Name: October 2023 TRU Intelligence Briefing
Start: 2023-10-31T00:06:00Z
End: 2023-10-31T00:06:40.000Z
Location: BrightTALK
Rating: 0

eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization’s cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world’s most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks.  
For more information, visit www.esentire.com and follow @eSentire

During the November Threat Intelligence Briefing, our Threat Response Unit (TRU) reviewed:
- QR Code Phishing: Overview of the uptick in QR code phishing attacks (also known as quishing), what they look like, and how threats like DadSec Phishing-as-a-Service (PhaaS) are abusing them.
- eSentire observations and response actions related to Adversary-in-the-Middle (AiTM) attacks and best practices to defend against these attacks.
- Updates on PikaBot, Customer Loader, and Nitrogen Campaign.
- Notable vulnerabilities impacting Atlassian, Citrix, and F5 BIG-IP Vulnerabilities.
- A brief overview on cyberattacks related to the ongoing geo-political tensions.

November 2023 TRU Intelligence Briefing

Watch this webinar to learn how eSentire and Deep Instinct’s partnership is disrupting the MDR market with a new cost-effective endpoint protection platform for SMBs.

Proactive, Prevention-First Protection is Possible

Watch this webinar to learn about the top cloud security challenges that organizations face and how MDR can strengthen your cloud security posture.

Detecting and Responding to Threats in the Cloud

Join Michael Ludgate, Adam Leipold, and CJ Dietzman in this fireside chat as they discuss: 

- How cyber insurers and enterprise organizations evaluate cyber risk
- Security leader considerations for insurability requirements, which will enable organizations to take advantage of the protection that cyber insurance can provide
- How cyber insurance can help protect businesses against the evolving cyber threat landscape

Navigating Risk Reduction and Cyber Insurance

In this fireside conversation, Tia Hopkins, Chief Cyber Resilience Officer & Field CTO at eSentire, and Eldon Sprickerhoff, Founder & Advisor at eSentire, discussed what we can learn from the SEC’s recent Final Rule and the updates that the SEC is proposing for RIAs with regards to risk assessments, threat and vulnerability management, incident response and recovery, and what RIAs should keep top of mind to ensure compliance with the new rules.

How to Start Preparing for the SEC’s New Cyber Risk Management Rules

In this webinar, Greg Crowley, CISO at eSentire, Dustin Hillard, CTO at eSentire, and Alexander Feick, VP, eSentire Labs, will share their insights on how security leaders can effectively use generative AI technologies across their organizations without compromising their cybersecurity.

Securing the Future with eSentire: Harnessing the Potential of Generative AI

During this month's Threat Intelligence Briefing, our Threat Response Unit reviewed:
- Phishing Attacks 101: Overview of motivations, capabilities, tools, and services that enable threat actors to steal credentials
- Observations of AiTM attacks leading to follow-on Business Email Compromise (BEC) activities and the associated detections from TRU
- Updates on Lumma Stealer, DarkGate, and Private Loader malware
- Notable vulnerabilities impacting WinRar, Ivanti, and Citrix
- A brief overview of notable changes in the cybercrime landscape

September 2023 TRU Intelligence Briefing

In this month’s TRU Intelligence Briefing, the Threat Response Unit reviewed:
- Threat Landscape: A review of recently observed malware by the SOC such as Raspberry Robin, SolarMarker and SectopRAT, and notable vulnerabilities impacting Citrix (CVE-2023-3519), Invanti (CVE-2023-35078, CVE-2023-35081) and Zimbra (CVE-2023-3870)
- A brief overview on cyberattacks related to ongoing geo-political tensions.
- BatLoader Malware – background on the threat and current MSIX campaign, including brand impersonation, targets, and abuse of code signing certificates.
- Tactical Threat Response (TTR) – BatLoader Malware: eSentire response actions relating to BatLoader and recommendations/best practices for defending against this threat.

August 2023 TRU Intelligence Briefing

In this month’s TRU Intelligence Briefing, the Threat Response Unit reviewed:
- Nitrogen Campaign: Details on a recent campaign discovered by eSentire 
- Overview of Pyramid, including associated TRU detections and recommendations
- Updates on GootLoader, Sorrillus RAT, and Rusty Stealer
- Notable vulnerabilities impacting MOVEit Transfer, Fortinet, and Microsoft
- A brief update on cyberattacks related to ongoing geo-political tensions.

July 2023 TRU Intelligence Briefing

Security leaders are feeling the heat and prioritizing security spending with demonstrable cyber resilience as a key indicator of success.  

However, a lack of outcome-focused, centralized metrics and KPIs makes it difficult to prove the value security creates. Therefore, they must establish security outcome-oriented metrics that tie directly to overall organizational success. 

In this webinar, Tia Hopkins, our Chief Cyber Resilience Officer & Field CTO, speaks to Greg Crowley, our CISO, and Jeff Pollard, VP, Principal Analyst at Forrester, to provide actionable insights to help security leaders build a future-ready cybersecurity program. Topics covered include: 

- How economic instability heightens urgency around prioritizing cybersecurity investments and initiatives 
- The top priorities for security leaders today, including security tool consolidation, cloud-native capabilities, data-informed decision-making, and improved operationalization of threat intelligence  
- How future-ready solutions such as MDR, XDR, and security operations center as a service (SOCaaS) can help security leaders demonstrate cyber resilience to key stakeholders  
- Why security outcome-oriented metrics and KPIs must tie directly to overall organizational success and be understandable to non-security stakeholders

Navigate Economic Uncertainty: Strategies for Future-Ready Cybersecurity

In this month’s TRU Intelligence Briefing, the Threat Response Unit reviewed:
- The Hunt for VENOM SPIDER Part 2: Joe Stewart, Principal Security Researcher, will discuss his research behind the new report and the real mastermind behind the Golden Chickens Malware-as-a-Service operation.
- Tactical Threat Response (TTR) – VENOM SPIDER: Associated TRU detections and recommendations for defending against VENOM SPIDER
- Updates on GuLoader, AsyncRAT, and BatLoader
- Notable vulnerabilities impacting Barracuda, GitLab, and MOVEit Transfer
- A brief update on cyberattacks related to ongoing geo-political tensions.

June 2023 TRU Intelligence Briefing

The mean downtime cost for organizations experiencing a cyber incident can be $225K/day – in addition to costs incurred from fines and legal fees, loss of customer loyalty and reputational damage, higher incident resolution costs, and more. 

As cybercriminals continue to evolve their tactics, techniques, and procedures (TTPs) to deploy ransomware and conduct data breaches, it’s critical for security leaders to ensure they are prepared for any potential cyberattack to reduce downtime and prevent business disruption. 

That’s why the least desirable time to meet your incident response (IR) provider for the first time is when you’re responding to an incident. 

In this session, Larry Gagnon, Senior Vice President Security Services & Incident Response at eSentire, discusses why traditional pre-breach preparation strategies may not be enough to ensure optimal response. Larry also shares his tactical recommendations for: 

- High value, inexpensive breach preparation strategies that work 

- Incident Response readiness that maximizes cyber resilience and reduces operational downtime 

- Quantifying savings and time-to-value for incident response

Incident Response E-Summit: Build Resilience, Starting with Readiness

Join this webinar with James Hastings, Sr. Cloud Product Manager, eSentire and Tim Chase, Global Field CISO, Lacework and learn more about: 
- The top security challenges security leaders face when it comes to cloud platforms, workloads and staffing 
- Best practices and recommendations on how Cloud Security Posture Management (CSPM) + Workload and Application Protection (CWPP/CNAPP) with 24/7 Response can solve these challenges  
- Cloud security use cases we are seeing across our global customer base of 2000 organizations, and what you can learn from them 
- What to consider when thinking about 24/7 threat detection and response beyond the cloud

The Security Leader's Guide to Detecting and Responding to Threats in the Cloud

In this month’s TRU Intelligence Briefing, the Threat Response Unit reviewed: 
- Gootloader Unloaded: How eSentire researchers disrupted a malware operator's SEO poisoning attack chain using the operator’s own anti-research tactics against them
- Tactical Threat Response (TTR) – Gootloader: Overview of the Gootloader infection chain and associated TRU detections
- Updates on Qakbot, Raspberry Robin, and NetSupport Manager RAT
- Notable vulnerabilities impacting PaperCut, Google, and Microsoft
- A brief update on threat actors and cyberattacks related to ongoing geo-political tensions

May 2023 TRU Intelligence Briefing

Given the rising complexity of cyber threats, security leaders need to ensure their teams have the 24/7 threat detection, investigation, and response capabilities they need to build cyber resilience, reduce operational downtime, and prevent revenue disruption for their organization. However, a constrained budget and lack of skilled cybersecurity staff has made it difficult to undertake these capabilities in-house. 

Although you can look to outsourcing these capabilities to an external MDR provider, investing in MDR is a business decision that needs alignment with your CEO or CFO, but that conversation can be challenging to have during a recession when most departments are facing budget cuts. 

So how can you build alignment with your business leaders to effectively demonstrate the value of MDR? 

Tune into our fireside chat with Tia Hopkins, Chief Cyber Resilience Officer & Field CTO, and Greg Crowley, CISO at eSentire, to learn about: 

- How to present cyber risks as business risks 

- How MDR helps build cyber resilience and delivers ROI that traditional MSSPs can’t match 

- How to make the case for MDR that aligns with metrics that finance leaders report on

Fireside Chat: Security Leaders’ Guide to Demonstrating the Value of MDR

Join this webinar with Ryan Westman, Sr. Manager, Threat Intelligence at eSentire and learn more about: 
- The key drivers of state-sponsored cyberattacks and notable trends in ransomware
- How geopolitical tensions are increasing the weaponization of zero-day vulnerabilities, wiper malware, and more
- Recommendations and questions to consider to protect your organization against state-sponsored cyberattacks and remain vigilant about the evolving threat landscape

How Geopolitical Tensions Shape the Threat Landscape and Impact Cybercrime

In this month’s TRU Intelligence Briefing, the Threat Response Unit reviewed:
 - NTLM Relay Zero-Day Vulnerability (CVE-2023-23397): Background on the vulnerability, and details on real-world exploitation
 - Tactical Threat Response (TTR) – CVE-2023-23397: Detection and recommendations
 - Updates on Emotet, GuLoader, and PlugX 
 - Notable vulnerabilities impacting Microsoft, Fortinet, and GoAnywhere
 - A brief update on cyber activity attributed to North Korean actors, including the recent 3CX supply chain compromise

April 2023 TRU Intelligence Briefing

During the October Threat Intelligence Briefing, TRU discussed: 
- Lockbit Ransomware Attacks: Overview of recent attacks, based on eSentire observations and Dark Web Monitoring, including the threat actor’sir use of Remote Monitoring and Management (RMM) tools, and the Valid Credentials initial access vector
- Observations of Lockbit’s use of RMM tools, and recommendations/best practices for defending against this threat
- Updates on Solarmarker, PlugX, and Socgholish malware
- Notable vulnerabilities impacting Libwebp, curl & libcurl, and WS_FTP Server
- A brief overview on cyberattacks related to ongoing geo-political tensions

October 2023 TRU Intelligence Briefing

Threat Intelligence

Threat Analysis

Threat Hunting

Threat Landscape

Malware

Vulnerabilities

Cyber Attacks

Cyber Security

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Get powerful emerging technology insights from influential experts. Connect with thought leaders and colleagues to get the most up-to-date knowledge on technologies like 3D printing, pervasive robotics, natural interfaces, connected everything and cognitive systems.

Emerging Technologies

The research and development community on BrightTALK brings together leading professionals in healthcare, technology and manufacturing to present on current topics in their fields. From big data in healthcare to online forensics training and medical research practices, the community is an exceptional resource for those looking to expand their knowledge. Be part of the conversation by joining the community and participating in interactive live webinars.

October 2023 TRU Intelligence Briefing

Presented by

About this talk

More from this channel