MMW Archive

Understanding Malware Lateral Spread Used in High Value Attacks

Speaker: Nick Bilogorskiy
Date and Time: On-Demand

APTs are known to use advanced Techniques, Tactics, and Procedures (TTP), including advanced malware design with protection layers, sandboxing evasion, and lateral movement inside penetrated networks to seek out high value targets. This webinar covers lateral movement techniques and methods used by past advanced threats, and how lateral movement of APT should help security defenders to better select and implement protection solutions.

Ransomware Resurgence: Locky and Other “New Cryptolockers”

Speaker: Nick Bilogorskiy
Date and Time: On-Demand

Ransomware has come a long way from non-encrypting lockscreen FBI scare warnings like Reveton. In 2016 alone, there have been new ransomware families popping up and we expect that to only pick up steam over the summer. In this edition of MMW, Nick Bilogorskiy, Nick will discuss, Locky, the new “it” ransomware and how it works and other new ransomware families and why it’s becoming the preferred monetization method for attackers. Attendees may opt in to receive a special edition t-shirt.

Malware Self-protection Matrix: From Anti-reversing to Anti-sandboxing

Date and Time: On-Demand

In this Malware’s Most Wanted Cyphort Lab’s Marion Marschalek sheds light on malware self-protection. The audience gets an overview of how malware evasion evolved over the years and how malware defense evolved with it, or vice versa as it occasionally happens in the digital arms race. The various observed anti-analysis tricks are put in relation to the respective counter measures in order to showcase challenges of modern day security products.

Machine Learning: The Gold Standard for Threat Detection

Date and Time: On-Demand

Machine learning is a powerful tool with many well-suited applications for malware detection, classification, and risk quantification. Despite its reputation as a “black box” component to an enterprise security solution, designing a robust machine learning model for malware detection is an involved process: its success hinges on understanding the problem you’re trying to solve, the underlying data you utilize, and most importantly, its limitations. In this Malware Most Wanted session, we analyze working models discuss the strengths, pitfalls, and high-level trade-offs of using machine learning for successful malware detection.

Cybersecurity – Getting Down To Implementation Practice

Date and Time: On-Demand

NIST Cybersecurity Framework is a good starting point for many enterprises to harden their security posture against advanced threats. In this webinar, we will share the major take-aways from the framework. More importantly, we will explain the 5 critical factors in implementing cybersecurity defense, and how to handle them with best practice.

Mac Not Safe from Malware

Date and Time: On-Demand

Malware authors are beginning to target Mac OS X in larger numbers. As malware and phishing attacks become targeted, more sophisticated, and easier to carry out, Mac users can no longer rely on hackers to ignore the smaller OS X market share. In this webinar Cyphort Labs will explain the trends on Mac malware and present statistics on Mac malware we gathered in the wild and interpret the numbers.

Linux and Internet of Things Malware

On-Demand

Occasionally we see samples coming out of our pipe which do not fit with the stream of malware, such as clickjackers, banking Trojans and spybots. These exotic creatures are dedicated to target platforms other than the Windows operating system. While they make up for a significantly smaller portion than the load of Windows malware, Cyphort labs has registered a rise in Linux and Internet of Things Malware (IoT) malware. This webinar provides an overview of Linux and IoT malware that Cyphort labs has spotted in the wild and gives an insight into the development of these threats and the direction they are taking.

Knowing Your Enemy: What Makes A Trojan Financial?

Speaker: Nick Bilogorskiy
Date and Time: On-Demand

Banking or Financial Trojans are already notorious because they have been around for a while, and they count both consumers and financial institutions among their victims. To help better defend against this class of malware, we will share analyses of some recent families of financial Trojans. We will look at some of the specific characteristics associated with a financial Trojan in terms of distribution channel, armoring behavior, attack payload, and actors.

Malvertising Attacks on Huffington Post, Yahoo, AOL

Speaker: Nick Bilogorskiy
Date and Time: On-Demand

Cyphort Labs has reported an uptick in drive-by-infection through malvertising and sounded alarms for the web property owners regarding this emerging trend. In this session, we discuss this increasing trend of drive-by attacks by dissecting examples of recent web infections, as well as share observed, sophisticated behavior of modern exploit pack and the challenges for research and discovery. As we present exploit kit information, trends and statistics from research derived from our Cyphort Crawler, you will gain an awareness and an understanding of these malvertising threats to better protect your site visitors from malware infection.

The Attack on Sony

Speaker: Nick Bilogorskiy
Date and Time: On-Demand

Secretary Johnson called the attack on Sony Pictures Entertainment “an attack on our freedom of expression and way of life.” (Full statement.) In this MMW session, Nick Bilogorskiy, Director of Security Research at Cyphort Labs dissects Destover malware, responsible for more than 100 terabytes of stolen data from Sony Pictures Entertainment.

Anti-Sandbox Malware Techniques

Speaker: Nick Bilogorskiy
Date and Time: On-Demand

Malware writers are well aware of sandboxing, a popular way to detect brand new unknown malware by its behavior, and make code that infects the intended victim but has no malicious behavior in a sandbox. This MMW webinar demos specific ways how malware detects and hides from sandboxes including environmental check, stalling code, sleeps, hook detection and click triggers.

See the Anti-SIEM in Action.

Schedule a live demo at your convenience, and we’ll present the detection, analytics, and mitigation capabilities of the platform.