Name: APT42: Crooked Charms, Cons, and Compromises
Start: 2022-09-27T15:00:00Z
End: 2022-09-27T15:00:45.000Z
Location: BrightTALK
Rating: 4.6

Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. By scaling decades of frontline experience, Mandiant helps organizations to be confident in their readiness to defend against and respond to cyber threats. Mandiant is part of Google Cloud.

Cyber defense is not just about preventing attacks; it's also about effectively responding to and recovering from incidents. This webinar will focus on the critical cyber defense functions of Validation, Response, and Mission Control, examining how they contribute to a comprehensive and resilient cyber defense program.

What you will learn:
*How to rigorously test and validate your entire cyber defense program to identify areas of improvement, and ensure preparedness against real-world threats.
*How to build and implement an effective incident response plan, from preparation and containment to eradication and recovery.
*How centralized coordination and management can enhance your organization's overall cybersecurity posture.

Join us to gain practical knowledge and actionable strategies for elevating your organization's cyber resilience through robust validation, response, and mission control capabilities.

About The Defender’s Advantage:
Google Cloud Security published The Defender’s Advantage, a cyber defense framework to help all organizations prepare for and mitigate future security incidents. We believe that security teams like yours have the ultimate cyber defense advantage, the ability to control the environment being attacked. Download The Defender's Advantage ebook here: https://cloud.google.com/security/resources/defenders-advantage

Activate continuous security testing to improve cyber response [The Defender's Advantage virtual series, part 3]

A crucial aspect of effective cyber defense is the ability to produce and disseminate actionable intelligence into the hands of various security functions, in a format and language they can understand and use to make decisions. This allows for informed decision-making and proactive threat mitigation. 

This webinar will delve into the critical functions of Intelligence, Detection, and Hunting, exploring how they work together to create a robust and resilient security posture. 

You will learn:
*How to effectively gather, analyze, and operationalize threat intelligence to inform your cyber defense strategy
*Best practices for developing and implementing high-fidelity detections that align with attacker tactics and techniques
*Methodologies and tools used to proactively hunt for threats and identify hidden adversaries in your environment

Join us to gain valuable insights and practical strategies for strengthening your organization's cyber defenses through an intelligence-led approach to detection and hunting.

Intelligence-led detection and threat hunting  [The Defender's Advantage virtual series, part 2]

Cyber threats are constantly evolving. Learn how to stay ahead of them in 2025 with security expert Andrew Kopcienski.

Join this deep-dive session based on the Cybersecurity Forecast 2025 report, where Andrew will cover key trends and insights to help strengthen your cyber defenses in the year ahead, including:
• Attacker use of AI
• The evolving threat landscape from Russia, China, Iran, and North Korea
• Ransomware and multifaceted extortion as the most disruptive form of cyber crime
• The growing threat of infostealer malware

Google Cloud Security Forecast 2025

Join us for a LIVE session with one of our top Google Threat Intelligence researchers to gain valuable insights into the Financial Institutions context. The session will feature curated, real-time, and actionable strategic intelligence from Google Threat Intelligence.

*Get the latest information on emerging threats and attack trends.
*Learn how to apply this intelligence to strengthen your organization's security posture.
*Have your questions answered during the live Q&A.

Strategic Threat Intelligence for Financial Institutions

Enhance your threat hunting skills with a hands-on session led by a Google Threat Intelligence researcher and a seasoned hunting expert. Learn how to leverage Google Threat Intelligence to generate leads, threat model scenarios, develop hypotheses, and hunt missions. 

Join Jose Luis Sanchez Martinez and Muhammad Muneer as they share their experiences and best practices they use to hunt for threats including:

*Identifying the most relevant indicators
*Performing efficient hunting 
*Knowing which threads to pull on to uncover challenging threats

Proactive threat hunting helps unveil lurking dangers, enabling rapid response and mitigation before significant damage occurs. By incorporating these threat hunting techniques, your team can strengthen the security posture, reduce attacker dwell time, and gain valuable insights to stay ahead of the threats targeting your organization.

Google Threat Intelligence is changing the game in threat intelligence. By unifying the frontline expertise of Mandiant, the VirusTotal intel community and Google security insights, we are bringing to you unmatched breadth and depth, so you can get a panoramic view of the threat landscape, understand the "why" and "how" behind attacks, and turn insights into rapid action.

Quarterly Threat Hunting with Google Threat Intelligence

Cyber threats are constantly evolving. Learn how to stay ahead of them in 2025 with security expert Andrew Kopcienski.

Join this deep-dive session based on the Cybersecurity Forecast 2025 report, where Andrew will cover key trends and insights to help strengthen your cyber defenses in the year ahead, including:

*Attacker use  of AI
*The evolving threat landscape from Russia, China, Iran, and North Korea
*Ransomware and multifaceted extortion as the most disruptive form of cyber crime
*The growing threat of infostealer malware

Google Cloud Cybersecurity Forecast 2025

Mandiant Managed Defense presents a quarterly webinar series, "Tales from the Trenches," to help you navigate the ever-evolving threat landscape. Our security experts will dive into the latest malware and attack trends they've encountered in the previous quarter. You'll gain valuable insights into how these threats were detected, along with actionable advice to strengthen your own defenses.
In the second installment of the series, Managed Defense Consultants will detail findings from July through September 2024.

Tales from the Trenches: Malware and attack trends from Managed Defense, Q3 2024

A critical zero-day vulnerability in FortiManager appliances has been exploited in the wild, leaving organizations vulnerable to data breaches and lateral movement. In this webinar, Mandiant experts dissect the exploitation tactics, techniques, and procedures (TTPs) of the threat actor we track as UNC5820.

Gain critical insights into:
*Exploitation Details: Understand how UNC5820 leveraged CVE-2024-47575 to compromise FortiManager appliances and exfiltrate sensitive configuration data.
*Threat Actor Profile: Uncover the characteristics and potential motivations of UNC5820 based on our ongoing investigation.
*Mitigation Strategies: Learn practical steps to protect your organization from this vulnerability and similar attacks.
*Detection and Response: Discover how to leverage threat intelligence and hunting techniques to identify and respond to this threat.

Don't miss this opportunity to gain expert insights and strengthen your defenses against this emerging threat. 

Register today!

FortiManager Zero-Day: Intel for Actionable Mitigation Strategies

Social engineering attacks are a constant and evolving threat to global organizations. Attackers use sophisticated techniques such as phishing, vishing, smishing, and social media tactics to manipulate individuals into revealing sensitive information or compromising security. 

This webinar will discuss the latest trends in social engineering attacks and provide practical strategies to defend against them. We'll cover topics such as:

- Recognizing the signs of a social engineering attack  
- Educating employees about social engineering risks  
- Implementing security measures to help prevent social engineering attacks  
- Responding effectively to a social engineering attack  

We'll also examine real-world examples and discuss how artificial intelligence (AI) is being used to both perpetrate and defend against these attacks.  

Why you should attend:

- Stay ahead of the curve: Learn about the latest social engineering tactics and how to identify them before they impact your organization.  
- Enhance your security posture: Gain practical strategies and actionable insights to strengthen your organization's defenses against social engineering attacks.  
- Protect your organization: Learn how to educate employees and develop a culture of vigilance to mitigate the risk of falling victim to these malicious tactics.

Social Engineering: New Tricks, New Threats, New Defenses

Threat intelligence is the cornerstone of a proactive security posture, but traditional approaches often fall short. Static reports and delayed updates leave security teams struggling to keep pace with the speed of cyberattacks. To stay ahead of threats we need something more dynamic to provide us with more up-to-date and actionable threat intelligence. 

Join Emiliano Martinez, Lead Product Manager and TJ Alldridge, Product Marketing Manager as they explore:
*How dynamic threat intelligence will empower security professionals to use threat intelligence more efficiently. 
*The power of trusted circles - highlighting the power of community and collaboration to keep everyone more safe. 
*AI and automation - making threat intelligence more actionable than ever before.

Join us to unlock the future of threat intelligence and transform your security operations

Use Cases in Threat Intel:  Evolving to Dynamic Threat Intelligence

As cyber threats grow in sophistication, securing a leg up as the defender is more important than ever. When going toe-to-toe with adversaries in your environment, you have the control, but organizations often struggle to capitalize on this advantage. 

The Defender’s Advantage is an award-winning framework that provides actionable strategies to enhance your cyber defense capabilities and serves as a blueprint for pivoting seamlessly between breach preparedness and immediate action.  

During this webinar, our experts will unlock the six critical functions of an effective cyber defense program: intelligence, detect, respond, validate, hunt, and mission control. They will also explain how each function plays a distinct yet interconnected role in protecting an organization's critical assets, and provide real-world examples on how this framework can be applied.
  
You will walk away from this webinar knowing how to:
*Develop a proactive and intelligence-led approach to cyber defense
*Activate the six critical functions of cyber defense to boost the resilience of your security program 
*Leverage tools that can enhance your overall security posture and help build an effective operating model

Who should attend:
*CIOs, CISOs, and security leaders and practitioners
*IT professionals responsible for cybersecurity
*Anyone interested in learning more about modern cyber defense

Speakers:
Daniel Nutting, Consulting Manager, Mandiant, part of Google Cloud Security
Nate Toll, Consulting Manager, Mandiant, part of Google Cloud Security
Omar Toor, Consulting Manager, Mandiant, part of Google Cloud Security

Adopt a powerful framework for activating cyber defense [The Defender's Advantage virtual series, part 1]

In the rapidly evolving landscape of cyber warfare, understanding and responding to the latest threats is crucial. This session offers unparalleled insights tailored to the frontline incident response and threat intelligence experts who tackle high-impact cyberattacks daily. We will cover the current threat landscape, evolutions in the attack surface, the role of AI in cybersecurity, advancements and shortcomings in defenses, and how Google Cloud is helping to bridge critical security gaps. Join us to equip yourself with the knowledge and strategies needed to navigate the complexities of modern cyber threats.

Key discussion points:

Current Threat Landscape: Identifying the most significant attacks and attackers impacting organizations today. Understand the prevalent and dangerous cyber threats that enterprises face.

Evolving Attack Surface: Assessing how the attack surface has changed over the past year and the implications for security strategies. Explore how digital transformation and remote work have expanded vulnerabilities.

AI in Cybersecurity: Exploring the dual role of AI in both facilitating cyber attacks and bolstering cybersecurity defenses. Discuss how AI is used by adversaries and defenders alike.

Defensive Adaptations: Reviewing the advancements and shortcomings in security defenses over the past year. Highlight effective measures, existing gaps, and innovative solutions.

An In Depth Look at AI & the Evolving Cyber Threat Landscape

In the face of increasingly sophisticated and relentless cyber threats, Security Operations Centers (SOCs) are turning to Artificial Intelligence (AI) to bolster their defenses. This webinar explores the transformative potential of AI in modernizing SOCs, enhancing threat detection, automating incident response, and empowering security analysts.

Key Takeaways:

- Discover how AI can augment human capabilities and streamline security operations.
- Learn about real-world use cases of AI in threat detection, incident response, and vulnerability management.
- Understand the key considerations and best practices for implementing AI in your SOC.

The AI-Powered SOC: Transforming Cybersecurity Defense

Ethical AI is the new code of conduct and we’re in the midst of an industrial revolution based on synthetic intelligence.

The Keys to the Kingdom: Security and Governance for Generative AI

Today, it’s more imperative than ever to stay one step ahead of the threat by understanding the most common  tactics, techniques, and procedures (TTPs). We continue to observe threat actors from cyber criminal groups evolve their TTPs for ransomware and multi-faceted extortion operations and see a surge in compromises originate with credential compromise and highly effective social engineering attacks.

In this webinar, we will shed light on the latest trends and real-world insights into initial access vectors and TTPs observed across the attack lifecycle, dive into the current ransomware-as-a-service (RaaS) landscape,  and provide defensive recommendations for your organization based on Google Threat Intelligence analysis of the threat as well as expert Mandiant incident response investigation insights.

What you will learn:

*Latest trends and insights into initial access vectors, tools, and tactics, techniques, and procedures observed across the attack life cycle
*Insights into the current ransomware-as-a-service (RaaS) landscape
*Practical defensive recommendations and preparedness strategies from frontline Mandiant Incident Response investigations

Presenters: 

Josh Madeley, Regional Lead, Mandiant Incident Response
Josh Stern, Senior Analyst, Google Threat Intelligence
Greg Kapourellos, Lead, Google Threat Intelligence Advisors (moderator)

Evolution of Ransomware and Data Theft Extortion: Expert Insights and Defense Strategies

Mandiant Managed Defense presents a quarterly webinar series, "Tales from the Trenches," to help you navigate the ever-evolving threat landscape. Our security experts will dive into the latest malware and attack trends they've encountered in the previous quarter. You'll gain valuable insights into how these threats were detected, along with actionable advice to strengthen your own defenses.

In the second installment of the series, Managed Defense Consultants will detail findings from April through June 2024, including:

*Exploiting tax season with tax-theme phishing emails to deliver DARKGATE malware 
*Malicious JavaScript droppers from attempts to download pirated films
*Trojanized software campaign leads to backdoor deployment

Tales from the Trenches: Malware and attack trends from Managed Defense, Q2 2024

Artificial intelligence (AI) is poised to revolutionize how federal agencies operate, enhancing mission effectiveness and streamlining processes. However, the integration of AI also introduces unique cybersecurity challenges in the government context. How can federal IT leaders harness the transformative power of AI while ensuring the protection of sensitive data and critical systems?

Google Cloud Security partnered with market research firm Market Connections to determine how leaders are moving into the AI era with a strong focus on security. Join GovExec and Google Cloud Security as we share the findings of this study and look at next steps for the intersection of AI and security. 

You’ll learn about:

- The evolving threat landscape specific to public sector organizations
- Understanding the specific cybersecurity risks faced by federal agencies in the adoption of AI, including foreign interference, data breaches, and insider threats
- Security frameworks and best practices and strategies for government
- Critical AI capabilities for government
- Building trust in government; ethical considerations and privacy concerns
- Practical next steps for government

Secure AI: Mitigating Risk in the Age of Innovation

Organizations today face the growing challenge of pulling actionable insights from the noise surrounding generative AI, as media hype often overshadows the technology's practical implications. Because of this, it’s critical to have a clear understanding of what generative AI actually is and what it isn't.

In this webinar, we will demystify the benefits, challenges, and risks of AI based on our frontline observations. From there, we will help you adopt a practical framework to assess the security of AI in your environment and outline actionable strategies to improve your specific AI security approach.

You will also walk away with knowledge of a three-pronged approach that organizations can take to secure their existing AI solutions by:

*Assessing your security posture
*Performing threat modeling for your AI solutions
*Executing threat hunting across your AI pipeline

Presenters: 
Muhammad Muneer, Principal Consultant, Mandiant, Google Cloud Security
Dan Browne, Senior Consultant, Mandiant, Google Cloud Security
Jennifer Guzzetta, Product Marketing Manager, Mandiant, Google Cloud Security (Moderator)

An Actionable Approach to Assess and Improve the Security of Your AI Solutions

APT42, an Iranian state-sponsored cyber espionage group, is Mandiant’s most recently graduated threat actor. With activity dating back to 2015, this cyber espionage actor is notable for conducting information collection and surveillance operations against domestic and foreign targets that are of strategic interest to the Iranian government.

This webinar will cover:
• APT42’s toolkit and the techniques that characterize their operations
• Unique targeting activities that differentiate APT42’s operations
• Potential overlaps with ransomware activity
• How APT42 fits into Iran’s cyber capability and their relationship to other groups

APT42: Crooked Charms, Cons, and Compromises

Cyber Security

Iran

APT42

Ransomware

Cyber Espionage

Threat Intelligence

Malware

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

APT42: Crooked Charms, Cons, and Compromises

Presented by

About this talk

More from this channel