Name: Guests Check-in, Cybercriminals Cash-out: Protecting Payment Data from Phishing Attacks
Start: 2024-09-10T16:00:00Z
End: 2024-09-10T16:00:24.000Z
Location: BrightTALK
Rating: 4.5

Intel 471 empowers enterprises, government agencies, and other organizations to win the cybersecurity war using near-real-time insights into the latest malicious actors, relationships, threat patterns, and imminent attacks relevant to their businesses.

Our TITAN platform collects, interprets, structures, and validates human-led, automation-enhanced results. Clients across the globe leverage this threat intelligence with our proprietary framework to map the criminal underground, zero in on key activity, and align their resources and reporting to business requirements. Intel 471 serves as a trusted advisor to security teams, offering ongoing trend analysis and supporting your use of the platform. Learn more at https://intel471.com/

So-called “pink slime” news sites are filling an information void left by a U.S. local news industry in rapid decline. What can be done to control the integrity of online news in this environment? And how much of a threat to democracy is pink slime journalism in an election year? 

While pink slime is a colloquial term for a meat by-product, in the media and communications arena it refers to content produced by political organizations on websites that bear the visual hallmarks of a local news outlet, while containing misleading stories to further their interests. 

As both campaigns in the 2024 U.S. Presidential race zero in on swing states, Intel 471 analysts sought to answer these questions by surveying the pink slime landscape on both sides of the political fence. Our assessment? Pink slime journalism is a difficult challenge to address. While the U.S. government combats foreign influence campaigns, it is less clear what can be done to control disinformation produced by U.S.-funded entities.

Join Intel 471 Senior Intelligence Analyst Ashley Jess on 23 October for her webinar U.S. Elections 2024: What To Do About Pink Slime Overtaking Local News? to explore a corner of the media landscape that has used hybrid tactics to serve select interests, including:

- Concealing domain registration ownership details
- Paid Facebook, Instagram, and online advertising
- Unsolicited print newspaper mail outs 
- Producing biased, misleading or inaccurate news about candidates
- Omitting coverage of foreign influence campaigns
- Producing “filler” content to emulate legitimate local news publications

U.S. Elections 2024: What To Do About Pink Slime Overtaking Local News?

Threat actors have the banking industry in their sights. The lucrative outcomes that a successful attack on an organization can provide and the industry’s growing digitization have created the perfect storm of motivation and opportunity for threat actors. For ransomware alone, Intel 471 observed a 125% increase in the number of victims from 2022-2023. When the threat looms so close and stakes are so high, those within the industry must ensure they are updating their knowledge of the cyber threat landscape they face. 

Join Intel 471’s Ashley Bather as she provides a synopsis of the top five threats to the banking industry. The webinar will include:

- A snapshot of critical threats to the sector
- Real world examples of attacks
- TTPs used by attackers

On the Money: The Top Cyber Threats to the Banking Industry

In the last two years, cybercriminals and ransomware gangs have ramped up attacks on the hospitality and travel sectors.  

In this webinar, you’ll learn how one cybercrime and fraud operation is targeting hotel guest payment card data in hotel booking systems. They’re not just abusing Booking.com’s brand in phishing emails, but using compromised hotel partner Booking.com accounts to send messages to guests in the official Booking.com app and emails requesting “mandatory payment” before their upcoming stay. 

How are actors accessing partner accounts? In the past, these cybercriminals have used information-stealing malware installed on hotel workstations to steal hotel employee credentials and perpetrate fraud against upcoming guests. Now, to avoid detection by antivirus, threat actors have eschewed malware and deployed a sophisticated phishing kit to bypass multi-factor authentication (MFA) and evade detection by antivirus. 

What you’ll learn: 
- How the threat actors are targeting the travel and hospitality sector  
- Sophisticated social engineering techniques used to steal employee credentials 
- What methods and infrastructure the actors use to evade detection and cover their tracks
- How CTI enables teams to discover and mitigate this threat

To learn the tactics, techniques and procedures (TTPs) these cybercriminals use to defraud hotel guests, and how to protect your guests, brand, and reputation, join us for this fascinating and informative webinar on September 10, 2024.

Guests Check-in, Cybercriminals Cash-out: Protecting Payment Data from Phishing Attacks

Malware attacks continue to increase in velocity and sophistication. No industry is safe from being targeted by the threat actors driving them. Invaluable insights and details about a cyber incident can be gleaned through malware analysis but it can be an intimidating topic, especially to those new to the field. But fear not! Intel 471 are here to share their experience and expertise in their upcoming webinar. Join us to understand the basics of malware, with a focus on the details that assist in advancing an investigation, rather than understanding every technical aspect of the malware.

Malware 101: Power up your investigations; Protect your organization.

As supply chains have increased in complexity and interconnectivity, so too have operational demands for digital solutions to monitor and manage them more efficiently. In tandem with these developments, cybercriminal actors have pursued and scaled new methods to monetize fraud and disruption across supply chains.

Join Intel 471’s Peter Marzalik for a webinar on leveraging cyber threat intelligence (CTI) to mitigate supply chain risks. From tracking opportunistic fraudsters manipulating reshipping streams to engaging top-tier operators compromising and ransoming critical supply chain infrastructure providers, this webinar will provide an actionable approach for effectively protecting your supply chain. 

Intel 471’s How-To series helps teams develop their resilience against cyber threats through sharing expertise and best practice drawn from our years of CTI experience and exclusive insights into the cyber underground.

Crashing the Party: How to Leverage CTI to Mitigate Supply Chain Risk

Rapid digitalization and demand for online services have rendered Know-Your-Customer (KYC) identity verification processes a must for financial institutions and beyond to protect against fraud. However, KYC fraud is becoming an increasingly popular topic in the cyber underground. While traditional KYC bypass methods persist, many actors are turning to artificial intelligence (AI) to enhance their tactics, techniques and procedures (TTPs) and successfully commit fraudulent activity. This leaves security practitioners battling a dynamic threat landscape.

 

Join Intel Fusion Specialist Katie Sutton as she provides an introduction to KYC fraud and walks through current trends, giving you the awareness you need to effectively bolster your cyber defenses. She will also examine the ever-changing impact that AI technology is having on the process.

 

The webinar will discuss:

- Key terms and concepts relating to KYC regulations
- Why someone would want to bypass KYC
- Current TTPs Intel 471 is observing in the cyber underground

Are They Who They Say They Are? An Introduction to Know-Your-Customer Fraud

Ransomware deployments are increasing each year, and so are the sophistication of the attacks. Without initial access to an organization, these attacks would not be possible. In today’s highly digital world, protecting your systems has never been more important, and that begins with understanding how ransomware actors get in.


Join Intel 471’s Ashley Jess and Beth Smith as they examine ransomware and access trends from 2023 and what this means in the context of the ever-evolving ransomware threat landscape, so that organizations across every sector can prepare a more resilient cyber security defense. The webinar will dig into:


- The top ransomware gangs of 2023
- Ins and outs of critical ransomware attacks committed
- How ransomware gangs gained access to their victims
- What this means for the future threat landscape

Keys to the Kingdom: An Analysis of Ransomware and Access Trends in 2023

In this webinar we will show you how tracking adversaries and the tools they use can help you stay ahead of threats like ransomware and third party risk. We will demonstrate this using real world examples where activity in the underground or updates to malicious infrastructure preceded cyber incidents and provided early indicators that something was afoot.

Know Your Adversaries and Where They Trade, To Stop Cyber Attacks

Malware attacks continue to increase in velocity and sophistication. No industry is safe from being targeted by the threat actors driving them. Invaluable insights and details about a cyber incident can be gleaned through malware analysis but it can be an intimidating topic, especially to those new to the field. But fear not! Intel 471 are here to share their experience and expertise in their upcoming webinar. Join us to understand the basics of malware, with a focus on the details that assist in advancing an investigation, rather than understanding every technical aspect of the malware. 

On December 6, Intel 471’s Ashley Jess will take you through:
The many types of malware and their purpose. 
Their differing delivery methods.
Linking malware to threat actors.
Key malware artifacts. 


Intel 471’s How-To series helps teams develop their resilience against cyber threats through sharing expertise and best practice drawn from our years of CTI experience and exclusive insights into the cyber underground.

Not all passwords are created equal. They may range from silly to scure, but one thing they have in common is that they’re the gateway into sensitive information. The good news is that tools like multi-factor authentication (MFA) and one-time passwords (OTP) have made it more complicated for cybercriminals to take over accounts with access to only one simple username and password. Or have they?

As always, the cyber underground has responded to these blockers and emerged with a new paid service that circumvents OTPs. These services leverage social engineering techniques and launch automated, tailored campaigns from subscription-based Discord and Telegram channels. 

Join Intel 471 as we assess how this recent trend was developed and share more about the motivations behind the threat actors using and creating these automated services. 

Our presentation will cover:  
- Intel collected on the OTP bypass business model
- Details on the technical skills required by threat actors to build the bots 
- Facts about the tactics, techniques and procedures employed by users and creators alike

This talk is designed to help you become familiar with what an OTP bypass operation looks like from start to finish, and give you the knowledge to detect and mitigate a growing threat in the underground.

Bypassing With Bots: How Adversaries Use Automated Services to Sidestep OTPs

Join Intel 471’s webinar as we shine a spotlight onto increasing ransomware attacks. The webinar will explore:
- Essential observations on the ransomware landscape
- Insights into Lockbit and Clop, and their targets
- Given Clop’s headline activity, our recommendations when using a file transfer protocol service
- The lowdown on the prolific initial access broker mont4na, and how their offerings are exploited by ransomware groups

Q2 Ransomware 2023: Reviewing Third-Party Risk

Cyber Crime

Phishing

Hospitality

Ransomware

Threat Intelligence

Cyber Security

Cyber Attacks

Fraud

Fraud Prevention

Malware

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Guests Check-in, Cybercriminals Cash-out: Protecting Payment Data from Phishing Attacks

Presented by

About this talk

More from this channel