Name: Off The Record - Weaponizing DHCP DNS Dynamic Updates
Start: 2023-12-12T16:00:00Z
End: 2023-12-12T16:00:31.000Z
Location: BrightTALK
Rating: 5

Leading companies worldwide choose Akamai to build, deliver, and secure their digital experiences — helping billions of people live, work, and play every day. Akamai Connected Cloud, a massively distributed edge and cloud platform, puts apps and experiences closer to users and keeps threats farther away. Learn more about Akamai’s cloud computing, security, and content delivery solutions.

Ransomware has quickly become one of the most severe threats to the financial sector, with attacks skyrocketing by 70% over the past year. Unlike typical cyber incidents, today’s ransomware assaults are multi-staged and highly targeted, designed to not only disrupt operations but also exfiltrate sensitive data and amplify pressure through direct outreach to clients and regulators. Financial institutions face unique risks, from compromised reputation to operational paralysis, and require tailored defenses to stay protected.

In this webinar, our cybersecurity experts will reveal FS-ISAC’s latest findings on ransomware trends and defense strategies tailored for finance. Attendees will learn to build resilient defenses, create rapid response plans, and navigate high-stakes decision-making, equipping them with the critical tools needed to secure their organizations.

What You’ll Learn:
- Anatomy of a Ransomware Attack: From initial breach to quadruple extortion, learn the stages and tactics that make ransomware so disruptive to financial firms.
- Defense Essentials: Key cybersecurity fundamentals—like Zero Trust policies, multi-factor authentication, and isolated, resilient backup solutions—to stop ransomware in its tracks.
- Crisis Management and Compliance: Build an agile incident response plan, manage communication with clients, and navigate global regulations to reduce impact.
- Informed Decision-Making: Weigh the complex risks and compliance factors in ransom payments, with guidance for safeguarding both your operations and reputation.

Ransomware Readiness for Financial and Critical Industries

In this "If Your APIs Could Talk" episode, we'll explore the Traffic Audit feature of the Akamai API Security solution. We'll introduce participants to Traffic Audit's powerful capabilities, including recording, visualizing, and analyzing API traffic within their environment. Traffic Audit allows users to easily identify and manage the risk exposure of suspicious users and unusual API behaviors by recording data flows and creating custom audits based on specific criteria. With Traffic Audit, users gain valuable insights into API activity, such as forensic analysis for specific attacks, investigation of suspicious user behavior, and troubleshooting API configurations.

The webinar will provide a comprehensive overview of how Traffic Audit works, including how to create audits that capture and retain traffic according to predetermined filters and rules. Don't miss this opportunity to learn about the innovative capabilities of Traffic Audit and how it can enhance your API security.

Ep. 11 - Deep Dive into API Security Traffic Audit Capability

According to IDC, worldwide spending on cloud computing is projected to surpass $1.35 trillion by 2027. As these costs continue to rise, corporate CIOs and CFOs are collaborating to assess the use of cloud technologies in their business growth strategies. As Akamai discovered through Project Cirrus, it is possible to realize savings by undertaking a comprehensive cloud services reassessment and applying core principles to optimize cloud services. Join us for an upcoming webinar where we will discuss how Akamai leveraged distributed cloud computing to:

• Lower cloud costs by 40% in one year
• Improve performance by over 40% faster queries
• Facilitate transition from cloud-friendly to cloud-native

During the discussion, Akamai leaders will help attendees better understand their cloud utilization and start to gain control over cloud spending, while improving performance and agility.

The Cloud Spend Conundrum: Gain Control of Ballooning Cloud Costs

The cloud infrastructure of today cannot meet the requirements of tomorrow's applications.

New applications using AI and mixed reality require new approaches to provide more responsive applications and to protect privacy. Existing applications are becoming more personalized and customized. Customer experience needs to be seamless and reactive in the moments that matter.

Join us as we discuss how we're building a globally distributed cloud to meet the needs of your customers, partners, and your organization.

The Disruption of Cloud Computing in the Era of AI

Is your healthcare organization's digital transformation creating security blind spots? Join us for a fireside chat about the hidden risks of modernization where we'll explore threat trends and real-world case studies of how API vulnerabilities and DDoS attacks are impacting healthcare organizations today. Moderated by H-ISAC, security experts from Untangle Health and Akamai will share threat intelligence and best practices. You'll walk away with actionable insights and strategies to protect your systems without slowing down innovation.

Healthcare State of the Industry: Preventing Critical Cyber Threats

Join Akamai's financial services team as they delve into the growing challenges of DDoS and domain scraping leading to phishing attacks targeting the financial sector. Leveraging Akamai’s latest research, we'll unpack the significant rise in DDoS attacks, exacerbated by virtual machine botnets and geopolitical tensions, as well as the increasing threats of brand abuse and phishing campaigns.

The webinar will offer valuable insights into the evolving threat landscape, the vulnerabilities introduced by APIs, and proven strategies for deploying mitigation strategies like Zero Trust and microsegmentation. Join us to strengthen your defenses and gain insights on how to best safeguard your financial institution.

Navigating The Rising Tide: Attack Trends in Financial Services

In this episode of "If Your APIs Could Talk," we explore the Workflow Automation feature of Akamai API Security. This feature dramatically improves efficiency and productivity by simplifying the creation of multi-action workflows. It uses a user-friendly visual editor, customizable workflow samples, and over 300 pre-built connectors. In this session, you'll learn how to automate complex event response processes and synchronize incident-related data with third-party services like ServiceNow, JIRA, and Azure DevOps. We'll also provide examples of common workflow use cases, including: 

- Incident creation in ITSM solutions 
- Notifications to security and business teams 
- Data customization 
- Bi-directional sync with ticketing systems 
- Preventive workflows to block suspicious traffic 

Whether you're an existing user or considering Akamai API Security, this episode will provide valuable insights into using Workflow Automation to streamline your security operations.

Ep. 10 – Workflow Automation Deep Dive

As digital experiences evolve, the demand for faster, more efficient web performance has never been greater. Listen to this webinar for a technical deep dive that reveals how you can benefit from the latest performance optimisations in the browser, at the edge, and in the cloud. 

In a data driven story, we highlight modern techniques allowing for instant UX covering: 
- Distributed compute
- 103 early hints
- Speculation rules
- Volatile content acceleration
- 0-RTT

Presenters:
- Tim Vereecke, Performance Specialist, Akamai 
- Robin Marx, Performance Specialist, Akamai

From Lightning Fast to Instant: Five Modern Ways to Beat Latency

In this "If Your APIs Could Talk" episode, we'll explore the Akamai API Security Native Connector feature. This new integration, built directly into our API Security solution, enables companies to send a copy of their Akamai Connected Cloud traffic to our API Security solution for analysis with just a few clicks. Enabling this integration provides complete visibility into your APIs across environments managed by Akamai, allowing for the detection of vulnerabilities and the ability to rapidly act on runtime incidents. The session will include a demonstration of the connector's seamless deployment, a technical explanation of how it works, and a spotlight on its operational benefits.

Ep. 9 - Akamai API Security Native Connector Deep Dive

Data is being generated at unprecedented rates and from diverse sources, making effective backup solutions critical to maintaining data integrity and availability. The systems producing all that data are substantially different from the ones that traditional backup and recovery solutions were designed to protect. The high volume of data is coming from the cloud and from the edge, necessitating new architectures for protecting, backing up, and recovering the data.

Attend this webinar to learn about the new generation of backup solutions designed with cloud, cloud-native, and edge cases in mind.

From Edge to Cloud: How Backup Solutions are Evolving

We have all heard this story before - a critical vulnerability is discovered in a VPN server. It's exploited in the wild. Administrators rush to patch. Panic spreads across Twitter. 

Attackers have long sought to exploit VPN servers - they are accessible from the internet, expose a rich attack surface, and often lack in security and monitoring. Historically, VPNs were primarily abused to achieve a single objective: gaining entry into internal victim networks. While this is evidently very valuable, control over a VPN server shouldn't solely be seen as a gateway to the network, and can certainly be abused in various other ways.

In this talk, we will explore VPN post-exploitation - a new approach that consists of different techniques attackers can employ on the compromised VPN server to further progress their intrusion. To demonstrate this concept, we will inspect two of the most common VPN servers on the market - Ivanti Connect Secure and Fortigate, and show how an attacker with control over them can collect user credentials, move laterally, and maintain persistent access to the network.

We will conclude by detailing best practices and principles that should be followed by security teams when using VPN servers to reduce the risk from post-exploitation techniques.

During the session, you will:
- Explore critical vulnerabilities and real-world exploits on popular VPN platforms.
- Discover post-exploitation tactics for credential collection, lateral movement, and persistent access.
- Learn best practices to enhance VPN security and reduce advanced threat risks.

Tunnel Vision: Exploring VPN Post-Exploitation Techniques

Did you know increasing observability could be your secret to success this holiday season? When performance and security matter most, being able to quickly identify and pinpoint issues means getting back on track - and back to driving revenue.

Join us for a fireside chat where we’ll dive into how observability can help optimize performance, enhance security, and improve user experience during critical high-traffic periods. It’s not too late to leverage tools that help ensure your infrastructure is resilient — and ready to handle peak demands — in a more cost effective way.

Key Takeaways:

Proactive Performance Optimization: Discover how to reduce site load times and prevent downtime during peak periods, keeping users engaged and satisfied.
Enhanced Security Measures: Learn how to protect your business from increased cyber threats during high-traffic events, with real-world examples of successful mitigations.
Data-Driven Decision Making: See how unified traffic views can streamline operations, reduce costs, and enable quicker, more informed decisions.
Success Stories: Hear about companies like global airlines and luxury brands that overcame peak-season challenges with TrafficPeak, ensuring smooth and secure user experiences.

3 Ways Observability Can Help You Prepare for Peak -- And Beyond

Viewership is unpredictable. Capacity planning and cost estimates are hard. Workloads are increasingly complex and optimizing performance in a multicloud environment is never-ending.
 
For streaming services, that translates into a cost-effective, reliable, and trusted platform on which developers can build, deploy, and secure applications and workloads everywhere your viewers connect online, no matter which device they use to stream. The end result is low latency, increased speed to market, and better performance of your applications. Learn how Akamai’s cloud computing services come with low-cost, predictable pricing and award-winning developer support.
 
The partnership with Ateme brings benefits to Akamai customers in the form of end-to-end superior quality video-delivery solutions — enabling more choices and allowing easy adoption and deployment in your digital transformation journey.
 
In this webinar, media owners will learn about ways to boost viewership and subscriber engagement while unifying delivery and enhancing quality.
 
 • Cost optimisation
 • Low latency
 • Ease of adoption
 • Flexible deployment

Discover how Akamai and Ateme lower the barrier to entry to cloud computing in the media and entertainment industry

As web applications and APIs have proliferated, they’ve become an attractive target. Akamai’s latest report reveals an increase of 49% in web attacks from Q1 2023 to Q1 2024. The report also provides detailed analyses of trends by industry and region, and a look at DDoS attacks with a DNS component. Access the report for the insights you need to effectively prioritize your security strategy and spending.

Digital Fortresses Under Siege: Threats to Modern Application Architectures

In this session, we'll discuss the latest PCI DSS 4.0 requirements for script protection so brands can better identify, monitor and manage suspicious and malicious script behavior.

Akamai Client Side Protection & Compliance

Demonstrating compliance with data protection regulations has traditionally required significant effort and resources to mitigate mostly familiar risks. However, the digital landscape is evolving rapidly, introducing threats that many enterprise compliance programs don't fully address. Even regulatory bodies themselves can't always keep pace and provide explicit guidelines covering every aspect necessary to prevent breaches.

This is the case with API protection. Every time a customer, partner, or vendor engages with your business digitally, there's an API behind the scenes facilitating a rapid exchange of information that often includes sensitive data. Understanding and mitigating API threats is essential as APIs become increasingly integral to our technological infrastructure. This webinar will equip you with an understanding of API risks, effective strategies to safeguard your systems, and the direct implications of APIs on your compliance initiatives.

This webinar is ideal for IT professionals, security analysts, compliance officers, and anyone involved in API development and management who is looking to enhance their understanding of API security and compliance.

API Security and Compliance: Requirements for Data Protection

Viewership is unpredictable. Capacity planning and cost estimates are hard. Workloads are increasingly complex and optimizing performance in a multicloud environment is never-ending.
 
For streaming services, that translates into a cost-effective, reliable, and trusted platform on which developers can build, deploy, and secure applications and workloads everywhere your viewers connect online, no matter which device they use to stream. The end result is low latency, increased speed to market, and better performance of your applications. Learn how Akamai’s cloud computing services come with low-cost, predictable pricing and award-winning developer support.
 
The partnership with Ateme brings benefits to Akamai customers in the form of end-to-end superior quality video-delivery solutions — enabling more choices and allowing easy adoption and deployment in your digital transformation journey.
 
In this webinar, media owners will learn about ways to boost viewership and subscriber engagement while unifying delivery and enhancing quality.
 
 • Cost optimization
 • Low latency
 • Ease of adoption
 • Flexible deployment

Discover how Akamai and Ateme lower the barrier to entry to cloud computing in the Media and Entertainment industry

As the use of payment card data has evolved and become more widespread, the methods and techniques that attackers use to access, harvest, and sell that data have evolved in concert. The Payment Card Industry Data Security Standard, or PCI DSS, has adapted in turn, forcing companies to update their policies and their software. The latest standards, PCI DSS 4.0 and 4.0.1, include several new security requirements and updated guidance to address current threats and technologies. In this on-demand video webinar, sponsored by Akamai, you’ll learn the importance of:

Streamlining workflows for security and compliance teams
Reducing the auditing burden with purpose-built and dedicated PCI capabilities
Receiving and logging actionable PCI alerts for events related to compliance
Consolidating vendors to meet PCI requirements with Akamai’s comprehensive portfolio of security solutions.

Accelerate Your Compliance with the Latest PCI DSS Standards

Emerging Threats You Need To Know + Advanced Security Research: On Demand Masterclass

Attackers love DNS spoofing. The ability to redirect unsuspecting victim's traffic is very appealing to the bad guys, and can lead to all sorts of devastating consequences - sensitive data exposure, credential compromise, and even remote code execution.

As every sysadmin knows - DNS is hard. It is a complex ecosystem with many moving pieces. One such "piece" is a seemingly harmless feature in the DHCP protocol called "DHCP DNS Dynamic Update", which allows a DHCP server to register DNS records on behalf of its clients. This feature is also present and enabled by default in the Microsoft DHCP server, one of the most common DHCP servers in the market.

In this session, we will explore this feature and show the attack surface it exposes in Microsoft environments - we will detail a novel attack tactic that could allow unauthenticated attackers to spoof arbitrary DNS records in Active Directory DNS zones, and show how this could be abused to intercept authentication and achieve remote code execution. We will examine the different security settings that should prevent these attacks, and show how they fail to do so in some cases.

Finally, we will release 2 open-source tools; the first one is meant to detect risky DHCP misconfigurations, and the second one - to exploit them.

Off The Record - Weaponizing DHCP DNS Dynamic Updates

Threat Analysis

Threat Detection

Cyber Attacks

Technical IT

Web Security

Security Strategy

Cloud Security

Threat Protection

Cloud Applications

Zero Trust

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Off The Record - Weaponizing DHCP DNS Dynamic Updates

Presented by

About this talk

More from this channel