a premier information security research firm, recently announced the results of its 2015 Cyberthreat Defense Report. Designed to complement Verizon’s annual Data Breach Investigations Report, this report provides a 360-degree view of organizations’ security threats, current defenses, and planned investments. Over 800 security decision makers and practitioners from across North America and Europe were surveyed in December 2014. Attend this insightful webinar to learn:

     How many were affected by a successful data breach in 2014
     How many think they’ll be victimized in 2015
     What portion of IT spending is dedicated to security
     Which cyberthreats concern security professionals the most
     Which security defenses are present or planned for acquisition
     Plus two dozen additional insights from security professionals just like you
  • With data breaches and data leakage incidents becoming front page news, cyber investigations are taking on more importance within organizations. This calls for a new set of skills to be developed such as the ability to work with all levels of law enforcement, lawyers and attorneys and within the judicial system. Many of these investigations will call for the cybersecurity practitioner to be a witness and give testimony. What's the best way to do this to protect yourself and the organization, while also providing the information that will help law enforcement and the justice system to get the information they need? Join (ISC)2 on March 26, 2015 at 1:00PM Eastern for our next "From the Trenches" webcast where we'll talk about what it means to be an expert witness and the best practices for serving as one.
  • As a security professional, you are on constant alert for external threats. But many breaches are caused internally by incorrect configuration of IT resources, including SSL. To help improve how encryption is used, Qualys created a research project called SSL Labs to address two major problems of the ecosystem: lack of tools and documentation.
  • As organizations work hard to ensure complete anti-malware coverage on desktops, servers, and at the perimeter, attackers are already moving on to techniques completely outside those detected by traditional security tools. Enterprises must consider alternative approaches to defending their infrastructure and turn their focus to tools, products and techniques that approach security in new and different ways.

    In this webinar, Eric and Dave will discuss:

    • How the volume of system alerts from Network Security solutions are creating lots of noise but lack context to focus on the real threats facing your data
    • How to stop advanced threats – with no advance knowledge of the tools or malware – by following the attack sequence
    • Why bridging the gap between system security and data protection is the key to stopping ever increasing sophisticated attackers from stealing your data
  • This webinar draws on Bradford Networks’ extensive BYOD experience to help organizations avoid the landmines that plague BYOD initiatives.

    Attend this webinar and you will learn how to avoid:
    • Organizational Resistance - Establish and manage a cross-functional committee of stakeholders to build consensus
    • Support Burden - Leverage proven techniques to educate end users and minimize help desk calls
    • User Frustration - Implement ultra flexible BYOD policies without compromising security
    • Onboarding Latency - Maximize the end users’ ability to self-administer new and lost/stolen devices
    • Vulnerable Endpoints – Guided remediation for user devices that are under-protected and non-compliant
  • Attackers always have a goal in mind and it’s up to you to understand how they will get there. But how is that possible when there is simply too much data to sort through and act upon?

    The upcoming release of Core Insight 4.5 adds new attack intelligence features to consolidate, normalize, and prioritize vulnerability management initiatives enterprise-wide. These features allow users to reduce the noise from scanners by more than 90%, so that you can focus on the most critical threats.

    Join us on March 26, 2015 at 1pm ET to get a sneak peek and live demo of Core Insight 4.5. Hear about new features such as:

    - User customizable and flexible reporting
    - Centralized asset store for extended scalability
    - Enhanced exploit matching and filtering
    - Interactive and adaptive attack paths
  • Attackers always have a goal in mind and it’s up to you to understand how they will get there. But how is that possible when there is simply too much data to sort through and act upon?

    The upcoming release of Core Insight 4.5 adds new attack intelligence features to consolidate, normalize, and prioritize vulnerability management initiatives enterprise-wide. These features allow users to reduce the noise from scanners by more than 90%, so that you can focus on the most critical threats.

    Join us on March 26, 2015 at 1pm ET to get a sneak peek and live demo of Core Insight 4.5. Hear about new features such as:

    - User customizable and flexible reporting
    - Centralized asset store for extended scalability
    - Enhanced exploit matching and filtering
    - Interactive and adaptive attack paths
  • Attackers are constantly trying to find new exploits to penetrate network defenses and bypass security controls. In 2014, Mandiant’s M-Trends report indicated that it takes an average of 229 days to detect the presence of a threat actor on an enterprise network. Organizations are starting to realize that the evolution in technologies alone cannot stop such incidents, as the actors continue to change their tactics.

    Organizations need to consider supplementing their security technologies and processes with their people. By leveraging employees as human sensors, we not only adopt “see something, say something”, but we are able to add an extra layer of defense and exponentially reduce detection time as well.

    In this webinar, PhishMe’s Senior Researchers Ronnie Tokazowski and Shyaam Sundhar will discuss:

    • Engaging human sensors as a layer of defense
    • Utilizing user reports to detect malware
    • Real use cases of user detection within our enterprise
  • Sutter Health is a not-for-profit health system serving more than 100 communities in Northern California. Each year its 5,000 physicians care for more than 10 million outpatient visits and discharge more than 200,000 in-patients.

    As healthcare systems transition from “fee for service” to “fee for value” reimbursement models, there is an increasing focus to drive down 30-day re-admission rates, particularly for high risk patients. To this end, Sutter Health is piloting Project RED (Re-engineered Discharge) which leverages predictive analytics to identify high-risk patients and then prescribes alternative discharge workflows aimed at lowering the risk of re-admission.

    Join us as Kristen Wilson-Jones, Sutter RD&D CTO, shares how Sutter Health has leveraged MuleSoft’s Anypoint Platform in an orchestrated plecosystem of technologies to power Project RED by enabling real-time patient risk scoring, clinical workflow management and bi-directional integration with Epic.

    Topics covered
    -------------------
    + How Sutter Health is lowering 30-day re-admission rates by re-engineeing clinical workflows
    + The need for connectivity to enable workflow re-design
    + Best practice in moving from an application-centric to a data object-centric connectivity approach
  • Channel
  • Channel profile
  • Tales from the Crypt: Reversing Malware with the FLARE Team Apr 7 2015 5:00 pm UTC 60 mins
    Matt Graeber, Staff Reverse Engineer, Dimiter Andonov, Staff Reverse Engineer
    Join FireEye Labs Advanced Reverse Engineering (FLARE) team members Matt Graeber and Dimiter Andonov for another exciting deep dive on new malware case studies found during Mandiant investigations. FLARE is dedicated to malware analysis and the development of tools to assist reverse engineering. The two malware they’ll dissect as part of this interactive discussion include:

    1.Steganogram Shellcode Backdoor - The malware is a downloader and launcher that uses steganography to extract shellcode, commands, and data from PNG images. Which results in advanced modular backdoor capable of collecting wide range information related to the compromised system and executing even more shellcode!
    2.Hybrid 32/64-bit Malware - The malware mixes 32-bit and 64-bit code to inject into the explorer.exe process depending upon the target architecture. We’ll show how this broke our malware tools and our solution.

    Register today!
  • Cybersecurity Collaboration: Leveraging a Trusted Partner Recorded: Mar 24 2015 47 mins
    Josh Goldfarb, VP, CTO - Americas, FireEye
    Your adversaries are people: creative, nimble and persistent. They can bypass conventional security deployments almost at will, breaching systems in a wide swatch of industries and geographies.

    Technology alone will not defeat a determined attacker. You need a strategic defense partner that combines the most advanced technology platform with the leading cyber security expertise and the latest global threat intelligence from around the world. FireEye as a Service (FaaS) does exactly this, and allows you to detect, prevent, analyze, and respond to security incidents in minutes rather than months.

    Join FireEye, VP, CTO - Americas Josh Goldfarb, as he explores:

    - The current state of cybersecurity and the new threat landscape
    - The failure of traditional defense models in the face of a new adversary
    - The value of an Adaptive Defense strategy and working with a trusted partner
    - Real-world case studies

    As always, we will save plenty of time for Q&A. Be sure to register now to take part in this critical webinar.
  • Enhancing a Security Posture with Network Forensics Recorded: Mar 12 2015 36 mins
    Kevin Sheu, Sr. Manager, Product Marketing, FireEye
    Well-maintained perimeter defenses are a key part of any security strategy. Organizations increasingly recognize that they must also complement their perimeter defenses with strong forensics capabilities to investigate and analyze attacks. When attacked, an enterprise needs to be able to rapidly investigate and determine the scope and impact of the incident so they can effectively contain the threat and secure their network.
    In interactive this session, you will learn about:
    • The key use cases for network forensics
    • The typical organization that acquires network forensics technologies
    • How FireEye Enterprise Forensics enables the proper response to today’s cyber attacks
  • Protecting Government Assets in an Era of Cyber Warfare Recorded: Mar 5 2015 60 mins
    Tony Cole, VP/Global Government CTO (FireEye)
    FireEye recently released a new report that documents how and why governments around the world are turning to the cyber domain as a cost-effective way to spy on other countries, steal technology, and even wage war.

    Whether it’s sensitive military, diplomatic, or economic information, governments depend on the integrity of their data. If that data falls into the wrong hands, the consequences could be severe.

    In the wake of two apparent state- and government-sponsored attacks, APT1 and APT28, government agencies must understand why they are in attackers’ crosshairs, what attackers might be seeking, and how they can protect themselves.

    Join us for a dynamic discussion with subject matter experts where you will learn:

    •What makes your government-related organization an appealing target – whether you’re a political opponent, business, agency or vendor
    •Why it’s important to determine who could be planning an attack, their motives, and how they might carry out their goals
    •How to assess your level of preparedness and how to protect yourself if you are not ready for this new era of cyber warfare
  • Behind the Syrian Conflict's Digital Front Lines Recorded: Feb 19 2015 59 mins
    Nart Villeneuve (FireEye), Daniel Regalado (FireEye), John Scott-Railton (The Citizen Lab)
    FireEye recently released a new report “Behind the Syrian Conflict’s Digital Frontlines” that documents a well-executed hacking operation that successfully breached the Syrian opposition.

    Between at least November 2013 and January 2014, the hackers stole a cache of critical documents and Skype conversations revealing the Syrian opposition’s strategy, tactical battle plans, supply needs, and troves of personal information and chat sessions. This data belonged to the men fighting against Syrian President Bashar al-Assad’s forces as well as media activists, humanitarian aid workers, and others within the opposition located in Syria, the region and beyond.

    We have only limited indications about the origins of this threat activity. Our research revealed multiple references to Lebanon both in the course of examining the malware and in the avatar’s social media use. While we do not know who conducted this hacking operation, if this data was acquired by Assad’s forces or their allies it could confer a distinct battlefield advantage.

    Join us for a roundtable discussion with subject matter experts where we’ll talk about the details of the report and explore surrounding topics, to include:

    • An overview of the conflict in Syria and why cyber-espionage is an increasingly important factor
    • An in-depth analysis of a critical breach of the Syrian opposition including an overview of the tools and techniques used by the threat actors

    All webinar attendees will receive a free copy of the new Syrian report. Register today!
  • Top Predictions for Security in 2015 Recorded: Dec 12 2014 40 mins
    Bryce Boland, CTO, FireEye Asia Pacific
    From Cryptolocker to the Apple iOS vulnerability, there have been numerous high-profile breaches in 2014. With the ever-changing threat landscape and advanced cyber attacks showing no sign of slowing down, organizations need to be prepared as we head into 2015.

    Join our live webinar where Bryce Boland, CTO for Asia Pacific at FireEye, will share top, global security predictions and challenges for 2015. In this webinar:
    •Find out the top 10 security predictions for 2015 and how they impacts organizations
    •Discover the data that drove these predictions
    •Learn about key strategies to take a proactive stance against advanced attacks
  • Hacking the Street? FIN4 Likely Playing the Market Recorded: Dec 5 2014 58 mins
    Barry Vengerik, Principal Threat Intelligence Analyst, Kristen Dennesen, Sr. Threat Intelligence Analyst
    This week FireEye released a new report called Hacking the Street? FIN4 Likely Playing the Market. This report focuses on a targeted threat group that we call FIN4 (Financially Motivated Group 4), whose tactics are surprisingly low-tech yet insidiously effective at obtaining access to confidential discussions at the highest levels of targeted companies. Our research suggests that FIN4 is likely targeting these companies in order to obtain advance knowledge of “market catalysts,” or events that cause the price of stocks to rise or fall dramatically.

    Join us for a roundtable discussion with subject matter experts where we’ll talk about the details of the report and explore surrounding topics, to include:

    • A deep dive into FIN4’s tactics and why they are simple yet surprisingly effective
    • How FIN4 may be monitoring insider communications for a trading advantage
    • Why FIN4 is different from other threat groups FireEye tracks
    • A profile of organizations at risk, and what they can do to protect themselves.

    All webinar attendees will receive a complimentary copy of the Hacking the Street? report.
  • APT 28: Cyber Espionage and the Russian Government? Recorded: Nov 4 2014 49 mins
    Edward Lucas, Senior Editor, The Economist and Jen Weedon, Manager of Threat Intelligence, FireEye
    FireEye just released a report called APT28: A Window Into Russia's Cyber Espionage Operations? The report focuses on a targeted threat group that we call APT28 (Advanced Persistent Threat group 28) and details ongoing, focused operations that we believe indicate a government sponsor - most likely the Russian government.

    Join us for a roundtable discussion with Russian security expert, Edward Lucas of The Economist, and Jen Weedon, Manager of Threat Intelligence at FireEye.

    Discussion topics will include:

    •Russia's intentions and motivations in cyberspace
    •Whether APT28's activity supports Russia's geopolitical strategy
    •How Russian and Chinese network operations compare
    •Which organizations and agencies are most at risk
  • Building a Better Budget for Advanced Threat Detection and Prevention Recorded: Oct 28 2014 57 mins
    Dave Shackleford, Lead Faculty, IANS, Josh Goldfarb, Chief Security Strategist - Enterprise Forensics, FireEye
    The cyber threat landscape is dramatically evolving, but one thing is certain – attackers are becoming more and more sophisticated, and most organizations are struggling to keep pace. In a recent IANS and FireEye survey, security practitioners and decision makers share their perspective on the type of attackers they’re dealing with, how they’re responding to the growing threat, and the effect on organizations that have experienced a breach.

    Join FireEye’s Chief Security Strategist (Forensics Group) Josh Goldfarb, and Dave Shackleford, IANS Lead Faculty, as they discuss:
    •The kinds of products and controls most organizations are implementing
    •What new technologies security teams are focusing on, and
    •How security budgets are changing to align with security’s growing importance to the enterprise

    This is one hour you will not want to miss!
  • Sidewinder Targeted Attack Against Android Recorded: Oct 14 2014 43 mins
    Dr. Tao Wei, Sr. Research Scientist, Yulong Zhang, Sr. Research Eng., Rob Rachwald, Sr. Dir. Mkt Research
    In this webinar, our experts will present one practical case of such attacks called "Sidewinder Targeted Attack." It targets victims by intercepting location information reported from ad libs, which can be used to locate targeted areas such as a CEO's office or some specific conference rooms. When the target is identified, "Sidewinder Targeted Attack" exploits popular vulnerabilities in ad libs, such as JavaScript-binding-over-HTTP or dynamic-loading-over-HTTP.

    Join us for this for this live session to learn:
    •How a Sidewinder Targeted Attack can disrupt and hijack the network where targeted victims reside
    •The risks of remote attacks on Android devices through apps downloaded from Google Play
    •Different forms of attacks to Android vulnerabilities
    •Current trends and best practices around mobile security
  • New Employee Success Tips: How to Drive Security Maturity Recorded: Sep 23 2014 45 mins
    Josh Goldfarb, Chief Security Strategist - Enterprise Forensics Group, FireEye
    Taking on security needs at a new organization can be complicated as you learn what’s currently in place, where the gaps are and the best way to drive change in your new organization. Get helpful guidance, beyond the technical details, from an experienced change agent.

    This talk will discuss some of the ways in which security can be approached as a business process, rather than as an enigma, including:

    •Your first 30 days: fame and foibles when taking over a new
    security program
    •Gauging your business executives: how to talk with senior
    business leaders and classify their responses to security in order
    to make your relationship more effective
    •Show me the money: how to review a security budget and quickly
    match it up against your new organization's risk profile
    •Finding strategic partners: a litmus test for discussions with key
    vendors to figure out who to trust and who is selling you a bridge
  • Reimagining Security – Adaptive Defense Strategy to Keep Pace with Attackers Recorded: Sep 19 2014 56 mins
    Dave Merkel, CTO, FireEye, Inc.
    Threat actors’ tactics and motivations are evolving. Successful security teams continuously adapt to anticipate new tactics. That means adopting new approaches. Join us for this webinar, where we share FireEye’s point of view about how organizations can implement adaptive defense strategies that position them to detect, analyze and respond to security incidents of all kinds.

    FireEye’s CTO, Dave Merkel, will discuss how security teams can reduce the time to detect and resolve security incidents.

    Register for this webinar here.
  • A New Approach to IPS – Reduce Your Exposure and Costs Recorded: Sep 4 2014 35 mins
    Rajiv Raghunarayan (FireEye), Srinivas Loke (FireEye)
    Current IPS products are deficient for lots of reasons—they’re signature-based, unable to detect modern threats, and, they create excessive alerts that require additional resources to manage. Using an outdated protection model results in distracting false positives and a lack of actionable threat intelligence. Organizations need a holistic view of multi-vector attacks that goes well beyond what conventional IPS tools offer.

    In just 30 minutes, you’ll learn how to:

    * Confirm attacks via timely and validated threat notifications
    * Minimize time and resource investments resulting from false alerts
    * Consolidate known and unknown threats on a single platform
    * Create actionable insights by correlating threats to derive richer intelligence and speed incident response times

    Join FireEye for this brief webinar and discover a new approach to IPS. You’ll quickly realize how you can save your organization time, money, and reduce your exposure to the threats lurking out there.
  • State of the Hack: Spotlight on Healthcare Recorded: Aug 28 2014 34 mins
    Laura Galante, Manager, Threat Intelligence, FireEye
    Join us for this webinar where we’ll share our latest intelligence and recommend how healthcare, pharmaceutical and medical device manufacturers can protect themselves from attackers that target these industries.

    In this webinar we will cover:
    • Which threat actors target these industries?
    • What information do they typically steal?
    • What type of tools and tactics do attackers use to gain access?
    • What can we expect from these threat actors in the coming year?
    • How can organizations protect themselves from the attackers that
    are targeting them?
  • FLARE on Fire: Reverse Engineering with the FLARE Team Recorded: Aug 26 2014 58 mins
    Willi Ballethin (Consultant, FireEye), Matt Graeber (Sr. Consultant, FireEye)
    Join us for this exciting webinar as we introduce the FireEye Labs Advanced Reverse Engineering (F.L.A.R.E.) and learn about:

    * FLARE's background, mission and industry-leading team members
    * Reversing Agent .BTZ (Case Study)
    * Reversing .NET samples (Case Study)
    * Proactive assessment of security software via RE (Case Study)

    You'll also get an in-depth look at two prevalent malware families and learn how to combat against these targeted attacks.
  • Speed Dating for Security Teams: Finding Alerts that Lead to Compromise Recorded: Aug 12 2014 46 mins
    Nicole Oppenheim (FireEye), Steve Miller (FireEye)
    This webinar will address the following topics:

    - How to quickly triage and validate the seemingly overwhelming volume
    of daily alerts
    - Strategies for prioritizing and throttling your workflow
    - Tools for querying intel and obtaining context
    - Approaches for creating an indicator management process
  • DeCryptoLocker: Relief for CryptoLocker Victims Recorded: Aug 6 2014 14 mins
    Uttang Dawda, Malware Researcher, FireEye
    Join Uttang Dawda, FireEye's resident Malware Researcher, as he gives us a comprehensive overview of CryptoLocker and the FireEye and Fox-IT decryption solution for victims.
  • Understanding the Adversary: The Role of Intelligence in Your Security Strategy Recorded: Jul 22 2014 61 mins
    Rick Holland (Forrester), Laura Galante (FireEye)
    • What is an intelligence-led defense?
    • What is “adversary intel”? Where do you get it and how can you
    act on it?
    • What is “attribution” and how important is it?
    • What intel should a security organization maintain internally? How
    should it supplement this with 3rd party intel?
    • What is the right balance between detection-based intel and
    adversary intel
  • Cybersecurity’s Maginot Line: A Real-World Assessment of Defense-in-Depth Recorded: Jun 25 2014 60 mins
    Dave Merkel, CTO, FireEye, Inc.
    Are you building another Maginot Line? France’s famed border defense was hailed as a military marvel in the run-up to World War II — and quickly rendered useless by new blitzkrieg-style warfare. In much the same way, many common cybersecurity tools are not stopping today’s attacks.
    In a first-of-its-kind study, we analyzed data from 1,216 organizations in 63 countries across more than 20 industries. FireEye sits behind other layers in the typical defense-in-depth architecture. That placement offers a unique vantage point to observe them in action.

    Here’s what we found:
    •97% of organizations were breached, even with multiple security layers.
    •More than one-fourth of all organizations experienced events consistent with advance persistent threat (APT) attacks.
    •Three fourths of organizations had active command-and-control communications.
    •Even after an organization was breached, attackers attempted to compromise the typical organization more than once per week (1.6 times) on average.

    Join us in a live briefing to discuss these findings and what they mean for your cyber defense plan.
  • Cover Your Assets: How to Keep Your Data Safe Recorded: Jun 12 2014 34 mins
    Carrie McDaniel, Product Marketing Manager, File Security Imperva
    Cyber security experts suggest that it’s likely your organization’s data has already been breached. So rather than asking “what if?”, it’s time to ask “now what?”. Hackers use spear phishing and malware to target your trusted insiders, and then leverage stolen credentials to navigate the company network and gain access to the data center. Your data center is the ultimate goal for these attacks because it contains a concentration of sensitive data, as well as critical business applications.

    This session will discuss a risk-based approach to protecting critical files, databases, and sensitive applications from compromised users. Join us to learn how to minimize downtime, save time, and keep your employees productive during the remediation process. We will also discuss how to track and analyze user activity once malware is detected.
The leading provider of next generation threat protection
FireEye is the world leader in combating advanced malware, zero-day and targeted attacks that bypass traditional defenses, such as firewalls, IPS and antivirus.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: APTs: Getting Serious About Zero-Day Threats
  • Live at: Jul 19 2012 5:00 pm
  • Presented by: Alex Lanstein, Senior Researcher, FireEye
  • From:
Your email has been sent.
or close
You must be logged in to email this