Name: Assembling the Russian Stacking Doll: UNC2452 Merged into APT29
Start: 2022-04-27T20:00:00Z
End: 2022-04-27T20:00:44.000Z
Location: BrightTALK
Rating: 3

Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. By scaling decades of frontline experience, Mandiant helps organizations to be confident in their readiness to defend against and respond to cyber threats. Mandiant is part of Google Cloud.

Cyber threats are constantly evolving. Learn how to stay ahead of them in 2025 with security expert Andrew Kopcienski.

Join this deep-dive session based on the Cybersecurity Forecast 2025 report, where Andrew will cover key trends and insights to help strengthen your cyber defenses in the year ahead, including:

*Attacker use  of AI
*The evolving threat landscape from Russia, China, Iran, and North Korea
*Ransomware and multifaceted extortion as the most disruptive form of cyber crime
*The growing threat of infostealer malware

Google Cloud Cybersecurity Forecast 2025

Mandiant Managed Defense presents a quarterly webinar series, "Tales from the Trenches," to help you navigate the ever-evolving threat landscape. Our security experts will dive into the latest malware and attack trends they've encountered in the previous quarter. You'll gain valuable insights into how these threats were detected, along with actionable advice to strengthen your own defenses.
In the second installment of the series, Managed Defense Consultants will detail findings from July through September 2024.

Tales from the Trenches: Malware and attack trends from Managed Defense, Q3 2024

A critical zero-day vulnerability in FortiManager appliances has been exploited in the wild, leaving organizations vulnerable to data breaches and lateral movement. In this webinar, Mandiant experts dissect the exploitation tactics, techniques, and procedures (TTPs) of the threat actor we track as UNC5820.

Gain critical insights into:
*Exploitation Details: Understand how UNC5820 leveraged CVE-2024-47575 to compromise FortiManager appliances and exfiltrate sensitive configuration data.
*Threat Actor Profile: Uncover the characteristics and potential motivations of UNC5820 based on our ongoing investigation.
*Mitigation Strategies: Learn practical steps to protect your organization from this vulnerability and similar attacks.
*Detection and Response: Discover how to leverage threat intelligence and hunting techniques to identify and respond to this threat.

Don't miss this opportunity to gain expert insights and strengthen your defenses against this emerging threat. 

Register today!

FortiManager Zero-Day: Intel for Actionable Mitigation Strategies

Social engineering attacks are a constant and evolving threat to global organizations. Attackers use sophisticated techniques such as phishing, vishing, smishing, and social media tactics to manipulate individuals into revealing sensitive information or compromising security. 

This webinar will discuss the latest trends in social engineering attacks and provide practical strategies to defend against them. We'll cover topics such as:

- Recognizing the signs of a social engineering attack  
- Educating employees about social engineering risks  
- Implementing security measures to help prevent social engineering attacks  
- Responding effectively to a social engineering attack  

We'll also examine real-world examples and discuss how artificial intelligence (AI) is being used to both perpetrate and defend against these attacks.  

Why you should attend:

- Stay ahead of the curve: Learn about the latest social engineering tactics and how to identify them before they impact your organization.  
- Enhance your security posture: Gain practical strategies and actionable insights to strengthen your organization's defenses against social engineering attacks.  
- Protect your organization: Learn how to educate employees and develop a culture of vigilance to mitigate the risk of falling victim to these malicious tactics.

Social Engineering: New Tricks, New Threats, New Defenses

Threat intelligence is the cornerstone of a proactive security posture, but traditional approaches often fall short. Static reports and delayed updates leave security teams struggling to keep pace with the speed of cyberattacks. To stay ahead of threats we need something more dynamic to provide us with more up-to-date and actionable threat intelligence. 

Join Emiliano Martinez, Lead Product Manager and TJ Alldridge, Product Marketing Manager as they explore:
*How dynamic threat intelligence will empower security professionals to use threat intelligence more efficiently. 
*The power of trusted circles - highlighting the power of community and collaboration to keep everyone more safe. 
*AI and automation - making threat intelligence more actionable than ever before.

Join us to unlock the future of threat intelligence and transform your security operations

Use Cases in Threat Intel:  Evolving to Dynamic Threat Intelligence

As cyber threats grow in sophistication, securing a leg up as the defender is more important than ever. When going toe-to-toe with adversaries in your environment, you have the control, but organizations often struggle to capitalize on this advantage. 

The Defender’s Advantage is an award-winning framework that provides actionable strategies to enhance your cyber defense capabilities and serves as a blueprint for pivoting seamlessly between breach preparedness and immediate action.  

During this webinar, our experts will unlock the six critical functions of an effective cyber defense program: intelligence, detect, respond, validate, hunt, and mission control. They will also explain how each function plays a distinct yet interconnected role in protecting an organization's critical assets, and provide real-world examples on how this framework can be applied.
  
You will walk away from this webinar knowing how to:
*Develop a proactive and intelligence-led approach to cyber defense
*Activate the six critical functions of cyber defense to boost the resilience of your security program 
*Leverage tools that can enhance your overall security posture and help build an effective operating model

Who should attend:
*CIOs, CISOs, and security leaders and practitioners
*IT professionals responsible for cybersecurity
*Anyone interested in learning more about modern cyber defense

Speakers:
Daniel Nutting, Consulting Manager, Mandiant, part of Google Cloud Security
Nate Toll, Consulting Manager, Mandiant, part of Google Cloud Security
Omar Toor, Consulting Manager, Mandiant, part of Google Cloud Security

Unlock your Defender's Advantage: A powerful framework for activating effective cyber defense

In the rapidly evolving landscape of cyber warfare, understanding and responding to the latest threats is crucial. This session offers unparalleled insights tailored to the frontline incident response and threat intelligence experts who tackle high-impact cyberattacks daily. We will cover the current threat landscape, evolutions in the attack surface, the role of AI in cybersecurity, advancements and shortcomings in defenses, and how Google Cloud is helping to bridge critical security gaps. Join us to equip yourself with the knowledge and strategies needed to navigate the complexities of modern cyber threats.

Key discussion points:

Current Threat Landscape: Identifying the most significant attacks and attackers impacting organizations today. Understand the prevalent and dangerous cyber threats that enterprises face.

Evolving Attack Surface: Assessing how the attack surface has changed over the past year and the implications for security strategies. Explore how digital transformation and remote work have expanded vulnerabilities.

AI in Cybersecurity: Exploring the dual role of AI in both facilitating cyber attacks and bolstering cybersecurity defenses. Discuss how AI is used by adversaries and defenders alike.

Defensive Adaptations: Reviewing the advancements and shortcomings in security defenses over the past year. Highlight effective measures, existing gaps, and innovative solutions.

An In Depth Look at AI & the Evolving Cyber Threat Landscape

In the face of increasingly sophisticated and relentless cyber threats, Security Operations Centers (SOCs) are turning to Artificial Intelligence (AI) to bolster their defenses. This webinar explores the transformative potential of AI in modernizing SOCs, enhancing threat detection, automating incident response, and empowering security analysts.

Key Takeaways:

- Discover how AI can augment human capabilities and streamline security operations.
- Learn about real-world use cases of AI in threat detection, incident response, and vulnerability management.
- Understand the key considerations and best practices for implementing AI in your SOC.

The AI-Powered SOC: Transforming Cybersecurity Defense

Ethical AI is the new code of conduct and we’re in the midst of an industrial revolution based on synthetic intelligence.

The Keys to the Kingdom: Security and Governance for Generative AI

Today, it’s more imperative than ever to stay one step ahead of the threat by understanding the most common  tactics, techniques, and procedures (TTPs). We continue to observe threat actors from cyber criminal groups evolve their TTPs for ransomware and multi-faceted extortion operations and see a surge in compromises originate with credential compromise and highly effective social engineering attacks.

In this webinar, we will shed light on the latest trends and real-world insights into initial access vectors and TTPs observed across the attack lifecycle, dive into the current ransomware-as-a-service (RaaS) landscape,  and provide defensive recommendations for your organization based on Google Threat Intelligence analysis of the threat as well as expert Mandiant incident response investigation insights.

What you will learn:

*Latest trends and insights into initial access vectors, tools, and tactics, techniques, and procedures observed across the attack life cycle
*Insights into the current ransomware-as-a-service (RaaS) landscape
*Practical defensive recommendations and preparedness strategies from frontline Mandiant Incident Response investigations

Presenters: 

Josh Madeley, Regional Lead, Mandiant Incident Response
Josh Stern, Senior Analyst, Google Threat Intelligence
Greg Kapourellos, Lead, Google Threat Intelligence Advisors (moderator)

Evolution of Ransomware and Data Theft Extortion: Expert Insights and Defense Strategies

Mandiant Managed Defense presents a quarterly webinar series, "Tales from the Trenches," to help you navigate the ever-evolving threat landscape. Our security experts will dive into the latest malware and attack trends they've encountered in the previous quarter. You'll gain valuable insights into how these threats were detected, along with actionable advice to strengthen your own defenses.

In the second installment of the series, Managed Defense Consultants will detail findings from April through June 2024, including:

*Exploiting tax season with tax-theme phishing emails to deliver DARKGATE malware 
*Malicious JavaScript droppers from attempts to download pirated films
*Trojanized software campaign leads to backdoor deployment

Tales from the Trenches: Malware and attack trends from Managed Defense, Q2 2024

Artificial intelligence (AI) is poised to revolutionize how federal agencies operate, enhancing mission effectiveness and streamlining processes. However, the integration of AI also introduces unique cybersecurity challenges in the government context. How can federal IT leaders harness the transformative power of AI while ensuring the protection of sensitive data and critical systems?

Google Cloud Security partnered with market research firm Market Connections to determine how leaders are moving into the AI era with a strong focus on security. Join GovExec and Google Cloud Security as we share the findings of this study and look at next steps for the intersection of AI and security. 

You’ll learn about:

- The evolving threat landscape specific to public sector organizations
- Understanding the specific cybersecurity risks faced by federal agencies in the adoption of AI, including foreign interference, data breaches, and insider threats
- Security frameworks and best practices and strategies for government
- Critical AI capabilities for government
- Building trust in government; ethical considerations and privacy concerns
- Practical next steps for government

Secure AI: Mitigating Risk in the Age of Innovation

Organizations today face the growing challenge of pulling actionable insights from the noise surrounding generative AI, as media hype often overshadows the technology's practical implications. Because of this, it’s critical to have a clear understanding of what generative AI actually is and what it isn't.

In this webinar, we will demystify the benefits, challenges, and risks of AI based on our frontline observations. From there, we will help you adopt a practical framework to assess the security of AI in your environment and outline actionable strategies to improve your specific AI security approach.

You will also walk away with knowledge of a three-pronged approach that organizations can take to secure their existing AI solutions by:

*Assessing your security posture
*Performing threat modeling for your AI solutions
*Executing threat hunting across your AI pipeline

Presenters: 
Muhammad Muneer, Principal Consultant, Mandiant, Google Cloud Security
Dan Browne, Senior Consultant, Mandiant, Google Cloud Security
Jennifer Guzzetta, Product Marketing Manager, Mandiant, Google Cloud Security (Moderator)

An Actionable Approach to Assess and Improve the Security of Your AI Solutions

Elevate your threat hunting expertise by joining a live session with a leading Google Threat Intelligence researcher and a seasoned threat hunting expert. In this hands-on session, we'll guide you through the entire threat hunting process, from crafting your pipeline to executing various hunt types. We'll delve into the strategic and tactical use of Google Threat Intelligence to uncover critical insights, identify pivot points, and pinpoint additional indicators of compromise (IOCs) for your hunts.

Threat Hunting with Google Threat Intelligence

Join our webinar to learn how AI in Google Threat Intelligence helps your team uncover hidden threats, streamline investigations, and make faster, more informed decisions. See how AI is transforming threat intelligence in real-world scenarios.

Gemini in Threat Intelligence analyzes vast datasets and acts as a force multiplier, immediately surfacing threats most relevant to your unique risk profile, reducing the noise of generic alerts. It continuously learns from your actions, tailoring its output to become increasingly relevant to your specific needs over time.

Use Cases in Threat Intelligence: Leveraging Gemini

Outsmart attackers and protect your organization with intelligence-driven vulnerability management. In this webinar, Google threat intelligence experts will demonstrate how to prioritize vulnerabilities based on active exploit risk, get early warnings on threats, maximize patch efficiency, and reduce your attack surface.

Use Cases in Threat Intelligence: Making Vulnerability Management Easier

Join Mandiant Consulting experts as they examine the opportunities and proven methodologies to align cybersecurity with an organization’s business priorities or mission. As security professionals, elements of our shared experience often include unclear priorities, difficulty achieving project goals, and friction with cross-functional stakeholders. These elements can contribute to a culture of compounded apathy towards security teams and deprioritization of security initiatives. 

In this session, we’ll discuss how security teams can effectively and efficiently implement short- and long-term objectives through a newfound partnership with their organizational stakeholders. Additionally, we’ll cover how CISOs and security leaders can help plan and execute against a strategy that brings security to the forefront of an organization for critical risk mitigation.

Attendees will leave this session with knowledge on how to:
 - Make security initiatives more visible across an organization
 - Increase a security team’s throughput and optimize its operations
 - Develop a cohesive security strategy that aligns to organizational objectives
 - Optimize security work to reduce attrition and enable business success

How To Optimize and Accelerate Cybersecurity Initiatives for Your Business

Discover how to streamline your security operations and maximize your threat intelligence investment. In this webinar, we'll explore essential use cases for Google Threat Intelligence, showcasing how it can empower your IOC Enrichment, Incident Response and Forensics, Threat Hunting, Brand Protection and Vulnerability Management.

Join us for a hands-on demonstration of each use case and see benefits of faster threat detection and proactive defense strategies.

Use Cases in Threat Intelligence: Turn Insights into Action

Mandiant gathered sufficient evidence to assess that UNC2452, the group responsible for the 2020 SolarWinds supply chain compromise, is attributable to APT29, a Russia-based espionage actor assessed to be sponsored by the Russian Foreign Intelligence Service (SVR). This webinar provides awareness and additional insights on the evolution of APT29's operational and behavioral tactics, techniques, and procedures (TTPs).

Assembling the Russian Stacking Doll: UNC2452 Merged into APT29

Supply Chain

IT Security

Threat Analysis

Threat Detection

Threat Intelligence

Incident Detection

Cyber Security

Cyber Attacks

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Assembling the Russian Stacking Doll: UNC2452 Merged into APT29

Presented by

About this talk

More from this channel