Name: Securing API Keys: The Hidden Threat Behind the U.S. Treasury Department Breach
Start: 2025-03-25T12:41:00Z
End: 2025-03-25T12:41:24.000Z
Location: BrightTALK
Rating: 0

Centered on intelligent privilege controls, CyberArk provides the most comprehensive security offering for any identity - seamlessly securing human and machine identities accessing workloads from hybrid to multi-cloud, and flexibly automates the identity lifecycle all with continuous threat detection and prevention – protecting organization’s identities and most critical assets by enabling Zero Trust and enforcing least privilege.  

Privacy is a core aspect of our lives. We have the fundamental right to control our personal data, physically or virtually. However, as we use products from external vendors, particularly the FAANG companies (Facebook, Amazon, Apple, Netflix, Google), our digital footprint is continuously being expanded. Fortunately, FAANG provide a service that enables us to export our data to a local drive in just seconds.

While ease of use benefits customer experience, there are two sides to every coin. That often comes with a cost. 

Attackers can use the export service to obtain extensive information about you, including PII (Personally Identifiable Information). To achieve their goal, they have a variety of initial entry points to choose from.

Some notable examples include cookie stealing, planting Malware on your device, or even gaining physical access to your data. Each of these operations could enable the threat actors' access to your information. 

We’re going to show you how this can permanently ruin someone’s life. We will cover some of the threats hidden in your sensitive data, as well as the mitigation steps you and your company should take to strengthen your security posture.

White FAANG: Devouring Your Personal Data

Nowadays, everyone knows the risks of downloading pirated software—just look at all the memes about Limewire destroying computers. Yet, people still download these programs, only to find their computers infected with malware. In this session, we'll explore an exciting case of a previously unknown malware called MassJacker, found on a pirated software site. MassJacker is a heavily protected cryptojacking malware that uses a wide range of advanced anti-analysis techniques. As we go over the techniques, we’ll show how some of the code used to implement the techniques suggests a connection to another malware known as MassLogger.Once we’re done exploring the anti-analysis techniques used to protect MassJacker, we’ll look at the malware and the wallets it used. In addition, we’ll see how a flaw in how the malware uses AES encryption allowed us to recover crypto-wallets from previous campaigns totaling 778,531 unique addresses, with one worth over $300,000 USD!

Captain MassJacker Sparrow: Uncovering the Malware's Buried Treasure

Drawing from his personal experiences as a part of the Dallas Hacker community, Andy Thompson brings you this shocking presentation that peels back the layers of human psychology and coercion. Discover the methods used by master manipulators to exploit our trust and vulnerabilities, from ancient con artists to cutting-edge AI deepfakes. Andy's simple explanations of phycological concepts reveal how social engineers have evolved their craft to infiltrate our lives.

This talk doesn't just expose the dangers – it also arms you with powerful strategies to defend yourself and your organization against these cunning attacks. With real-world examples from Andy's encounters all over the world, interactive demonstrations, and expert insights, this presentation is a must-attend for anyone who wants to stay one step ahead in the high-stakes game of information warfare. Don't miss this opportunity to learn from Andy Thompson's unique experiences and transform from a potential victim into a savvy defender against the art of psychological manipulation!

Social Engineering: One time, on a pentest...

In an era where identity is the cornerstone of security, understanding and effectively managing certificates and Public Key Infrastructure (PKI) is essential. 

Welcome to ""Mastering a Machine Identity Security (MIS) Strategy: Certificates and PKI 101,” an interactive session for understanding and managing digital certificates and PKI.  

This educational webinar is designed to provide an overview of machine identity security essentials, furnishing you with a solid grounding in the technologies that enable crypto-agility. 

In this session, our cybersecurity instructors will cover: 

- What is Machine Identity Security and why is it a Gartner 2025 top cybersecurity trend 

- A detailed explanation of certificates: what they are, how to obtain them, and their various uses. 

- An overview of Certificate Authorities and PKI. 

- The key components required for a comprehensive Machine Identity Security program. 

Join us for this foundational course and discover how automated machine identity solutions can enhance your security posture, streamline certificate management, and ensure compliance. This webinar is your opportunity to build a strong understanding of certificates and PKI, empowering you to protect your organization against evolving threats.

Mastering a Machine Identity Security (MIS) Strategy: Certificates and PKI 101

Enterprise workforces use an abundance of applications, and many legacy and third party apps will continue to require passwords for a while.  While multi-factor authentication and passkeys are the future, we live in the present where older applications do not support single sign-on and require passwords. Workforce productivity and identity security requirements are driving the need for enterprise password management. 

Join Todd Thiemann, Senior Analyst at Enterprise Strategy Group (ESG), and Khizar Sultan, VP of IAM Solutions at CyberArk, for a fireside chat to discuss how workforce password management can remove risk and improve efficiency.

On The Road to Passwordless: Password Control in the Enterprise

In today's digital landscape, securing every identity within your workforce is paramount. This webinar will explore five multifactor authentication (MFA) endpoint use cases, ranging from passwordless sign-ins to managing risky legacy applications. We'll discuss the importance of securing not just the general workforce, but also the more complex identities of developers and IT admins. 

Many initial attack vectors involve identity compromise and takeover, making continuous authentication crucial. By ensuring users are who they claim to be, we can significantly enhance security. Moreover, through a combination of continuous authentication and least privilege, we can achieve continuous authorization (AuthZEN). 

But security isn't the only focus. How can we enhance user experience while making it more secure? Imagine a passwordless desktop sign-in where your workforce no longer needs to type passwords. This not only frustrates attackers but also simplifies daily operations for every user. 

Join us to learn how to secure every human identity at the endpoint and make security seamless and user-friendly.

Secure Every Human Identity at the Endpoint

In this session, CyberArk Labs Senior Cyber Researcher, Andy Thompson, dissects the latest, high-profile breaches with insights you won’t find elsewhere. Learn about recent hacks, emerging attack methods, newly identified threats and essential mitigation strategies. 
Leveraging CyberArk Labs' cutting-edge research, we also examine the critical vulnerabilities in security programs that led to breaches and provide actionable insights to close those gaps. 
Key topics include:
• Third-Party Risk Management
• AI Security Concerns
• Browser-Based Threats
• Enhancing Multi-Factor Authentication (MFA)
This session equips IT professionals with current knowledge to build resilient identity security programs.  Learn about attacker behaviors and the ever-changing threat landscape.

Emerging Threats in Identity Security: What You Need to Know

Securing machine identities is critical, as recently evidenced by the breach of the U.S. Treasury Department. In practice, we see that machine identities are not getting the same security prioritization as human identities. Over 40% of respondents to our Identity Security Threat Landscape Report note that their machine identities have access to sensitive data. The top challenge in securing machine identities is that for any business, over time, secrets silos have been scattered across multiple teams, environments and business units.  Our customers often share that development teams are running their own instances of HashiCorp Vault, an approach that does not address the broader challenge of applying consistent security policies, providing a centralized visibility plane, and a clear audit trail for the entire organization.  

Moving from a siloed approach to a comprehensive machine identity strategy requires tools and organizational changes, regardless of whether teams are migrating from an individual free instance to HCP Vault Dedicated, Vault Enterprise, or to a completely different solution.
Join us for a webinar featuring a live demo on (Insert Date), to learn about our new CyberArk capabilities to protect your machine identities. If you do not have a comprehensive secrets management strategy, or if you are customer running HashiCorp security products in your environment considering alternatives, this session is for you.  
We will discuss and provide a live demo how CyberArk can:
• Secure secrets for your cloud native environments and business critical legacy applications
• How customers transparently manage secrets across development teams and integrate into production environments
• Maintain developer velocity 
• Provide immutable audit logging and secure storage for session recording
• Support business continuity and break-the-glass with secrets replication and automated failovers

Securing Secrets at Scale: Why Customers Are Moving Beyond HashiCorp

Are you ready for 90-day certificate lifespans? In March, Google announced their intention to reduce the maximum public TLS certificate validity to 90 days in “a future policy update or a CA/B Forum Ballot Proposal." This change won’t happen overnight, but it is coming—especially as threat actors continue to target machine identities. 

As the number of TLS machine identities you have to manage essentially quadruples, manual approaches aren’t going to cut it. How can your organization prepare for the coming shrinkflation? And where can you see efficiency gains or cost savings as you layer automation into your TLS machine identity management?

How Automation Overcomes the Growing Challenges of Shrinking Lifespans

In today’s evolving threat landscape, managing and securing identities—human and machine—is critical. But what’s the true business value of a robust identity security program?

Guest speaker IDC Analyst Jay Bretzmann, Research Vice President, Business Value Strategy Practice, interviewed CyberArk customers to find out.

In this session, Jay and CyberArk's Brandon Traffanstedt, senior director, Field Technology Office, delve into the findings of IDC’s whitepaper, “The Business Value of CyberArk” and other research insights from IDC. Get real world insights from Jay’s research on how leading organizations leverage the CyberArk Identity Security Platform to transform their operations, enhance security and achieve measurable ROI.

Key findings include:

309% ROI and a 10-month payback period achieved by CyberArk customers
67% reduction in account take over attacks  
49% boost in IT infrastructure team efficiency
35% increase in developer productivity
Learn how your peers are achieving remarkable results with CyberArk.

Reduce Risk & Boost ROI: The Power and Value of CyberArk Identity Security

In 2025, Kubernetes will remain a cornerstone of cloud-native infrastructure, yet it presents critical security challenges that organizations must address to scale and thrive.

Nearly half of organizations running a Kubernetes operation experienced a security incident within their operational environment. If platform operations teams are struggling to prevent security incidents affecting their production environments, it is likely security teams are exacerbating the situation by failing to build automated, policy-driven security controls which can be easily implemented by platform teams. This session will share practical strategies to bridge this gap between effective security controls and platform efficiency, and describe the steps needed to ensure a secure and resilient Kubernetes operation.

This live webinar, hosted by CyberArk and Red Hat, explores insights from the State of Kubernetes Security Report: 2024 Edition, which surveyed 600 global DevOps, engineering, and security professionals. The findings are stark: 67% of organizations reported delayed deployments due to Kubernetes security concerns, while 46% experienced revenue or customer losses stemming from container or Kubernetes security incidents.

Join us as we bring together leaders from the CyberArk Field Technology Office and the Red Hat Global CTO to discuss:

• Strategies for managing rising security incidents at runtime and the vital role of security teams to help mitigate these threats
• Rethinking your frameworks for security around network configuration and overprivileged containers
• More secure approaches for applications and workloads running in clusters
• Remove threats from cyber-attacks that target Kubernetes
• The workloads your containers should be accessing, and automating
• Preventing costly outages that cost you money due to poor Kubernetes security
• Achieving operational efficiency by taking a path that avoids unnecessary complexity

New Year = New Beginnings. How to Get Kubernetes Security Right in 2025.

Inspired by some 90’s rock, our very own Brandon Traffanstedt (BT) is getting the CyberArk band back together for another tour! 

Join us for a high-energy jam session, as BT and special guests explore how to tackle expired certificates, manual processes, and legacy PKI issues that can sink your organization with outages. We’ll bring some new tunes, new demos and a few new surprises you haven’t seen before. 

And most importantly, we’ll show you how to scale and automate your machine identity security strategy against one of the fastest growing threats in security.

Join us and we’ll show how to: 

• Automate your strategy 
• Adopt shorter-life certificates & remove complexity 
• Reduce risk and cost of operating legacy PKI systems 
• Eliminate insecure and error prone manual processes

Rage WITH The Machines: How to Rock Your Machine Identity Security Strategy

Watch this CyberArk Labs webinar for a detailed analysis of the December 2024 cyberattack on the U.S. Treasury Department, which stemmed from a compromised BeyondTrust remote management solution. This incident reinforces the critical nature of privileged access, API and machine identity security and the risk associated with supply chain compromise. 

Our expert speakers examine the root causes and lessons learned from the breach, including an in-depth analysis of the vulnerabilities, an attack chain reconstruction and actionable recommendations to help protect your organization. 

Key Discussion Points: 

- Timeline of the breach from Dec. 2 to what is known today 
- Analysis of the two zero-day command injection vulnerabilities disclosed during investigation 
- Implications of compromised unclassified data and educated speculation 
- Best practices and mitigation strategies: API security and secrets management, vendor privileged access and rapid incident response

The US Treasury Dept Breach: Analysis of the Attack

Executive Fireside Chat, Future proofing Identity Security Investments
The fireside chat featured Udi Mokady, founder and Executive Chair of CyberArk, and Robert Herjavec, founder of Cyderes and known for his work on Shark Tank, moderated by Dr. Stephenie Andal, Partner Manager at CyberArk ANZ.  

They discussed Robert Herjavec's move to Australia, the evolution of the cybersecurity industry, and Australia's role in the global cybersecurity landscape. The conversation highlighted the importance of proactive cybersecurity measures, the growing significance of identity security, and the rise of the Chief Identity Officer role. Udi Mokady shared CyberArk's journey and innovations, emphasizing the company's focus on privileged access management and its leadership in identity security. Insights on building a resilient business, the importance of innovation, strong company culture, and investing in emerging technologies like AI were also discussed. Both Mokady and Herjavec underscored the crucial role of people and culture in achieving business success.

Executive Fireside Chat, Future proofing Identity Security Investments

As the threat landscape continues to intensify, relying on traditional models to secure identities is a losing proposition. Udi Mokady, Founder & Executive Chairman of CyberArk, challenges conventional thinking and explains why we must rethink our security models to defend against identity-based cyberattacks. In today's world, characterized by the proliferation of identities and the double-edged sword of AI, every organization must embrace a set of new paradigms to secure every user - human and machine.

New Threats. New Paradigms

Discover how AI is transforming both security and operational efficiency. Explore CyberArk's innovative AI initiatives that enhance security, optimize actions, deliver personalized customer experiences, protect data privacy, and drive productivity with AI-powered, 24/7 support. 

Learn how to tackle the critical challenge of securing large language models (LLMs) by comparing top content moderation solutions—Amazon Bedrock Guardrails, Azure Content Safety, and OpenAI Moderation API. See how CyberArk integrates these tools with its proprietary LLM "judge" model for superior protection. 

Gain valuable insights from Chamandeep Singh, Sr. Security Partner Solutions Architect at AWS, as he shares how Amazon Bedrock Guardrails are shaping the future of AI security. Don’t miss out on the actionable strategies that will help you harness AI to future-proof your business.

Harnessing AI for Security and Productivity

In a constantly shifting digital landscape, organizational changes - whether from growth, mergers, regulations, or evolving workforce needs- can significantly impact security. The question is: can your identity platform keep pace?

Join CyberArk to discover how to build a robust identity security foundation that spans your entire workforce—from every employee to every endpoint.

Change is Constant. Five Ways to Evolve Your Workforce Identity Practice to Keep Up

AI and open source coding- do the benefits outweigh the risks?

Top 5 Critical Automations to Minimize Outages from 90-Day TLS Certificates

Quantum-Proofing Your Data: Are You Ready for the Future of Cryptography?

Tales from the trenches A look beyond Zero Trust buzzwords

In Machines We Trust? How to Secure Your TLS Certificates

Code signing: Get ready for major CA/B Forum policy change

De quoi a besoin pour mettre fin aux interruptions liées aux certificats?

Unveiling the Future: Exploring the Essential Trends in Kubernetes

How to manage Google’s 90-day TLS certificates without doing 6x the work

Ditch your legacy PKI: Eliminate EJBCA headaches by upgrading to Zero Touch PKI

Accelerate your transition to 90-day TLS certificates

Drowning in TLS/SSL Certificates? How Automation is Your Lifeline

Got PKI Automation? How to Build a Strong, Healthy Backbone for Your CLM Program

The Automation Advantage: Elevating Business Outcomes and Career Impact in Certificate Management

Why Machine Identity Security is Essential to Your Zero Trust Strategy

GenAI and its impact on Application Security

How Security Teams are Solving Vault Sprawl with a Modern SAAS Solution

Live From Black Hat 2024: Securing Machine Identities In 2024 & Beyond

OSS Changes Got You Down? Could SaaS be the Solution?

Why Just Securing Human Identities Is Not Enough

Secure machine identities

In December 2024, a breach within the U.S. Treasury Department was traced back to a compromised API key. This attack underscores a growing security vulnerability that many organizations overlook: unprotected API keys. API keys serve as digital passwords for applications, but when left unsecured, they provide attackers with easy access to sensitive systems and data.

In this informative webinar, we will dive into the critical role that API keys play in modern digital environments and share actionable strategies for securing them. Plus, we’ll show you how to implement these strategies with a live demo of our secrets management solutions in action.

What We’ll Cover:
- Understanding API Keys and Their Importance: Learn what API keys are, what they do, and why they’re essential to securing non-human identities in today’s applications.
- The Secrets Behind API Keys: Discover why API keys are considered secrets, and how they help protect your organization’s digital assets and services from unauthorized access.
- Best Practices for Managing API Keys: Understand key strategies for managing and securing your API keys, from generation to rotation, to prevent breaches and safeguard critical data.
- The Impact of Compromised API Keys: Explore how compromised API keys can devastate your organization’s security posture, leading to data loss, financial damage, and reputation risk.
- DEMO: Implementing Robust Secrets Management Using our Secure Retrieval Practices from our CyberArk Vault: Learn effective strategies for implementing a secrets management system that protects API keys, credentials, and other sensitive data across your organization.

Securing API Keys: The Hidden Threat Behind the U.S. Treasury Department Breach

DevOps

DevSecOps

SaaS

API Keys

Machine Identities

Secrets Management

Open Source

Identity Management

Security Vulnerability

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Securing API Keys: The Hidden Threat Behind the U.S. Treasury Department Breach

Presented by

About this talk

More from this channel