Name: Unit 42 Cybercrime Casefiles - A business email compromise (BEC) investigation
Start: 2023-11-20T19:08:00Z
End: 2023-11-20T19:08:26.000Z
Location: BrightTALK
Rating: 5

Palo Alto Networks is the next-generation security company, leading a new era in cybersecurity by safely enabling applications and preventing cyber breaches for tens of thousands of organizations worldwide. Built with an innovative approach and highly differentiated cyberthreat prevention capabilities, our game-changing security platform delivers security far superior to legacy or point products, safely enables daily business operations, and protects an organization's most valuable assets. Find out more at www.paloaltonetworks.com or call us at 1-877-524-1031.

Join John Harrison, Director & Network Security Evangelist at Palo Alto Networks, as he dives deep into the underworld of ransomware, and how things have evolved in just the last year and away with 10 actionable tips for immediate ransomware resilience.

In 2023, Unit 42 detected 3,998 postings from ransomware leak sites, up from 2,679 in 2022—a nearly 49% increase. Your organization could be at risk if you don't take the necessary precautions.

Key Takeaways:
- Attack Tactics: Discover the latest methods used by cybercriminals and how AI escalates the threat.
- Organizational Impact: Understand the severe effects ransomware can have on your business.
- Common Mistakes: Learn crucial errors to avoid that commonly leave organizations vulnerable. 

Guest Speakers:
- Jesper Olsen, Regional CISO, Palo Alto Networks
- Kyle Wilhoit, Director of Threat Research, Unit 42
- Erwin Campos, CISO, Grupo Bimbo

Don't miss this opportunity—watch now to become a force for change in protecting your organization.

Top Tips for Ransomware Resilience

Ready to take charge of data security and AI protection in your cloud environment? Data is one of the most frequent targets for cyberattacks and also one of the hardest assets to protect. With growing data volumes, increased regulatory requirements and the shift toward AI, organizations face significant challenges in understanding which sensitive data they hold, who has access to it and where it’s exposed.

To regain visibility and control, organizations are exploring data security posture management (DSPM) and data detection and response (DDR) solutions. These technologies help discover, classify and secure sensitive data, providing the necessary tools to manage data risks effectively in an increasingly complex digital landscape.

Watch Prisma® Cloud's webinar to hear from our senior product marketing lead, Sharon Farber, and gain a better understanding of how to:

Get started with data discovery and classification in cloud complex datastores.
Discover agentless tools that allow you to see a full picture of data risk in your environment within 24 hours, without impacting other business operations.
Monitor data and respond to incidents in near-real time.

Securing the Data and AI Landscape with DSPM and DDR

What are the must-know secrets to multicloud security?
Refactoring applications and AI-driven development reshape cloud security, presenting new challenges to organizations. Security experts must figure out how to be the defenders of their cloud without hindering the teams who build and deploy applications in the cloud.

Join Jason Williams, senior product marketing manager at Palo Alto Networks, for a webinar that explores the six key requirements for securing multicloud environments.

In this webinar, you'll gain insights into:

Achieving unparalleled multicloud visibility that actually helps you understand your clouds and detect threats swiftly.
Prioritizing and neutralizing risks effectively to maintain a strong security posture amidst evolving threats.
Implementing advanced security measures to safeguard sensitive information across all cloud environments.
Equip yourself with the knowledge to enhance your multicloud security strategy. Register now to secure your spot and stay ahead in the ever-evolving world of cloud security.

6 Key Requirements of Multicloud Security

Speed is paramount in security. However, when focusing too much on speed, security teams can easily become reactive, prioritizing what matters now versus what might be critical tomorrow.

In this 30-minute session, Josh Costa, director of Product Marketing for Cortex®, and Gal Zilberstein, leader of the Cortex XSIAM® Product Management team, reveal a new approach to security operations that allows analysts to shift focus from reactive to proactive security measures and ultimately take back control of their time. 

Through the lens of real-world scenarios and with a demonstration of the XSIAM Command Center and Cortex Copilot, we’ll explore how data consolidation, AI-driven analytics and scalable automation can streamline incident response, enhance threat hunting and optimize security workflows.

#3 From Reactive to Proactive: SecOps of the Future

Endpoint security is a mature market, with many vendors claiming to have what you need to protect your most targeted assets: endpoints. However, effective endpoint security isn’t just about stopping a malicious process on a box with correlation rules or signatures. Today’s threats require that you expand beyond traditional approaches. In this session, you will hear about the latest innovations in Cortex XDR, including ITDR, Cloud Threat Response, and many more.

#5 Rethinking Endpoint Security: Beyond Traditional Approaches

Explore the pivotal role of artificial intelligence (AI) in bolstering cybersecurity defenses against the evolving threat landscape.

In this informative session, Yoni Allon, vice president of Research for Cortex, navigates the convergence of cybersecurity and AI and emphasizes the need for advanced detection capabilities to counter increasingly sophisticated threat actors. 

Attend this session to explore the fundamental concepts of AI and machine learning, address the unique challenges inherent in applying AI to cybersecurity and hear real-world examples of AI-driven solutions in action.

#4 Beyond the Buzzword: Applying AI to Fight Threats

Join Wendi Whitmore, SVP and leader for Unit 42, for an in-depth exploration of the rapidly changing cyber threat landscape. This session will provide invaluable insights into the latest trends, tactics, and techniques employed by cyber adversaries. Drawing on her extensive experience and the cutting-edge research of Unit 42, Whitmore will guide participants through the complexities of today's cybersecurity challenges.

#2 Navigating the Evolving Cyber Threat Landscape

Are you measuring what matters? Hear from Nir Zuk (Palo Alto Networks founder and CTO) and his insights into what metrics SOCs should be measuring and why they’re the only metrics that really matter.

#1 The Only SOC Metrics that Matter

As cyberthreats rapidly evolve, it's crucial for security professionals to do more than just keep up. They need to outpace adversaries and their tactics. Join us for an engaging webinar to explore the latest strategies for staying ahead of threats.

Here's what you can expect
Expert insights: Dive into prevalent attack methods and savvy defensive techniques.
Threat defense with Cortex XDR: Explore how machine learning accurately predicts and neutralizes potential threats before impact.
Rigorous testing: See how Cortex XDR® performs in the most stringent third-party security efficacy tests.

Outpace the Adversary with Cortex XDR

In an era of new and complex cyber attacks and threats, security operations centers (SOC) aren’t always able to meet rapidly evolving expectations. Today, more SOC alerts mean missed threats, more intricate solutions and screens mean longer investigation times, and more team fatigue means churn, all of which can be detrimental to the safety of an organization.

Additionally, when it takes the average hacker less than 14 hours to achieve maximum compromise across a business, it has become critical for SOC leaders to equip themselves with the top solutions and strategies. 

This webinar, featuring expert insights from speakers Carlo Tarantini, Thomas Maxeiner, and Shailesh Rao, provides you with an in-depth look at the current state of SOC, with key points such as:
• How you can prevent and manage too much information, too many silos, and too many alerts
• Why SIEM-based approaches won’t provide you with the visibility you need
• How automation tools can help you transform your SOC operations
• And more

SecOps leader’s guide for transformation with AI, ML & more

Between a marked increase in large scale cyberattacks, and higher volumes of encrypted data, organizations need firewalls that can secure their traffic at real-time network speeds.

Join us in this webinar featuring Palo Alto Next-Generation Firewall Products SVP, Rich Campagna, and Palo Alto Senior Product Manager, Heather Robertson, as they provide an overview of Palo Alto’s 5 new next generation firewall appliances.

Tune in to the discussion now to learn more about the capabilities of next-generation firewalls.

Next-Gen Firewalls: Delivering Higher Performance and Flexibility

As hackers develop arsenals of more advanced tools, cyberattacks become more catastrophic, and more difficult to prevent.

In order to combat these developments, Palo Alto Networks has engineered the new PAN-OS 11.1 Cosmos, a network security solution designed to prevent even the most sophisticated threats through a number of advanced capabilities.

Tune in to this introductory webinar now to learn more about PAN-OS 11.1 Cosmos and its features.

PAN-OS 11.1 Cosmos: Designed to Prevent the Most Advanced Attacks

In today’s threat landscape, attackers are as relentless and innovative as ever. Modern cyber criminals are now relying on technologies like “Hacking as a Service” and AI tools to help them go unseen by security and improve their phishing efforts.

As they continue to leverage new attack strategies and technologies in order to infiltrate organizations, many businesses are seeking out new ways that they can transform their network security operations to ensure the scale, sophistication and speed necessary to thrive.

However, staying ahead of these threats is no easy feat. This means that it’s critical for companies to modernize network security, and even more crucial to do so quickly.

Hosted by Aparna Rayasam and Niall Browne of Palo Alto Networks, this webinar can provide you with expert insight into how you can keep up with the current threat landscape, offering key tips for building a new security approach and ways you can:
• Ensure prevention at every stage of the attack lifecycle
• Better protect your organization against emerging threats with AI-powered security
• And more

Master the modern threat landscape with AI-powered security

The barrier to entry for cybercriminals keeps getting lower – with tools such as ransomware-as-a-service – while the level of devastation from cyberattacks continues to grow. 

In this 1-on-1 conversation, Nicole Perlroth, NYT Bestselling Author of This Is How They Tell Me the World Ends: The Cyberweapons Arms Race, and Wendi Whitmore, SVP Cyber Consulting & Threat Intelligence, Palo Alto Networks, discuss:
• The NotPetya and Colonial Pipeline Ransomware Attacks, two of the most devastating cyberattacks in history
• The dangers of critical infrastructure becoming increasingly digitized
• How GenAI is being used in cyberwarfare
• The increase of Zero Day threats
• Cyberattack predictions for 2024

Don't miss this exclusive opportunity to gain unparalleled insights into the world of cyber threats and defenses!

Unmasking Cyberwarfare: A Conversation with Nicole Perlroth and Wendi Whitmore

Network security has become increasingly complex for organizations. Challenges like unpredictable network disruptions, misconfigurations that result in a breach, and security tool sprawl plague modern security management. 

Join us in this webinar to learn everything you need to know about Palo Alto’s Strata Cloud Manager, the industry’s first AI powered, Zero Trust Management and Operations solution. Featuring Mike Jacobsen, VP Product Management, Palo Alto Networks, Olivia Vort, Product Marketing Specialist, Palo Alto Networks and Sebastian Schubert, Technology Lead, TUI Hotels & Resorts, this talk will cover:
• How Strata Cloud Manager works
• A demo of the platform in action
• How TUI hotels implemented Strata and achieved profound success

Reimaginiing Network Security with Zero Trust Management and Operations

Você está pensando em segurança de dados e IA em 2024?

O crescente volume de dados, o aumento da regulamentação e a mudança para a IA dificultam para as organizações entenderem quais dados confidenciais elas mantêm, quem pode acessá-los e onde eles estão expostos. Para recuperar a visibilidade e o controle, as organizações estão explorando o gerenciamento da postura de segurança de dados com detecção e resposta de dados.

Neste webinar, você vai aprender:

Por que a nuvem cria uma nova superfície de ataque que é inerentemente difícil de proteger.
Os riscos de segurança e conformidade originados de dados desprotegidos e da infraestrutura de IA na nuvem.
Uma introdução ao DSPM e à Dig Security, que foi recentemente adquirida pela Palo Alto Networks.
Como as ferramentas sem agente permitem que você tenha uma visão completa do risco de dados em seu ambiente em 24 horas, sem afetar outras operações de negócios.
Introdução à descoberta e à classificação de dados.
Monitoramento de dados e resposta a incidentes em tempo quase real.

Fique um passo à frente do risco de dados em 2024 para evitar violações caras e de conformidade. Explore as tecnologias DSPM e DDR e como elas podem ajudar a descobrir, classificar, proteger e administrar todos os seus dados em diferentes ambientes de nuvem.

Prisma Cloud DSPM Webinar - Portuguese subtitles

¿Le preocupa la seguridad de los datos y la IA en 2024?

Hay una serie de factores —una cantidad de datos cada vez mayor, requisitos normativos cada vez más estrictos y la transición a la IA— que hacen que a las organizaciones les cueste saber qué datos confidenciales manejan, quién tiene acceso a ellos y a qué podrían estar expuestos. En un intento por recuperar la visibilidad y el control, las organizaciones están barajando la opción de recurrir a tecnologías de gestión de la estrategia de seguridad de los datos con detección de datos y respuesta.

Saldrá del webinar sabiendo:

por qué la nube da lugar a una nueva superficie de ataque que es difícil de proteger por su propia naturaleza;
qué riesgos relativos a la seguridad y el cumplimiento normativo entraña no proteger bien los datos ni las infraestructuras de IA en la nube;
qué son DSPM y Dig Security, empresa que Palo Alto Networks adquirió recientemente;
cómo las herramientas sin agente le permiten obtener una imagen completa de los riesgos relativos a los datos presentes en su entorno en un plazo máximo de 24 horas y sin que las operaciones empresariales se vean afectadas;
cómo empezar a utilizar la detección y clasificación de los datos;
cómo supervisar los datos y responder a los incidentes en tiempo casi real.

Adelántese a los riesgos relativos a los datos en 2024 para evitar brechas e infracciones de la normativa que pueden salirle muy caras. Familiarícese con las tecnologías DSPM y DDR para ver cómo le ayudan a detectar, clasificar, proteger y gobernar todos los datos de los diferentes entornos en la nube de su organización.

Prisma Cloud DSPM Webinar - Spanish subtitles

La sécurité de vos données et de votre IA vous préoccupe ?

Entre l’explosion des volumes de données, le durcissement du cadre réglementaire et l’essor de l’IA, les entreprises ont parfois du mal à savoir quelles sont leurs données sensibles, qui y a accès et quelles sont les expositions potentielles. La bonne nouvelle, c’est que les solutions DSPM (Data Security Posture Management) et DDR (Data Detection and Response) peuvent les aider à reprendre le contrôle et à gagner en visibilité.

Ce webinar vous invite notamment à découvrir :

Pourquoi le cloud crée une nouvelle surface d’attaque difficile à protéger
Les risques de sécurité et de conformité inhérents au manque de protection des données et des infrastructures IA dans le cloud
Les outils DSPM signés Dig Security, une entreprise récemment rachetée par Palo Alto Networks
La capacité des outils sans agent à offrir une visibilité sur l’exposition de vos données en l’espace de 24 heures, sans aucun impact sur vos opérations
Les méthodes de détection et de classification des données.
Les fonctionnalités de surveillance des données et de réponse à incident en quasi-temps réel

En 2024, ne prenez aucun risque : protégez vos données pour éviter les compromissions de sécurité, les infractions aux réglementations et les coûts associés. Découvrez comment les technologies DSPM et DDR peuvent vous aider à détecter, classifier, protéger et établir une gouvernance de l’ensemble de vos données dans divers environnements cloud.

Prisma Cloud DSPM Webinar - French subtitles

An Inside Look into a Unit 42 Case

Imagine you discover a payment from a customer never arrived and then realize you were the victim of business email compromise (BEC). Worse, the accountant’s email that was hijacked was protected by multifactor authentication (MFA), but attackers still found a way through.

Unfortunately, this is exactly what happened to a Unit 42™ client at a time when threat actors are finding more ways to bypass MFA and cover their tracks. With so much room for human error, it may not come as a surprise that BEC made up over one-third of Unit 42 cases in 2022, and phishing was one of the top three access vectors used by attackers.

Join Mike Savitz, Consulting Director for the upcoming Unit 42 Cybercrime Casefiles to: 
-Hear the behind-the-scenes details of a recent Unit 42 BEC case that initiated from a compromised MFA-protected Microsoft 365™ account.
-Get an overview of the current threat landscape.
-Learn about today’s top BEC tactics and trends.

Unit 42 Cybercrime Casefiles - A business email compromise (BEC) investigation

Cyber Risk Management

Incident Response

Cyber Crime

Cyber Threats

Cyber Attacks

Cyber Defence

Cyber Defense

Cyber Security

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Unit 42 Cybercrime Casefiles - A business email compromise (BEC) investigation

Presented by

About this talk

More from this channel