Free webinar highlights strategies to stop them before they damage your network, steal sensitive data
After attackers hit the Democratic National Committee this summer, several information security teams concluded they used a variety of persistent methods and several PowerShell exploits to pull off the attack and steal documents.
PowerShell is part of the Windows operating system. Exploits allow attackers to execute commands on remote computers. The malware is often disseminated through click bait or spam emails, and most endpoint security programs don’t detect PowerShell malicious intrusions.
“Today’s attackers use advanced techniques and tools to compromise systems and hide among normal activity,” Dave Low, director of Technology Solutions for GuidePoint Security, said. “PowerShell-based attacks are very difficult to detect using a logs-only approach. This can lead to theft of sensitive information, disruption of business operations, or destruction of assets and damage to your business’ reputation.”
Learn more about the PowerShell exploit and other ways attackers try to compromise your systems during a free webinar 1:30 p.m. Eastern Wednesday, Dec. 14.
While most computer users today know it’s risky to click on links and download files from unknown sources, malicious links and downloads continue to be a challenge for information security teams, analysts, and incident responders, Low said.
The challenges are often exacerbated by security teams’ limited time and resources, and further complicated by a growing number of devices connected to the internet.
Unsecured Internet of Things (IoT) devices are increasingly used for malicious purposes, like the October Distributed Denial of Service (DDoS) attack against domain registration company Dyn. That attack enlisted up to 100,000 malicious endpoints to slow down connections to popular websites like Amazon, Twitter, Spotify, and more.
Attackers used Mirai-based botnets on IoT devices for the large-scale Dyn network disruptions. Recently, a new Mirai worm knocked nearly a million German Deutsche Telekom customers offline, and affected customers for Post Office broadband and TalkTalk in the United Kingdom.
Powershell exploits, phishing, ransomware, and the Mirai worm are just a few of the many ways attackers try to gain access into your environment. At 1:30 p.m. Eastern Wednesday, Dec. 14, Low and Michael Godin, senior systems engineer for RSA, will talk about these tactics during a free interactive webinar, “Threat Hunting Lessons: Adversary Tools, Tactics, and Procedures.”
They’ll share real-world examples of attackers’ tactics, and will highlight tools and strategies analysts and incident responders can use to hunt for attacks before they cause damage. Register here now.
They’ll also explain how a Security Operations Center (SOC) can protect your organization by increasing your security team’s efficiency and encouraging active hunting. Low and Godin will explain how an effective information security plan and the right technology can help your team stop, think, and respond to threats quickly and calmly.
For more information, check out the webinar details here. Can’t make it? No worries. Go ahead and register and you’ll receive a recording after the webinar.
About GuidePoint Security
Headquartered in Herndon, Virginia, GuidePoint provides innovative and valuable cybersecurity solutions and expertise that enable organizations to successfully achieve their missions. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification is with the System for Award Management (SAM). Learn more at: http://www.guidepointsecurity.com.