SlideShare a Scribd company logo

FireEye Email Security Webinar: Responding to Unknown Threats

Prime Infoserv
Prime Infoserv

This document summarizes a webinar presented by Ishtiyaq Shah on responding to unknown threats through FireEye email security. The webinar covered the current scenario of increased email threats during the COVID-19 pandemic, how FireEye email security protects users by detecting threats like impersonation and analyzing URLs and attachments, and steps organizations can take to improve their technical controls and user awareness. The presentation provided an overview of FireEye's email security capabilities and examples of COVID-19 related phishing campaigns. It also described FireEye's expertise on demand services and resources available for customers to learn more.

Technology
1 of 33
©2019 FireEye©2019 FireEye Supported by Community Partner Global Webinar Series, Hosted by Prime Infoserv
©2019 FireEye©2019 FireEye Ishtiyaq Ahmad Shah is a Security Consultant with more than 15 years of experience in the security industry, Ishtiyaq is currently Security consultant at FireEye India, based out of New Delhi. Ishtiyaq specializes in Advance Persistent Threat Management, Data Security and Security management solutions. Prior to joining FireEye, he served as security consultant at RSA, Wipro & HCL Technologies. Ishtiyaq holds a Bachelor's degree in computer science, Diploma in Cyber Law & other Industry certifications Ishtiyaq Ahmad Shah, FireEye 2 Presenter
Ishtiyaq Shah Sr. Solution Architect Responding to Unknown Threats FireEye Email Security – Everyone is a Target
©2019 FireEye©2019 FireEye Current Scenario – Everyone trying to work from home Email Security – Rise in targeted Emails with Covid19 themes – How we protect our Email users? – Expertise on Demand – eLearning What can Customers do NOW? – Technical or operational – General Awareness Q&A Agenda Overview 4
©2019 FireEye©2019 FireEye Reminder: No Sales or marketing pitch
©2019 FireEye©2019 FireEye – Sudden move to a distributed workforce with no field movement – Staff shortages, in general or due to sickness – Ransomware shutting down organizations worldwide. – COVID-19-related spear phishing – Information operations spreading misinformation – Targeted attempts to steal intellectual property from healthcare-focused research institutions – Impact on supply chain disruptions on the flow of medical supplies, teams, or material, including manufacturing – Fake News upsurge – Demanding uptick for latest information by masses on Covid-19 situation Present Scenario & Concerns 6
©2019 FireEye©2019 FireEye  Mandatory working from Home for all employees unless extremely urgent to be in Data Center  Multiple Solution apps and infrastructure are SaaS or hosted in public cloud infrastructure providing resiliency and scalability as needed  Cloud security Solutions for AWS, GCP and Azure infrastructure  Internal Security Operations Centers working as a remote model across the world  Service and Support operations are fully operational though shifted largely to remote working mode  Mandiant team helping customers respond to any breaches or incidents via different modes  Managed Defense team keeping customers security afloat remotely Business Continuity @ FireEye 7
Email Security
©2019 FireEye©2019 FireEye • Malicious actors have always exploited users’ sense of urgency, fear, goodwill and mistrust • Threat actors exploiting current crisis is not new. • Attackers simply take advantage of a particularly overtaxed target set that is urgently seeking new information. • Users who are aware of this dynamic, and who approach any new information with cautious skepticism will be especially prepared to meet this challenge. Current Situational Implications
©2019 FireEye©2019 FireEye Email is a primary attack vector Social Distancing - Target via Email 10
©2019 FireEye©2019 FireEye  Few LURE DOCUMENT VISUALS Spur in COVID-19 based Spear-Phish mails 11
©2019 FireEye©2019 FireEye  COVID-19 has rapidly taken over the headlines  Increased risks due to users working from home en masse.  Threat actors aligning with the COVID-19 topic for Targetted campaigns – Financial crime, cyber espionage and information operations. – Increasing attack by financially motivated threat actors seeking to exploit their sense of urgency, fear, goodwill and mistrust. – Attackers use email to deliver malware in an effort to establish a foothold – Siphon account credentials through phishing tactics. There are viruses, and then there are viruses 12 Example of a COVID-19 phishing email used by TEMP.Warlock threat group.
©2019 FireEye©2019 FireEye Real Impact - Phishing Campaign 13 • Emails Sent with the subject line “Internal Guidance for Businesses Grant and loans in response to respond to COVID-19” • Emails had OpenDocument Presentation (.ODP) format attachments • If opened in Microsoft PowerPoint or OpenOffice Impress, display a U.S. Small Business Administration (SBA) themed message • Uses an inline link that redirects to an Office 365 phishing kit hosted at https://tyuy56df-kind-giraffe-ok.mybluemix[.]net/. Example Phishing Campaign
©2019 FireEye©2019 FireEye Real Impact - Malware Distribution Campaign 14 • March 18 - individuals across a broad set of industries and geographies received emails with the subject line “COVID-19 Payment” • Intended to distribute the SILENTNIGHT banking malware (also referred to by others as Zloader) • Mails sent from a large pool of different @gmx.com domain • Had password protected MS Word document attachments with file name “COVID 19 Relief.doc” • emails appear to be auto generated and follow the format <name>.<name><SevenNumberString>@gmx.com • Upon opening and enabling macros a .JSE script crafted to download and execute an instance of SILENTNIGHT from http://209.141.54[.]161/crypt18.dll would drop and execute. • Attackers increasingly leverage lures tailored to the new economic stimulus bill and related Covid-19 recovery efforts • Threat actors with varying motivations are actively exploiting the current pandemic and public fear of the coronavirus and COVID-19. • Security researchers at FireEye already begun to identify and report on COVID-19 themed campaigns Example Malware Distribution Campaign
FireEye Email Security
©2019 FireEye©2019 FireEye FireEye Advanced Persistent Threat Groups 16
©2019 FireEye©2019 FireEye Phishing Attack Landscape 17 Personal Identity, Financial Credential Access Organization Access/Data W2, BEC, High Profile Accounts BROAD ($$) ($$$$) TARGETED DOMAIN SPOOF PHISHING ATTACHMENTS USER IMPERSONTION TEXT LURES CREDENTIAL PHISHING LINKS DOMAIN IMPERSONATION LINK TO SaaS APPS SUPPLY CHAIN IMPERSONATION Attack Spectrum Attack Lures/Payloads Source: ENISA (January 2019). Threat Landscape Report 2018, 15 Top Cyberthreats and Trends.
©2019 FireEye©2019 FireEye Are You Confident Your Team Won’t Click? 18 1 2 3 4 Impersonation Timeline Identify A Target Grooming Exchange of Information Wire Transfer Bad actors social engineering tactics. (Using Covid-19 Theme) Fraudulent emails get past traditional email security. Users susceptible to take action when context is relevant and fear consequences of failing to react. Mission accomplished. *Source: National Institute of Standards and Technology (2018), User Context: An Explanatory Variable in phishing Susceptibility.
©2019 FireEye©2019 FireEye Email Security Key requirements 19 Full Security Stack Internet FireEye Email Security Cloud Edition with AV/AS Customer Email Server Gartner Requirements ✓ Advanced threat detection ✓ Deep relationship analysis ✓ AV/AS filtering ✓ Impersonation Detection Secure Email Gateway
©2019 FireEye©2019 FireEye Email Security in Action 20 Receive Message received by inbound mail server Retroactive analysis Detect Spam and impersonation scanning, known malware and malicious URLs Analyze MVX and Advanced URL Defense for advanced threats Alert Admin informed that message blocked and why Deliver Message is clean and delivered to recipient’s inbox ✓ Block Malicious messages quarantined for further review ✘ Inbound Protection
©2019 FireEye©2019 FireEye Email Security—Cloud Edition in Action 21 Send Message sent by Outbound mail server Deliver Message is clean and delivered to recipient’s inbox ✓ Detect Spam scanning, known malware and malicious URLs Analyze MVX and Advanced URL Defense for advanced threats Block Malicious messages quarantined for further review ✘ Alert Admin informed that message blocked and why Retroactive analysis Outbound Protection Cloud Edition with AV/AS
©2019 FireEye Auto Remediate for Office 365 Actions 22 Auto Remediate Email becomes weaponized post-delivery (retroactively). Policy action quarantines, moves or deletes malicious message from inbox Move Moves malicious email from the inbox to any administrator-defined folder Quarantine Removes malicious email from the inbox and places it in quarantine within Cloud Edition for review Delete Permanently deletes malicious email from the inbox
©2019 FireEye©2019 FireEye Protection Against Advanced Threats 23 New Phishing Sites (URL credential phishing) Impersonation (CEO fraud, sender spoofing) Unknown Malware (attachments, links, zero day) Advanced URL Defense (URL inspection) Smart DNS (deep relationship analysis) MVX Engine (attachment& URL detonation) 40M+ Mailboxes ThreatsCapabilities Intelligence (frontline investigations, email specific threat intel)
©2019 FireEye©2019 FireEye Key Benefits 24 Protect Email Users Stop threats before it reaches the inbox. Detect advanced threats and spam. Block inline Threats. Prevent Incidents Enable near real-time response to attacks. Identify risk level of malicious content. Customize policies. Surface Threats Minimize false positives. Prioritize events based on risk. Apply contextual intelligence. Cloud Edition with AV/AS
©2019 FireEye©2019 FireEye Reduce the risk of security incidents becoming serious. Business Value 25 Improve team productivity through the correlation of threats. Consolidate email security vendors for greater cost efficiency.
©2019 FireEye©2019 FireEye Expertise on Demand 26 You see a campaign. You want to know what FireEye knows about it • Provides context and overviews • Highlights available Insight reports Self- service Single Report / Answer Limited Duration Scoped Engagement Context Inquiries Insight Analyst Investigation Full Services Portfolio The campaign is targeting my organization or industry vertical You now know enough to be nervous. You want to investigate the campaign more Yes, there is impact. I need help. • Access the referenced Intel report, or • Brief analyst commentary • Request analyst evaluation of the campaign • Determine impact if email was delivered • Transition to IR • Provide a tailored threat briefing • Engage Mandiant for security posture review Ask an Analyst Pairings with Email Security
©2019 FireEye©2019 FireEye  Enforce Multi-factor Authentication (MFA)  Configure Spoof Protection Controls (SPF, DMARC etc)  Validate Email Security Gateway Implementation  Implement Automated Email Warning Reminders  Formalize Phishing Reporting Process  Block Macros in Microsoft Office Documents  Validate Web Proxy or URL Filtering Configurations  Implement Strong Password Policies  Ensure Sufficient Logging and Alerting is in Place  Develop and Operationalize Phishing Incident Response Playbooks  Authenticator App instead of SMS  DMARC, SPF, DKIM  Scan and block both malicious attachments and embedded URLs  Automatically embed an “External Email” disclaimer to each email received  Block macros from running in Office files from the Internet  All files downloaded from external websites analysed  Reduce Social Engineering attempts for password reset  Central logging& alerting platform  Operationalization of an IR Playbook What Can Organization do? 27 Technical & Operational Source: FireEye Research Blog: How to Manage Email Phishing Risks
©2019 FireEye©2019 FireEye  Continue to focus on both building user security awareness  Hardening technical mitigative and detective controls  Enhance user awareness  Communicate the risks posed by COVID-19 phishing and social engineering campaigns  Provide users examples of what to watch out for and what to do if they come across such emails  Reminding users to remain vigilant to both phishing emails and potential payment fraud scenarios Security-awareness-work-home- deployment-kit  Free Awareness workshop and material for refernce – SANS: https://www.sans.org/security- awareness-training/sans- security-awareness-work-home- deployment-kit – US CERT: https://www.us- cert.gov/ncas/current- activity/2020/03/06/defending- against-covid-19-cyber-scams What Can Organization do? 28 General Awareness and Vigilance
©2019 FireEye©2019 FireEye Remote Work in an Age of COVID-19 — Threat Modeling the Risks With COVID-19 Themed Campaigns on the Rise, Here’s How to Manage Email Phishing Risks Social Engineering Based on Stimulus Bill and COVID-19 Financial Compensation Schemes Expected to Grow in Coming Weeks FireEye Email Security - Datasheet FireEye Expertise on Demand - Combat the Cyber Skills Shortage - Datasheet FireEye Technical Webinars - Cyber Tech Live The 3 Ts of An Email Attack - TACTICS, TECHNIQUES, TARGETS Email Threat Report Key Resources to refer 29
Ishtiyaq Shah Q&A
Thank You • Social Distancing • Work on starting more communication with colleagues, friends, peers • Work from Remote like you do in office • Keep yourself healthy • Start Upskilling yourself • Work on Time Management • Cleanup your computers and mobiles of unwanted files & Software's • Arrange data and Apps on your digital equipment’s • Make yourself aware of all guidelines released by Authorities • Keep you and family safe • Keep All software up to date with latest patches • Always use licensed software
©2019 FireEye©2019 FireEye  Thank you for your attendance and kind co-operations  Please submit your feedback from which you will receive by mail.  The session video, presentation etc. will be available on Prime YouTube Channel, Slideshare and Facebook  There are upcoming interesting sessions in the coming days, if you have not yet registered, please register soon. Thank you 32
©2019 FireEye©2019 FireEye 2nd April (4pm - 5.30pm) Application Delivery - Scaling Capacity & Availability: Mr.Tarun Verma, A10 Networks Webex Link: https://meetingsapac.webex.com/mee tingsapac/j.php?MTID=m41f69a4efcf4 901a59479ec0dec96501 Meeting number: 577 492 175 Password: adc@123 Stay Tuned for the upcoming programs 3rd April (4pm - 5.30pm) ONE Platform - Connecting Everything: Mr.Vivek Srivastava, Soti Webex Link: https://meetingsapac.webex.com/meeting sapac/j.php?MTID=m3ffe0d1ccd19b819d fe80e1d6083bfc9 Meeting number: 576 456 660 Password: soti@123

Recommended

Cyber Threat 2019 NCSC-SANS London Conference - Mandiant Grab Bag of Attacker...
Cyber Threat 2019 NCSC-SANS London Conference - Mandiant Grab Bag of Attacker...Cyber Threat 2019 NCSC-SANS London Conference - Mandiant Grab Bag of Attacker...
Cyber Threat 2019 NCSC-SANS London Conference - Mandiant Grab Bag of Attacker...MitchellClarke14
 
Cyber Threat 2019 NCSC-SANS London Conference - Mandiant IR Practitioners Guide
Cyber Threat 2019 NCSC-SANS London Conference - Mandiant IR Practitioners GuideCyber Threat 2019 NCSC-SANS London Conference - Mandiant IR Practitioners Guide
Cyber Threat 2019 NCSC-SANS London Conference - Mandiant IR Practitioners GuideMitchellClarke14
 
Secure remote work
Secure remote workSecure remote work
Secure remote workAllessandra Negri
 
106 Threat defense and information security development trends
106 Threat defense and information security development trends106 Threat defense and information security development trends
106 Threat defense and information security development trendsSsendiSamuel
 
The Art of CyberSecurity in the Cloud
The Art of CyberSecurity in the CloudThe Art of CyberSecurity in the Cloud
The Art of CyberSecurity in the CloudAmazon Web Services
 
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data AssetsFS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data AssetsPuneet Kukreja
 
The Security Circle- Services Offered
The Security Circle- Services OfferedThe Security Circle- Services Offered
The Security Circle- Services OfferedRachel Anne Carter
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligenceseadeloitte
 

Recommended

Cyber Threat 2019 NCSC-SANS London Conference - Mandiant Grab Bag of Attacker...
Cyber Threat 2019 NCSC-SANS London Conference - Mandiant Grab Bag of Attacker...Cyber Threat 2019 NCSC-SANS London Conference - Mandiant Grab Bag of Attacker...
Cyber Threat 2019 NCSC-SANS London Conference - Mandiant Grab Bag of Attacker...MitchellClarke14
 
Cyber Threat 2019 NCSC-SANS London Conference - Mandiant IR Practitioners Guide
Cyber Threat 2019 NCSC-SANS London Conference - Mandiant IR Practitioners GuideCyber Threat 2019 NCSC-SANS London Conference - Mandiant IR Practitioners Guide
Cyber Threat 2019 NCSC-SANS London Conference - Mandiant IR Practitioners GuideMitchellClarke14
 
Secure remote work
Secure remote workSecure remote work
Secure remote workAllessandra Negri
 
106 Threat defense and information security development trends
106 Threat defense and information security development trends106 Threat defense and information security development trends
106 Threat defense and information security development trendsSsendiSamuel
 
The Art of CyberSecurity in the Cloud
The Art of CyberSecurity in the CloudThe Art of CyberSecurity in the Cloud
The Art of CyberSecurity in the CloudAmazon Web Services
 
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data AssetsFS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data AssetsPuneet Kukreja
 
The Security Circle- Services Offered
The Security Circle- Services OfferedThe Security Circle- Services Offered
The Security Circle- Services OfferedRachel Anne Carter
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligenceseadeloitte
 
Trend Micro - is your cloud secure
Trend Micro - is your cloud secureTrend Micro - is your cloud secure
Trend Micro - is your cloud secureKappa Data
 
M-Trends® 2013: Attack the Security Gap
M-Trends® 2013: Attack the Security GapM-Trends® 2013: Attack the Security Gap
M-Trends® 2013: Attack the Security GapFireEye, Inc.
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
 
FireEye investis case study
FireEye investis case studyFireEye investis case study
FireEye investis case studycnnetwork
 
Cyber 101: An introduction to privileged access management
Cyber 101: An introduction to privileged access managementCyber 101: An introduction to privileged access management
Cyber 101: An introduction to privileged access managementseadeloitte
 
Cyber Security and Cloud Computing
Cyber Security and Cloud ComputingCyber Security and Cloud Computing
Cyber Security and Cloud ComputingKeet Sugathadasa
 
Strategies to combat new, innovative cyber threats in 2019
Strategies to combat new, innovative cyber threats in 2019Strategies to combat new, innovative cyber threats in 2019
Strategies to combat new, innovative cyber threats in 2019SrikanthRaju7
 
Beating Sophisticated Attackers at Their Game Using AWS
Beating Sophisticated Attackers at Their Game Using AWSBeating Sophisticated Attackers at Their Game Using AWS
Beating Sophisticated Attackers at Their Game Using AWSAmazon Web Services
 
Cyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsCyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsUlf Mattsson
 
Security Trend Report, 2017
Security Trend Report, 2017Security Trend Report, 2017
Security Trend Report, 2017Bill Chamberlin
 
Shift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber ResilienceShift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber ResilienceDarren Argyle
 
Seminar on Phishing Protection
Seminar on Phishing ProtectionSeminar on Phishing Protection
Seminar on Phishing ProtectionCristian Garcia G.
 
Cyber Resilience
Cyber ResilienceCyber Resilience
Cyber ResilienceIan-Edward Stafrace
 
EveryCloud_Company_Intro_Piece
EveryCloud_Company_Intro_PieceEveryCloud_Company_Intro_Piece
EveryCloud_Company_Intro_PiecePaul Richards
 
The Proactive Approach to Cyber Security
The Proactive Approach to Cyber SecurityThe Proactive Approach to Cyber Security
The Proactive Approach to Cyber SecurityNathan Desfontaines
 
A Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveA Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveDawn Yankeelov
 
Practical Security for the Cloud
Practical Security for the CloudPractical Security for the Cloud
Practical Security for the CloudChirag Joshi, CISA, CISM, CRISC
 
Level Up Your Security with Threat Intelligence
Level Up Your Security with Threat IntelligenceLevel Up Your Security with Threat Intelligence
Level Up Your Security with Threat IntelligenceIBM Security
 
Webinar - How to Become a Cyber-threat Intelligence Analyst
Webinar - How to Become a Cyber-threat Intelligence AnalystWebinar - How to Become a Cyber-threat Intelligence Analyst
Webinar - How to Become a Cyber-threat Intelligence AnalystTuan Yang
 
Endpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyeEndpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyePrime Infoserv
 
The anatomy of a spear phishing attack
The anatomy of a spear phishing attackThe anatomy of a spear phishing attack
The anatomy of a spear phishing attackVade Secure
 
FireEye Portfolio
FireEye PortfolioFireEye Portfolio
FireEye PortfolioPrime Infoserv
 

More Related Content

What's hot

Trend Micro - is your cloud secure
Trend Micro - is your cloud secureTrend Micro - is your cloud secure
Trend Micro - is your cloud secureKappa Data
 
M-Trends® 2013: Attack the Security Gap
M-Trends® 2013: Attack the Security GapM-Trends® 2013: Attack the Security Gap
M-Trends® 2013: Attack the Security GapFireEye, Inc.
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
 
FireEye investis case study
FireEye investis case studyFireEye investis case study
FireEye investis case studycnnetwork
 
Cyber 101: An introduction to privileged access management
Cyber 101: An introduction to privileged access managementCyber 101: An introduction to privileged access management
Cyber 101: An introduction to privileged access managementseadeloitte
 
Cyber Security and Cloud Computing
Cyber Security and Cloud ComputingCyber Security and Cloud Computing
Cyber Security and Cloud ComputingKeet Sugathadasa
 
Strategies to combat new, innovative cyber threats in 2019
Strategies to combat new, innovative cyber threats in 2019Strategies to combat new, innovative cyber threats in 2019
Strategies to combat new, innovative cyber threats in 2019SrikanthRaju7
 
Beating Sophisticated Attackers at Their Game Using AWS
Beating Sophisticated Attackers at Their Game Using AWSBeating Sophisticated Attackers at Their Game Using AWS
Beating Sophisticated Attackers at Their Game Using AWSAmazon Web Services
 
Cyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsCyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsUlf Mattsson
 
Security Trend Report, 2017
Security Trend Report, 2017Security Trend Report, 2017
Security Trend Report, 2017Bill Chamberlin
 
Shift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber ResilienceShift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber ResilienceDarren Argyle
 
Seminar on Phishing Protection
Seminar on Phishing ProtectionSeminar on Phishing Protection
Seminar on Phishing ProtectionCristian Garcia G.
 
EveryCloud_Company_Intro_Piece
EveryCloud_Company_Intro_PieceEveryCloud_Company_Intro_Piece
EveryCloud_Company_Intro_PiecePaul Richards
 
The Proactive Approach to Cyber Security
The Proactive Approach to Cyber SecurityThe Proactive Approach to Cyber Security
The Proactive Approach to Cyber SecurityNathan Desfontaines
 
A Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveA Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveDawn Yankeelov
 
Level Up Your Security with Threat Intelligence
Level Up Your Security with Threat IntelligenceLevel Up Your Security with Threat Intelligence
Level Up Your Security with Threat IntelligenceIBM Security
 
Webinar - How to Become a Cyber-threat Intelligence Analyst
Webinar - How to Become a Cyber-threat Intelligence AnalystWebinar - How to Become a Cyber-threat Intelligence Analyst
Webinar - How to Become a Cyber-threat Intelligence AnalystTuan Yang
 

What's hot (19)

Trend Micro - is your cloud secure
Trend Micro - is your cloud secureTrend Micro - is your cloud secure
Trend Micro - is your cloud secure
 
M-Trends® 2013: Attack the Security Gap
M-Trends® 2013: Attack the Security GapM-Trends® 2013: Attack the Security Gap
M-Trends® 2013: Attack the Security Gap
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & Recommendations
 
FireEye investis case study
FireEye investis case studyFireEye investis case study
FireEye investis case study
 
Cyber 101: An introduction to privileged access management
Cyber 101: An introduction to privileged access managementCyber 101: An introduction to privileged access management
Cyber 101: An introduction to privileged access management
 
Cyber Security and Cloud Computing
Cyber Security and Cloud ComputingCyber Security and Cloud Computing
Cyber Security and Cloud Computing
 
Strategies to combat new, innovative cyber threats in 2019
Strategies to combat new, innovative cyber threats in 2019Strategies to combat new, innovative cyber threats in 2019
Strategies to combat new, innovative cyber threats in 2019
 
Beating Sophisticated Attackers at Their Game Using AWS
Beating Sophisticated Attackers at Their Game Using AWSBeating Sophisticated Attackers at Their Game Using AWS
Beating Sophisticated Attackers at Their Game Using AWS
 
Cyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsCyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & Recommendations
 
Security Trend Report, 2017
Security Trend Report, 2017Security Trend Report, 2017
Security Trend Report, 2017
 
Shift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber ResilienceShift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber Resilience
 
Seminar on Phishing Protection
Seminar on Phishing ProtectionSeminar on Phishing Protection
Seminar on Phishing Protection
 
Cyber Resilience
Cyber ResilienceCyber Resilience
Cyber Resilience
 
EveryCloud_Company_Intro_Piece
EveryCloud_Company_Intro_PieceEveryCloud_Company_Intro_Piece
EveryCloud_Company_Intro_Piece
 
The Proactive Approach to Cyber Security
The Proactive Approach to Cyber SecurityThe Proactive Approach to Cyber Security
The Proactive Approach to Cyber Security
 
A Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveA Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate Perspective
 
Practical Security for the Cloud
Practical Security for the CloudPractical Security for the Cloud
Practical Security for the Cloud
 
Level Up Your Security with Threat Intelligence
Level Up Your Security with Threat IntelligenceLevel Up Your Security with Threat Intelligence
Level Up Your Security with Threat Intelligence
 
Webinar - How to Become a Cyber-threat Intelligence Analyst
Webinar - How to Become a Cyber-threat Intelligence AnalystWebinar - How to Become a Cyber-threat Intelligence Analyst
Webinar - How to Become a Cyber-threat Intelligence Analyst
 

Similar to FireEye Email Security Webinar: Responding to Unknown Threats

Endpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyeEndpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyePrime Infoserv
 
The anatomy of a spear phishing attack
The anatomy of a spear phishing attackThe anatomy of a spear phishing attack
The anatomy of a spear phishing attackVade Secure
 
Akamai Intelligent Edge Security
Akamai Intelligent Edge SecurityAkamai Intelligent Edge Security
Akamai Intelligent Edge SecurityAkamai Technologies
 
The top cybersecurity challenges post-lockdow
The top cybersecurity challenges post-lockdowThe top cybersecurity challenges post-lockdow
The top cybersecurity challenges post-lockdowDharmendra Rama
 
Approaches to Cyber Resilience and Supply Chain Assurance
Approaches to Cyber Resilience and Supply Chain AssuranceApproaches to Cyber Resilience and Supply Chain Assurance
Approaches to Cyber Resilience and Supply Chain AssuranceLeonardo
 
What Ransomware Taught us in 2021?
What Ransomware Taught us in 2021?What Ransomware Taught us in 2021?
What Ransomware Taught us in 2021?MaryJWilliams2
 
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...CODE BLUE
 
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...IBM Security
 
Bordless Breaches and Migrating Malware
Bordless Breaches and Migrating MalwareBordless Breaches and Migrating Malware
Bordless Breaches and Migrating MalwareSarah Freemantle
 
Understanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUnderstanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUlf Mattsson
 
HP2065_TieCon_Presentation_V7
HP2065_TieCon_Presentation_V7HP2065_TieCon_Presentation_V7
HP2065_TieCon_Presentation_V7Mark Interrante
 
Cyber attacks during COVID-19 Era
Cyber attacks during COVID-19 EraCyber attacks during COVID-19 Era
Cyber attacks during COVID-19 EraPranav Kumar
 
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...IBM Security
 
White Paper Example - Brafton for NIP Group.pdf
White Paper Example - Brafton for NIP Group.pdfWhite Paper Example - Brafton for NIP Group.pdf
White Paper Example - Brafton for NIP Group.pdfBrafton
 
WatchGuard Corporate Presentation.pptx
WatchGuard Corporate Presentation.pptxWatchGuard Corporate Presentation.pptx
WatchGuard Corporate Presentation.pptxRachatrinTongrungroj1
 
Establishment of Threat Intel into Incident Response
Establishment of Threat Intel into Incident ResponseEstablishment of Threat Intel into Incident Response
Establishment of Threat Intel into Incident ResponseAPNIC
 

Similar to FireEye Email Security Webinar: Responding to Unknown Threats (20)

Endpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyeEndpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEye
 
The anatomy of a spear phishing attack
The anatomy of a spear phishing attackThe anatomy of a spear phishing attack
The anatomy of a spear phishing attack
 
FireEye Portfolio
FireEye PortfolioFireEye Portfolio
FireEye Portfolio
 
Akamai Intelligent Edge Security
Akamai Intelligent Edge SecurityAkamai Intelligent Edge Security
Akamai Intelligent Edge Security
 
The top cybersecurity challenges post-lockdow
The top cybersecurity challenges post-lockdowThe top cybersecurity challenges post-lockdow
The top cybersecurity challenges post-lockdow
 
Approaches to Cyber Resilience and Supply Chain Assurance
Approaches to Cyber Resilience and Supply Chain AssuranceApproaches to Cyber Resilience and Supply Chain Assurance
Approaches to Cyber Resilience and Supply Chain Assurance
 
What Ransomware Taught us in 2021?
What Ransomware Taught us in 2021?What Ransomware Taught us in 2021?
What Ransomware Taught us in 2021?
 
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...
 
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
 
Bordless Breaches and Migrating Malware
Bordless Breaches and Migrating MalwareBordless Breaches and Migrating Malware
Bordless Breaches and Migrating Malware
 
Understanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUnderstanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External Threats
 
HP2065_TieCon_Presentation_V7
HP2065_TieCon_Presentation_V7HP2065_TieCon_Presentation_V7
HP2065_TieCon_Presentation_V7
 
Cyber attacks during COVID-19 Era
Cyber attacks during COVID-19 EraCyber attacks during COVID-19 Era
Cyber attacks during COVID-19 Era
 
PHISHING PROTECTION
PHISHING PROTECTION PHISHING PROTECTION
PHISHING PROTECTION
 
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
 
White Paper Example - Brafton for NIP Group.pdf
White Paper Example - Brafton for NIP Group.pdfWhite Paper Example - Brafton for NIP Group.pdf
White Paper Example - Brafton for NIP Group.pdf
 
WatchGuard Corporate Presentation.pptx
WatchGuard Corporate Presentation.pptxWatchGuard Corporate Presentation.pptx
WatchGuard Corporate Presentation.pptx
 
Measures to Avoid Cyber-attacks
Measures to Avoid Cyber-attacksMeasures to Avoid Cyber-attacks
Measures to Avoid Cyber-attacks
 
Measure To Avoid Cyber Attacks
Measure To Avoid Cyber AttacksMeasure To Avoid Cyber Attacks
Measure To Avoid Cyber Attacks
 
Establishment of Threat Intel into Incident Response
Establishment of Threat Intel into Incident ResponseEstablishment of Threat Intel into Incident Response
Establishment of Threat Intel into Incident Response
 

More from Prime Infoserv

Face Recognition under COVID19 crisis
Face Recognition under COVID19 crisisFace Recognition under COVID19 crisis
Face Recognition under COVID19 crisisPrime Infoserv
 
Face Chk - Face Recognition
Face Chk - Face RecognitionFace Chk - Face Recognition
Face Chk - Face RecognitionPrime Infoserv
 
Data Protection and E-contracting
Data Protection and E-contractingData Protection and E-contracting
Data Protection and E-contractingPrime Infoserv
 
Remote Workforces Secure by Barracuda
Remote Workforces Secure by BarracudaRemote Workforces Secure by Barracuda
Remote Workforces Secure by BarracudaPrime Infoserv
 
Trend micro research covid19 threat brief summary 27 mar
Trend micro research covid19 threat brief summary 27 marTrend micro research covid19 threat brief summary 27 mar
Trend micro research covid19 threat brief summary 27 marPrime Infoserv
 
Roadmap of Cyber-security from On-Prem to Cloud Journey - Trend Micro
Roadmap of Cyber-security from On-Prem to Cloud Journey - Trend MicroRoadmap of Cyber-security from On-Prem to Cloud Journey - Trend Micro
Roadmap of Cyber-security from On-Prem to Cloud Journey - Trend MicroPrime Infoserv
 
IBM Qradar & resilient
IBM Qradar & resilientIBM Qradar & resilient
IBM Qradar & resilientPrime Infoserv
 
DLP solution - InDefend in WFH Situations
DLP solution - InDefend in WFH SituationsDLP solution - InDefend in WFH Situations
DLP solution - InDefend in WFH SituationsPrime Infoserv
 
Crush Cloud Complexity, Simplify Security - Shield X
Crush Cloud Complexity, Simplify Security - Shield XCrush Cloud Complexity, Simplify Security - Shield X
Crush Cloud Complexity, Simplify Security - Shield XPrime Infoserv
 
Corporate Presentation - Netmagic
Corporate Presentation - NetmagicCorporate Presentation - Netmagic
Corporate Presentation - NetmagicPrime Infoserv
 
Teamwork with Microsoft Teams
Teamwork with Microsoft TeamsTeamwork with Microsoft Teams
Teamwork with Microsoft TeamsPrime Infoserv
 
Windows Virtual Desktop Customer benefits
Windows Virtual Desktop Customer benefitsWindows Virtual Desktop Customer benefits
Windows Virtual Desktop Customer benefitsPrime Infoserv
 
Secure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoSecure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoPrime Infoserv
 
BCM Webinar presentation
BCM Webinar presentationBCM Webinar presentation
BCM Webinar presentationPrime Infoserv
 
PaloAlto Enterprise Security Solution
PaloAlto Enterprise Security SolutionPaloAlto Enterprise Security Solution
PaloAlto Enterprise Security SolutionPrime Infoserv
 
Phishing Simulation By Shield Alliance
Phishing Simulation By Shield AlliancePhishing Simulation By Shield Alliance
Phishing Simulation By Shield AlliancePrime Infoserv
 
IBM MaaS360 with watson
IBM MaaS360 with watsonIBM MaaS360 with watson
IBM MaaS360 with watsonPrime Infoserv
 
Skill Development by Prime
Skill Development by PrimeSkill Development by Prime
Skill Development by PrimePrime Infoserv
 

More from Prime Infoserv (20)

Face Recognition under COVID19 crisis
Face Recognition under COVID19 crisisFace Recognition under COVID19 crisis
Face Recognition under COVID19 crisis
 
Face Chk - Face Recognition
Face Chk - Face RecognitionFace Chk - Face Recognition
Face Chk - Face Recognition
 
Data Protection and E-contracting
Data Protection and E-contractingData Protection and E-contracting
Data Protection and E-contracting
 
Remote Workforces Secure by Barracuda
Remote Workforces Secure by BarracudaRemote Workforces Secure by Barracuda
Remote Workforces Secure by Barracuda
 
Trend micro research covid19 threat brief summary 27 mar
Trend micro research covid19 threat brief summary 27 marTrend micro research covid19 threat brief summary 27 mar
Trend micro research covid19 threat brief summary 27 mar
 
Roadmap of Cyber-security from On-Prem to Cloud Journey - Trend Micro
Roadmap of Cyber-security from On-Prem to Cloud Journey - Trend MicroRoadmap of Cyber-security from On-Prem to Cloud Journey - Trend Micro
Roadmap of Cyber-security from On-Prem to Cloud Journey - Trend Micro
 
IBM Qradar & resilient
IBM Qradar & resilientIBM Qradar & resilient
IBM Qradar & resilient
 
DLP solution - InDefend in WFH Situations
DLP solution - InDefend in WFH SituationsDLP solution - InDefend in WFH Situations
DLP solution - InDefend in WFH Situations
 
Crush Cloud Complexity, Simplify Security - Shield X
Crush Cloud Complexity, Simplify Security - Shield XCrush Cloud Complexity, Simplify Security - Shield X
Crush Cloud Complexity, Simplify Security - Shield X
 
Corporate Presentation - Netmagic
Corporate Presentation - NetmagicCorporate Presentation - Netmagic
Corporate Presentation - Netmagic
 
Teamwork with Microsoft Teams
Teamwork with Microsoft TeamsTeamwork with Microsoft Teams
Teamwork with Microsoft Teams
 
Microsoft Teams-flyer
Microsoft Teams-flyerMicrosoft Teams-flyer
Microsoft Teams-flyer
 
Windows Virtual Desktop Customer benefits
Windows Virtual Desktop Customer benefitsWindows Virtual Desktop Customer benefits
Windows Virtual Desktop Customer benefits
 
Secure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoSecure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAlto
 
BCM Webinar presentation
BCM Webinar presentationBCM Webinar presentation
BCM Webinar presentation
 
PaloAlto Enterprise Security Solution
PaloAlto Enterprise Security SolutionPaloAlto Enterprise Security Solution
PaloAlto Enterprise Security Solution
 
Phishing Simulation By Shield Alliance
Phishing Simulation By Shield AlliancePhishing Simulation By Shield Alliance
Phishing Simulation By Shield Alliance
 
FireEye Solutions
FireEye SolutionsFireEye Solutions
FireEye Solutions
 
IBM MaaS360 with watson
IBM MaaS360 with watsonIBM MaaS360 with watson
IBM MaaS360 with watson
 
Skill Development by Prime
Skill Development by PrimeSkill Development by Prime
Skill Development by Prime
 

Recently uploaded

Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 

Recently uploaded (20)

Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 

FireEye Email Security Webinar: Responding to Unknown Threats

  • 1. ©2019 FireEye©2019 FireEye Supported by Community Partner Global Webinar Series, Hosted by Prime Infoserv
  • 2. ©2019 FireEye©2019 FireEye Ishtiyaq Ahmad Shah is a Security Consultant with more than 15 years of experience in the security industry, Ishtiyaq is currently Security consultant at FireEye India, based out of New Delhi. Ishtiyaq specializes in Advance Persistent Threat Management, Data Security and Security management solutions. Prior to joining FireEye, he served as security consultant at RSA, Wipro & HCL Technologies. Ishtiyaq holds a Bachelor's degree in computer science, Diploma in Cyber Law & other Industry certifications Ishtiyaq Ahmad Shah, FireEye 2 Presenter
  • 3. Ishtiyaq Shah Sr. Solution Architect Responding to Unknown Threats FireEye Email Security – Everyone is a Target
  • 4. ©2019 FireEye©2019 FireEye Current Scenario – Everyone trying to work from home Email Security – Rise in targeted Emails with Covid19 themes – How we protect our Email users? – Expertise on Demand – eLearning What can Customers do NOW? – Technical or operational – General Awareness Q&A Agenda Overview 4
  • 5. ©2019 FireEye©2019 FireEye Reminder: No Sales or marketing pitch
  • 6. ©2019 FireEye©2019 FireEye – Sudden move to a distributed workforce with no field movement – Staff shortages, in general or due to sickness – Ransomware shutting down organizations worldwide. – COVID-19-related spear phishing – Information operations spreading misinformation – Targeted attempts to steal intellectual property from healthcare-focused research institutions – Impact on supply chain disruptions on the flow of medical supplies, teams, or material, including manufacturing – Fake News upsurge – Demanding uptick for latest information by masses on Covid-19 situation Present Scenario & Concerns 6
  • 7. ©2019 FireEye©2019 FireEye  Mandatory working from Home for all employees unless extremely urgent to be in Data Center  Multiple Solution apps and infrastructure are SaaS or hosted in public cloud infrastructure providing resiliency and scalability as needed  Cloud security Solutions for AWS, GCP and Azure infrastructure  Internal Security Operations Centers working as a remote model across the world  Service and Support operations are fully operational though shifted largely to remote working mode  Mandiant team helping customers respond to any breaches or incidents via different modes  Managed Defense team keeping customers security afloat remotely Business Continuity @ FireEye 7
  • 9. ©2019 FireEye©2019 FireEye • Malicious actors have always exploited users’ sense of urgency, fear, goodwill and mistrust • Threat actors exploiting current crisis is not new. • Attackers simply take advantage of a particularly overtaxed target set that is urgently seeking new information. • Users who are aware of this dynamic, and who approach any new information with cautious skepticism will be especially prepared to meet this challenge. Current Situational Implications
  • 10. ©2019 FireEye©2019 FireEye Email is a primary attack vector Social Distancing - Target via Email 10
  • 11. ©2019 FireEye©2019 FireEye  Few LURE DOCUMENT VISUALS Spur in COVID-19 based Spear-Phish mails 11
  • 12. ©2019 FireEye©2019 FireEye  COVID-19 has rapidly taken over the headlines  Increased risks due to users working from home en masse.  Threat actors aligning with the COVID-19 topic for Targetted campaigns – Financial crime, cyber espionage and information operations. – Increasing attack by financially motivated threat actors seeking to exploit their sense of urgency, fear, goodwill and mistrust. – Attackers use email to deliver malware in an effort to establish a foothold – Siphon account credentials through phishing tactics. There are viruses, and then there are viruses 12 Example of a COVID-19 phishing email used by TEMP.Warlock threat group.
  • 13. ©2019 FireEye©2019 FireEye Real Impact - Phishing Campaign 13 • Emails Sent with the subject line “Internal Guidance for Businesses Grant and loans in response to respond to COVID-19” • Emails had OpenDocument Presentation (.ODP) format attachments • If opened in Microsoft PowerPoint or OpenOffice Impress, display a U.S. Small Business Administration (SBA) themed message • Uses an inline link that redirects to an Office 365 phishing kit hosted at https://tyuy56df-kind-giraffe-ok.mybluemix[.]net/. Example Phishing Campaign
  • 14. ©2019 FireEye©2019 FireEye Real Impact - Malware Distribution Campaign 14 • March 18 - individuals across a broad set of industries and geographies received emails with the subject line “COVID-19 Payment” • Intended to distribute the SILENTNIGHT banking malware (also referred to by others as Zloader) • Mails sent from a large pool of different @gmx.com domain • Had password protected MS Word document attachments with file name “COVID 19 Relief.doc” • emails appear to be auto generated and follow the format <name>.<name><SevenNumberString>@gmx.com • Upon opening and enabling macros a .JSE script crafted to download and execute an instance of SILENTNIGHT from http://209.141.54[.]161/crypt18.dll would drop and execute. • Attackers increasingly leverage lures tailored to the new economic stimulus bill and related Covid-19 recovery efforts • Threat actors with varying motivations are actively exploiting the current pandemic and public fear of the coronavirus and COVID-19. • Security researchers at FireEye already begun to identify and report on COVID-19 themed campaigns Example Malware Distribution Campaign
  • 16. ©2019 FireEye©2019 FireEye FireEye Advanced Persistent Threat Groups 16
  • 17. ©2019 FireEye©2019 FireEye Phishing Attack Landscape 17 Personal Identity, Financial Credential Access Organization Access/Data W2, BEC, High Profile Accounts BROAD ($$) ($$$$) TARGETED DOMAIN SPOOF PHISHING ATTACHMENTS USER IMPERSONTION TEXT LURES CREDENTIAL PHISHING LINKS DOMAIN IMPERSONATION LINK TO SaaS APPS SUPPLY CHAIN IMPERSONATION Attack Spectrum Attack Lures/Payloads Source: ENISA (January 2019). Threat Landscape Report 2018, 15 Top Cyberthreats and Trends.
  • 18. ©2019 FireEye©2019 FireEye Are You Confident Your Team Won’t Click? 18 1 2 3 4 Impersonation Timeline Identify A Target Grooming Exchange of Information Wire Transfer Bad actors social engineering tactics. (Using Covid-19 Theme) Fraudulent emails get past traditional email security. Users susceptible to take action when context is relevant and fear consequences of failing to react. Mission accomplished. *Source: National Institute of Standards and Technology (2018), User Context: An Explanatory Variable in phishing Susceptibility.
  • 19. ©2019 FireEye©2019 FireEye Email Security Key requirements 19 Full Security Stack Internet FireEye Email Security Cloud Edition with AV/AS Customer Email Server Gartner Requirements ✓ Advanced threat detection ✓ Deep relationship analysis ✓ AV/AS filtering ✓ Impersonation Detection Secure Email Gateway
  • 20. ©2019 FireEye©2019 FireEye Email Security in Action 20 Receive Message received by inbound mail server Retroactive analysis Detect Spam and impersonation scanning, known malware and malicious URLs Analyze MVX and Advanced URL Defense for advanced threats Alert Admin informed that message blocked and why Deliver Message is clean and delivered to recipient’s inbox ✓ Block Malicious messages quarantined for further review ✘ Inbound Protection
  • 21. ©2019 FireEye©2019 FireEye Email Security—Cloud Edition in Action 21 Send Message sent by Outbound mail server Deliver Message is clean and delivered to recipient’s inbox ✓ Detect Spam scanning, known malware and malicious URLs Analyze MVX and Advanced URL Defense for advanced threats Block Malicious messages quarantined for further review ✘ Alert Admin informed that message blocked and why Retroactive analysis Outbound Protection Cloud Edition with AV/AS
  • 22. ©2019 FireEye Auto Remediate for Office 365 Actions 22 Auto Remediate Email becomes weaponized post-delivery (retroactively). Policy action quarantines, moves or deletes malicious message from inbox Move Moves malicious email from the inbox to any administrator-defined folder Quarantine Removes malicious email from the inbox and places it in quarantine within Cloud Edition for review Delete Permanently deletes malicious email from the inbox
  • 23. ©2019 FireEye©2019 FireEye Protection Against Advanced Threats 23 New Phishing Sites (URL credential phishing) Impersonation (CEO fraud, sender spoofing) Unknown Malware (attachments, links, zero day) Advanced URL Defense (URL inspection) Smart DNS (deep relationship analysis) MVX Engine (attachment& URL detonation) 40M+ Mailboxes ThreatsCapabilities Intelligence (frontline investigations, email specific threat intel)
  • 24. ©2019 FireEye©2019 FireEye Key Benefits 24 Protect Email Users Stop threats before it reaches the inbox. Detect advanced threats and spam. Block inline Threats. Prevent Incidents Enable near real-time response to attacks. Identify risk level of malicious content. Customize policies. Surface Threats Minimize false positives. Prioritize events based on risk. Apply contextual intelligence. Cloud Edition with AV/AS
  • 25. ©2019 FireEye©2019 FireEye Reduce the risk of security incidents becoming serious. Business Value 25 Improve team productivity through the correlation of threats. Consolidate email security vendors for greater cost efficiency.
  • 26. ©2019 FireEye©2019 FireEye Expertise on Demand 26 You see a campaign. You want to know what FireEye knows about it • Provides context and overviews • Highlights available Insight reports Self- service Single Report / Answer Limited Duration Scoped Engagement Context Inquiries Insight Analyst Investigation Full Services Portfolio The campaign is targeting my organization or industry vertical You now know enough to be nervous. You want to investigate the campaign more Yes, there is impact. I need help. • Access the referenced Intel report, or • Brief analyst commentary • Request analyst evaluation of the campaign • Determine impact if email was delivered • Transition to IR • Provide a tailored threat briefing • Engage Mandiant for security posture review Ask an Analyst Pairings with Email Security
  • 27. ©2019 FireEye©2019 FireEye  Enforce Multi-factor Authentication (MFA)  Configure Spoof Protection Controls (SPF, DMARC etc)  Validate Email Security Gateway Implementation  Implement Automated Email Warning Reminders  Formalize Phishing Reporting Process  Block Macros in Microsoft Office Documents  Validate Web Proxy or URL Filtering Configurations  Implement Strong Password Policies  Ensure Sufficient Logging and Alerting is in Place  Develop and Operationalize Phishing Incident Response Playbooks  Authenticator App instead of SMS  DMARC, SPF, DKIM  Scan and block both malicious attachments and embedded URLs  Automatically embed an “External Email” disclaimer to each email received  Block macros from running in Office files from the Internet  All files downloaded from external websites analysed  Reduce Social Engineering attempts for password reset  Central logging& alerting platform  Operationalization of an IR Playbook What Can Organization do? 27 Technical & Operational Source: FireEye Research Blog: How to Manage Email Phishing Risks
  • 28. ©2019 FireEye©2019 FireEye  Continue to focus on both building user security awareness  Hardening technical mitigative and detective controls  Enhance user awareness  Communicate the risks posed by COVID-19 phishing and social engineering campaigns  Provide users examples of what to watch out for and what to do if they come across such emails  Reminding users to remain vigilant to both phishing emails and potential payment fraud scenarios Security-awareness-work-home- deployment-kit  Free Awareness workshop and material for refernce – SANS: https://www.sans.org/security- awareness-training/sans- security-awareness-work-home- deployment-kit – US CERT: https://www.us- cert.gov/ncas/current- activity/2020/03/06/defending- against-covid-19-cyber-scams What Can Organization do? 28 General Awareness and Vigilance
  • 29. ©2019 FireEye©2019 FireEye Remote Work in an Age of COVID-19 — Threat Modeling the Risks With COVID-19 Themed Campaigns on the Rise, Here’s How to Manage Email Phishing Risks Social Engineering Based on Stimulus Bill and COVID-19 Financial Compensation Schemes Expected to Grow in Coming Weeks FireEye Email Security - Datasheet FireEye Expertise on Demand - Combat the Cyber Skills Shortage - Datasheet FireEye Technical Webinars - Cyber Tech Live The 3 Ts of An Email Attack - TACTICS, TECHNIQUES, TARGETS Email Threat Report Key Resources to refer 29
  • 31. Thank You • Social Distancing • Work on starting more communication with colleagues, friends, peers • Work from Remote like you do in office • Keep yourself healthy • Start Upskilling yourself • Work on Time Management • Cleanup your computers and mobiles of unwanted files & Software's • Arrange data and Apps on your digital equipment’s • Make yourself aware of all guidelines released by Authorities • Keep you and family safe • Keep All software up to date with latest patches • Always use licensed software
  • 32. ©2019 FireEye©2019 FireEye  Thank you for your attendance and kind co-operations  Please submit your feedback from which you will receive by mail.  The session video, presentation etc. will be available on Prime YouTube Channel, Slideshare and Facebook  There are upcoming interesting sessions in the coming days, if you have not yet registered, please register soon. Thank you 32
  • 33. ©2019 FireEye©2019 FireEye 2nd April (4pm - 5.30pm) Application Delivery - Scaling Capacity & Availability: Mr.Tarun Verma, A10 Networks Webex Link: https://meetingsapac.webex.com/mee tingsapac/j.php?MTID=m41f69a4efcf4 901a59479ec0dec96501 Meeting number: 577 492 175 Password: adc@123 Stay Tuned for the upcoming programs 3rd April (4pm - 5.30pm) ONE Platform - Connecting Everything: Mr.Vivek Srivastava, Soti Webex Link: https://meetingsapac.webex.com/meeting sapac/j.php?MTID=m3ffe0d1ccd19b819d fe80e1d6083bfc9 Meeting number: 576 456 660 Password: soti@123