Name: The Persistent Threat Of Exposed Credentials
Start: 2024-03-06T16:00:00Z
End: 2024-03-06T16:00:49.000Z
Location: BrightTALK
Rating: 3

Cyberint's impactful intelligence solution combines cyber threat intelligence, external attack surface management, brand protection, and digital supply chain intelligence into a single, powerful platform. By leveraging autonomous discovery of all of an organization’s external-facing assets, coupled with open, deep & dark web intelligence, the solution enables cybersecurity teams to accelerate the detection and disruption of their most pressing cyber risks. Global customers, including Fortune 500 leaders across all major market verticals, rely on Cyberint to prevent, detect, investigate, and remediate phishing, malware, fraud, brand abuse, data leaks, external vulnerabilities, and more, ensuring continuous external protection from cyber threats.

Cybersecurity leaders today face a few major challenges when it comes to reporting to stakeholders. 

First, CISOs and other leaders often struggle to demonstrate the value and success of a cyber program. After all, when a cyber program is effective, nothing happens – no breaches, no ransomware attacks, no major incidents that must be reported to regulators and customers. It’s really a case of no news is good news. A second challenge is measuring and reporting on cyber risk. Risk is ultimately a subjective topic with many dimensions and it can be hard to accurately quantify an organization’s level of cyber risk. It’s also difficult to translate a reduction in risk to dollars and cents.

In this webinar, Cyberint Chief Strategy Officer Ophir Bleiberg will dive into these challenges and potential solutions. Ophir will also discuss Cyberint’s approach to measuring cyber risk, which will ultimately help CISOs in having more informed discussions with their stakeholders and demonstrate the value of the cyber program they’re leading.

Join us on Wednesday, October 9th at 10am EST for strategic insights on measuring and reporting on the success of your cybersecurity efforts.

Demonstrating Cyber Success: How To Report Success & Value To Executive Stakeholders

Security operations and threat intelligence teams are responsible for detecting cyber risks but, more often than not, support from other teams within the organization is needed to take mitigation actions. For instance, the SOC team may discover a high-risk CVE but help is needed from a SysAdmin on the IT team to patch the vulnerability. 
 
In this webinar, Cyberint Threat Intelligence Team Lead Anastasia Plotkin will discuss strategies for improving cooperation between cybersecurity teams and other departments. Fostering these relationships isn’t just a good camaraderie—it’s essential for managing cyber risk across the organization. Rather than being seen as a constant source of friction, the cybersecurity team should be seen as trusted partners in a company-wide effort to strengthen security and prevent a breach from taking place.
 
Join us on Tuesday, Sept 24th at 10am EST for more insights on how to improve communication and collaboration with other teams at your organization.

Bridging The Gap: How Your Cyber Program Can Improve Cross-Team Collaboration

NIS 2, offiziell bekannt als EU-Richtlinie 2022/2055, ist eine von der Europäischen Union erlassene Gesetzgebung, die dazu beitragen soll, kritische Infrastrukturen wie Energie, Transport, Gesundheitswesen, Banken und Telekommunikation zu sichern. 

Bis Oktober 2024 müssen alle EU-Mitgliedsstaaten diese Maßnahmen implementieren und dazu eine Beschreibung veröffentlichen, wie sie die NIS 2 einhalten werden, einschließlich der Art und Weise, wie sie Organisationen mit kritischen Infrastrukturen zur Einhaltung des Gesetzes verpflichten werden. 

Angesichts der nahenden Frist ist es für Sicherheitsverantwortliche unerlässlich die neuen NIS-2-Vorschriften genau zu verstehen, zu erfahren, was das Gesetz genau vorschreibt, und Pläne zu entwickeln, die sicherstellen, dass ihr Cyber Security Programm alle Anforderungen erfüllt. 

Seien Sie am Donnerstag, den 19. September um 17:00 Uhr MEZ dabei, wenn Thomas  Esslinger - Regional Sales Manager bei Cyberint, die neuen NIS 2-Vorschriften erläutert und erklärt, wie Sie die vollständige Einhaltung der Vorschriften in Ihrem Unternehmen optimieren können.

Sichern Sie sich Ihren Platz!

Die NIS 2-Vorschriften:   Wie man die Einhaltung der neuen Vorschriften sicherstellt

NIS 2, officially known as E.U. Directive 2022/2055, is legislation enacted by the European Union to help secure critical infrastructure industries, such as energy, transportation, healthcare, banking, and telecommunications. By October 2024, all E.U. member states must adopt and publish measures explaining how they will comply with NIS 2, including how they will compel critical infrastructure organizations to abide by the law.

With this deadline rapidly approaching, it's essential for security leaders to fully understand the new NIS 2 regulations, learn what exactly the law mandates, and develop plans to ensure their cybersecurity program meets all the requirements. 

Join us on Thursday, August 29th at 12pm CEST as Gino Rombley, a Senior Security Architect at Cyberint, breaks down the new NIS 2 regulations and discusses how you can streamline full compliance at your organization.

Unpacking NIS 2 Regulations: How To Ensure Compliance

Major international events, such as the Olympic Games, attract all kinds of cyber threat actors with a variety of motivations and objectives. 

This includes financially-motivated cybercriminals who launch scams to make a quick buck; hacktivist groups who want to cause disruptions to promote a particular ideology; and even state-sponsored actors who engage in espionage and seek to steal sensitive information from adversarial governments.

For these reasons, the Cyberint team has been closely monitoring cyber activity around the 2024 Summer Olympic Games. 

In this webinar, Cyberint Cyber Threat Intelligence Analyst Ilana T. will discuss the cyber activity observed before, during, and immediately after the 2024 Summer Olympics. Ilana will also provide an analysis of potential risks to businesses and recommendations for proactive risk mitigation. 

Join us on Monday, August 12th at 4pm CEST / 10am EST for an overview of these Olympian threats and how you can defend your organization against them.

Olympian Cyber Threats: An Analysis Of Cyber Activity Observed During The 2024 Olympics

Cyberint helps protect hundreds of customers around the world. As part of our continuous monitoring operations, we routinely detect threats that are targeting our customers. The threat could be impersonation of a customer's brand on social media or a phishing site; a malware infection of an employee's or a customer's machine; a leak of sensitive data, such as source code, credit card details, or PII; or exposed corporate credentials. 

In this webinar, 3 cyber threat intelligence experts from the Cyberint team will break down the details of a recent investigation they conducted. We will discuss real incidents, detailing how we detected the threat, what steps were taken to validate it, and how the Cyberint team collaborated with the customer to mitigate the risk.

Join us on Tue, July 9th at 11am EST as as Darja Feldman, Leo Flores and Or Preger give you the play-by-play on recent threat detection, investigation and response case studies.

Cyber Threat Investigations: Tales From The Front Lines

Sophisticated threat groups are targeting organizations in the Asia-Pacific region with increasing frequency. These bad actors utilize a wide range of initial vectors and deploy many kinds of attacks, from phishing attacks and malware infections to vulnerability exploitation and supply chain attacks.

Join two of Cyberint's security experts in the APAC region for a deep-dive webinar on the latest risks, threats, and TTPs in APAC. Jono Angelo Biyo, Solutions Engineer, and Jay Villanueva, Cyber Threat Intelligence Analyst, will discuss the following topics:

-  phishing and smishing threats
-  the persistent threat of stolen credentials
-  increased Hacktivism risks 
-  ransomware activity in APAC
-  supply chain attacks & 3rd party risk

Join us on Tuesday, June 11th at 13:00 UTC+8 (Singapore) to uncover the APAC cyber threat landscape and receive insights on how to keep your organization secure.

Assessing The Cyber Threat Landscape In APAC, H1 2024

Defensa contra los 3 vectores de ataque mas comunes: Cómo mitigar los riesgos de filtración de credenciales, phishing y explotación de vulnerabilidades

En los últimos años, la gran mayoría de las filtraciones de datos corporativos comenzaron con los mismos tres vectores de ataque iniciales: phishing, credenciales robadas y explotación de CVE. Si bien es de conocimiento común que estas tres técnicas son las más utilizadas por los actores de amenazas, los profesionales de la seguridad de la información aún enfrentan desafíos a la hora de defender sus organizaciones contra estos ataques.

En este seminario web, Ariel Friedstadt, analista de inteligencia cibernética, y Erixsa Lewis, gerente de éxito del cliente, profundizarán en cómo los actores de amenazas explotan estos tres principales vectores de ataque y cómo las empresas pueden defenderse mejor contra este tipo de ataques. En el camino, veremos cómo los atacantes colaboran en la web profunda y oscura para llevar a cabo sus delitos cibernéticos. También revisaremos varias estrategias efectivas de mitigación de riesgos que se pueden implementar para una postura de seguridad más sólida.

Únase a Cyberint el jueves 30 de mayo a las 11:00 a. m. EST para obtener más información sobre los 3 principales vectores de ataque iniciales y lo que puede hacer para mantenerse dos pasos por delante de los atacantes.

Defensa contra los 3 vectores de ataque más comunes

Para mantenerse al día con los mercados de ciberseguridad en rápida evolución y satisfacer las demandas de los clientes, los MSSP deben ampliar continuamente su oferta. Esto presenta varios desafíos para los MSSP: reconocer las tendencias y demandas del mercado, seleccionar los proveedores de tecnología adecuados con los que asociarse y dominar rápidamente estas nuevas herramientas para soportar la prestación de servicios. 

Con Cyberint, una plataforma externa líder de administración de riesgos cibernéticos, los MSSP tienen la oportunidad de ampliar su oferta de servicios, reducir el riesgo cibernético para sus cuentas y aumentar los ingresos.

Únete a Iker Alonso del equipo de Cyberint el miércoles 14 de mayo a las 12pm EST para conocer más sobre cómo una asociación con Cyberint impulsa el crecimiento de tu negocio MSSP.

Amplíe su negocio MSSP con la impactante inteligencia de Cyberint

Threat actors often launch phishing attacks because they are reliably effective. Research shows that phishing is consistently a top initial attack vector in corporate data breaches, with as many as one-third of breaches beginning with a phishing attack.

In this webinar, Cyberint Threat Intelligence Team Lead Guy Almog will discuss the phishing threat landscape and help you improve your phishing detection skills.

In a gameshow-style webinar, Guy will show 3 websites: two will be legitimate sites but one will be malicious. Viewers will have the chance to guess which one is the phishing site. After the phish is revealed, we will review the malicious indicators found in these real-world examples. During the course of the webinar, we will play multiple rounds and examine several real phishing sites in the wild.

Join us for this webinar to see if you can catch the phish.

Catching Phish: Can You Spot The Malicious Sites?

After plateauing in 2022, the ransomware industry had another explosive year in 2023. The Cyberint research team observed an increase of more than 60% from 2022 to 2023.

In this webinar, Shmuel Gihon, the Security Research Team Lead at Cyberint, will dive into the following topics:

     -  A brief recap of ransomware stats from 2023
     -  An analysis of ransomware gangs, including the dominant groups as well as up-and-comers
     -  The latest tactics, techniques, and procedures used by ransomware operators
     -  Risk mitigation strategies to minimize the risk of a ransomware attack

Join us at 11:00am EST on Wednesday, February 7th for a deep dive on the ransomware industry and how to protect your organization against it.

Ransomware Recap 2023: An Analysis of the Ransomware Threat Landscape

Get ahead of the latest cyber threats that are set to emerge in 2024. 

In this webinar, Cyberint CEO Yochai Corem will dive into the following topics:

     -  Brief recap of cyber threat trends of 2023
     -  A look at emerging threats to prepare for in 2024
     -  How the needs of enterprise security teams are shifting 
     - Cyberint’s vision and product development plans

Join us on Tuesday, January 16th at 11:15am EST to stay ahead of the latest threats and ensure the readiness of your organization’s security program.

A Look Ahead: Surveying The 2024 Cyber Threat Landscape

Throughout 2023, threat actors launched many large campaigns to exploit vulnerabilities at scale: ESXi, GoAnywhere MFT, MOVEit, Microsoft Exchange, Fortinet VPNs, Barracuda Email Security Gateways, and more.

With vulnerability exploitation re-emerging as a preferred initial attack vector, it is critical for organizations to which vulnerabilities pose the most risk so they can be prioritized and patched as quickly as possible. Threat intelligence-- data on which vulnerabilities are exploited in the wild, which have public exploit code, which are being discussed in threat actor forums, and much more-- is essential to risk assessment and prioritization processes.

In this webinar, Gino Rombley, a Senior Security Architect at Cyberint, will discuss the following:

     - An overview of CVE statistics and vulnerability exploitation campaigns of 2023
     - A brief intro to CVSS v4.0 and highlights of what's new in v4
     - Using attack surface management to understand the CVEs in your external assets
     - How Threat Intelligence reveals the true risk profile of a CVE 
     - Accelerating prioritization and remediation processes to stay secure

Join us at 10:00am EST on Thursday, December 14th to understand how you can optimize remediation efforts and keep your organization secure.

Vulnerability Intelligence: Using Threat Intel To Assess The Risk Of A CVE

Join Cyberint on a guided tour into threat actor forums and marketplaces on the deep and dark web, where cyber criminals traffic everything from malware and phishing kits to stolen data and exposed credentials.

A Guided Tour Into The Deep & Dark Web

Cyberint helps protect hundreds of customers around the world. As part of our continuous monitoring operations, we routinely find threat intelligence that is relevant to our customers. The threat could be impersonation of a customer's brand on social media or a phishing site; a malware infection of an employee's or customer's machine; a leak of sensitive data, such as source code, credit card details, or PII; or exposed corporate credentials. 

In this webinar, 4 threat intelligence experts from the Cyberint team will break down the details of a recent investigation. It will be an analyst roundtable event, where both the presenters and viewers will be encouraged to provide different perspectives, ask questions, and share knowledge they’ve gained from their own experiences.

Ela Kacowicz, Itai Dahari, Darja Feldman, and Yehonatan Wiesel will each discuss a recent threat they discovered, how they responded to it, and how the risk was ultimately mitigated. While these case studies will be anonymized, they represent real threats detected 'in the wild’ that could have potentially led to a serious security incident. 

Join us on Tue, Nov 14th at 11am EST as we give you the play-by-play on recent threat investigation and response scenarios.

In the world of Information Security, it’s often said that threat intelligence must be “actionable.” This is true, but it’s just one piece to the puzzle.

The threat landscape of 2023 calls for intelligence that makes an impact. Impactful intelligence is actionable, but it must have additional properties to make it valuable to the defending organization. In particular, the intelligence must true, relevant, actionable, and the cost of remediation must be less than the cost of the risk presented by that particular threat.

Join Cyberint CEO Yochai Corem in this webinar to learn more about taking your organization on The Journey To Impactful Intelligence.

The Journey To Impactful Intelligence

Sophisticated threat groups are targeting organizations in the Asia-Pacific region with increasing frequency. These bad actors utilize a wide range of initial vectors and deploy many kinds of attacks, from phishing and malware to vulnerability exploitation and supply chain attacks.

Join two of Cyberint's security experts in the APAC region for a deep-dive webinar on the latest risks, threats, and TTPs in APAC. Adrianne Chester Camat, Threat Intelligence Team Lead, and Akanksha Harjai, Security Solutions Engineer, will discuss the following topics:

-  phishing and smishing threats
-  the rise of InfoStealers
-  stolen credentials and MFA bypass
-  ransomware on the rise in APAC
-  supply chain attacks

Join us on Tuesday, October 24 at 15:00 UTC+8 (Singapore) to uncover the APAC cyber threat landscape and receive insights on how to keep your organization secure.

Uncovering the APAC Cyber Threat Landscape

Year after year, the use of compromised credentials is a top initial attack vector. Despite this risk being well understood among security teams, threat actors continue to leverage exposed credentials to gain unauthorized access to corporate networks, systems, and data.

In this webinar, Cyberint Senior Product Marketing Manager Daniel Pigeon will drill down on the persistent risk of exposed credentials and discuss the many ways in which threat actors steal and use credentials in their attacks. Topics will include:

      -  primary TTPs for credential theft 
      -  how exposed credentials are put to use
      -  attacker techniques for bypassing MFA
      -  risk mitigation strategies

Join us on Wednesday, March 6th at 11:00am EST for insights on mitigating the risk of leaked credentials at your organization.

The Persistent Threat Of Exposed Credentials

Information Security

Cyber Security

Cyber Risk Management

Cyber Attacks

Cyber Crime

Cyber Defence

Threat Analysis

Threat Detection

Cyber Threats

Threat Intelligence

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

The Persistent Threat Of Exposed Credentials

Presented by

About this talk

More from this channel