The Cyber-threat Landscape in 1H 2010
|
|
- Barrie Lucas
- 8 years ago
- Views:
Transcription
1 The Cyber-threat Landscape in 1H 2010 Dr. Jean Paul Ballerini WW IBM Security Solutions Sales Enablement, X-Force Expert
2 Agenda IBM s Threat Management R&D: X-Force Mid-Year Report 2
3 IBM X-Force Research and Development The mission is to: Research and evaluate threat and protection issues Develop new technology for tomorrow s security challenges Deliver security protection for today s security problems Educate the media and user communities 3
4 IBM Security Applied Research Teams IBM researches and monitors latest threat trends with IBM X-Force Provides Specific Analysis of: Vulnerabilities and exploits Malicious/Unwanted websites Spam and phishing Most comprehensive vulnerability database in the world Entries date back to the 1990 s Malware Other emerging trends IBM builds technology for tomorrow with IBM Research Homomorphic Encryption: Query a search engine without telling the engine what you are looking for! The mission of the IBM X-Force research and development team is to: Research and evaluate threat and protection issues Develop new technology for tomorrow s security challenges Deliver security protection for today s security problems Educate the media and user communities IBM is dedicated to cybersecurity advancement Enterprise Security Architecture: Working with clients worldwide to implement the new architecture based on six security zones of control High Tech Risk Analytics: Pre-fraud detectors with low false positive rates at a speed of times the scale of today's model Security Research Source: IBM X-Force Database, Institute Focus Engage in public-private collaboration Address and mitigate cybersecurity challenges Provide a forum for clients to better understand how recent IBM Research advances can help 4
5 IBM X-Force web intelligence lifecycle Deep Crawl of Known Malicious Websites Analyze New Exploit Techniques Provide New Protection Guidance Develop Protection Deliver Updates Classify MSS Links Find Related Websites (Deep Crawl) Search for Malware Find New Malicious Websites Block All Malicious Domains Apply Updates Monitor Browsing of: - Million of End-users - Thousands of Customers - Hundreds of Countries Block Malicious Links Send Links to X-Force 5
6 Information Sources lists Vendor disclosures Blacknets Greynets Honeynets Whiro Crawler Information Sharing ISACS, CERTs, Industry Organizations Research Partnerships Conferences Online 6
7 Protocol Analysis Module is the Engine Behind our Products Virtual Patch Client-Side Application Protection Web Application Protection Threat Detection & Prevention Data Security Application Control What It Does: Shields vulnerabilities from exploitation independent of a software patch, and enables a responsible patch management process that can be adhered to without fear of a breach Why Important: At the end of 2009, 52% of all vulnerabilities disclosed during the year had no vendor-supplied patches available to remedy the vulnerability. What It Does: Protects end users against attacks targeting applications used everyday such as Microsoft Office, Adobe PDF, Multimedia files and Web browsers. Why Important: At the end of 2009, vulnerabilities, which affect personal computers, represent the second-largest category of vulnerability disclosures and represent about a fifth of all vulnerability disclosures. What It Does: Protects web applications against sophisticated application-level attacks such as SQL Injection, XSS (Cross-site scripting), PHP fileincludes, CSRF (Crosssite request forgery). Why Important: Expands security capabilities to meet both compliance requirements and threat evolution. What It Does: Detects and prevents entire classes of threats as opposed to a specific exploit or vulnerability. Why Important: Eliminates need of constant signature updates. Protection includes the proprietary Shellcode Heuristics (SCH) technology, which has an unbeatable track record of protecting against zero day vulnerabilities. What It Does: Monitors and identifies unencrypted personally identifiable information (PII) and other confidential information for data awareness. Also provides capability to explore data flow through the network to help determine if any potential risks exist. Why Important: Flexible and scalable customized data search criteria; serves as a complement to data security strategy. What It Does: Manages control of unauthorized applications and risks within defined segments of the network, such as ActiveX fingerprinting, Peer To Peer, Instant Messaging, and tunneling. Why Important: Enforces network application and service access based on corporate policy and governance. 7
8 Security Effectiveness Top Vulnerabilities of 1st Half 2010 Top 14 Vulnerabilities 437 Average days Ahead of the Threat 5 Vulnerabilities Ahead of the Threat 2 Protection released post announcement 7 same day coverage 8
9 Our Intelligence is spread Worldwide 8 Security Operations Centers 7 Security Research Centers Monitored Countries 20,000+ managed devices Billion Events per day Zurich, CH Toronto, CA Brussels, BE Alamden, US Boulder, US TJ Watson, US Detroit, US Tokyo, JP Tokyo, JP Atlanta, US Haifa,IL Atlanta, US Sao Paulo, Brazil New Delhi, IN Brisbane, AU 9
10 World s largest URL filter list Topicality Crawlers collect image and text data from the Internet 24 hours a day on 365 days, which adds up to 200 million pages each month Every day, customers receive updates, equaling some 150,000 changes Quality Largest URL database meets practically every filtering requirement by means of indexed URLs in 68 categories Quantity World's largest URL filter list contains 170 million sites World's largest database with 10 billion evaluated web pages and images 10
11 Spam database Topicality World wide distributed SpamCollectors collect spam 24 hours a day on 365 days -> up to 1.6 mio. unique spams per day Update cycle for costumer: 12 times daily Quality Approx. 45 mio. hot and relevant spam signatures in the database > % spam recognition < 0.01 % overblocking Quantity Additional methods for an efficient spam recognition (Bayes Filter, URL Checker, Meta Heuristics, FlowControl, Structure Analysis, Phishing detection, ) 11
12 Agenda IBM s Threat Management R&D: X-Force Mid-Year Report 12
13 Summary Attacks Continue Across all Security Domains Reported vulnerabilities are at an all time high, up 36%, due to significant increases in public exploit releases and efforts by software vendors to identify and mitigate security vulnerabilities. More than 55% of all vulnerabilities disclosed are Web application vulnerabilities. 55% of all vulnerabilities disclosed had no vendor-supplied patches available at the end of the 1 st half of PDF attack activity continue to dominate the threat landscape. More than that, April 2010 had the most significant spike in PDF attack activity. Event activity for this month was almost 37% higher than the average for the first half of The Zeus botnet toolkit continues to wreak havoc on organizations. Early 2010 saw the release of an updated version of the Zeus botnet kit, dubbed Zeus 2.0. Anonymous proxy websites continue to increase in volume, quadrupling since Advanced persistent threats are groups of attackers that target and successfully penetrate well defended networks. Attackers are continuing to find new ways to hide or mask their malicious traffic to evade security technologies, i.e. Javascript obfuscation. 35% of virtualization vulnerabilities impact the hypervisor. 7.2% of the Internet is considered socially unacceptable, unwanted, or flat out malicious. Brazil, the U.S., and India account for more than one fourth of worldwide spam. Majority of spam (more than 90%) is still classified as URL spam spam messages that include URLs that a person clicks to view the spam contents. Amount of URL spam using well-known and trusted domain names continue to increase. The top spam domains have moved from China (.cn) to Russia (.ru). More than two thirds (66.8%) of all financial phishing targets are located in North America, the remaining 32% are in Europe. 13
14 Vulnerability Disclosures at an All-Time High Vulnerability disclosures up 36%. Web applications continue to be the largest category of disclosure. Increase in vulnerability disclosures due to significant increases in public exploit releases and to efforts by several vendors to identify and mitigate security vulnerabilities. The most critical two vulnerabilities disclosed in the first half of 2010 were remote code execution vulnerabilities in Java Web Start and Microsoft Windows Help and Support Center Both were publicly disclosed before patches were available from the respective vendors 14
15 Exploit Effort vs. Potential Reward Economics continue to play heavily into the exploitation probability of a vulnerability Web Browser, Document Reader and Office document vulnerabilities are very profitable and easily executable 15
16 Attacker Motivation is to Gain Access and Manipulate Data Gain access remains the primary consequence of vulnerability exploitation. Up to 52% as compared to 50% in Data Manipulation on the rise. Up to 21% Bypass Security and Denial of Service remain similar to previous years. Questions to Ask: Are you confident that an attacker can not gain access to your system? Is your private data secure? 16
17 Web App Vulnerabilities Continue to Dominate 55% of all vulnerabilities are Web application vulnerabilities. Cross-Site Scripting & SQL injection vulnerabilities continue to dominate. 88% of web application vulnerabilities affect plug-ins and not the base platform 17
18 Client-Side Vulnerabilities: Web Browser and Document Vulnerabilities Continue to Impact End Users Web browsers and their plug-ins continue to be the largest category of client-side vulnerabilities. Already in the first half of 2010, we see that document readers and editors, as well as multimedia applications, have almost surpassed 2009 year-end totals. 18
19 Vulnerabilities in Document Readers: 1st Half of 2010 Numbers Represent Almost Half of Full Year 2009 Totals Portable Document Format (PDF) continue to surpass Office Format documents in the 1st half of
20 PDF Exploitation is HOT! PDF attacks continue to increase as attackers trick users in new ways. The most significant jump in activity occurred in April which can be attributed to the large surge of malicious spam in circulation. Three of the top 5 most popular exploits affect PDF documents. ActiveX dropped off the top 5 exploit list and has been replaced by an older Java vulnerability. 20
21 Bad Web Content Tries to Evade Filters 7.2% of the Internet contains unwanted content such as pornographic or criminal Web sites. Anonymous proxies, which hide a target URL from a Web filter, have steadily increased to more than quadruple in number since
22 Suspicious Web Pages and Files are on the Rise The level of obfuscation found in Web exploits continues to rise. Attackers continue to find new ways to disguise their malicious traffic via JavaScript and PDF obfuscation. Obfuscation is a technique used by software developers and attackers alike to hide or mask the code used to develop their applications. Exploit toolkit packages continue to favor malicious Adobe Flash and PDF, along with Java files. 22
23 Zeus Botnet Activity Increases Zeus botnet toolkit continues to wreak havoc on organizations. Release of an updated version of the Zeus botnet kit, dubbed Zeus 2.0. Major new features included in this version provide updated functionality to attackers. Zeus botnet operators usually infect new PC s by either mass ing malicious documents to victims, or directing them to a malicious website. Zeus myths explained: Zeus is not a single botnet Zeus is not a virus or worm Zeus does not use vulnerabilities and exploits to install itself Zeus itself is a backdoor or Trojan 23
24 Zeus Crimeware Service Hosting for costs $50 for 3 months. This includes the following: # Fully set up ZeuS Trojan with configured FUD binary. # Log all information via internet explorer # Log all FTP connections # Steal banking data # Steal credit cards # Phish US, UK and RU banks # Host file override # All other ZeuS Trojan features # Fully set up MalKit with stats viewer inter graded. # 10 IE 4/5/6/7 exploits # 2 Firefox exploits # 1 Opera exploit We also host normal ZeuS clients for $10/month. This includes a fully set up zeus panel/configured binary 24
25 Competition for Zeus SpyEye is set to become more popular Bots have the ability to remove Zeus Includes extra features Keylogger, network sniffer 25
26 Websites Hosting Bad Links Professional bad Web sites like pornography, gambling, or illegal drugs Web sites have seen increases in links to malware links in the 1st half of Blogs and bulletin boards have also seen increases in malware links. 26
27 Spam Continues to Change to Avoid Detection Over 90% of spam is classified as URL spam. Spammers continue to use trusted domains and legitimate links in spam messages to avoid anti-spam technologies. Top spam domains moved from.cn (China) to.ru (Russia) Brazil, the U.S., and India account for about one forth of worldwide spam 27
28 Spam Volume and Average Size Increases Spam volume reached an all time high in June Since mid-march of 2010, the average size of spam doubled without any changes in the percentage of imagebased spam. The average spam byte size continued to increase until the beginning of June, reaching an average size of nearly 10 KB. 28
29 Phishing Attacks Decline Again Contrary to the 2nd half of 2009, phishing volume has declined back to levels seen in the 1st half of Brazil remains the top sender in terms of phishing volume, while India is in second place, and South Korea holds third place. Russia fell from rank 3 to rank 10. Germany is new to the top 10 and Turkey disappeared. Top subject subject lines represent more than 36% of all phishing s. 29
30 Phishing Targets Financial & Credit Card Industries 49.1% of phishing is targeted at the financial industry vs. 60.9% in Over two-thirds (66.8%) of all financial phishing targets are located in North America vs. 95% in % of financial phishing targets are located in Europe 27.9% of phishing s were targeted at credit cards. 30
31 Phishing Tools Commercial phishing kits make it easy for a novice to start in the business 31
32 Virtualization Security Increasingly a Focus 35% of server class vulnerabilities affect the hypervisor Virtualization Vulnerability Disclosures expected to fall in 2010 Number of disclosures peaked in 2008 at 100, fell by 12 percent to 88 in 2009, and appears on track to fall slightly further in 2010 (39 virtualization vulnerabilities were disclosed in the first half of 2010). This trend suggests that virtualization vendors have been paying more attention to security since 2008 and/or security researchers have focused their efforts on easier targets. Questions to Ask: Are you virtual environments secure? What solutions do you have in place to protect the hypervisor? IBM Security Offerings: IBM Security Virtual Server Protection for VmWare 32
33 For More IBM X-Force Security Leadership X-Force Trend Reports The IBM X-Force Trend & Risk Reports provide statistical information about all aspects of threats that affect Internet security,. Find out more at X-Force Security Alerts and Advisories Only IBM X-Force can deliver preemptive security due to our unwavering commitment to research and development and 24/7 global attack monitoring. Find out more at X-Force Blogs and Feeds For a real-time update of Alerts, Advisories, and other security issues, subscribe to the X-Force RSS feeds. You can subscribe to the X-Force alerts and advisories feed at or the Frequency X Blog at 33
34 Dr. Jean Paul Ballerini IBM Security Solutions
IBM Protocol Analysis Module
IBM Protocol Analysis Module The protection engine inside the IBM Security Intrusion Prevention System technologies. Highlights Stops threats before they impact your network and the assets on your network
More informationNew Risks in the New World of Emerging Technologies
New Risks in the New World of Emerging Technologies Victor Chu Client Technical Professional Identity, Security, and Compliance Management Software Group IBM Malaysia Risk it s NOT a four simple letter
More informationIBM X-Force 2012 Cyber Security Threat Landscape
IBM X-Force 2012 Cyber Security Threat Landscape 1 2012 IBM Corporation Agenda Overview Marketing & Promotion Highlights from the 2011 IBM X-Force Trend and Risk Report New attack activity Progress in
More informationIBM Advanced Threat Protection Solution
IBM Advanced Threat Protection Solution Fabio Panada IBM Security Tech Sales Leader 1 Advanced Threats is one of today s key mega-trends Advanced Threats Sophisticated, targeted attacks designed to gain
More information2016 Trends in Cybersecurity: A Quick Guide to the Most Important Insights in Security
2016 Trends in Cybersecurity: A Quick Guide to the Most Important Insights in Security For 10 years, Microsoft has been studying and analyzing the threat landscape of exploits, vulnerabilities, and malware.
More information2009 IBM ISS X-Force Mid-Year Trend & Risk Report
2009 IBM ISS X-Force Mid-Year Trend & Risk Report IBM Internet Security Systems (ISS) Andrew Luetje ISS Solutions Specialist 816-679-2885 andrewlu@us.ibm.com X-Force R&D -- Unmatched Security Leadership
More informationIBM Security Strategy
IBM Security Strategy Intelligence, Integration and Expertise Kate Scarcella CISSP Security Tiger Team Executive M.S. Information Security IBM Security Systems IBM Security: Delivering intelligence, integration
More informationIBM X-Force 2012 Cyber Security Threat Landscape
IBM X-Force 2012 Cyber Security Threat Landscape Johan Celis X-Force R&D Spokesperson Security Channel Sales Leader BeNeLux 1 Mission IBM Security Systems To protect our customers from security threats
More informationSecurity Trends X-Force
Security Trends X-Force IBM Internet Security Systems (ISS) The IBM ISS X-Force research and development team drives IBM Security Innovation Research Technology Solutions Original Vulnerability Research
More informationQUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY
QUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY EXPLOIT KITS UP 75 PERCENT The Infoblox DNS Threat Index, powered by IID, stood at 122 in the third quarter of 2015, with exploit kits up 75 percent
More informationAdvanced Persistent Threats
White Paper INTRODUCTION Although most business leaders and IT managers believe their security technologies adequately defend against low-level threats, instances of (APTs) have increased. APTs, which
More informationProtect Your Business and Customers from Online Fraud
DATASHEET Protect Your Business and Customers from Online Fraud What s Inside 2 WebSafe 5 F5 Global Services 5 More Information Online services allow your company to have a global presence and to conveniently
More informationIndian Computer Emergency Response Team (CERT-In) Annual Report (2010)
Indian Computer Emergency Response Team (CERT-In) Annual Report (2010) Indian Computer Emergency Response Team (CERT-In) Department of Information Technology Ministry of Communications & Information Technology
More informationContemporary Web Application Attacks. Ivan Pang Senior Consultant Edvance Limited
Contemporary Web Application Attacks Ivan Pang Senior Consultant Edvance Limited Agenda How Web Application Attack impact to your business? What are the common attacks? What is Web Application Firewall
More informationRecommended Practice Case Study: Cross-Site Scripting. February 2007
Recommended Practice Case Study: Cross-Site Scripting February 2007 iii ACKNOWLEDGEMENT This document was developed for the U.S. Department of Homeland Security to provide guidance for control system cyber
More informationThe Hillstone and Trend Micro Joint Solution
The Hillstone and Trend Micro Joint Solution Advanced Threat Defense Platform Overview Hillstone and Trend Micro offer a joint solution the Advanced Threat Defense Platform by integrating the industry
More informationIntroducing IBM s Advanced Threat Protection Platform
Introducing IBM s Advanced Threat Protection Platform Introducing IBM s Extensible Approach to Threat Prevention Paul Kaspian Senior Product Marketing Manager IBM Security Systems 1 IBM NDA 2012 Only IBM
More informationThe Fundamental Failures of End-Point Security. Stefan Frei Research Analyst Director sfrei@secunia.com
The Fundamental Failures of End-Point Security Stefan Frei Research Analyst Director sfrei@secunia.com Agenda The Changing Threat Environment Malware Tools & Services Why Cybercriminals Need No 0-Days
More informationIBM Global Technology Services January 2008. IBM Internet Security Systems X-Force 2007 Trend Statistics
IBM Global Technology Services January 2008 IBM Internet Security Systems X-Force 2007 Trend Statistics Page 2 Table of Contents Management Overview 3 2007 Highlights 3 Vulnerability Analysis 5 2007 Vulnerability
More information2015 TRUSTWAVE GLOBAL SECURITY REPORT
2015 TRUSTWAVE GLOBAL SECURITY REPORT Rahul Samant Trustwave Australia WHY DO CYBERCRIMINALS DO WHAT THEY DO? 1,425% Return on Investment (ROI) Estimated ROI for a one-month ransomware campaign Based on
More informationIpswitch IMail Server with Integrated Technology
Ipswitch IMail Server with Integrated Technology As spammers grow in their cleverness, their means of inundating your life with spam continues to grow very ingeniously. The majority of spam messages these
More informationIBM Security Intrusion Prevention Solutions
IBM Security Intrusion Prevention Solutions Sarah Cucuz sarah.cucuz@spyders.ca IBM Software Solution Brief IBM Security intrusion prevention solutions In-depth protection for networks, servers, endpoints
More informationIBM Internet Security Systems
IBM Global Services IBM Internet Security Systems Norberto Gazzoni Italy Channel Manager norberto_gazzoni@it.ibm.com +39 347 3499617 IBM Internet Security Systems Ahead of the threat. 2006 IBM Corporation
More informationIBM Security X-Force Threat Intelligence
IBM Security X-Force Threat Intelligence Use dynamic IBM X-Force data with IBM Security QRadar to detect the latest Internet threats Highlights Automatically feed IBM X-Force data into IBM QRadar Security
More informationCyber Security Presentation Cyber Security Month Curtis McNay, Director of IT Security
Cyber Security Presentation Cyber Security Month Curtis McNay, Director of IT Security The IT Security Office (ITSO) What We Do? Risk Assessment Network and System Security Monitoring Vulnerability Scanning
More informationisheriff CLOUD SECURITY
isheriff CLOUD SECURITY isheriff is the industry s first cloud-based security platform: providing fully integrated endpoint, Web and email security, delivered through a single Web-based management console
More informationISS X-Force. IBM Global Services. Angel NIKOLOV Country Manager BG, CZ, HU, RO and SK IBM Internet Security Systems
IBM Global Services ISS X-Force Angel NIKOLOV Country Manager BG, CZ, HU, RO and SK IBM Internet Security Systems Internet Security Systems, an IBM Company Security Market Overview Companies face sophisticated
More informationDetecting and Exploiting XSS with Xenotix XSS Exploit Framework
Detecting and Exploiting XSS with Xenotix XSS Exploit Framework ajin25@gmail.com keralacyberforce.in Introduction Cross Site Scripting or XSS vulnerabilities have been reported and exploited since 1990s.
More informationwhite paper Malware Security and the Bottom Line
Malware Security Report: Protecting Your BusineSS, Customers, and the Bottom Line Contents 1 Malware is crawling onto web sites everywhere 1 What is Malware? 2 The anatomy of Malware attacks 3 The Malware
More informationProtecting Your Organisation from Targeted Cyber Intrusion
Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology
More information10 Things Every Web Application Firewall Should Provide Share this ebook
The Future of Web Security 10 Things Every Web Application Firewall Should Provide Contents THE FUTURE OF WEB SECURITY EBOOK SECTION 1: The Future of Web Security SECTION 2: Why Traditional Network Security
More informationCommtouch RPD Technology. Network Based Protection Against Email-Borne Threats
Network Based Protection Against Email-Borne Threats Fighting Spam, Phishing and Malware Spam, phishing and email-borne malware such as viruses and worms are most often released in large quantities in
More informationUsing big data analytics to identify malicious content: a case study on spam emails
Using big data analytics to identify malicious content: a case study on spam emails Mamoun Alazab & Roderic Broadhurst Mamoun.alazab@anu.edu.au http://cybercrime.anu.edu.au 2 Outline Background Cybercrime
More informationEnterprise-Grade Security from the Cloud
Datasheet Website Security Enterprise-Grade Security from the Cloud Unmatched web application security experience, enhanced by real-time big data analytics, enables Incapsula to provide best-of-breed security
More informationMicrosoft Security Intelligence Report volume 7 (January through June 2009)
Microsoft Security Intelligence Report volume 7 (January through June 2009) Key Findings Summary Volume 7 of the Microsoft Security Intelligence Report provides an in-depth perspective on malicious and
More informationEvolution of attacks and Intrusion Detection
Evolution of attacks and Intrusion Detection AFSecurity seminar 11 April 2012 By: Stian Jahr Agenda Introductions What is IDS What is IDS in mnemoic How attacks have changed by time and how has it changed
More informationDetecting Web Application Vulnerabilities Using Open Source Means. OWASP 3rd Free / Libre / Open Source Software (FLOSS) Conference 27/5/2008
Detecting Web Application Vulnerabilities Using Open Source Means OWASP 3rd Free / Libre / Open Source Software (FLOSS) Conference 27/5/2008 Kostas Papapanagiotou Committee Member OWASP Greek Chapter conpap@owasp.gr
More informationGlobalSign Malware Monitoring
GLOBALSIGN WHITE PAPER GlobalSign Malware Monitoring Protecting your website from distributing hidden malware GLOBALSIGN WHITE PAPER www.globalsign.com CONTENTS Introduction... 2 Malware Monitoring...
More informationKASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com
KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global
More informationComprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)
Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus February 3, 2015 (Revision 4) Table of Contents Overview... 3 Malware, Botnet Detection, and Anti-Virus Auditing... 3 Malware
More information10 Smart Ideas for. Keeping Data Safe. From Hackers
0100101001001010010001010010101001010101001000000100101001010101010010101010010100 0100101001001010010001010010101001010101001000000100101001010101010010101010010100000 0100101001001010010001010010101001010101001000000100101001010101010010101010010100000
More informationCybercrime myths, challenges and how to protect our business. Vladimir Kantchev Managing Partner Service Centrix
Cybercrime myths, challenges and how to protect our business Vladimir Kantchev Managing Partner Service Centrix Agenda Cybercrime today Sources and destinations of the attacks Breach techniques How to
More informationSTOPPING LAYER 7 ATTACKS with F5 ASM. Sven Müller Security Solution Architect
STOPPING LAYER 7 ATTACKS with F5 ASM Sven Müller Security Solution Architect Agenda Who is targeted How do Layer 7 attacks look like How to protect against Layer 7 attacks Building a security policy Layer
More informationRIA SECURITY TECHNOLOGY
RIA SECURITY TECHNOLOGY Ulysses Wang Security Researcher, Websense Hermes Li Security Researcher, Websense 2009 Websense, Inc. All rights reserved. Agenda RIA Introduction Flash Security Attack Vectors
More informationDATA SHEET. What Darktrace Finds
DATA SHEET What Darktrace Finds Darktrace finds anomalies that bypass other security tools, due to the uniqueness of the Enterprise Immune System, capable of detecting threats without reliance on rules,
More informationWEBTHREATS. Constantly Evolving Web Threats Require Revolutionary Security. Securing Your Web World
Securing Your Web World WEBTHREATS Constantly Evolving Web Threats Require Revolutionary Security ANTI-SPYWARE ANTI-SPAM WEB REPUTATION ANTI-PHISHING WEB FILTERING Web Threats Are Serious Business Your
More informationReducing the Cost and Complexity of Web Vulnerability Management
WHITE PAPER: REDUCING THE COST AND COMPLEXITY OF WEB..... VULNERABILITY.............. MANAGEMENT..................... Reducing the Cost and Complexity of Web Vulnerability Management Who should read this
More informationAnti-exploit tools: The next wave of enterprise security
Anti-exploit tools: The next wave of enterprise security Intro From malware and ransomware to increasingly common state-sponsored attacks, organizations across industries are struggling to stay ahead of
More informationagenda 5 IBM ISS security consulting solutions 6 Reduzca costos y la complejidad de la seguridad en su negocio
Reduzca costos y la complejidad de la seguridad en su negocio Juan Carlos Carrillo Security Sales Leader Viernes, 11 de Septiembre de 2009 agenda 1 2 3 X-Force 2008 Trend & Risk Report Highlights IBM Security
More informationVulnerabilità e Attacchi alle Infrastrutture IT Simone Riccetti. Sr. IT Security Architect
Vulnerabilità e Attacchi alle Infrastrutture IT Simone Riccetti Sr. IT Security Architect Agenda Team di Ricerca X-Force Vulnerabilità e Minacce Tecnologie di Protezione Attack Lifecycle Live Demo 2 The
More informationDefending Against. Phishing Attacks
Defending Against Today s Targeted Phishing Attacks DeFending Against today s targeted phishing attacks 2 Introduction Is this email a phish or is it legitimate? That s the question that employees and
More informationRecurrent Patterns Detection Technology. White Paper
SeCure your Network Recurrent Patterns Detection Technology White Paper January, 2007 Powered by RPD Technology Network Based Protection against Email-Borne Threats Spam, Phishing and email-borne Malware
More informationTechnology Blueprint. Protect Your Email Servers. Guard the data and availability that enable business-critical communications
Technology Blueprint Protect Your Email Servers Guard the data and availability that enable business-critical communications LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security
More informationINDUSTRY OVERVIEW: FINANCIAL
ii IBM MSS INDUSTRY OVERVIEW: FINANCIAL RESEARCH AND INTELLIGENCE REPORT RELEASE DATE: NOVEMBER 5, 2014 BY: JOHN KUHN, SENIOR THREAT RESEARCHER iii TABLE OF CONTENTS EXECUTIVE OVERVIEW... 1 MAJOR FINANCIAL
More informationManaging Web Security in an Increasingly Challenging Threat Landscape
Managing Web Security in an Increasingly Challenging Threat Landscape Cybercriminals have increasingly turned their attention to the web, which has become by far the predominant area of attack. Small wonder.
More informationTable of Contents. Page 2/13
Page 1/13 Table of Contents Introduction...3 Top Reasons Firewalls Are Not Enough...3 Extreme Vulnerabilities...3 TD Ameritrade Security Breach...3 OWASP s Top 10 Web Application Security Vulnerabilities
More informationStreamlining Web and Email Security
How to Protect Your Business from Malware, Phishing, and Cybercrime The SMB Security Series Streamlining Web and Email Security sponsored by Introduction to Realtime Publishers by Don Jones, Series Editor
More informationMalware B-Z: Inside the Threat From Blackhole to ZeroAccess
Malware B-Z: Inside the Threat From Blackhole to ZeroAccess By Richard Wang, Manager, SophosLabs U.S. Over the last few years the volume of malware has grown dramatically, thanks mostly to automation and
More informationCommissioned Study. SURVEY: Web Threats Expose Businesses to Data Loss
Commissioned Study SURVEY: Web Threats Expose Businesses to Data Loss Introduction Web-borne attacks are on the rise as cybercriminals and others who do harm to computer systems for profit or malice prey
More informationThe Cyber Threat Profiler
Whitepaper The Cyber Threat Profiler Good Intelligence is essential to efficient system protection INTRODUCTION As the world becomes more dependent on cyber connectivity, the volume of cyber attacks are
More informationThe Key to Secure Online Financial Transactions
Transaction Security The Key to Secure Online Financial Transactions Transferring money, shopping, or paying debts online is no longer a novelty. These days, it s just one of many daily occurrences on
More informationIntroduction The Case Study Technical Background The Underground Economy The Economic Model Discussion
Internet Security Seminar 2013 Introduction The Case Study Technical Background The Underground Economy The Economic Model Discussion An overview of the paper In-depth analysis of fake Antivirus companies
More informationThe Top Web Application Attacks: Are you vulnerable?
QM07 The Top Web Application Attacks: Are you vulnerable? John Burroughs, CISSP Sr Security Architect, Watchfire Solutions jburroughs@uk.ibm.com Agenda Current State of Web Application Security Understanding
More informationInspection of Encrypted HTTPS Traffic
Technical Note Inspection of Encrypted HTTPS Traffic StoneGate version 5.0 SSL/TLS Inspection T e c h n i c a l N o t e I n s p e c t i o n o f E n c r y p t e d H T T P S T r a f f i c 1 Table of Contents
More informationWhen Reputation is Not Enough: Barracuda Spam & Virus Firewall Predictive Sender Profiling
When Reputation is Not Enough: Barracuda Spam & Virus Firewall Predictive Sender Profiling As spam continues to evolve, Barracuda Networks remains committed to providing the highest level of protection
More informationFighting Advanced Threats
Fighting Advanced Threats With FortiOS 5 Introduction In recent years, cybercriminals have repeatedly demonstrated the ability to circumvent network security and cause significant damages to enterprises.
More informationWhere every interaction matters.
Where every interaction matters. Peer 1 Vigilant Web Application Firewall Powered by Alert Logic The Open Web Application Security Project (OWASP) Top Ten Web Security Risks and Countermeasures White Paper
More informationEl costo oculto de las aplicaciones Vulnerables. Faustino Sanchez. WW Security Sales Enablement. IBM Canada
El costo oculto de las aplicaciones Vulnerables. Faustino Sanchez. WW Security Sales Enablement. IBM Canada The Traditional Approach is Changing. Security is no longer controlled and enforced through the
More informationHow Economics and Information Security Affects Cyber Crime and What This Means in the Context of a Global Recession. Turbo Talk BH 2009 Peter Guerra
How Economics and Information Security Affects Cyber Crime and What This Means in the Context of a Global Recession Turbo Talk BH 2009 Peter Guerra Full Disclosure My opinions only not of my University,
More information2012 Global Threats and Trends
2012 Global Threats and Trends Presented by: Nicholas J. Percoco Trustwave SVP & Head of SpiderLabs Agenda Introduction 2011 Incident Investigations The Breach Triad Malware Trends Security Weaknesses
More informationMalware Trend Report, Q2 2014 April May June
Malware Trend Report, Q2 2014 April May June 5 August 2014 Copyright RedSocks B.V. 2014. All Rights Reserved. Table of Contents 1. Introduction... 3 2. Overview... 4 2.1. Collecting Malware... 5 2.2. Processing...
More informationTop 10 Anti-fraud Tips: The Cybersecurity Breach Aftermath
ebook Top 10 Anti-fraud Tips: The Cybersecurity Breach Aftermath Protecting against downstream fraud attacks in the wake of large-scale security breaches. Digital companies can no longer trust static login
More informationEmail Threat Trend Report Second Quarter 2007
Email Threat Trend Report Second Quarter 2007, Ltd. 2550 SW Grapevine Parkway, Suite 150 Grapevine, Texas 76051 Phone: (817) 601-3222 Fax: (817) 601-3223 http://www.altn.com/ 2007 Contents Emerging Email
More informationAddressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave
More information2014 Entry Form (Complete one for each entry.) Fill out the entry name exactly as you want it listed in the program.
2014 Entry Form (Complete one for each entry.) Fill out the entry name exactly as you want it listed in the program. Entry Name HFA Submission Contact Phone Email Qualified Entries must be received by
More informationSymantec Messaging Gateway 10.5
Powerful email gateway protection Data Sheet: Messaging Security Overview Symantec Messaging Gateway enables organizations to secure their email and productivity infrastructure with effective and accurate
More informationFSOEP Web Banking & Fraud: Corporate Treasury Attacks
FSOEP Web Banking & Fraud: Corporate Treasury Attacks Your Presenters Who Are We? Tim Wainwright Managing Director Chris Salerno Senior Consultant Led 200+ penetration tests Mobile security specialist
More informationMalicious Network Traffic Analysis
Malicious Network Traffic Analysis Uncover system intrusions by identifying malicious network activity. There are a tremendous amount of network based attacks to be aware of on the internet today and the
More informationPrimer TROUBLE IN YOUR INBOX 5 FACTS EVERY SMALL BUSINESS SHOULD KNOW ABOUT EMAIL-BASED THREATS
A Primer TROUBLE IN YOUR INBOX 5 FACTS EVERY SMALL BUSINESS SHOULD KNOW ABOUT EMAIL-BASED THREATS Even with today s breakthroughs in online communication, email is still one of the main ways that most
More informationDeep Security Vulnerability Protection Summary
Deep Security Vulnerability Protection Summary Trend Micro, Incorporated This documents outlines the process behind rules creation and answers common questions about vulnerability coverage for Deep Security
More informationIBM Security Network Intrusion Prevention System
IBM Security Network Intrusion Prevention System Comprehensive protection from today s evolving threats Highlights Unmatched levels of performance without compromising breadth and depth of security Protect
More informationZNetLive Malware Monitoring
Introduction The criminal ways of distributing malware or malicious software online have gone through a change in past years. In place of using USB drives, attachments or disks to distribute viruses, hackers
More informationWebsense Web Security Solutions. Websense Web Security Gateway Websense Web Security Websense Web Filter Websense Hosted Web Security
Web Security Gateway Web Security Web Filter Hosted Web Security Web Security Solutions The Approach In the past, most Web content was static and predictable. But today s reality is that Web content even
More informationINTRODUCING isheriff CLOUD SECURITY
INTRODUCING isheriff CLOUD SECURITY isheriff s cloud-based, multi-layered, threat protection service is the simplest and most cost effective way to protect your organization s data and devices from cyber-threats.
More informationPhishing Activity Trends Report June, 2006
Phishing Activity Trends Report, 26 Phishing is a form of online identity theft that employs both social engineering and technical subterfuge to steal consumers' personal identity data and financial account
More informationDefending Against Cyber Attacks with SessionLevel Network Security
Defending Against Cyber Attacks with SessionLevel Network Security May 2010 PAGE 1 PAGE 1 Executive Summary Threat actors are determinedly focused on the theft / exfiltration of protected or sensitive
More informationHow to achieve PCI DSS Compliance with Checkmarx Source Code Analysis
How to achieve PCI DSS Compliance with Checkmarx Source Code Analysis Document Scope This document aims to assist organizations comply with PCI DSS 3 when it comes to Application Security best practices.
More informationAdvancements in Botnet Attacks and Malware Distribution
Advancements in Botnet Attacks and Malware Distribution HOPE Conference, New York, July 2012 Aditya K Sood Rohit Bansal Richard J Enbody SecNiche Security Department of Computer Science and Engineering
More informationUser Documentation Web Traffic Security. University of Stavanger
User Documentation Web Traffic Security University of Stavanger Table of content User Documentation... 1 Web Traffic Security... 1 University of Stavanger... 1 UiS Web Traffic Security... 3 Background...
More informationDDoS Attacks: The Latest Threat to Availability. Dr. Bill Highleyman Managing Editor Availability Digest
DDoS Attacks: The Latest Threat to Availability Dr. Bill Highleyman Managing Editor Availability Digest The Anatomy of a DDoS Attack Sombers Associates, Inc. 2013 2 What is a Distributed Denial of Service
More informationFive Tips to Reduce Risk From Modern Web Threats
Five Tips to Reduce Risk From Modern Web Threats By Chris McCormack, Senior Product Marketing Manager and Chester Wisniewski, Senior Security Advisor Modern web threats can infect your network, subvert
More informationWEB ATTACKS AND COUNTERMEASURES
WEB ATTACKS AND COUNTERMEASURES February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in
More informationINFORMATION SECURITY REVIEW
INFORMATION SECURITY REVIEW 14.10.2008 CERT-FI Information Security Review 3/2008 In the summer, information about a vulnerability in the internet domain name service (DNS) was released. If left unpatched,
More informationWEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY
WEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY www.alliancetechpartners.com WEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY More than 70% of all websites have vulnerabilities
More information5 Steps to Advanced Threat Protection
5 Steps to Advanced Threat Protection Agenda Endpoint Protection Gap Profile of Advanced Threats Consensus Audit Guidelines 5 Steps to Advanced Threat Protection Resources 20 Years of Chasing Malicious
More informationWeb Application Worms & Browser Insecurity
Web Application Worms & Browser Insecurity Mike Shema Welcome Background Hacking Exposed: Web Applications The Anti-Hacker Toolkit Hack Notes: Web Security Currently working at Qualys
More informationWebsense Web Security Solutions. Websense Web Security Gateway Websense Web Security Websense Web Filter Websense Express Websense Hosted Web Security
Web Security Gateway Web Security Web Filter Express Hosted Web Security Web Security Solutions The Approach In the past, most Web content was static and predictable. But today s reality is that Web content
More informationComputer Viruses: How to Avoid Infection
Viruses From viruses to worms to Trojan Horses, the catchall term virus describes a threat that's been around almost as long as computers. These rogue programs exist for the simple reason to cause you
More informationWeb Security. Discovering, Analyzing and Mitigating Web Security Threats
Web Security Discovering, Analyzing and Mitigating Web Security Threats Expectations and Outcomes Mitigation strategies from an infrastructure, architecture, and coding perspective Real-world implementations
More informationModern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth
Modern Cyber Threats how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure Axel Wirth Healthcare Solutions Architect Distinguished Systems Engineer AAMI 2013 Conference
More information