Name: Codefinger: A Ransomware Threat from Within
Start: 2025-01-17T22:51:00Z
End: 2025-01-17T22:51:23.000Z
Location: BrightTALK
Rating: 0

At Cloud Storage Security, we pride ourselves on helping organizations across the globe prevent the spread of malware, locate sensitive data, and assess their storage environments in order to extend data privacy, meet compliance requirements, and manage security mandates.
 
Content on this channel is designed for CISOs, SAs, Engineers, MSPs, Auditors and others who are responsible for data security in the cloud.

 Learn more at www.CloudStorageSec.com. 

Year after year, more data moves into the cloud. While the physical state of data remains the same as it did on-premises, the inherent accessibility of the cloud presents a unique set of challenges that require attention, research, time and monetary investment to address. By attending, you’ll learn:
  -  Why security for storage in the cloud is different from security for servers, networks, and endpoints
  -  What a security strategy should include to protect cloud storage
  -  How to evaluate potential solutions

Building a Strategy to Secure Your Cloud Storage

Ransomware strains, cyberattack strategies and threat actors are constantly evolving and 2024 was no different. While there are hundreds of ways your cloud storage resources can be compromised, a few new developments in the last year have resulted in significant data breaches, substantial compliance violations, and tens of millions of dollars in fines and reputational damage. Tune in to learn more about:
  - Major cloud storage security vulnerabilities, attack methods, and strains of malware that became popular in 2024
  - Whether your organization needs to address them
  - Strategies you can implement to protect against the inevitable flow of new threats in the year ahead

The Nastiest Threats to Cloud Storage in 2024 & What to Avoid in 2025

The fallout of a ransomware attack can be complex, costly and time-consuming. Prevention is key. Cloudticity and Cloud Storage Security provide guidance and tooling, enabling you to take action. Tune in for an introduction to:

- How to detect ransomware in cloud storage 
- How to detect ransomware in cloud infrastructure
- How to manage the cybersecurity life cycle

Ransomware Solutions and How We Can Help

For Change Healthcare and other recent victims, critical security protocols were not enabled, making them low hanging fruit in the eyes of attackers. You can do better. A layered defense strategy is critical when it comes to stopping ransomware. Is your organization following these best practices?  

- Enabling cross-region/multi-zone backups 
- Simulated testing
- Scanning the code level

Find out what you can do today to lower your risk.

Best Practices for Ransomware Prevention, Defense, and Mitigation

Ransomware can paralyze a company, halting operations and disrupting its ability to provide care. This talk highlights recent notable ransomware attacks in the healthcare industry and what went wrong, touching on entry points, attack signals, and the cost of not having a plan in place. Join us to learn from the missteps of Change Healthcare and others.

Ransomware Challenges in Healthcare

This episode of Security LIVE! with Rich Vorwaller, Chief Product Officer, and Velizar Demirev, Customer Success Leader, with Cloud Storage Security (CSS), discussed how they help ensure business’ most important information doesn’t get into the wrong hands. with AWS hosts, Ryan Orsi and Himanshu Verma.

Security LIVE! with Cloud Storage Security | S3 E32

Join us for a brief demo of GenAI Secure by Cloud Storage Security. In this demo we will walk through how to secure your Generative AI models. We'll discuss how easy it is to protect a bucket, and how to push results to preferred notification routes. Forensic analysis, DLP and Malware Detection will also be covered.

What you will learn:
- How to protect a bucket
- How to initiate a scan, engines
- Picking a scanning engine
- Viewing AV results
- Viewing DLP results
- Custom, regular expression creation
- Bedrock forensic analysis

GenAI Secure Demo

Generative AI (GenAI) presents unique challenges for businesses of all sizes. Accelerating progress on one front, GenAI has a darker side that can leave businesses vulnerable to malware and sensitive data leakage. GenAI Secure offers a simple yet effective solution that can protect AWS environments from malware and data leakage brought from work with Generative AI, external datasets, and more.

Using the Ship of Theseus thought experiment, Rich draws parallels to CSS's philosophy of building adaptable and modern solutions rather than relying on outdated methods. This webinar will walk you through our integration with Amazon Bedrock, which furthers GenAI Secure's protection by offering comprehensive threat intelligence and custom policy creation. Through these methods, Artificial Intelligence models are kept free from malicious code and threats, while sensitive data is secured.

What you will learn:
- GenAI Secure Overview - Understand how CSS protects your AWS and downstream data from the threat of AI
- Advanced Protection Features - Learn about our integration with Amazon Bedrock for enhanced threat intelligence and more
- Practical Deployment Insights - Discover helpful insights on the real-world applications of GenAI Secure in various customer environments

How to Protect Generative AI Models Using GenAI Secure

AWS Well-Architected Framework Reviews (WAFRs) can be complicated and time-consuming. Many cloud architects find themselves overwhelmed with issues to remediate. Kion and Cloud Storage Security have teamed up to provide you with guidance and tooling to take action and become well-architected by default. Tune in to learn:
- How to rapidly align your architecture to the Well-Architected Framework
- How to meet security pillar best practices for securing data and infrastructure
- How Kion and CSS can help you pass a WAFR

Applying the AWS Well-Architected Framework for Infrastructure & Storage (Demo)

Is your organization preparing for or undergoing an Amazon Web Services (AWS) Well-Architected Framework Review (WAFR)?

Tune into this talk to learn:
- Common challenges encountered when preparing for a WAFR
- How to remove obstacles and accelerate passing a WAFR
- Getting Started: Addressing the operational excellence, security and cost optimization pillars

AWS Well-Architected: Operational, Security and Cost Optimization Best Practices

As organizations continue to move their storage, workloads, and applications to the cloud, it can be easy to forget the most important part of cloud computing: data protection and posture management. 

Join theCUBE and Cloud Storage Security for a conversation on how data stored in the cloud can become a liability and what organizations can do to mitigate that risk.

When Data Becomes Dangerous

As business-to-business (B2B) data transfers continue to grow, ransomware remains prolific. To reduce risk of infiltration, extortion, and data loss, organizations are modernizing their file transfer strategy. 

Join AWS Transfer Family and Cloud Storage Security as they discuss how to leverage fully managed file transfers over SFTP, FTPS, FTP and AS2 protocols and scanning file exchange workloads as part of the cloud-based data transfer process.

Watch this webinar to learn how to:
  - securely move your file exchange workloads to AWS storage 
  - manage file transfers from one place
  - easily scan files for ransomware and other malicious code, and
  - ensure only clean data is allowed for use
all without impacting end users or application integrations.

Antivirus for Managed File Transfers

Is your organization migrating to the cloud or transferring files within it?  If so, establishing secure, ransomware-resilient data transfer processes is paramount.

To do so, consider applying modern data security, scanning, and classification at the time of ingest, after which, business leaders and IT teams have an excellent opportunity to assess the volume and type of data ingested; determine if any data contains malicious code; and protect storage systems from compromise.

In this Fireside Chat, join Enterprise Strategy Group and Cloud Storage Security to gain practical insights on securing your cloud data transfers, including:
• Current cloud migration trends  
• The ransomware attack frequency & impact
• Challenges of classifying data in the cloud
• And solutions that enable any organization to secure their data when moving files.

The Benefits of Securing Your Cloud Data Transfers

As cybercriminals continue to focus on storage in the cloud, data security has never been more important. Tune in for a discussion about what good data security management looks like and why companies like Cloud Storage Security are working to provide simple, cost-effective, and easy-to-use data security solutions for file transfers and application workflows.

theCUBE Conversation: Core Tenants of Good Data Security Management

Ingesting, processing and sharing data is a requirement for many businesses. And how the file transfer workflow is architected matters - it can mean the difference between a secure and scalable process or a process that disrupts flow and leads to data leaks. But there are challenges that come with exchanging data including a proliferation of data sources and an increasing need to support a growing amount of data exchange, not to mention stronger need for data governance, compliance and security.

In this webinar, you will learn about:

 - AWS Transfer Family capabilities and the technical aspects that differentiate it as a solution
 - Considerations for implementing and automating Transfer Family
 - Why malware scanning is critical and how to fit it into the data sharing workflow to ensure files are safe for use

This session is ideal for companies exploring Transfer Family or who are already using Transfer Family but are looking to enhance data security, such as: 

 - Industries dealing with regulated data (e.g., PCI, PII, or HIPAA)
 - Businesses with data lakes that are fed by application and IoT devices
 - Organizations looking to Increase collaboration and connectivity across supply chain trading partners
 
AWS Transfer Family is a B2B file-transfer service that moves data into or out of Amazon S3 and Amazon EFS using a set of fully managed protocols that can reduce your operational burden. 

Ibexlabs is an AWS Transfer Family Partner with proven success in providing the expertise and validated solutions that allow customers to operate within a modernized, cloud-native Managed File Transfer and B2B file exchange solution. 

Cloud Storage Security is an AWS Partner with AWS Security Competency helping organizations across the globe prevent the spread of malware and locate sensitive data in order to extend data privacy, meet compliance requirements, and manage security mandates.

Simplify & Secure Data Sharing with AWS Transfer Family

Cloud Storage Security founder Ed Casmer spoke with theCUBE host John Furrier about securing data in modern cloud storage environments, fixing security blind spots, and what the future holds.

theCUBE Conversation: Cloud Storage Security

Cloud Storage Security (CSS) was nominated to be a featured speaker for S2E4 of the AWS Startup Showcase and the theme of Cybersecurity - Detect and Protect Against Threats couldn’t be more perfect given that we simplify malware scanning for application workflows and data ingestion pipelines.

In this exclusive interview, Ed Casmer, Founder and CEO, CSS is joined by customer James Johnson, AVP Research & Development, iPipeline to discuss Building Better Data Security with Antivirus for Amazon S3. Tune in to hear what makes iPipeline a forward-thinking company when it comes to data protection in the cloud and learn why they chose to migrate to AWS as well as what they value most about working with CSS.

About Cloud Storage Security
Cloud Storage Security is dedicated to solving the security and compliance challenges surrounding storage in the cloud by helping organizations to prevent the spread of malware and simplify data classification in complex environments.  

About iPipeline
iPipeline is building the digitized ecosystem for the life insurance and wealth management industries, which will enable millions of uninsured or under-insured Americans to secure their financial futures as part of a holistic financial planning experience.

Building Better Data Security w/ Antivirus for Amazon S3 [iPipeline Case Study]

A new ransomware campaign dubbed Codefinger is targeting Amazon S3 users.  What's notable about this approach is that the attackers leverage compromised AWS credentials to access and encrypt the victim’s data via AWS server-side encryption with customer-provided keys.  In this session from Cloud Storage Security’s threat laboratory, Casmer Labs, learn how Codefinger works, including a simulation of the steps an attacker could take, and how to protect against it.

Codefinger: A Ransomware Threat from Within

Amazon Web Services

Ransomware

Cloud Security

Threat Analysis

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

The storage community on BrightTALK is made up of thousands of storage and IT professionals. Find relevant webinars and videos on storage architecture, cloud storage, storage virtualization and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Storage

Welcome to the big data and data management community on BrightTALK. Join thousands of data quality engineers, data scientists, database administrators and other professionals to find more information about the hottest topics affecting your data. Subscribe now to learn about efficiently storing, optimizing a complex infrastructure, developing governing policies, ensuring data quality and analyzing data to make better informed decisions. Join the conversation by watching live and on-demand webinars and take the opportunity to interact with top experts and thought leaders in the field.

Big Data and Data Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Codefinger: A Ransomware Threat from Within

Presented by

About this talk

More from this channel