Beyond Aurora s Veil: A Vulnerable Tale
|
|
- June Sutton
- 8 years ago
- Views:
Transcription
1 Beyond Aurora s Veil: A Vulnerable Tale Derek Manky Cyber Security & Threat Research FortiGuard Labs October 26th, 2010: SecTor 2010 Toronto, CA
2 Conficker: April Doomsday.. Meanwhile JBIG2 Zero Day PDF/SWF January 2009: Malicious PDF Samples In the Wild Drop Gh0st RAT Trojan, Exploits CVE No Click Variant through Windows Shell Extensions February 02, 2009: Adobe Acknowledges via APSA09 01 March 10, 2009: Adobe Patches via APSB Attacks Occurred Roughly 63 Days Before Patch
3 ... A Vulnerable Tale Gh0st RAT Advertisement Photo 3
4 Bredolab & Gumblar Meanwhile Gumblar & Bredolab Botnets Sync Through PDF Exploits 4 March 18, 2009 Adobe Issues Patch APSB09 04 Includes CVE , PDF Exploit March 23, 2009: Gumblar attack surfaces Compromised websites with exploits Freshly exploiting CVE Drops Bredolab Botnet (First appearance) Downloads FTP Stealing Module for Gumblar Downloads FakeAV for Profit Aggressively Attacked 5 Days After POC Released
5 Bredolab & Gumblar 5
6 Bredolab & Gumblar Then and Now Gumblar & Bredolab Botnets Sync Through PDF Exploits Bredolab Oct 2009: New Protocol (v2), Custom Encrypted HTTP Jan 2010: Uses Pushdo Botnet New Webmailing Engine Distributed (Webwail)[1] Cracks CAPTCHAs in < 30 seconds Feb 2010: Downloads Ransomware Force Kills Applications, Demands > $50 USD Oct 2010: Distributes Grum/Tedroo Botnet Source Code Available Bredolab now used for various operators & attacks since original incarnation [1] FortiGuard Labs Discovers Webwail in December
7 Bredolab & Gumblar Then and Now Gumblar & Bredolab Botnets Sync Through PDF Exploits Gumblar Today[1] 9,350 infected links 951 links hosting exploits 165 malware variants served Popular exploited vulns: CVE CVE CVE CVE [1] FortiGuard Web Scanning Systems, Oct 19 th
8 ... A Vulnerable Tale In The Threat Spotlight Internet Explorer HTML Memory Corruption ( Aurora ) 8 September 30, 2009: Microsoft Receives Vulnerability Report (Later CVE ) December 15, 2009: Google Later Acknowledges Attack Discovery January 04, 2010: C&C Servers Taken Down January 12, 2010: Attacks Publicly Acknowledged Dropped Custom Trojan January 14, 2010: Public POC Exploit Code Available January 21, 2010: Microsoft Patches via MS Zero Day 113 Days Before Patch, 7 Days From Public POC
9 ... A Vulnerable Tale Meanwhile Internet Explorer Use After Free 9 March 09, 2010: Microsoft Acknowledges via Advisory / CVE Web Drive By Attacks Already In the Wild Drop Gh0st RAT Trojan, Similar to Aurora March 30, 2010: Microsoft Patches via MS Attacks Occurred Roughly 21 Days Before Patch FortiGuard Detects Highest Exploit Rate Before Patch (Zero Day)
10 Internet Explorer Use-After-Free
11 Exploit Demonstration Fortinet Confidential 11
12 The Next Chapter What can we learn?!!! Headlines are not everything!!! Reactive defense against high profiles attack == inefficient Threats often share similar attack techniques Browsers, Document Formats, System Services Conficker Neeris (RPC DCOM), Murofet (DGA) Gh0st RAT (PDF JBIG2) Gumblar (PDF geticon) Aurora Google/etc & Gh0st RAT: IE Use After Free 12
13 The Next Chapter What can we learn? 13 Zero day attacks happen more often than you may think Attacks can continue for months undetected Can be 1 3 week response time for patches Once detected / reported.. Otherwise 6 12 months Patched vulnerabilities are attacked quickly, and frequently Conficker: 30 Days Gumblar: 5 Days Patch management! Quick patching is essential Does not work on zero day attacks
14 The Next Chapter The new decade of threats Attacks can survive for years Attacks change extremely frequently Server side polymorphism Repack hosted malware Repack hosted scripts [Gumblar] Crimeware and source code Copy & paste bots New versions Endless domains Creates tremendous volume 14
15 FortiGuard Labs Security Research 87 Zero-Days Discovered Since 2008, Mostly Critical Oct 2010: 30+ Outstanding in Zero-Day State 15
16 Fighting Back Strategic Defense Standard security rules apply; often ignored Layered security vs. Growing attack surface Applicable to Infection & Post Infection Education and Training (RSS) Think before you link Use of JS, Flash (Noscript, PDF Reader) Trust management (PGP, SSL) Alternative software considerations OS, Browsers, Doc Readers, Sandboxes Access level lock down (Admin privileges) 16
17 Fighting Back Layered Security vs. Growing Attack Surface Intrusion Prevention: Botnet C&C, Zero Days & Exploits Application Control: Malicious services Compromised Facebook Applications Webfiltering: Botnet C&C, Fast Flux / MalHosting, SEO Antispam: Spambots & Incoming Campaigns Antivirus: Trojans, bots, ransomware, etc Vulnerability Review Software used vs. alternatives 17
18 18
Anti-exploit tools: The next wave of enterprise security
Anti-exploit tools: The next wave of enterprise security Intro From malware and ransomware to increasingly common state-sponsored attacks, organizations across industries are struggling to stay ahead of
More informationIndian Computer Emergency Response Team (CERT-In) Annual Report (2010)
Indian Computer Emergency Response Team (CERT-In) Annual Report (2010) Indian Computer Emergency Response Team (CERT-In) Department of Information Technology Ministry of Communications & Information Technology
More informationCloud Services Prevent Zero-day and Targeted Attacks Tom De Belie Security Engineer. [Restricted] ONLY for designated groups and individuals
Cloud Services Prevent Zero-day and Targeted Attacks Tom De Belie Security Engineer Facts 2 3 WOULD YOU OPEN THIS ATTACHMENT? 4 TARGETED ATTACKS BEGIN WITH ZERO-DAY EXPLOITS 5 Check Point Multi-Layered
More informationCloud Services Prevent Zero-day and Targeted Attacks
Cloud Services Prevent Zero-day and Targeted Attacks WOULD YOU OPEN THIS ATTACHMENT? 2 TARGETED ATTACKS BEGIN WITH ZERO-DAY EXPLOITS Duqu Worm Causing Collateral Damage in a Silent Cyber-War Worm exploiting
More informationProč a jak splnit literu kybernetického zákona
Proč a jak splnit literu kybernetického zákona Ondrej Stahlavsky Regional Director, CEE 1 PROBLEM: GROWING ATTACK SURFACE 2 PROBLEM: GROWING ATTACK VECTORS An Extensive, Poisoned, Dark, Deep Web 3 PROBLEM:
More informationData Center security trends
Data Center security trends Tomislav Tucibat Major accounts Manager, Adriatic Copyright Fortinet Inc. All rights reserved. IT Security evolution How did threat market change over the recent years? Problem:
More informationOne Minute in Cyber Security
Next Presentation begins at 15:30 One Minute in Cyber Security Simon Bryden Overview Overview of threat landscape Current trends Challenges facing security vendors Focus on malware analysis The year? The
More informationDesktop Security. Overview and Technology Guidance. Michael Ramsey Network Specialist, NC DPI
Desktop Security Overview and Technology Guidance Michael Ramsey Network Specialist, NC DPI Desktop Security Best practices for both the technical type and the typical user Defensive Layering Top Vulnerabilities
More informationMalware B-Z: Inside the Threat From Blackhole to ZeroAccess
Malware B-Z: Inside the Threat From Blackhole to ZeroAccess By Richard Wang, Manager, SophosLabs U.S. Over the last few years the volume of malware has grown dramatically, thanks mostly to automation and
More informationBe Prepared for Java Zero-day Attacks
Threat Report Be Prepared for Java Zero-day Attacks Malware Analysis: Malicious Codes spread via cloud-based data storage services December 19, 2013 Content Overview... 3 Distributing Malicious E-mails
More informationCan Consumer AV Products Protect Against Critical Microsoft Vulnerabilities?
ANALYST BRIEF Can Consumer AV Products Protect Against Critical Microsoft Vulnerabilities? Author Randy Abrams Tested Products Avast Internet Security 7 AVG Internet Security 2012 Avira Internet Security
More informationNext-Generation Penetration Testing. Benjamin Mossé, MD, Mossé Security
Next-Generation Penetration Testing Benjamin Mossé, MD, Mossé Security About Me Managing Director of Mossé Security Creator of an Mossé Cyber Security Institute - in Melbourne +30,000 machines compromised
More informationModern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth
Modern Cyber Threats how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure Axel Wirth Healthcare Solutions Architect Distinguished Systems Engineer AAMI 2013 Conference
More informationTrend Micro Cloud App Security for Office 365. October 27, 2015 Trevor Richmond
Trend Micro Cloud App Security for Office 365 October 27, 2015 Trevor Richmond Too many malware incidents >90% Targeted Attacks Start with Email Attackers: Target specific companies or individuals Research
More informationTHREAT VISIBILITY & VULNERABILITY ASSESSMENT
THREAT VISIBILITY & VULNERABILITY ASSESSMENT Date: April 15, 2015 IKANOW Analysts: Casey Pence IKANOW Platform Build: 1.34 11921 Freedom Drive, Reston, VA 20190 IKANOW.com TABLE OF CONTENTS 1 Key Findings
More informationⅠ. Security Trends - June 2010
Ⅰ. Security Trends - June 2010 1. Malicious Code Trend Malicious Code Statistics The table below shows the percentage breakdown of the top 20 malicious code variants reported this month. The table below
More informationProtect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities Protecting a business s IT infrastructure is complex. Take, for example, a retailer operating a standard multi-tier infrastructure
More informationFighting Advanced Threats
Fighting Advanced Threats With FortiOS 5 Introduction In recent years, cybercriminals have repeatedly demonstrated the ability to circumvent network security and cause significant damages to enterprises.
More informationAdvanced Persistent Threats
Advanced Persistent Threats George R Magee~ FCNSA, FCNSP, Fortinet Larry Cushing~ CEO, Unified Technologies Visit us at Booth #11 1 May 27, 2014 2 Threat landscape An Internet Minute 7 7 Fortinet Confidential
More informationBeyond the Hype: Advanced Persistent Threats
Advanced Persistent Threats and Real-Time Threat Management The Essentials Series Beyond the Hype: Advanced Persistent Threats sponsored by Dan Sullivan Introduction to Realtime Publishers by Don Jones,
More informationCyber Security Presentation Cyber Security Month Curtis McNay, Director of IT Security
Cyber Security Presentation Cyber Security Month Curtis McNay, Director of IT Security The IT Security Office (ITSO) What We Do? Risk Assessment Network and System Security Monitoring Vulnerability Scanning
More informationUNCLASSIFIED. Briefing to Critical Infrastructure Sector Organizations on the Canadian Cyber Incident Response Centre (CCIRC)
Briefing to Critical Infrastructure Sector Organizations on the Canadian Cyber Incident Response Centre (CCIRC) Cyber in the News 1 Tactics, Techniques and Procedures These observed tactics, techniques
More informationAdvanced Persistent Threats
White Paper INTRODUCTION Although most business leaders and IT managers believe their security technologies adequately defend against low-level threats, instances of (APTs) have increased. APTs, which
More informationWhite Paper - Crypto Virus. A guide to protecting your IT
White Paper - Crypto Virus A guide to protecting your IT Contents What is Crypto Virus?... 3 How to protect yourself from Crypto Virus?... 3 Antivirus or Managed Agents... 3 Enhanced Email Services & Extra
More informationDETECTING THE ENEMY INSIDE THE NETWORK. How Tough Is It to Deal with APTs?
A Special Primer on APTs DETECTING THE ENEMY INSIDE THE NETWORK How Tough Is It to Deal with APTs? What are APTs or targeted attacks? Human weaknesses include the susceptibility of employees to social
More informationWhat Do You Mean My Cloud Data Isn t Secure?
Kaseya White Paper What Do You Mean My Cloud Data Isn t Secure? Understanding Your Level of Data Protection www.kaseya.com As today s businesses transition more critical applications to the cloud, there
More informationCybercrime myths, challenges and how to protect our business. Vladimir Kantchev Managing Partner Service Centrix
Cybercrime myths, challenges and how to protect our business Vladimir Kantchev Managing Partner Service Centrix Agenda Cybercrime today Sources and destinations of the attacks Breach techniques How to
More informationThreat Intelligence. How to Implement Software-Defined Protection. Nir Naaman, CISSP Senior Security Architect
How to Implement Software-Defined Protection Nir Naaman, CISSP Senior Security Architect Threat Intelligence 1 The Spanish flu, 1918 killing at least 50-100 million people worldwide. 2 The H1N1 Pandemic,
More informationMALWARE THREATS AND TRENDS. Chris Blow, Director Dustin Hutchison, Director
MALWARE THREATS AND TRENDS Chris Blow, Director Dustin Hutchison, Director WHAT IS MALWARE? Malicious Software Viruses Worms Trojans Rootkits Spyware Ransomware 2 MALWARE ORIGINS Users bring it from home
More informationToday s Web: Business Value Of Web 2.0
Klaus-Peter Kaul PLE Content Security Business Unit CE The Changing Landscape Web 2004/5 2010 Read only Corporate brochures Rich, two-way interaction Web applications Mail Applications Hacker Motivation
More informationASEC REPORT VOL.29 2012.06. AhnLab Monthly Security Report. Malicious Code Trend Security Trend Web Security Trend
ASEC REPORT VOL.29 2012.06 AhnLab Monthly Security Report Disclosure to or reproduction for others without the specific written authorization of AhnLab is prohibited. Copyright (c) AhnLab, Inc. All rights
More informationINCREASINGLY, ORGANIZATIONS ARE ASKING WHAT CAN T GO TO THE CLOUD, RATHER THAN WHAT CAN. Albin Penič Technical Team Leader Eastern Europe
INCREASINGLY, ORGANIZATIONS ARE ASKING WHAT CAN T GO TO THE CLOUD, RATHER THAN WHAT CAN Albin Penič Technical Team Leader Eastern Europe Trend Micro 27 years focused on security software Headquartered
More informationModular Network Security. Tyler Carter, McAfee Network Security
Modular Network Security Tyler Carter, McAfee Network Security Surviving Today s IT Challenges DDos BOTS PCI SOX / J-SOX Data Exfiltration Shady RAT Malware Microsoft Patches Web Attacks No Single Solution
More informationSpyware. Michael Glenn Technology Management Michael.Glenn@Qwest.com. 2004 Qwest Communications International Inc.
Spyware Michael Glenn Technology Management Michael.Glenn@Qwest.com Agenda Security Fundamentals Current Issues Spyware Definitions Overlaps of Threats Best Practices What Service Providers are Doing References
More informationOverview. Introduction. Conclusions WINE TRIAGE. Zero day analysis. Symantec Research Labs (SRL)
1 Overview Introduction WINE TRIAGE Zero day analysis Conclusions 2 5 locations: USA: Mountain View (CA), Culver City (CA), Herndon (VA) Europe: Dublin (IE), Sophia Antipolis(FR).. 4 thematic domains:
More informationCyber Security in Taiwan's Government Institutions: From APT To. Investigation Policies
Cyber Security in Taiwan's Government Institutions: From APT To Investigation Policies Ching-Yu, Hung Investigation Bureau, Ministry of Justice, Taiwan, R.O.C. Abstract In this article, we introduce some
More informationBotnets: The Advanced Malware Threat in Kenya's Cyberspace
Botnets: The Advanced Malware Threat in Kenya's Cyberspace AfricaHackon 28 th February 2014 Who we Are! Paula Musuva-Kigen Research Associate Director, Centre for Informatics Research and Innovation (CIRI)
More informationSecurity A to Z the most important terms
Security A to Z the most important terms Part 1: A to D UNDERSTAND THE OFFICIAL TERMINOLOGY. This is F-Secure Labs. Learn more about the most important security terms with our official explanations from
More informationComprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)
Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus February 3, 2015 (Revision 4) Table of Contents Overview... 3 Malware, Botnet Detection, and Anti-Virus Auditing... 3 Malware
More informationMicrosoft Security Intelligence Report Volume 13
Microsoft Security Intelligence Report Volume 13 Tim Rains Director, Trustworthy Computing, Microsoft Jeff Jones Director, Trustworthy Computing, Microsoft Session ID: DSP-R33 Session Classification: Intermediate
More informationSecure Your Mobile Workplace
Secure Your Mobile Workplace Sunny Leung Senior System Engineer Symantec 3th Dec, 2013 1 Agenda 1. The Threats 2. The Protection 3. Q&A 2 The Mobile Workplaces The Threats 4 Targeted Attacks up 42% in
More informationFighting Advanced Persistent Threats (APT) with Open Source Tools
Fighting Advanced Persistent Threats (APT) with Open Source Tools What is APT? The US Air Force invented the term in 2006 APT refers to advanced techniques used to gain access to an intelligence objective
More informationCisco & Big Data Security
Cisco & Big Data Security 巨 量 資 料 的 傳 輸 保 護 Joey Kuo Borderless Networks Manager hskuo@cisco.com The any-to-any world and the Internet of Everything is an evolution in connectivity and collaboration that
More information場 次 :C-3 公 司 名 稱 :RSA, The Security Division of EMC 主 題 : 如 何 應 用 網 路 封 包 分 析 對 付 資 安 威 脅 主 講 人 :Jerry.Huang@rsa.com Sr. Technology Consultant GCR
場 次 :C-3 公 司 名 稱 :RSA, The Security Division of EMC 主 題 : 如 何 應 用 網 路 封 包 分 析 對 付 資 安 威 脅 主 講 人 :Jerry.Huang@rsa.com Sr. Technology Consultant GCR Minimum Requirements of Security Management and Compliance
More informationWHITE PAPER. Understanding How File Size Affects Malware Detection
WHITE PAPER Understanding How File Size Affects Malware Detection FORTINET Understanding How File Size Affects Malware Detection PAGE 2 Summary Malware normally propagates to users and computers through
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationDeep Security Vulnerability Protection Summary
Deep Security Vulnerability Protection Summary Trend Micro, Incorporated This documents outlines the process behind rules creation and answers common questions about vulnerability coverage for Deep Security
More informationCyber Attack Trend and Botnet
Cyber Attack Trend and Botnet S.C. Leung CISSP CISA CBCP Agenda Botnet and Cyber Attack Trends Botnet Attack Trends Commercialization of Cyber Crime Professionalization of Cyber Crimeware Social Engineering
More informationSurviving and operating services despite highly skilled and well-funded organised crime groups. Romain Wartel, CERN CHEP 2015, Okinawa
Surviving and operating services despite highly skilled and well-funded organised crime groups Romain Wartel, CERN CHEP 2015, Okinawa 1 Operation Windigo (2011 - now) 30,000+ unique servers compromised
More informationITSC Training Courses Student IT Competence Programme SIIS1 Information Security
ITSC Training Courses Student IT Competence Programme SI1 2012 2013 Prof. Chan Yuen Yan, Rosanna Department of Engineering The Chinese University of Hong Kong SI1-1 Course Outline What you should know
More informationPerspectives on Cybersecurity in Healthcare June 2015
SPONSORED BY Perspectives on Cybersecurity in Healthcare June 2015 Workgroup for Electronic Data Interchange 1984 Isaac Newton Square, Suite 304, Reston, VA. 20190 T: 202-618-8792/F: 202-684-7794 Copyright
More informationDefending Against Cyber Attacks with SessionLevel Network Security
Defending Against Cyber Attacks with SessionLevel Network Security May 2010 PAGE 1 PAGE 1 Executive Summary Threat actors are determinedly focused on the theft / exfiltration of protected or sensitive
More informationProtecting Your Organisation from Targeted Cyber Intrusion
Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology
More informationRSA Security Anatomy of an Attack Lessons learned
RSA Security Anatomy of an Attack Lessons learned Malcolm Dundas Account Executive John Hurley Senior Technology Consultant 1 Agenda Advanced Enterprise/ Threats The RSA Breach A chronology of the attack
More informationTrend Micro Incorporated Research Paper 2012. Adding Android and Mac OS X Malware to the APT Toolbox
Trend Micro Incorporated Research Paper 2012 Adding Android and Mac OS X Malware to the APT Toolbox Contents Abstract... 1 Introduction... 1 Technical Analysis... 2 Remote Access Trojan Functionality...
More informationNetworking for Caribbean Development
Networking for Caribbean Development BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n o g. o r g N E T W O R K I N G F O R C A R I B B E A N D E V E L O P M E N T BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n
More informationThe Dark Side of Trusting Web Searches From Blackhat SEO to System Infection
The Dark Side of Trusting Web Searches From Blackhat SEO to System Infection Trend Micro, Incorporated Marco Dela Vega and Norman Ingal Threat Response Engineers A Trend Micro Research Paper I November
More informationIntegrated Approach to Network Security. Lee Klarich Senior Vice President, Product Management March 2013
Integrated Approach to Network Security Lee Klarich Senior Vice President, Product Management March 2013 Real data from actual networks 2 2012, Palo Alto Networks. Confidential and Proprietary. 2008: HTTP,
More informationMalicious Network Traffic Analysis
Malicious Network Traffic Analysis Uncover system intrusions by identifying malicious network activity. There are a tremendous amount of network based attacks to be aware of on the internet today and the
More informationCloud Security Primer MALICIOUS NETWORK COMMUNICATIONS: WHAT ARE YOU OVERLOOKING?
A Cloud Security Primer : WHAT ARE YOU OVERLOOKING? LEGAL DISCLAIMER The information provided herein is for general information and educational purposes only. It is not intended and should not be construed
More information============================================================= =============================================================
Stephan Lantos Subject: FW: @RISK: The Consensus Security Vulnerability Alert: Vol. 13, Num. 23 In partnership with SANS and Sourcefire, Qualys is pleased to provide you with the @RISK Newsletter. This
More informationwhite paper Malware Security and the Bottom Line
Malware Security Report: Protecting Your BusineSS, Customers, and the Bottom Line Contents 1 Malware is crawling onto web sites everywhere 1 What is Malware? 2 The anatomy of Malware attacks 3 The Malware
More informationPriority One: Client-side software that remains unpatched. Priority Two: Internet-facing web sites that are vulnerable.
SANS: - http://www.sans.org/top-cyber-security-risks/summary.php 2 of 3 5/6/2553 12:20 Priority One: Client-side software that remains unpatched. Waves of targeted email attacks, often called spear phishing,
More informationStudent Tech Security Training. ITS Security Office
Student Tech Security Training ITS Security Office ITS Security Office Total Security is an illusion security will always be slightly broken. Find strategies for living with it. Monitor our Network with
More informationUsing big data analytics to identify malicious content: a case study on spam emails
Using big data analytics to identify malicious content: a case study on spam emails Mamoun Alazab & Roderic Broadhurst Mamoun.alazab@anu.edu.au http://cybercrime.anu.edu.au 2 Outline Background Cybercrime
More informationTechnical Note. CounterACT: Powerful, Automated Network Protection Inside and Out
CounterACT: Powerful, Contents Introduction...3 Automated Threat Protection against Conficker... 3 How the Conficker Worm Works.... 3 How to Use CounterACT to Protect vs. the Conficker Worm...4 1. Use
More informationDefending Against. Phishing Attacks
Defending Against Today s Targeted Phishing Attacks DeFending Against today s targeted phishing attacks 2 Introduction Is this email a phish or is it legitimate? That s the question that employees and
More informationTop 10 Data Security Threats Plaguing Credit Unions
Top 10 Data Security Threats Plaguing Credit Unions (2H 2013 Threat Report) Andrew Jaquith CTO & SVP, Cloud Strategy Grace Zeng, SilverSky Labs February 20, 2014 Housekeeping rules Everyone s phone is
More informationCyber Security, Fraud and Corporate Account Takeovers LBA Bank Counsel Conference December 2014
Cyber Security, Fraud and Corporate Account Takeovers LBA Bank Counsel Conference December 2014 Lisa D. Traina, CPA, CITP, CGMA Lisa Traina utilizes her 30+ years of experience as a CPA, CITP and CGMA
More informationAdvanced Threat Protection Framework: What it is, why it s important and what to do with it
Advanced Threat Protection Framework: What it is, why it s important and what to do with it Doug Manger, Senior Security Engineer dmanger@fortinet.com 1 Copyright 2013 Fortinet Inc. All rights reserved.
More informationInternet threats: steps to security for your small business
Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential
More informationAgenda. 3 2012, Palo Alto Networks. Confidential and Proprietary.
Agenda Evolution of the cyber threat How the cyber threat develops Why traditional systems are failing Need move to application controls Need for automation 3 2012, Palo Alto Networks. Confidential and
More informationDescription: Course Details:
Course: Malicious Network Traffic Analysis Duration: 5 Day Hands-On Lab & Lecture Course Price: $ 3,495.00 Description: There are a tremendous amount of network based attacks to be aware of on the internet
More informationAgenda. Taxonomy of Botnet Threats. Background. Summary. Background. Taxonomy. Trend Micro Inc. Presented by Tushar Ranka
Taxonomy of Botnet Threats Trend Micro Inc. Presented by Tushar Ranka Agenda Summary Background Taxonomy Attacking Behavior Command & Control Rallying Mechanisms Communication Protocols Evasion Techniques
More informationIntegrated Protection for Systems. João Batista Joao_batista@mcafee.com Territory Manager
Integrated Protection for Systems João Batista Joao_batista@mcafee.com Territory Manager 2 McAfee Overview Proven Expertise And what it means to you Proof of Expertise Impact of Expertise 1 17 100 300
More informationAttacks 2011: How Complexity Evaded Defenses and Strategies for Prevention TOMER TELLER CHECK POINT SOFTWARE TECHNOLOGIES. Session Classification:
Attacks 2011: How Complexity Evaded Defenses and Strategies for Prevention TOMER TELLER CHECK POINT SOFTWARE TECHNOLOGIES Session ID: SPO1-303 Session Classification: General Interest Welcome to RSA 2013.
More informationN J C C I C NJ CYBERSECURITY AND COMMUNICATIONS INTEGRATION CELL
4 N J C C I C NJ CYBERSECURITY AND COMMUNICATIONS INTEGRATION CELL Exploit Kits: A Prevailing Vector for Malware Distribution August 5, 2015 Since first appearing around 2006, exploit kits (EK) have evolved
More informationFighting Advanced Persistent Threats (APT) with Open Source Tools
Fighting Advanced Persistent Threats (APT) with Open Source Tools What is APT? The US Air Force invented the term in 2006 APT refers to advanced techniques used to gain access to an intelligence objective
More informationCurrent counter-measures and responses by CERTs
Current counter-measures and responses by CERTs Jeong, Hyun Cheol hcjung@kisa.or.kr April. 2007 Contents I. Malware Trends in Korea II. Malware from compromised Web sites III. Case Study : Malware countermeasure
More informationGlobalSign Malware Monitoring
GLOBALSIGN WHITE PAPER GlobalSign Malware Monitoring Protecting your website from distributing hidden malware GLOBALSIGN WHITE PAPER www.globalsign.com CONTENTS Introduction... 2 Malware Monitoring...
More informationComputer Security DD2395
Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/dd2395/dasakh11/ Fall 2011 Sonja Buchegger buc@kth.se Lecture 7 Malicious Software DD2395 Sonja Buchegger 1 Course Admin Lab 2: - prepare
More informationSecurity Trends X-Force
Security Trends X-Force IBM Internet Security Systems (ISS) The IBM ISS X-Force research and development team drives IBM Security Innovation Research Technology Solutions Original Vulnerability Research
More informationSecurity Awareness For Website Administrators. State of Illinois Central Management Services Security and Compliance Solutions
Security Awareness For Website Administrators State of Illinois Central Management Services Security and Compliance Solutions Common Myths Myths I m a small target My data is not important enough We ve
More information24/7 Visibility into Advanced Malware on Networks and Endpoints
WHITEPAPER DATA SHEET 24/7 Visibility into Advanced Malware on Networks and Endpoints Leveraging threat intelligence to detect malware and exploitable vulnerabilities Oct. 24, 2014 Table of Contents Introduction
More informationTrends in Targeted Attacks By Nart Villeneuve
Securing Your Journey to the Cloud Trends in Targeted Attacks By Nart Villeneuve A Trend Micro White Paper I October 2011 Table of CONTENTs I. Abstract. 3 II. Introduction 3 Targeted attacks. 6 III. Trends
More informationQUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY
QUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY EXPLOIT KITS UP 75 PERCENT The Infoblox DNS Threat Index, powered by IID, stood at 122 in the third quarter of 2015, with exploit kits up 75 percent
More informationTrust the Innovator to Simplify Cloud Security
Trust the Innovator to Simplify Cloud Security Contents MailGuard Pty Ltd Page 1 of 7 2 Let s get real for a moment. Your antivirus software isn t stopping fastbreak phishing and other spam attacks like
More informationEffective Defense in Depth Strategies
Honeywell.com 2014 Honeywell Users Group Asia Pacific Effective Defense in Depth Strategies for Industrial Systems 1 Document control number Honeywell Proprietary Honeywell.com Chee Ban, Ngai About the
More informationHow to Make Browsers Safer Using Virtualization
How to Make Browsers Safer Using Virtualization Seth Misenar September 2009 GIAC GSEC, GCIA, GCIH, GCWN, GCFA, GPEN, GWAPT SANS Technology Institute - Candidate for Master of Science Degree 1 1 Objective
More informationThe Top Cyber Security Risks Two risks dwarf all others, but organizations fail to mitigate them
The Top Cyber Security Risks Two risks dwarf all others, but organizations fail to mitigate them Featuring attack data from TippingPoint intrusion prevention systems protecting 6,000 organizations, vulnerability
More informationWHITE PAPER: Cyber Crime and the Critical Need for Endpoint Security
WHITE PAPER: Cyber Crime and the Critical Need for Endpoint Security A World of Constant Threat We live in a world on constant threat. Every hour of every day in every country around the globe hackers
More informationSecurity Threat Kill Chain What log data would you need to identify an APT and perform forensic analysis?
Security Threat Kill Chain What log data would you need to identify an APT and perform forensic analysis? This paper presents a scenario in which an attacker attempts to hack into the internal network
More informationMalware Trend Report, Q2 2014 April May June
Malware Trend Report, Q2 2014 April May June 5 August 2014 Copyright RedSocks B.V. 2014. All Rights Reserved. Table of Contents 1. Introduction... 3 2. Overview... 4 2.1. Collecting Malware... 5 2.2. Processing...
More information76% Secunia Vulnerability Review. Key figures and facts from a global IT-Security perspective. Published February 26, 2014. secunia.
Secunia Vulnerability Review 2014 Key figures and facts from a global IT-Security perspective Published February 26, 2014 76% Browser Vulnerabilities 7540 893 7540 731 7540 727 7540 441 7540 208 7540 207
More informationData Centers Protection from DoS attacks. Trends and solutions. Michael Soukonnik, Radware Ltd michaels@radware.com Riga. Baltic IT&T. 21.04.
Data Centers Protection from DoS attacks. Trends and solutions Michael Soukonnik, Radware Ltd michaels@radware.com Riga. Baltic IT&T. 21.04.2010 Cybercrime Trends Page 2 Types of DoS attacks and classical
More informationWeb 2.0 and Data Protection. Paul Tsang Security Consultant McAfee
Web 2.0 and Data Protection Paul Tsang Security Consultant McAfee Criminal Motivators For Profit Targeted Attacks Cyber Warfare (Credit Cards, PII, Criminal Infrastructure) (Nation-State Secrets, Trade
More informationCommon Cyber Threats. Common cyber threats include:
Common Cyber Threats: and Common Cyber Threats... 2 Phishing and Spear Phishing... 3... 3... 4 Malicious Code... 5... 5... 5 Weak and Default Passwords... 6... 6... 6 Unpatched or Outdated Software Vulnerabilities...
More informationEndpoint & Server Protection. Brent Biernat First Vice President Network Services May 13, 2014
Endpoint & Server Protection Brent Biernat First Vice President Network Services May 13, 2014 The Evolution of Cyber Crime 1878 Bell Telephone Teenage Switchboard Operator Disconnected calls, eavesdropped,
More informationNetDefend Firewall UTM Services
Product Highlights Intrusion Prevention System Dectects and prevents known and unknown attacks/ exploits/vulnerabilities, preventing outbreaks and keeping your network safe. Gateway Anti Virus Protection
More information