Welcome & Introduction
Jake Williams, SANS Certified Instructor
Racing Against Ransomware: A Proactive Approach to Blocking Sophisticated, Evolving Attacks
Each day, ransomware attacks grow more sophisticated, more evasive, and much more difficult to predict. What’s the key to blocking these threats? Getting proactive. Join Cisco’s Chantel Strickland, Technical Solutions Architect, as she shares the forward-thinking techniques and tools to fortify your network against these ever-changing attacks. From digging into the anatomy of modern ransomware attacks to exploring the deep forensic analysis needed to protect data and network from cyber criminals, Racing Against Ransomware delivers a technical, carefully assembled toolkit for fending off these dangerous, malware-inspired threats.
Chantel Strickland, Technical Solutions Architect, Cisco Umbrella
You CAN Stop What You Can’t See: Preventing Unknown & Evasive Malware
Why is email phishing still the #1 most successful malware delivery
channel? The answer: human error, combined with security defenses that
are unable to detect and prevent unknown threats. For just $3, threat
actors can easily purchase pre-made weaponized documents with a
money-back guarantee that the zero-days inside will successfully
execute. Call it an invoice and send it to finance—cha-ching!
This combination of tech, WFH distractions, sophisticated phishing techniques, and the desire by employees to do their jobs well increases risk. Join ex-IDF security researcher and past pentester Aviv Grafi to deep-dive into stealthy ways that ransomware and other malware enter networks via weaponized files and links and evade both employees and detection solutions like email gateways, AV, and sandboxing. Along with TTPs and real, recent examples of evasion techniques from the billions of malicious files that Votiro processes each year, Aviv will dissect a malicious file, showing how hackers hide malware inside common and business-important elements like macros.
Aviv Grafi, CEO, Votiro
A Defenders Guide to Ransomware Families
Ransomware dominates the news cycle, but with an ever-growing number of
variants and the botnets behind them it’s easy for defenders to lose
track of their relationships.
Join DomainTools Senior Security Researcher Chad Anderson as he walks through an investigation of samples of the more prolific ransomware families in IRIS. Through his investigation he will provide a lay of the land, as it stands today, and which infections lead to what outcomes, properties of those infections, and how to spot them.
Chad Anderson, Senior Security Researcher, DomainTools
Sophos State of Ransomware 2021
Join us for an insightful deep dive into the state of ransomware in 2021. Based on an independent survey of 5,400 IT managers in mid-sized organizations around the globe, the webinar will explore:
Plus, you’ll discover the strategies that enable some IT managers to feel confident they won’t fall victim to ransomware in the future.
Senior Solutions Engineer, Sophos
Ransomware Operational Risk and You
As the threat landscape continues to grow Ransomware has evolved to become a formidable weapon. Despite its evolution Ransomware attack methods remain largely unchanged. Today we'll look at how ransomware has grown in recent history and discuss a few ways to help you mitigate risk.
Rich Bakos, Director of Engineering, LogRhythm
Advances in Ransomware and how to defend against it
Ransomware has increased in velocity and sophistication, with $20B in reported damages in 2020. Attackers are evading defenses using encryption and trusted third-party applications, and they’re leveraging double-extortion and DDoS tactics. Zscalers ThreatLabZ monitors millions of attacks each year and, in this session, Director of threat intelligence, Brett Stone-Gross and research Senior Manager, Nirmal Singh will share the latest trends, vulnerabilities, attack sequences, and prevention strategies.
Investigate Malware & Ransomware With Speed and Efficiency
It’s not a question of if a data breach will happen, but when.
Investigation of these breaches and obtaining Indicators of Compromise
quickly is paramount to prevent further infections throughout a network.
This presentation will focus on connecting the dots in examining the
malware and its related components, looking for sideloaded dll’s and
identifying outbound communications. We will also look at the use of
timeline to assist in identifying the compromise.
Steve Gemperle, Forensic Consultant, Magnet Forensics
The True Cost of Ransomware Attacks
A recent global research report conducted by Cybereason, titled
Ransomware: The True Cost to Business, revealed that the vast majority
of organizations that have suffered a ransomware attack have experienced
significant impact to the business, including loss of revenue, damage
to the organization’s brand, unplanned workforce reductions, and little
in the way of relief from cyber insurance policies.
Join us to examine the research findings and discuss how organizations can better prepare to defend against and respond to a ransomware attack, with topics for the session to include:
Lodrina Cherne, Principal Security Advocate, Cybereason
Key Considerations When Building a Formal Incident Response Plan
Find out how to stop cyber criminals in their tracks. These days, having an incident and response plan is no longer a "nice to have." It has become crucial to create clear steps for stakeholders, external resources and more ahead of time so that all the prep work is in place for when an incident occurs. Oftentimes, agencies are challenged with knowing where to begin, let alone best practices for what to include in the game plan.
In this session, our guest speaker Sam Rubin, vice president for Unit 42, will present the key components and provide takeaways for when you’re building out your IR Plan. If you already have one in place, these will help with maintaining it.
Clay Brothers, Unit 42 Principal Consultant, Palo Alto Networks
Jake Williams, SANS Certified Instructor