Malware Trend Report, Q April May June

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Malware Trend Report, Q2 2014 April May June"

Transcription

1 Malware Trend Report, Q April May June 5 August 2014 Copyright RedSocks B.V All Rights Reserved.

2 Table of Contents 1. Introduction Overview Collecting Malware Processing Identifying Malware Detecting Malware Classifying Malware Trends Adware Backdoors and Botnets Exploits Rootkits Trojans Worms Others Geolocation Final Word Appendix A: Detecting Malware Appendix B: Classifying Malware Page 1 of 26

3 Table of Figures Figure 1: Unique New Malicious Files... 5 Figure 2: Space Needed in GBs p/m for Storing New Files... 5 Figure 3: New Malicious Files in April... 7 Figure 4: New Malicious Files in May... 7 Figure 5: New Malicious Files in June... 8 Figure 6: Detected vs. Not Detected (April)... 8 Figure 7: Detected vs. Not Detected (May)... 8 Figure 8: Detected vs. Not Detected (June)... 8 Figure 9: Malware Classifications... 9 Figure 10: Amount of Identified Adware (Q2 2014) Figure 11: Amount of Identified Backdoors and Botnets (Q2 2014) Figure 12: Amount of Identified Exploits (Q2 2014) Figure 13: Amount of Identified Rootkits (Q2 2014) Figure 14: Amount of Identified Trojans (Q2 2014) Figure 15: Amount of Identified Worms (Q2 2014) Figure 16: Amount of Identified Other Malware (Q2 2014) Figure 17: Amount of Identified 64-bit Malware Figure 18: 64-bit Malware Q Figure 19: DexterPOS C&C (Map) Figure 20: JackPOS C&C (Map) Figure 21: AlinaPOS C&C (Map) Page 2 of 26

4 1. Introduction This is the second quarterly trend report for 2014 from the RedSocks Malware Research Lab. RedSocks is a Dutch company specialising in Malware detection. Our solution, RedSocks Malware Threat Defender, is a network appliance that analyses digital traffic flows in real-time, based on algorithms and lists of malicious indicators. This critical information is compiled by the RedSocks Malware Intelligence Team. The team consists of specialists whose job it is to identify new threats on the Internet and to translate them into state-of-the-art malware detection capabilities. With this report, we hope to provide the reader with a deeper insight into the trends we see in the Malware we process. In this report we will look at data collected during the second quarter of RedSocks analyses large numbers of malicious files on a daily basis, therefore we can cover only a few topics briefly in this trend report. Protecting your data from Internet-based threats is not an easy task and relying on protection from Anti-Virus companies, no matter how established their brand, is not enough. Comprehensive protection requires an entirely new approach. Page 3 of 26

5 2. Overview The total number of new and unique malicious files processed per month went from 7.1 million in April to 6.8 million in May, and up to 7.2 million in June. The overall detection by Anti-Virus software this quarter remains roughly the same compared to the last quarter. The detection rate for April was percent. For May, it is percent and in June, the average detection was percent. Which might not sound too bad, but it means that around 24 percent, 25 percent and 20 percent was not detected. There is a slight improvement compared with the first quarter. Please note that identification rates can change based on samples chosen and time scanned. During the second quarter, the number of identified Adware dropped from 1.2 million in April, to 1 million in May, to 0.9 million in June. In April, the number of identified Backdoors and Botnets was 243,000. In May this number dropped to 92,000; in June, the numbers dropped further to 68,000 new Backdoors and Botnets. Only 0.04 percent of the files were detected as Exploit and 0.25 percent as Rootkit in April by Anti-virus software. In May, 0.03 percent were detected as Rootkits and 0.05 percent as Exploits. For June it is 0.02 percent Exploits and 0.05 percent for the Rootkits. Like the first quarter of this year, Trojans are by far the most popular type of Malware. In April and May, they made up for 2.9 million. In June, 3.4 million unique files were identified as Trojans. The second most popular Malware was Worms. In April, 554,000 Worm files were identified. In May, the number dropped to 444,000 and kept dropping. In June, only 394,000 thousand worms were added to our databases. Grouped together, all other malicious files such as Flooders, HackTools, Spoofers, Spyware, Viruses, etc., make up for 31, 35, and 34 percent of the total for April, May, and June, respectively. As in the first quarter, most Command & Control (C&C) servers were hosted in the United States, followed by the Russian Federation. During the second quarter, Germany occupied the third place. The Netherlands was the biggest riser in countries hosting C&C servers going from 8 th place in March and April, to 6 th place in May, and finishing on 5 th place in June. Page 4 of 26

6 2.1. Collecting Malware At the RedSocks Malware Research Labs, we track large numbers of Malware from our global-distributed honeypots, honeyclients, spamnets, and through various botnet monitoring sensors. Due to the distribution of our Honeypots, we are able to automatically collect and process new malicious samples from across the globe. We also exchange large quantities of malicious files with the Anti-Virus industry. Figure 1: Unique New Malicious Files 2.2. Processing Working with Malware is what we love to do. More than 200,000 new malicious files arrive every day at our automated Malware collecting machines. All samples were renamed to their hash calculation. We check to see if that particular piece of Malware has already been processed. The picture on the right shows the total amount of disk space needed to store all the new malicious files. While the Figure 2: Space Needed in GBs p/m for Storing New Files numbers of new malicious files stayed more or less the same, the average file size decreased a little bit. During the second quarter, we saw that malicious files, on average, shrunk percent. New file metrics by month April May June Average number of new files per day 236, , ,528 Average file size in bytes 471, , ,308 Average Anti-Virus Detection 75.52% 74.61% 79.76% Page 5 of 26

7 2.3. Identifying Malware Although we collect all types and categories of Malware for all operating systems at RedSocks, we do have a special interest in certain types and categories of Malware. A simple means of identifying malware is by file type. RSMIT uses various analysis tools to determine the statistically most likely file type for each malware sample we analyse. The majority of malware samples target Windows users this causes Windows executable files to be very common while executables for other operating systems are far less common. The top 10 file types are listed in the tables below. April May June Extension Amount Extension Amount Extension Amount EXE 5,549,734 EXE 5,497,557 EXE 6,601,953 DLL 720,121 DLL 553,190 DLL 1,959,634 OCX 109,226 OCX 96,741 SCR 224,864 SCR 54,003 AX 69,730 OCX 201,857 AX 36,644 PDF 3,753 AX 144,237 XLS 5,661 XLS 3,218 DOC 57,450 DOC 4,287 DOC 2,310 PDF 2,378 PDF 4,073 CPL 1,517 XLS 1,681 CAB 1,280 CAB 1,247 CPL 1,598 CPL 1,433 DSK 483 CAB 996 In the second quarter of this year, we saw a total of 43, 41 and 47 different extensions being used by Malware, respectively. Like in the previous quarter,.exe files are by far the most popular way to distribute Malware. 81 percent of all malicious files in the second quarter were.exe files Detecting Malware Within the RedSocks Malware Labs, we use an in-house built classification system for grouping Malware. We have classified over 300 types for which we have created detailed statistics. Once multiple anti-virus scanners (in paranoid mode) have performed their on-demand scan, we know which Malware was detected and, perhaps more importantly, which was not. In the graph below, the blue section shows all the new and unique malicious files per day, the green section shows the sum of all files identified by Anti-Virus software and, in red, the number of files not detected. Page 6 of 26

8 Figure 3: New Malicious Files in April Figure 4: New Malicious Files in May Page 7 of 26

9 Figure 5: New Malicious Files in June Of all the malicious files we processed in April, on average 24 percent of them were not detected by any of the Anti-Virus products we currently use. In May, 25 percent of the samples on average remained undetected. In June, the Anti-Virus detection improved but still missed 20 percent of all malicious samples we processed. Figure 6: Detected vs. Not Detected (April) Figure 7: Detected vs. Not Detected (May) Figure 8: Detected vs. Not Detected (June) Page 8 of 26

10 2.5. Classifying Malware We categorise Malware according to its primary feature. In the second quarter, Malware was grouped as follows: The 'Other' category in 'All Malware' consists of malicious samples that do not fit in the six categories, such as 64-bit Malware, malicious Macros, Packed Malware, Riskware, Spamming Tools, Spoofers, Spyware, All kinds of (Hacking) Tools and the classic Viruses. See Appendix B for the numbers per day, per category and per month. Figure 9: Malware Classifications Page 9 of 26

11 3. Trends Discovering Malware propagation trends starts with an analysis of the raw data behind the collection and processing of Malware. From April to June, RedSocks Malware Research Labs identified the following trends by Malware category. New in this trend report is the Adware category Adware During the second quarter, we identified around three million files as Adware. This makes up for about 15 percent of the total. The overall popularity of Adware seems to have decreased somewhat. During the first quarter, we saw the opposite. Figure 10: Amount of Identified Adware (Q2 2014) Page 10 of 26

12 3.2. Backdoors and Botnets In the first two weeks of April, there was a huge distribution of variants from the Backdoor.Bot family. From the 4 th untill the 13 th of April we identified a little over 48,000 new members. Figure 11: Amount of Identified Backdoors and Botnets (Q2 2014) In the first week of May, we saw two backdoor families being widely distributed. The Backdoor.Nateyes.A, with almost 9,000 new members, and the Backdoor.Wabot.A, with a little over 14,000 new members. The last spike, on the 9 th of June, was mainly caused by almost 9,000 minor variants of the Backdoor:W32/Udr.gen! malware family. During the first quarter of 2014, the popularity of Backdoors-and-Botnets increased. The second quarter shows a decreasing trend in the use of Backdoors-and-Botnets. Page 11 of 26

13 3.3. Exploits An exploit is an attack on a computer system, especially one that takes advantage of a particular vulnerability. Looking at malicious files that were identified with exploits, we see several spikes above 250. Figure 12: Amount of Identified Exploits (Q2 2014) The first spike was mainly caused by variations of the Exploit.PDF-JS.Gen (175). Members of the Exploit.PDF-TTF.Gen family caused the second and third spike on the 3 rd and 6 th of May (67 and 71). Then, on the 13 th of May, we see 54 new variations of the Exploit:W32/Kakara.A. The last spike we want to mention here are 125 variations on the Exploit:W32/CVE B seen on the 29 th of May. A dozen exploits were seen for the Apple Macintosh OSX. All of them are slight modifications of the Exploit:OSX/MS09027.A (used to avoid Anti-Virus detection). During the first quarter of this year, the usage of exploits stayed more or less the same. In the second quarter, we saw a slight decrease in the overall usage of exploits. Page 12 of 26

14 3.4 Rootkits A rootkit is a type of software designed to hide the fact that an operating system has been compromised. This can be done in various ways; for example, by replacing vital executables or by introducing a new kernel module. Rootkits allow Malware to hide in plain sight. Rootkits themselves are not harmful; they are simply used to hide Malware, bots and worms. To install a rootkit, an attacker must first gain sufficient access to the target operating system. This could be accomplished by using an exploit, by obtaining valid account credentials or through social engineering. Because rootkits are activated before your operating system boots up, they are very difficult to detect, and therefore provide a powerful way for attackers to access and use the targeted computer without the owner being aware of it. Due to the way rootkits are used and installed, they are notoriously difficult to remove. Rootkits today are usually not used to gain elevated access, but are instead used to mask Malware payloads more effectively. Figure 13: Amount of Identified Rootkits (Q2 2014) There was only one rootkit worth mentioning during the second quarter, the Rootkit Distribution started on the 11 th and was last seen on the 16 th of April. A total of 7,321 new members were identified. In the first quarter, we saw a slight drop in rootkits. This drop continued in the second quarter. Page 13 of 26

15 3.5. Trojans Trojans are by far the biggest category of Malware. With more than 9.1 million new unique samples in the second quarter of this year, they amounted to 43 percent of the total. Figure 14: Amount of Identified Trojans (Q2 2014) Of all the Trojan families, we will only discuss the top three. At third place, we find Trojan.Inject.ARJ, with 155,000 different samples distributed over 14 days its best day was on the 11 th of June with almost 36,000. Second place is Trojan.Generic with 349,000 files spread over 71 days its best day was on the 12 th of May. Without doubt, the most distributed Trojan family is Trojan.Agent.BDMJ : in 16 days we counted nearly a half million new samples. AV-Identifier Total Amount First Seen Last Seen Best Day Amount Best Day Trojan.Agent.BDMJ 469, , Trojan.Generic , , Trojan.Inject.ARJ 155, , Days Seen The slight increase in Trojan use in the first quarter continued during the second quarter. Page 14 of 26

16 3.6. Worms In roughly 1.4 million new files, we identified worm traces and functionalities. The first spike above 60,000 is primarily caused by 44,000 samples of Win32.Worm.P2p.Picsys.C. On the 27 th of April Worm.Generic , Win32.Worm.P2p.Picsys.C and Win32.Worm.P2p.Picsys.B accounted for 51,000 samples. The last spike, on the last day of May, was again caused by Win32.Worm.P2p.Picsys.C this day we saw 84,000 files. Figure 15: Amount of Identified Worms (Q2 2014) AV-Identifier Total Amount First Seen Last Seen Best Day Amount Best Day Worm.Generic , ,615 1 Worm.Generic , ,477 1 Win32.Worm.P2p.Picsys.C 414, , Days Seen During the first quarter, the tendency of the worms decreased. In the second quarter, it stabilised again. Page 15 of 26

17 3.7. Others After grouping the adware, backdoors/botnets, exploits, rootkits and worms, we are still left with 3.4 million identified malicious files. This is 33 percent of the total detected by the Anti-Virus programs. Figure 16: Amount of Identified Other Malware (Q2 2014) We could fill many pages with graphs conveying the large number of malicious files detected. We would, however, like to share two graphs concerning 64-bit Malware. Figure 17: Amount of Identified 64-bit Malware Page 16 of 26

18 A closer look at the 35,000 identified 64-bit Malware reveals that, besides a handful samples of Backdoor.Win64.Winnti.B and Win64.Abul.A, we only saw members of the Win64.Expiro family. Figure 18: 64-bit Malware Q Recently, anti-virus laboratory discovered an interesting new modification of a file virus known as Expiro which targets 64-bit files for infection. However, the body of this versatile new modification is surprising because it is fully cross-platform, able to infect 32-bit and 64-bit files (also, 64-bit files can be infected by an infected 32-bit file). The virus aims to maximise profit and infects executable files on local, removable and network drives. As for the payload, this Malware installs extensions for the Google Chrome and Mozilla Firefox browsers. The Malware also steals stored certificates and passwords from Internet Explorer, Microsoft Outlook and from the FTP client FileZilla. Browser extensions are used to redirect the user to a malicious URL, as well as to hijack confidential information, such as account credentials or online banking information. The virus disables some services on the compromised computer including Windows Defender and Windows Security Center and can also terminate processes. Page 17 of 26

19 4. Geolocation We can see where the hotspots are located by plotting the Command & Control (C&C) servers with the most traffic and connections on a map. Over the past few months, a number of Malware families targeting Point of Sale (POS) systems got some media attention. First there was DexterPOS (first image below), then there was its sister, AlinaPOS (second image below) and more recently there was JackPOS (third image below). One of the most interesting threads of commonality between these samples is the command and control (C&C) structure used between them. Using a C&C communication channel for data exfiltration, while previously rare, has become more and more common in POS Malware. Figure 19: DexterPOS C&C (Map) Page 18 of 26

20 Figure 21: AlinaPOS C&C (Map) Figure 20: JackPOS C&C (Map) Page 19 of 26

21 During the first quarter of 2014, there were only minor changes at the top of the C&C landscape. Below, the top 10 countries from the first quarter of Top 10 Countries Hosting C&C January February March United States 1129 United States 1196 United States 1596 Russian Federation 472 Russian Federation 473 Russian Federation 424 Germany 282 United Kingdom 262 United Kingdom 261 United Kingdom 234 Germany 256 China 249 China 224 China 247 Germany 240 Turkey 196 Ukraine 201 Iran 179 Iran 191 Iran 170 Turkey 179 Ukraine 160 Turkey 150 Netherlands 147 Korea 134 Korea 129 Ukraine 132 Netherlands 125 Netherlands 116 Korea 128 In the second quarter, the United States still led followed by the Russian Federation. Germany dropped during the first quarter, but held third place during the second quarter. Top 10 Countries Hosting C&C April May June United States 1274 United States 1203 United States 1128 Russian Federation 453 Russian Federation 474 Russian Federation 490 Germany 289 Germany 236 Germany 257 China 226 United Kingdom 206 United Kingdom 200 United Kingdom 213 China 172 The Netherlands 184 Iran 185 The Netherlands 166 China 182 Turkey 142 Turkey 138 Turkey 133 The Netherlands 137 Korea 123 Korea 126 Korea 130 Ukraine 110 Iran 118 Ukraine 118 France and Sweden 107 Ukraine 113 Page 20 of 26

22 5. Final Word In the second quarter of 2014, the total number of new malicious files processed per month changed from 7.1 million in April, to 6.8 million in May, and up to 7.2 million in June. The average sample size in May was 3 percent smaller than in April. Moreover, in June, the average sample was even 9 percent smaller than in May. The overall detection by Anti-Virus software is comparable with the first quarter. In April, 24 percent of threats were not detected, in May 25 percent and in June 20 percent. Altogether, around 8.6 million malicious files were not detected during the second quarter. By grouping and classifying the identified Malware, we detected a decrease of popularity in 5 of the 7 main Malware categories during the second quarter. These five categories are Adware, Backdoors/Botnets, Exploits, Rootkits and Worms. The remaining two categories, Trojans and Others, increased. The most distributed Malware families per main category per month are: Category Family Total number Q2 Adware DomaIQ 655,690 Backdoors/Botnets Bot ,932 Exploit PDF-JS.Gen 1,248 Rootkits Rootkit ,321 Trojans Agent.BDMJ 469,414 Worms Picsys.C 414,002 Others Generic.Malware.FP!dldPk!.A3F6BED5 169,884 Within the top 10 of countries hosting C&C servers, the United States led the second quarter of 2014, followed by the Russian Federation and Germany. In March and April, China held the fourth place. In May and June, Chine dropped two places. While in March, the United Kingdom could be found at the third place in April it dropped to fifth place. Nevertheless, in May, the United Kingdom climbed up to fourth place and stayed there. The Netherlands is found at 8 th place at the end of quarter one. In May, it climbed to 6 th place and ended at 5 th place in June. Page 21 of 26

23 We hope you that you enjoyed our second Malware Trend Report of this year and that it may provide you with insight into the trends we have seen during the second quarter of We continue to innovate so please check back with us for our next trend report for the 3 rd quarter of Questions, comments and requests can be directed towards the RedSocks Malware Research Labs. G.J.Vroon Anti-Malware Behavioural Researcher RedSocks B.V. W: T: +31 (0) E: Page 22 of 26

24 Appendix A: Detecting Malware April May June Day Files/day Detected Undetected Files/day Detected Undetected Files/day Detected Undetected 1 303, ,528 60, , ,424 60, , ,277 19, , ,474 73, , ,716 40, , ,795 79, , ,013 63, , ,390 36, , ,614 28, , ,181 46, , ,352 42, , ,512 38, , ,265 55, , ,392 56, , ,915 39, , ,935 63, , ,072 39, , ,851 30, , ,531 45, , ,430 46, , ,423 26, , ,300 53, , ,670 54, , ,761 54, , ,836 64, , ,697 53, , ,247 53, , ,691 46, , ,087 91, , ,629 44, , ,332 60, , ,625 87, , ,618 43, , ,098 58, , ,357 50, , ,506 55, , ,882 77, , , , , ,697 51, , ,051 42, ,203 96,594 42, , ,106 66, ,168 65,819 22, , ,625 86, , ,424 42, , ,240 51, , ,992 50, , ,047 71, , ,737 46, , ,615 68, , ,160 84, , ,172 45, , ,739 58, , ,094 66, , ,877 62, , ,076 59, , ,919 55, , ,589 88, ,511 82,669 43, , , , , ,447 44,064 94,432 73,421 21, , ,225 24, , ,055 68, ,639 90,488 33, , ,224 90, , ,411 63, , ,808 28, , ,215 45, , ,434 58, , ,524 68, , ,512 52, , ,751 76, , ,568 46, , ,441 45, , ,209 47, ,790 99,017 60, , ,835 22, , ,716 42, , ,021 56, , ,947 30, , ,664 59, , ,654 44, , ,855 33, , ,000 46, , ,135 31, , ,107 35, , ,596 43, , ,199 66, , ,605 42, , ,965 29,929 7,101,558 5,421,834 1,679,724 6,766,688 5,058,110 1,708,578 7,185,850 5,707,969 1,477,881 Page 23 of 26

25 Appendix B: Classifying Malware April Day Adware Backdoors Exploits Rootkits Trojans Worms Other 1 62,898 6, ,182 8, , ,748 1, ,411 7,206 34, ,841 2, ,173 4,671 35, ,215 1, ,703 2,712 35, ,000 5, ,271 10,736 52, ,740 15, ,062 10,291 50, ,303 19, ,171 13,430 38, ,136 11, ,949 28,201 67, ,097 32, ,936 5,298 59, ,987 27, ,206 5,811 58, ,677 11, ,877 9,652 53, ,251 11, , ,630 12,787 72, ,573 11, ,776 88,821 17,364 70, ,252 6, ,893 7,853 68, ,566 1, ,382 4,562 24, ,201 3, ,002 9,323 53, ,739 3, ,061 11,676 64, ,084 2, ,156 64,733 40, ,165 7, ,034 18,735 94, ,075 9, ,938 15, , ,440 3, ,032 8, , ,876 12, ,816 20, , ,172 2, ,973 7,153 71, ,982 4, ,249 7,277 63, ,273 7, ,702 21,924 91, ,630 3, ,276 34,258 76, ,698 2, ,286 37,070 53, ,974 8, ,900 99, , ,330 3, ,163 38, , ,835 4, ,383 10,637 94,287 Totals 1,215, ,084 3,158 17,678 2,878, ,058 2,189,188 Page 24 of 26

26 May Day Adware Backdoors Exploits Rootkits Trojans Worms Other 1 50,326 6, ,940 17,141 70, ,599 6, ,340 19,682 81, ,486 6, ,537 18, , ,936 8, ,239 18,160 83, ,631 11, ,610 21, , ,362 5, ,340 22,017 96, ,558 3, ,361 12,858 98, ,133 2, ,409 10,826 61, ,601 1, ,941 22,071 72, ,602 2, ,408 7,750 63, ,337 1, ,597 2,502 57, ,064 1, ,737 6,666 80, ,546 3, ,537 12, , ,974 1, ,585 2,984 42, ,874 1, ,432 6,220 69, ,872 1, ,252 5,160 79, ,675 2, ,846 6, , ,434 1, ,854 5,276 98, ,924 1, ,612 7,035 75, , ,542 2,691 59, , ,233 2,235 32, , ,644 7,371 46, ,611 1, ,756 7,965 59, ,672 1, ,254 13,688 96, ,172 2, ,006 6, , ,864 1, ,723 2,232 53, ,303 2, ,005 5,887 66, , ,249 11,676 67, ,026 1, ,881 13,793 74, ,290 4, ,455 41,582 80, , , ,167 30,294 Totals 966,216 92,205 3,423 2,332 2,908, ,803 2,349,961 Page 25 of 26

27 June Day Adware Backdoors Exploits Rootkits Trojans Worms Other 1 16,098 1, ,859 6,800 61, ,298 2, ,226 8,993 59, ,457 2, ,118 12,797 59, ,896 3, ,230 17,294 75, ,946 2, ,630 16,052 68, ,879 1, ,959 7,560 57, ,315 1, ,729 3,751 58, ,960 2, ,610 17,164 72, ,293 12, ,227 17,850 90, ,724 1, ,444 10,272 78, , ,284 6,011 47, ,722 4, ,676 10,740 78, ,768 2, ,974 7,819 79, ,395 4, ,731 15, , ,126 3, ,168 14,146 97, ,545 2, ,746 26,181 91, ,460 2, ,195 20,698 85, , ,087 11,200 52, ,121 1, ,852 18, , ,902 1, ,429 32, , ,054 1, ,306 13,374 39, ,757 1, ,612 15,737 96, , ,984 8,455 63, ,242 1, ,798 11,339 99, ,983 1, ,963 12,381 62, , ,080 7,004 54, ,340 1, ,227 7,261 44, ,358 1, ,548 6,820 63, , ,243 13, , ,743 1, ,117 16, ,097 Totals 907,020 68,226 1,540 3,545 3,362, ,797 2,476,483 Page 26 of 26

28 REDSOCKS RedSocks is a Dutch company specialised in malware detection. RedSocks supplies RedSocks malware threat defender as a network appliance. This innovative appliance analyses digital traffic flows in real time based on the algorithms and lists of malicious indicators compiled by the RedSocks Malware Intelligence Team. This team consists of specialists in identifying new threats on the internet and translating them into state-of-the-art malware detection. Boogschutterstraat 9C, 7324 AE Apeldoorn, The Netherlands Tel +31 (0) Website

This page is left blank on purpose.

This page is left blank on purpose. This page is left blank on purpose. page 1 of 30 Table of Contents 1. Introduction... 5 2. Summary... 6 2.1. Collecting Malware... 7 2.2. Processing Malware... 7 2.3. Identifying Malware... 8 2.4. Detecting

More information

Malware Trend Report, Q4 2014 October November December

Malware Trend Report, Q4 2014 October November December Malware Trend Report, Q4 2014 October November December January 2015 Copyright RedSocks B.V. 2014-2015. All Rights Reserved. This page is left blank on purpose. Page 1 of 28 Table of Contents 1. Introduction...

More information

Windows Malware Annual Report 2014 And prognosis 2015

Windows Malware Annual Report 2014 And prognosis 2015 Windows Malware Annual Report 2014 And prognosis 2015 February 2015 Copyright RedSocks B.V. 2014-2015. All Rights Reserved. This page is left blank on purpose. Page 1 Table of Contents 1. Introduction...

More information

Malware Trend Report, Q1 2015 January February March

Malware Trend Report, Q1 2015 January February March Malware Trend Report, Q1 215 January February March April 215 Copyright RedSocks B.V. 214-215. All Rights Reserved. This page is left blank on purpose. Page 1 Table of Contents 1. Introduction... 4 2.

More information

Computer Security DD2395

Computer Security DD2395 Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/dd2395/dasakh11/ Fall 2011 Sonja Buchegger buc@kth.se Lecture 7 Malicious Software DD2395 Sonja Buchegger 1 Course Admin Lab 2: - prepare

More information

Protection for Mac and Linux computers: genuine need or nice to have?

Protection for Mac and Linux computers: genuine need or nice to have? Protection for Mac and Linux computers: genuine need or nice to have? The current risk to computers running non-windows platforms is small but growing. As Mac and Linux computers become more prevalent

More information

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details: Malicious software About ENISA The European Network and Information Security Agency (ENISA) is an EU agency created to advance the functioning of the internal market. ENISA is a centre of excellence for

More information

Email David-Kovarik@northwestern.edu Phone 847-467-5930 Fax 847-467-6000

Email David-Kovarik@northwestern.edu Phone 847-467-5930 Fax 847-467-6000 Information Technology Information and Systems Security/Compliance Northwestern University 1800 Sherman Av Suite 209 Evanston, IL 60201 Email David-Kovarik@northwestern.edu Phone 847-467-5930 Fax 847-467-6000

More information

WHITE PAPER. Understanding How File Size Affects Malware Detection

WHITE PAPER. Understanding How File Size Affects Malware Detection WHITE PAPER Understanding How File Size Affects Malware Detection FORTINET Understanding How File Size Affects Malware Detection PAGE 2 Summary Malware normally propagates to users and computers through

More information

Internet Security Threat Report Volume XII. B-Security(1)

Internet Security Threat Report Volume XII. B-Security(1) Internet Security Threat Report Volume XII B-Security(1) Internet Security Threat Report XII Important Facts Data Sources Symantec Global Intelligence Network 40,000 registered sensors in 180 countries.

More information

Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)

Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4) Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus February 3, 2015 (Revision 4) Table of Contents Overview... 3 Malware, Botnet Detection, and Anti-Virus Auditing... 3 Malware

More information

How to easily clean an infected computer (Malware Removal Guide)

How to easily clean an infected computer (Malware Removal Guide) How to easily clean an infected computer (Malware Removal Guide) Malware, short for malicious (or malevolent) software, is software used or programmed by attackers to disrupt computer operation, gather

More information

Keeping you and your computer safe in the digital world.

Keeping you and your computer safe in the digital world. Keeping you and your computer safe in the digital world. After completing this class, you should be able to: Explain the terms security and privacy as applied to the digital world Identify digital threats

More information

thriller INTERNET SECURITY

thriller INTERNET SECURITY + thriller INTERNET SECURITY Saturday, October 31, 2009 1:30 PM 3:00 PM Matthew 28:18-20 Website Ministry + Agenda 2 Scripture (Col 3:12-15) Prayer Internet Security Security Threats Security Protection

More information

ES ET DE LA VIE PRIVÉE E 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS

ES ET DE LA VIE PRIVÉE E 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS ES ET DE LA VIE PRIVÉE E 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISS The Internet Threat Landscape Symantec TM Dean Turner Director Global Intelligence Network Symantec Security

More information

MOBILE MALWARE REPORT

MOBILE MALWARE REPORT TRUST IN MOBILE MALWARE REPORT THREAT REPORT: H2/2014 CONTENTS At a Glance 03-03 Forecasts and trends 04-04 Current situation: 4.500 new Android malware instances every day 05-05 Third-party App-Stores

More information

Automating Linux Malware Analysis Using Limon Sandbox Monnappa K A monnappa22@gmail.com

Automating Linux Malware Analysis Using Limon Sandbox Monnappa K A monnappa22@gmail.com Automating Linux Malware Analysis Using Limon Sandbox Monnappa K A monnappa22@gmail.com A number of devices are running Linux due to its flexibility and open source nature. This has made Linux platform

More information

Unknown threats in Sweden. Study publication August 27, 2014

Unknown threats in Sweden. Study publication August 27, 2014 Unknown threats in Sweden Study publication August 27, 2014 Executive summary To many international organisations today, cyber attacks are no longer a matter of if but when. Recent cyber breaches at large

More information

QUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY

QUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY QUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY EXPLOIT KITS UP 75 PERCENT The Infoblox DNS Threat Index, powered by IID, stood at 122 in the third quarter of 2015, with exploit kits up 75 percent

More information

Microsoft Security Intelligence Report volume 7 (January through June 2009)

Microsoft Security Intelligence Report volume 7 (January through June 2009) Microsoft Security Intelligence Report volume 7 (January through June 2009) Key Findings Summary Volume 7 of the Microsoft Security Intelligence Report provides an in-depth perspective on malicious and

More information

Botnet Analysis Leveraging Domain Ratio Analysis Uncovering malicious activity through statistical analysis of web log traffic

Botnet Analysis Leveraging Domain Ratio Analysis Uncovering malicious activity through statistical analysis of web log traffic The Leader in Cloud Security RESEARCH REPORT Botnet Analysis Leveraging Domain Ratio Analysis Uncovering malicious activity through statistical analysis of web log traffic ABSTRACT Zscaler is a cloud-computing,

More information

ESET NOD32 Antivirus. Table of contents

ESET NOD32 Antivirus. Table of contents ESET NOD32 Antivirus ESET NOD32 Antivirus provides state-of-theart protection for your computer against malicious code. Based on the ThreatSense scanning engine first introduced in the awardwinning NOD32

More information

Introduction to Computer Security Table of Contents

Introduction to Computer Security Table of Contents Introduction to Computer Security Table of Contents Introduction... 2 1 - Viruses... 3 Virus Scanners... 3 2 - Spyware... 7 Spyware Scanners... 8 3 - Firewalls... 10 Windows Firewall... 10 4 - References...

More information

Ten Tips to Avoid Viruses and Spyware

Ten Tips to Avoid Viruses and Spyware Ten Tips to Avoid Viruses and Spyware By James Wilson, CPA (480) 839-4900 ~ JamesW@hhcpa.com Oh, the deck is stacked. Don t think for a minute it s not. As a technology professional responsible for securing

More information

Phishing Activity Trends Report. 1 st Half 2009. Committed to Wiping Out Internet Scams and Fraud

Phishing Activity Trends Report. 1 st Half 2009. Committed to Wiping Out Internet Scams and Fraud 1 st Half 2009 Committed to Wiping Out Internet Scams and Fraud January June 2009 Phishing Report Scope The quarterly APWG analyzes phishing attacks reported to the APWG by its member companies, its Global

More information

Getting Ahead of Malware

Getting Ahead of Malware IT@Intel White Paper Intel Information Technology Security December 2009 Getting Ahead of Malware Executive Overview Since implementing our security event monitor and detection processes two years ago,

More information

Spyware: Securing gateway and endpoint against data theft

Spyware: Securing gateway and endpoint against data theft Spyware: Securing gateway and endpoint against data theft The explosion in spyware has presented businesses with increasing concerns about security issues, from data theft and network damage to reputation

More information

Phishing Activity Trends

Phishing Activity Trends Phishing Activity Trends Report for the Month of, 27 Summarization of Report Findings The number of phishing reports received by the (APWG) came to 23,61 in, a drop of over 6, from January s previous record

More information

Types of cyber-attacks. And how to prevent them

Types of cyber-attacks. And how to prevent them Types of cyber-attacks And how to prevent them Introduction Today s cybercriminals employ several complex techniques to avoid detection as they sneak quietly into corporate networks to steal intellectual

More information

Security A to Z the most important terms

Security A to Z the most important terms Security A to Z the most important terms Part 1: A to D UNDERSTAND THE OFFICIAL TERMINOLOGY. This is F-Secure Labs. Learn more about the most important security terms with our official explanations from

More information

24/7 Visibility into Advanced Malware on Networks and Endpoints

24/7 Visibility into Advanced Malware on Networks and Endpoints WHITEPAPER DATA SHEET 24/7 Visibility into Advanced Malware on Networks and Endpoints Leveraging threat intelligence to detect malware and exploitable vulnerabilities Oct. 24, 2014 Table of Contents Introduction

More information

MALWARE THREATS AND TRENDS. Chris Blow, Director Dustin Hutchison, Director

MALWARE THREATS AND TRENDS. Chris Blow, Director Dustin Hutchison, Director MALWARE THREATS AND TRENDS Chris Blow, Director Dustin Hutchison, Director WHAT IS MALWARE? Malicious Software Viruses Worms Trojans Rootkits Spyware Ransomware 2 MALWARE ORIGINS Users bring it from home

More information

Introduction: 1. Daily 360 Website Scanning for Malware

Introduction: 1. Daily 360 Website Scanning for Malware Introduction: SiteLock scans your website to find and fix any existing malware and vulnerabilities followed by using the protective TrueShield firewall to keep the harmful traffic away for good. Moreover

More information

Operation Liberpy : Keyloggers and information theft in Latin America

Operation Liberpy : Keyloggers and information theft in Latin America Operation Liberpy : Keyloggers and information theft in Latin America Diego Pérez Magallanes Malware Analyst Pablo Ramos HEAD of LATAM Research Lab 7/7/2015 version 1.1 Contents Introduction... 3 Operation

More information

Symantec enterprise security. Symantec Internet Security Threat Report April 2009. An important note about these statistics.

Symantec enterprise security. Symantec Internet Security Threat Report April 2009. An important note about these statistics. Symantec enterprise security Symantec Internet Security Threat Report April 00 Regional Data Sheet Latin America An important note about these statistics The statistics discussed in this document are based

More information

What Do You Mean My Cloud Data Isn t Secure?

What Do You Mean My Cloud Data Isn t Secure? Kaseya White Paper What Do You Mean My Cloud Data Isn t Secure? Understanding Your Level of Data Protection www.kaseya.com As today s businesses transition more critical applications to the cloud, there

More information

CIT 480: Securing Computer Systems. Malware

CIT 480: Securing Computer Systems. Malware CIT 480: Securing Computer Systems Malware Topics 1. Anti-Virus Software 2. Virus Types 3. Infection Methods 4. Rootkits 5. Malware Analysis 6. Protective Mechanisms 7. Malware Factories 8. Botnets Malware

More information

Symantec Endpoint Protection 12.1.5 Datasheet

Symantec Endpoint Protection 12.1.5 Datasheet Symantec Endpoint Protection 12.1.5 Datasheet Data Sheet: Endpoint Security Overview Malware has evolved from large-scale massive attacks to include Targeted Attacks and Advanced Persistent Threats that

More information

Multifaceted Approach to Understanding the Botnet Phenomenon

Multifaceted Approach to Understanding the Botnet Phenomenon Multifaceted Approach to Understanding the Botnet Phenomenon Christos P. Margiolas University of Crete A brief presentation for the paper: Multifaceted Approach to Understanding the Botnet Phenomenon Basic

More information

Malicious Software. Ola Flygt Växjö University, Sweden http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49. Viruses and Related Threats

Malicious Software. Ola Flygt Växjö University, Sweden http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49. Viruses and Related Threats Malicious Software Ola Flygt Växjö University, Sweden http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49 1 Outline Viruses and Related Threats Malicious Programs The Nature of Viruses Antivirus

More information

Phishing Activity Trends Report June, 2006

Phishing Activity Trends Report June, 2006 Phishing Activity Trends Report, 26 Phishing is a form of online identity theft that employs both social engineering and technical subterfuge to steal consumers' personal identity data and financial account

More information

McAfee Labs Threat Advisory W32/Autorun.worm.aaeb-h

McAfee Labs Threat Advisory W32/Autorun.worm.aaeb-h Summary McAfee Labs Threat Advisory W32/Autorun.worm.aaeb-h August 9, 2013 W32/Autorun.worm.aaeb-h has the ability to infect removable media devices, as well as mounted network shares. Infection starts

More information

ESET CYBER SECURITY PRO for Mac Quick Start Guide. Click here to download the most recent version of this document

ESET CYBER SECURITY PRO for Mac Quick Start Guide. Click here to download the most recent version of this document ESET CYBER SECURITY PRO for Mac Quick Start Guide Click here to download the most recent version of this document ESET Cyber Security Pro provides state-of-the-art protection for your computer against

More information

Endpoint Security and the Case For Automated Sandboxing

Endpoint Security and the Case For Automated Sandboxing WHITE PAPER Endpoint Security and the Case For Automated Sandboxing https://enterprise.comodo.com A World of Constant Threat We live in a world of constant threat. Hackers around the globe work every hour

More information

Mifflinburg Bank & Trust. Corporate Account Takeover & Information Security Awareness

Mifflinburg Bank & Trust. Corporate Account Takeover & Information Security Awareness Mifflinburg Bank & Trust Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This presentation is

More information

GlobalSign Malware Monitoring

GlobalSign Malware Monitoring GLOBALSIGN WHITE PAPER GlobalSign Malware Monitoring Protecting your website from distributing hidden malware GLOBALSIGN WHITE PAPER www.globalsign.com CONTENTS Introduction... 2 Malware Monitoring...

More information

NUIT Tech Talk. Peeking Behind the Curtain of Security. Jeff Holland Security Vulnerability Analyst Information & Systems Security/Compliance

NUIT Tech Talk. Peeking Behind the Curtain of Security. Jeff Holland Security Vulnerability Analyst Information & Systems Security/Compliance NUIT Tech Talk Peeking Behind the Curtain of Security Jeff Holland Security Vulnerability Analyst Information & Systems Security/Compliance Definitions Malware: The Virus/Trojan software we ve all come

More information

Avira Small Business Security Suite HowTo

Avira Small Business Security Suite HowTo Avira Small Business Security Suite HowTo Table of Contents 1. Introduction... 3 2. Product Information... 3 2.1 Operation mode...3 2.2 Scope of services...3 2.3 Optimum protection. Fast updates. Efficient

More information

ZNetLive Malware Monitoring

ZNetLive Malware Monitoring Introduction The criminal ways of distributing malware or malicious software online have gone through a change in past years. In place of using USB drives, attachments or disks to distribute viruses, hackers

More information

Corporate Account Takeover & Information Security Awareness

Corporate Account Takeover & Information Security Awareness Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This presentation is for information purposes

More information

E-Commerce Security and Fraud Protection CHAPTER 9

E-Commerce Security and Fraud Protection CHAPTER 9 E-Commerce Security and Fraud Protection CHAPTER 9 LEARNING OBJECTIVES 1. Understand the importance and scope of security of information systems for EC. 2. Describe the major concepts and terminology of

More information

white paper Malware Security and the Bottom Line

white paper Malware Security and the Bottom Line Malware Security Report: Protecting Your BusineSS, Customers, and the Bottom Line Contents 1 Malware is crawling onto web sites everywhere 1 What is Malware? 2 The anatomy of Malware attacks 3 The Malware

More information

THE HOME LOAN SAVINGS BANK. Corporate Account Takeover & Information Security Awareness

THE HOME LOAN SAVINGS BANK. Corporate Account Takeover & Information Security Awareness THE HOME LOAN SAVINGS BANK Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This presentation is

More information

Malware B-Z: Inside the Threat From Blackhole to ZeroAccess

Malware B-Z: Inside the Threat From Blackhole to ZeroAccess Malware B-Z: Inside the Threat From Blackhole to ZeroAccess By Richard Wang, Manager, SophosLabs U.S. Over the last few years the volume of malware has grown dramatically, thanks mostly to automation and

More information

Overview. Common Internet Threats. Spear Phishing / Whaling. Phishing Sites. Virus: Pentagon Attack. Viruses & Worms

Overview. Common Internet Threats. Spear Phishing / Whaling. Phishing Sites. Virus: Pentagon Attack. Viruses & Worms Overview Common Internet Threats Tom Chothia Computer Security, Lecture 19 Phishing Sites Trojans, Worms, Viruses, Drive-bydownloads Net Fast Flux Domain Flux Infiltration of a Net Underground economy.

More information

Ohio University Computer Services Center October, 2004 Spyware, Adware, and Virus Guide

Ohio University Computer Services Center October, 2004 Spyware, Adware, and Virus Guide Ohio University Computer Services Center October, 2004 Spyware, Adware, and Virus Guide Definitions Malware is term meaning malicious software. Malware is software designed to disrupt a computer system.

More information

Virtual Desktops Security Test Report

Virtual Desktops Security Test Report Virtual Desktops Security Test Report A test commissioned by Kaspersky Lab and performed by AV-TEST GmbH Date of the report: May 19 th, 214 Executive Summary AV-TEST performed a comparative review (January

More information

S3 Control. Confirma Technology Brief November 2008

S3 Control. Confirma Technology Brief November 2008 S3 Control Confirma Technology Brief November 2008 Confirma Product Support 11040 Main St., Suite 100, Bellevue, WA 98004-6368, USA Toll free: 877.274.3045 Local: 425.691.1595 Email: support@confirma.com

More information

DANEnet Round Table: Viruses and Spyware

DANEnet Round Table: Viruses and Spyware DANEnet Round Table: Viruses and Spyware Definition of a computer virus: -A computer program that is designed to replicate itself by copying itself into the other programs stored in a computer. It may

More information

CYBERCRIMINAL IN BRAZIL SHARES MOBILE CREDIT CARD STORE APP

CYBERCRIMINAL IN BRAZIL SHARES MOBILE CREDIT CARD STORE APP CYBERCRIMINAL IN BRAZIL SHARES MOBILE CREDIT CARD STORE APP August 2014 RSA agents recently traced a threat actor advertising a mobile credit card store application. The cybercriminal shared the information

More information

egambit Forensic egambit, your defensive cyber-weapon system. You have the players. We have the game.

egambit Forensic egambit, your defensive cyber-weapon system. You have the players. We have the game. egambit Forensic egambit, your defensive cyber-weapon system. You have the players. We have the game. TEHTRI-Security 2010-2015 www.tehtri-security.com Forensic with egambit In this document, we will introduce

More information

Airtel PC Secure Trouble Shooting Guide

Airtel PC Secure Trouble Shooting Guide Airtel PC Secure Trouble Shooting Guide Table of Contents Questions before installing the software Q: What is required from my PC to be able to use the Airtel PC Secure? Q: Which operating systems does

More information

SECURITY TERMS: Advisory Backdoor - Blended Threat Blind Worm Bootstrapped Worm Bot Coordinated Scanning

SECURITY TERMS: Advisory Backdoor - Blended Threat Blind Worm Bootstrapped Worm Bot Coordinated Scanning SECURITY TERMS: Advisory - A formal notice to the public on the nature of security vulnerability. When security researchers discover vulnerabilities in software, they usually notify the affected vendor

More information

Data Center Security in a World Without Perimeters

Data Center Security in a World Without Perimeters www.iss.net Data Center Security in a World Without Perimeters September 19, 2006 Dave McGinnis Director of MSS Architecture Agenda Securing the Data Center What threats are we facing? What are the risks?

More information

TRAINING FOR AMERICAN MOMENTUM BANK CLIENTS. Corporate Account Takeover & Information Security Awareness

TRAINING FOR AMERICAN MOMENTUM BANK CLIENTS. Corporate Account Takeover & Information Security Awareness TRAINING FOR AMERICAN MOMENTUM BANK CLIENTS Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This

More information

Security Intelligence Services. www.kaspersky.com

Security Intelligence Services. www.kaspersky.com Kaspersky Security Intelligence Services. Threat Intelligence Services www.kaspersky.com THREAT INTELLIGENCE SERVICES Tracking, analyzing, interpreting and mitigating constantly evolving IT security threats

More information

Avira Small Business Security Suite Avira Endpoint Security. Quick Guide

Avira Small Business Security Suite Avira Endpoint Security. Quick Guide Avira Small Business Security Suite Avira Endpoint Security Quick Guide Table of Contents 1. Introduction... 3 2. Product Information... 3 2.1 Operation mode...3 2.2 Scope of services...3 2.3 Optimum protection.

More information

Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning

Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning Lee Zelyck Network Administrator Regina Public Library Malware, Spyware, Trojans

More information

TECHNICAL REPORT. An Analysis of Domain Silver, Inc..pl Domains

TECHNICAL REPORT. An Analysis of Domain Silver, Inc..pl Domains TECHNICAL REPORT An Analysis of Domain Silver, Inc..pl Domains July 31, 2013 CONTENTS Contents 1 Introduction 2 2 Registry, registrar and registrant 3 2.1 Rogue registrar..................................

More information

Avira Small Business Security Suite. HowTo

Avira Small Business Security Suite. HowTo Avira Small Business Security Suite HowTo Table of contents 1. Introduction... 3 2. Product Information... 3 2.1 Operation mode... 3 2.2 Scope of services... 3 2.3 Optimum protection. Fast updates. Efficient

More information

Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望

Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望 Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望 Agenda Information Security Trends Year 2014 in Review Outlook for 2015 Advice to the Public Hong Kong Computer Emergency Response Team Coordination

More information

Student Tech Security Training. ITS Security Office

Student Tech Security Training. ITS Security Office Student Tech Security Training ITS Security Office ITS Security Office Total Security is an illusion security will always be slightly broken. Find strategies for living with it. Monitor our Network with

More information

Computer Viruses: How to Avoid Infection

Computer Viruses: How to Avoid Infection Viruses From viruses to worms to Trojan Horses, the catchall term virus describes a threat that's been around almost as long as computers. These rogue programs exist for the simple reason to cause you

More information

You ll learn about our roadmap across the Symantec email and gateway security offerings.

You ll learn about our roadmap across the Symantec email and gateway security offerings. #SymVisionEmea In this session you will hear how Symantec continues to focus our comprehensive security expertise, global intelligence and portfolio on giving organizations proactive, targeted attack protection

More information

KASPERSKY LAB. Kaspersky Anti-Virus for Windows Servers 6.0 USER GUIDE

KASPERSKY LAB. Kaspersky Anti-Virus for Windows Servers 6.0 USER GUIDE KASPERSKY LAB Kaspersky Anti-Virus for Windows Servers 6.0 USER GUIDE KASPERSKY ANTI-VIRUS FOR WINDOWS SERVERS 6.0 User Guide Kaspersky Lab http://www.kaspersky.com Revision date: September 2008 Table

More information

G DATA MOBILE MALWARE REPORT THREAT REPORT: Q1/2015

G DATA MOBILE MALWARE REPORT THREAT REPORT: Q1/2015 G DATA MOBILE MALWARE REPORT THREAT REPORT: Q1/2015 CONTENTS At a glance 03-03 Forecasts and trends 03-03 Current situation: 4,900 new Android malware samples every day 04-04 Half of Android malware is

More information

G DATA MOBILE MALWARE REPORT THREAT REPORT: Q1/2015

G DATA MOBILE MALWARE REPORT THREAT REPORT: Q1/2015 G DATA MOBILE MALWARE REPORT THREAT REPORT: Q1/2015 CONTENTS At a glance 03-03 Forecasts and trends 03-03 Current situation: 4,900 new Android malware samples every day 04-04 Half of Android malware is

More information

N-CAP Users Guide. Everything You Need to Know About Using the Internet! How Worms Spread via Email (and How to Avoid That)

N-CAP Users Guide. Everything You Need to Know About Using the Internet! How Worms Spread via Email (and How to Avoid That) N-CAP Users Guide Everything You Need to Know About Using the Internet! How Worms Spread via Email (and How to Avoid That) How Worms Spread via Email (and How to Avoid That) Definitions of: A Virus: is

More information

Phishing Activity Trends Report for the Month of December, 2007

Phishing Activity Trends Report for the Month of December, 2007 Phishing Activity Trends Report for the Month of December, 2007 Summarization of December Report Findings The total number of unique phishing reports submitted to APWG in December 2007 was 25,683, a decrease

More information

Netsweeper Whitepaper

Netsweeper Whitepaper Netsweeper Inc. Corporate Headquarters 104 Dawson Road Suite 100 Guelph, ON, Canada N1H 1A7 CANADA T: +1 (519) 826-5222 F: +1 (519) 826-5228 Netsweeper Whitepaper The Evolution of Web Security June 2010

More information

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security ITSC Training Courses Student IT Competence Programme SI1 2012 2013 Prof. Chan Yuen Yan, Rosanna Department of Engineering The Chinese University of Hong Kong SI1-1 Course Outline What you should know

More information

Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them

Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Lab Exercises Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Review Questions 1) In class, we made the distinction between a front-door attack and

More information

Kaspersky Security 9.0 for Microsoft SharePoint Server Administrator's Guide

Kaspersky Security 9.0 for Microsoft SharePoint Server Administrator's Guide Kaspersky Security 9.0 for Microsoft SharePoint Server Administrator's Guide APPLICATION VERSION: 9.0 Dear User! Thank you for choosing our product. We hope that this document will help you in your work

More information

2010 Carnegie Mellon University. Malware and Malicious Traffic

2010 Carnegie Mellon University. Malware and Malicious Traffic Malware and Malicious Traffic What We Will Cover Introduction Your Network Fundamentals of networks, flow, and protocols Malicious traffic External Events & Trends Malware Networks in the Broad Working

More information

ANDRA ZAHARIA MARCOM MANAGER

ANDRA ZAHARIA MARCOM MANAGER 10 Warning Signs that Your Computer is Malware Infected [Updated] ANDRA ZAHARIA MARCOM MANAGER MAY 16TH, 2016 6:05 Malware affects us all The increasing number of Internet users worldwide creates an equal

More information

Protecting the Infrastructure: Symantec Web Gateway

Protecting the Infrastructure: Symantec Web Gateway Protecting the Infrastructure: Symantec Web Gateway 1 Why Symantec for Web Security? Flexibility and Choice Best in class hosted service, appliance, and virtual appliance (upcoming) deployment options

More information

Statistical Analysis of Internet Security Threats. Daniel G. James

Statistical Analysis of Internet Security Threats. Daniel G. James Statistical Analysis of Internet Security Threats Daniel G. James ABSTRACT The purpose of this paper is to analyze the statistics surrounding the most common security threats faced by Internet users. There

More information

Software Engineering 4C03 Class Project. Computer Networks and Computer Security COMBATING HACKERS

Software Engineering 4C03 Class Project. Computer Networks and Computer Security COMBATING HACKERS Software Engineering 4C03 Class Project Computer Networks and Computer Security COMBATING HACKERS Done By: Ratinder Ricky Gill Student Number: 0048973 E-Mail: gillrr@mcmaster.ca Due: Tuesday April 5, 2005

More information

From Georgia, with Love Win32/Georbot. Is someone trying to spy on Georgians?

From Georgia, with Love Win32/Georbot. Is someone trying to spy on Georgians? From Georgia, with Love Win32/Georbot Is someone trying to spy on Georgians? At the beginning of the year, a curious piece of malware came to our attention. An analyst in our virus laboratory noticed that

More information

BOTNETS. Douwe Leguit, Manager Knowledge Center GOVCERT.NL

BOTNETS. Douwe Leguit, Manager Knowledge Center GOVCERT.NL BOTNETS Douwe Leguit, Manager Knowledge Center GOVCERT.NL Agenda Bots: what is it What is its habitat How does it spread What are its habits Dutch cases Ongoing developments Visibility of malware vs malicious

More information

avast! Free Antivirus for Mac Quick Start Guide avast! Free Antivirus for Mac Quick Start Guide

avast! Free Antivirus for Mac Quick Start Guide avast! Free Antivirus for Mac Quick Start Guide avast! Free Antivirus for Mac Quick Start Guide 1 Introduction Welcome to avast! Free Antivirus for Mac. avast! Free Antivirus for Mac contains the same ICSA Certified scan engine as all avast! antivirus

More information

Phishing Activity Trends Report. 1 st Quarter 2014. Unifying the. To Cybercrime. January March 2014

Phishing Activity Trends Report. 1 st Quarter 2014. Unifying the. To Cybercrime. January March 2014 1 st Quarter 2014 Unifying the Global Response To Cybercrime January March 2014 Published June 23, 2014 , Phishing Report Scope The APWG analyzes phishing attacks reported to the APWG by its member companies,

More information

The Nitro Attacks. Security Response. Stealing Secrets from the Chemical Industry. Introduction. Targets. Eric Chien and Gavin O Gorman

The Nitro Attacks. Security Response. Stealing Secrets from the Chemical Industry. Introduction. Targets. Eric Chien and Gavin O Gorman The Nitro Attacks Stealing Secrets from the Chemical Industry Eric Chien and Gavin O Gorman Contents Introduction... 1 Targets... 1 Attack methodology... 2 Geographic Spread... 3 Attribution... 4 Technical

More information

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 2 Systems Threats and Risks

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 2 Systems Threats and Risks Security+ Guide to Network Security Fundamentals, Third Edition Chapter 2 Systems Threats and Risks Objectives Describe the different types of software-based attacks List types of hardware attacks Define

More information

What do a banking Trojan, Chrome and a government mail server have in common? Analysis of a piece of Brazilian malware

What do a banking Trojan, Chrome and a government mail server have in common? Analysis of a piece of Brazilian malware What do a banking Trojan, Chrome and a government mail server have in common? Analysis of a piece of Brazilian malware Contents Introduction.................................2 Installation: Social engineering

More information

The information contained in this session may contain privileged and confidential information. This presentation is for information purposes only.

The information contained in this session may contain privileged and confidential information. This presentation is for information purposes only. The information contained in this session may contain privileged and confidential information. This presentation is for information purposes only. Before acting on any ideas presented in this session;

More information

WHY DOES MY SPEED MONITORING GRAPH SHOW -1 IN THE TOOLTIP? 2 HOW CAN I CHANGE MY PREFERENCES FOR UPTIME AND SPEED MONITORING 2

WHY DOES MY SPEED MONITORING GRAPH SHOW -1 IN THE TOOLTIP? 2 HOW CAN I CHANGE MY PREFERENCES FOR UPTIME AND SPEED MONITORING 2 FAQ WHY DOES MY SPEED MONITORING GRAPH SHOW -1 IN THE TOOLTIP? 2 HOW CAN I CHANGE MY PREFERENCES FOR UPTIME AND SPEED MONITORING 2 WHAT IS UPTIME AND SPEED MONITORING 2 WHEN I TRY TO SELECT A SERVICE FROM

More information

Endpoint Business Products Testing Report. Performed by AV-Test GmbH

Endpoint Business Products Testing Report. Performed by AV-Test GmbH Business Products Testing Report Performed by AV-Test GmbH January 2011 1 Business Products Testing Report - Performed by AV-Test GmbH Executive Summary Overview During November 2010, AV-Test performed

More information

DETERMINATION OF THE PERFORMANCE

DETERMINATION OF THE PERFORMANCE DETERMINATION OF THE PERFORMANCE OF ANDROID ANTI-MALWARE SCANNERS AV-TEST GmbH Klewitzstr. 7 39112 Magdeburg Germany www.av-test.org 1 CONTENT Determination of the Performance of Android Anti-Malware Scanners...

More information

Email Threat Trend Report Second Quarter 2007

Email Threat Trend Report Second Quarter 2007 Email Threat Trend Report Second Quarter 2007, Ltd. 2550 SW Grapevine Parkway, Suite 150 Grapevine, Texas 76051 Phone: (817) 601-3222 Fax: (817) 601-3223 http://www.altn.com/ 2007 Contents Emerging Email

More information