Security Trends X-Force
|
|
- Katrina Banks
- 8 years ago
- Views:
Transcription
1 Security Trends X-Force IBM Internet Security Systems (ISS) The IBM ISS X-Force research and development team drives IBM Security Innovation Research Technology Solutions Original Vulnerability Research Public Vulnerability Analysis Malware Analysis Threat Landscape Forecasting Protection Technology Research X-Force Protection Engines Extensions to existing engines New protection engine creation X-Force XPU s Security Content Update Development Security Content Update QA X-Force Intelligence X-Force Database Feed Monitoring and Collection Intelligence Sharing The X-Force team delivers reduced operational complexity helping to build integrated technologies that feature baked-in simplification 2 1
2 IBM X-Force Web Intelligence Lifecycle Deep Crawl of Known Malicious Websites Analyze New Exploit Techniques Provide New Protection Guidance Develop Protection Deliver Updates Classify MSS Links Find Related Websites (Deep Crawl) Search for Malware Find New Malicious Websites Block All Malicious Domains Apply Updates Monitor Browsing of: Million of End-users Thousands of Customers Hundreds of Countries Block Malicious Links Send Links to Cobion 3 X-Force R&D -- Unmatched Security Leadership The mission of the IBM Internet Security Systems X-Force research and development team is to: Research and evaluate threat and protection issues Deliver security protection for today s security problems Develop new technology for tomorrow s security challenges Educate the media and user communities X-Force Research 10B analyzed Web pages & images 150M intrusion attempts daily 40M spam & phishing attacks 43K documented vulnerabilities Millions of unique malware samples Provides Specific Analysis of: Vulnerabilities & exploits Malicious/Unwanted websites Spam and phishing Malware Other emerging trends 4 2
3 Looks Can Be Deceiving: Vulnerability Disclosures Decline but Exploitation Increases Declines in some of the largest categories of vulnerabilities Slowing disclosure rate is due to the disappearance of the low-hanging fruit from currently researched categories and existing applications Exploits targeting these vulnerabilities are increasing, especially SQL injection and ActiveX controls. High vulnerabilities are down 6% YOY Medium vulnerabilities are up to 62% of the vulnerabilities (8% YOY increase) YOY = year over year 5 Patches Still Unavailable for Half of Vulnerabilities Nearly half (49%) of all vulnerabilities disclosed in the first half of 2009 had no vendor-supplied patches to remedy the vulnerability *Vendors with twenty or more disclosures in 1H 2009 **IBM Disclosures 82, Unpatched 3, % Unpatched 3.7% Top 10 categories of operating systems account for 89% of all operating system vulnerability disclosures and 93% of all critical and high operating system disclosures in the first half of Percentage of Percentage of All Operating System Critical and High OS Vulnerabilities Microsoft 39% 14% Apple 18% 24% Sun Solaris 14% 26% Linux 14% 20% IBM AIX 7% 3% BSD 2% 4% Others 7% 11% 6 3
4 The Economics of Attacker Exploitation Document Reader vulnerabilities: Widely deployed Public exploits Fits the drive-by-download business model Exchange TNEF vulnerability: Widely deployed Valuable data No public exploit No plug and play business model 7 The drive-by-download process Desktop Users Downloader installed Exploit material Served Malware installed and activated Browse The Internet Web server with embedded iframe Malicious iframe host Web browser targeted 8 4
5 Malicious Web Links Increase by 508% YOY Personal homepages (typically hosted by communication service company domains) account for approximately half of all the domains hosting at least one malicious link Hosts that have 10 or more, pornography accounts for nearly 28% and gambling accounts for more than 14% One or More Malicious Links Ten or More Malicious Links 9 SQL Injection 10 5
6 SQL Injection 11 SQL Injection SQL Injection attack Monitored by IBM ISS Managed Security Services 12 6
7 SQL Injection Attack Tools * Automatic page-rank verification * Search engine integration for finding vulnerable sites * Prioritization of results based on probability for successful injection * Reverse domain name resolution * etc. 13 The Economics of Attacker Exploitation Document Reader vulnerabilities: Widely deployed Public exploits Fits the drive-by-download business model Exchange TNEF vulnerability: Widely deployed Valuable data No public exploit No plug and play business model 14 7
8 The Three Legged Stool 15 Web App Vulnerabilities Continue to Dominate 50.4% of all vulnerabilities are Web application vulnerabilities SQL injection and Cross-Site Scripting are neck and neck in a race for the top spot 16 8
9 Web App Vulnerabilities Continue to Dominate Security and Spending are Unbalanced The cleanup cost for fixing a bug in a homegrown Web application ranges anywhere from $400 to $4,000 to repair, depending on the vulnerability and the way it's fixed. -Darkreading.com 17 The drive-by-download process Desktop Users Downloader installed Exploit material Served Malware installed and activated Browse The Internet Web server with embedded iframe Malicious iframe host Web browser targeted 18 9
10 Web Browsers are Complicated and Vulnerable Largest number of client-side vulnerabilities in the first half of 2009 affects Web browsers and their plugins Mozilla Firefox surpasses Microsoft Internet Explorer for the 1 st time. 19 Decline in Disclosures Does Not Impact Exploitation Decline in ActiveX disclosures does not appear to be making an impact on exploitation. Three of the five most popular exploits are ActiveX controls. First time that a PDF exploit is in the top 5 list. Most Popular Exploits Rank 2008 H H1 1. Microsoft MDAC RDS Dataspace ActiveX (CVE ) 2. Microsoft WebViewFolderIcon ActiveX (CVE ) 3. Internet Explorer "createcontrolrange" DHTML (CVE ) 4. RealPlayer IERPCtl ActiveX (CVE ) 5. Apple QuickTime RSTP URL (CVE ) Microsoft MDAC RDS Dataspace ActiveX (CVE ) Microsoft Snapshot Viewer ActiveX (CVE ) Adobe Acrobat and Reader Collab.Collect Info (CVE ) Microsoft IE7 DHTML Object Reuse (CVE ) RealPlayer IERPCtl ActiveX (CVE ) 20 10
11 Vulnerabilities in Document Readers Skyrocket Portable Document Format (PDF) vulnerabilities disclosed in the first half of 2009 has already surpassed disclosures from all of PDF disclosures traded places with Office document disclosures to take the top spot. Points to Consider: Users trust.pdf more than.exe PDF exploits becoming a popular method of attack 21 Adobe Security Update: APSB09-07 Jun Mao and Ryan Smith, idefense Labs (CVE ) Haifei Li of Fortinet's FortiGuard Global Security Research Team (CVE ) Apple Product Security Team (CVE ) Matthew Watchinski, Sourcefire VRT (CVE ) Alin Rad Pop, Secunia Research (CVE ) 0198) Will Dormann, CERT (CVE ) Nicolas Joly, VUPEN Security (CVE ) 0509) An anonymous researcher reported through TippingPoint s Zero Day Initiative (CVE ) Mark Dowd of the IBM Internet Security Systems X-Force (CVE , 0509, CVE , CVE , 0511, CVE , 0512, CVE , 0888, CVE ) 0889) 22 11
12 Popular drive-by-download exploit packs WebAttacker2 Mpack IcePack Localized to French in May 2008 Firepack Neosploit Black Sun Cyber Bot 23 IcePack First appeared in July 2007 Two Versions of IcePack Basic Version IcePack Lite Edition (only has exploits for MS and MS06-006) and sold for $30 Advanced version IcePack Platinum Edition, sold for around $400 Produced by IDT Group in Russian English and French available Licensed on a per-website Basis Contains Web browser optimized exploit pages /exploits/i.php Optimized for Internet Explorer Contains WinZip exploits, QuickTime overflow, MS WebViewFolderIcon, MS VML /exploits/movie.bin QuickTime overflow exploit /exploits/f.php Firefox optimized version of MS exploit /exploits/o.php Opera optimized version of MS exploit 24 12
13 Javascript Obfuscation 25 Increasing Prevalence of Attack Obfuscation The level of obfuscation found in Web exploits, and, especially, PDF files continues to rise. Some of these techniques are being passed to malicious multimedia files as well. From Q1 to Q2 alone, the amount of suspicious, obfuscated content monitored by IBM ISS Managed Security Services nearly doubled
14 The drive-by-download process Desktop Users Downloader installed Exploit material Served Malware installed and activated Browse The Internet Web server with embedded iframe Malicious iframe host Web browser targeted 27 Information Stealing Trojans and Fraud Tools Increasing Trojans make up 55% of all Malware Infostealers & Downloaders are the most common subcategories Infostealer Trojans target online games as well as banking credentials 28 14
15 Trojan Creator Kits Constructor/Turkojan V.4 New features Remote Desktop Webcam Streaming Audio Streaming Remote passwords MSN Sniffer Remote Shell Advanced File Manager Online & Offline keylogger Information about remote computer Etc.. 29 Trojan Creator Kits 30 15
16 Commercial Anti-debugging Tools for Malware Authors Code Virtualizer will convert your original code (Intel x86 instructions) into Virtual Opcodes that will only be understood by an internal Virtual Machine. Code Virtualizer can protect your sensitive code areas in any x32 and x64 native PE files (like executable files/exes, system services, DLLs, OCXs, ActiveX controls, screen savers and device drivers). Code Virtualizer can generate multiple types of virtual machines with a different instruction set for each one. This means that a specific block of Intel x86 instructions can be converted into different instruction set for each machine, preventing an attacker from recognizing any generated virtual opcode after the transformation from x86 instructions. 31 Malware Quality Assurance Check to see if the DIY malware can defeat commercial AV? 32 16
17 Spam Continues to Change to Avoid Detection Spam is up approximately 40% in % of spam classified as URL spam Using trusted domains and legitimate links continues to help avoid anti-spam technologies Brazil, the U.S., and India account for about 30% of worldwide spam Image-based Spam has returned Most Common Domains in URL Spam, 2009 H1 33 Phishing Disappears and then Reappears 34 17
18 Anonymity through botnet agents Anonymous Proxies Volume of proxy services increasing year over year SOCKS Jump Point Many tools and services rely upon compromised hosts (typically botnet agents) to provide SOCKS proxies as anonymous exit/jump points. 35 XSOX Botnet Anonymizer 36 11/4/
19 A Tale of Two Worms MS : Buffer Overrun In RPC Interface Could Allow Code Execution Patched July 2003 Specially crafted RPC requests MS Blaster Worm Released August 11 th 2003 Propagation rate peaked within 8 hours Microsoft: Between 8 and 16 million infections MS : Vulnerability in Server Service Could Allow Remote Code Execution Patched October 23, 2008 Specially crafted RPC requests Gimmiv.A Not very effective Conficker.A November 20 th - Not very effective Conficker was a non-story in December of 2008 Internet Security has improved in 2008 Widespread use of Windows Update Better use of security tools Firewalls, IPS, Antivirus This all changed on December 29 th with Conficker.B
20 39 IBM s Comprehensive Approach Mitigates the Threat People and Identity Threat: Cracking of weak Windows Domain passwords Solution: Good network access control management Data and Information Threat: Autorun - Peer to Peer drive mapping and Thumb-drives Solution: Managed central file sharing with good access controls, antivirus, and backup Application and Process Threat: Exploitation of remote code execution vulnerabilities Solution: Effective device inventory and policy compliance focused on vulnerability and patch management Network, Server, and End Point Threat: Automatic network propagation Solution: Intrusion Prevention at the Network, Server, and Host that can identify and preemptively prevent 0-day threats 40 20
21 41 X-Force 2008 Trend & Risk Report Summary Vulnerabilities are at a high plateau Secure Web presence has become the Achilles heel of corporate IT security Mass endpoint exploitation is happening not only through browser vulnerabilities, but also through malicious movies and documents like Adobe PDF files Successful exploitation typically leads to the installation of information-stealing Trojans The most prevalent malware category 42 21
22 2008 X-Force Annual Trend & Risk Report Mapping to IBM Portfolio Area of Risk IBM Security Solutions Vulnerabilities Web Application Vulnerabilities PC Vulnerabilities including Malicious Web Exploits Spam Unwanted Web Content Malware - IBM ISS Intrusion Prevention System (IPS) products: Proventia Network IPS, Proventia Server, RealSecure Server Sensor, Proventia Desktop & Proventia Multifunction (MFS) -IBM ISS Managed Protection Services for IPS - Tivoli Security Information and Event Manager (TSIEM) - Web application IPS security for Network, Server and MFS (April marketing launch) - Managed Protection Services for IPS - Rational Appscan for assessment -Rational Appscan Enterprise - Tivoli Security Information and Event Manager - Tivoli Security Policy Manager - IBM ISS Intrusion Prevention System (IPS) product lines (see above list under vulnerabilities) - Managed Protection Services for IPS - Managed Security Services for Web Security - Proventia Web Filter Mail security offerings: - Proventia Network Mail / Lotus Protector - Proventia Multifunction System (MFS) - Managed Security Services for Mail Security - Proventia MFS - Managed Security Services for Web Security - Proventia Web Filter - Proventia Desktop and MFS - Managed Security Services for Mail and Web Security - Proventia Network Mail / Lotus Protector - Proventia Web Filter 43 22
2009 IBM ISS X-Force Mid-Year Trend & Risk Report
2009 IBM ISS X-Force Mid-Year Trend & Risk Report IBM Internet Security Systems (ISS) Andrew Luetje ISS Solutions Specialist 816-679-2885 andrewlu@us.ibm.com X-Force R&D -- Unmatched Security Leadership
More informationThe Cyber-threat Landscape in 1H 2010
The Cyber-threat Landscape in 1H 2010 Dr. Jean Paul Ballerini WW IBM Security Solutions Sales Enablement, X-Force Expert Agenda IBM s Threat Management R&D: X-Force Mid-Year Report 2 IBM X-Force Research
More informationIBM Internet Security Systems
IBM Global Services IBM Internet Security Systems Norberto Gazzoni Italy Channel Manager norberto_gazzoni@it.ibm.com +39 347 3499617 IBM Internet Security Systems Ahead of the threat. 2006 IBM Corporation
More informationIBM Advanced Threat Protection Solution
IBM Advanced Threat Protection Solution Fabio Panada IBM Security Tech Sales Leader 1 Advanced Threats is one of today s key mega-trends Advanced Threats Sophisticated, targeted attacks designed to gain
More informationIBM X-Force 2012 Cyber Security Threat Landscape
IBM X-Force 2012 Cyber Security Threat Landscape 1 2012 IBM Corporation Agenda Overview Marketing & Promotion Highlights from the 2011 IBM X-Force Trend and Risk Report New attack activity Progress in
More informationagenda 5 IBM ISS security consulting solutions 6 Reduzca costos y la complejidad de la seguridad en su negocio
Reduzca costos y la complejidad de la seguridad en su negocio Juan Carlos Carrillo Security Sales Leader Viernes, 11 de Septiembre de 2009 agenda 1 2 3 X-Force 2008 Trend & Risk Report Highlights IBM Security
More informationIBM Security Strategy
IBM Security Strategy Intelligence, Integration and Expertise Kate Scarcella CISSP Security Tiger Team Executive M.S. Information Security IBM Security Systems IBM Security: Delivering intelligence, integration
More informationIBM Protocol Analysis Module
IBM Protocol Analysis Module The protection engine inside the IBM Security Intrusion Prevention System technologies. Highlights Stops threats before they impact your network and the assets on your network
More informationNext Generation IPS and Reputation Services
Next Generation IPS and Reputation Services Richard Stiennon Chief Research Analyst IT-Harvest 2011 IT-Harvest 1 IPS and Reputation Services REPUTATION IS REQUIRED FOR EFFECTIVE IPS Reputation has become
More informationVulnerabilità e Attacchi alle Infrastrutture IT Simone Riccetti. Sr. IT Security Architect
Vulnerabilità e Attacchi alle Infrastrutture IT Simone Riccetti Sr. IT Security Architect Agenda Team di Ricerca X-Force Vulnerabilità e Minacce Tecnologie di Protezione Attack Lifecycle Live Demo 2 The
More informationOverview. Common Internet Threats. Spear Phishing / Whaling. Phishing Sites. Virus: Pentagon Attack. Viruses & Worms
Overview Common Internet Threats Tom Chothia Computer Security, Lecture 19 Phishing Sites Trojans, Worms, Viruses, Drive-bydownloads Net Fast Flux Domain Flux Infiltration of a Net Underground economy.
More information76% Secunia Vulnerability Review. Key figures and facts from a global IT-Security perspective. Published February 26, 2014. secunia.
Secunia Vulnerability Review 2014 Key figures and facts from a global IT-Security perspective Published February 26, 2014 76% Browser Vulnerabilities 7540 893 7540 731 7540 727 7540 441 7540 208 7540 207
More informationBeyond Aurora s Veil: A Vulnerable Tale
Beyond Aurora s Veil: A Vulnerable Tale Derek Manky Cyber Security & Threat Research FortiGuard Labs October 26th, 2010: SecTor 2010 Toronto, CA Conficker: April Doomsday.. Meanwhile JBIG2 Zero Day PDF/SWF
More informationCybercrime myths, challenges and how to protect our business. Vladimir Kantchev Managing Partner Service Centrix
Cybercrime myths, challenges and how to protect our business Vladimir Kantchev Managing Partner Service Centrix Agenda Cybercrime today Sources and destinations of the attacks Breach techniques How to
More informationWeb Applications The Hacker s New Target
Web Applications The Hacker s New Target Ross Tang IBM Rational Software An IBM Proof of Technology Hacking 102: Integrating Web Application Security Testing into Development 1 Are you phished? http://www.myfoxny.com/dpp/your_money/consumer/090304_facebook_security_breaches
More informationProtecting Your Organisation from Targeted Cyber Intrusion
Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology
More informationDesktop Security. Overview and Technology Guidance. Michael Ramsey Network Specialist, NC DPI
Desktop Security Overview and Technology Guidance Michael Ramsey Network Specialist, NC DPI Desktop Security Best practices for both the technical type and the typical user Defensive Layering Top Vulnerabilities
More informationPriority One: Client-side software that remains unpatched. Priority Two: Internet-facing web sites that are vulnerable.
SANS: - http://www.sans.org/top-cyber-security-risks/summary.php 2 of 3 5/6/2553 12:20 Priority One: Client-side software that remains unpatched. Waves of targeted email attacks, often called spear phishing,
More informationISS X-Force. IBM Global Services. Angel NIKOLOV Country Manager BG, CZ, HU, RO and SK IBM Internet Security Systems
IBM Global Services ISS X-Force Angel NIKOLOV Country Manager BG, CZ, HU, RO and SK IBM Internet Security Systems Internet Security Systems, an IBM Company Security Market Overview Companies face sophisticated
More informationKaspersky Endpoint Security 10 for Windows. Deployment guide
Kaspersky Endpoint Security 10 for Windows Deployment guide Introduction Typical Corporate Network Network servers Internet Gateway Workstations Mail servers Portable media Malware Intrusion Routes Viruses
More information2016 Trends in Cybersecurity: A Quick Guide to the Most Important Insights in Security
2016 Trends in Cybersecurity: A Quick Guide to the Most Important Insights in Security For 10 years, Microsoft has been studying and analyzing the threat landscape of exploits, vulnerabilities, and malware.
More informationWeb site security issues White paper November 2009. Maintaining trust: protecting your Web site users from malware.
Web site security issues White paper November 2009 Maintaining trust: protecting your Page 2 Contents 2 Is your Web site attacking your users? 3 Familiar culprit, new MO 6 A look at how legitimate Web
More informationFactoring Malware and Organized Crime in to Web Application Security
Factoring Malware and Organized Crime in to Web Application Security Gunter Ollmann - VP of Research gollmann@damballa.com Blog - http://blog.damballa.com Blog - http://technicalinfodotnet.blogspot.com
More informationIBM X-Force 2012 Cyber Security Threat Landscape
IBM X-Force 2012 Cyber Security Threat Landscape Johan Celis X-Force R&D Spokesperson Security Channel Sales Leader BeNeLux 1 Mission IBM Security Systems To protect our customers from security threats
More informationAccelerate Patching. the Enterprise. Wolfgang Kandek Qualys, Inc. Session ID: STAR-301 Session Classification: Intermediate
Accelerate Patching Progress Title of in Presentation the Enterprise the Enterprise Wolfgang Kandek Qualys, Inc. Session ID: STAR-301 Session Classification: Intermediate Insert presenter logo here on
More informationMicrosoft Security Intelligence Report volume 7 (January through June 2009)
Microsoft Security Intelligence Report volume 7 (January through June 2009) Key Findings Summary Volume 7 of the Microsoft Security Intelligence Report provides an in-depth perspective on malicious and
More informationTespok Kenya icsirt: Enterprise Cyber Threat Attack Targets Report
Tespok Kenya icsirt: Enterprise Cyber Threat Attack Targets Report About this Report This report was compiled and published by the Tespok icsirt in partnership with the Serianu Cyber Threat Intelligence
More informationAdvanced Persistent Threats
White Paper INTRODUCTION Although most business leaders and IT managers believe their security technologies adequately defend against low-level threats, instances of (APTs) have increased. APTs, which
More informationCISA, CISM, CGEIT, CRISC COBIT Foundations Certificate CISSP, OSCP ITIL v3 Foundations Certificate
La nueva generación de vulnerabilidades d Casos Prácticos Ing Miguel Angel Aranguren Romero Ing. Miguel Angel Aranguren Romero CISA, CISM, CGEIT, CRISC COBIT Foundations Certificate CISSP, OSCP ITIL v3
More informationThe Top Cyber Security Risks Two risks dwarf all others, but organizations fail to mitigate them
The Top Cyber Security Risks Two risks dwarf all others, but organizations fail to mitigate them Featuring attack data from TippingPoint intrusion prevention systems protecting 6,000 organizations, vulnerability
More informationManaged Security Services Portfolio
Managed Security Services Portfolio Managed Security Services Professional Services Security Hardware and Software What is on the truck IBM ISS Agenda An introduction and statement of capability Virtual
More informationHow PatchLink Meets the Top 10 Requirements for Enterprise Patch and Vulnerability Management. White Paper Sept. 2006
How PatchLink Meets the Top 10 Requirements for Enterprise Patch and Vulnerability Management White Paper Sept. 2006 Introduction It happens, five, ten, twenty times a month: A hardware or software vendor
More informationWhen a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.
Ethical Hacking and Countermeasures Course Description: This class will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems.
More informationThe Fundamental Failures of End-Point Security. Stefan Frei Research Analyst Director sfrei@secunia.com
The Fundamental Failures of End-Point Security Stefan Frei Research Analyst Director sfrei@secunia.com Agenda The Changing Threat Environment Malware Tools & Services Why Cybercriminals Need No 0-Days
More informationWEB ATTACKS AND COUNTERMEASURES
WEB ATTACKS AND COUNTERMEASURES February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in
More informationES ET DE LA VIE PRIVÉE E 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS
ES ET DE LA VIE PRIVÉE E 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISS The Internet Threat Landscape Symantec TM Dean Turner Director Global Intelligence Network Symantec Security
More informationWEBTHREATS. Constantly Evolving Web Threats Require Revolutionary Security. Securing Your Web World
Securing Your Web World WEBTHREATS Constantly Evolving Web Threats Require Revolutionary Security ANTI-SPYWARE ANTI-SPAM WEB REPUTATION ANTI-PHISHING WEB FILTERING Web Threats Are Serious Business Your
More informationEndpoint Business Products Testing Report. Performed by AV-Test GmbH
Business Products Testing Report Performed by AV-Test GmbH January 2011 1 Business Products Testing Report - Performed by AV-Test GmbH Executive Summary Overview During November 2010, AV-Test performed
More informationSecunia Vulnerability Review
Secunia Vulnerability Review 2015 Key figures and facts on vulnerabilities from a global information security perspective Published March 25, 2015 15,435 13,114 9,878 Index Global Trends All Products 3
More informationFighting Advanced Threats
Fighting Advanced Threats With FortiOS 5 Introduction In recent years, cybercriminals have repeatedly demonstrated the ability to circumvent network security and cause significant damages to enterprises.
More informationIBM Global Technology Services January 2008. IBM Internet Security Systems X-Force 2007 Trend Statistics
IBM Global Technology Services January 2008 IBM Internet Security Systems X-Force 2007 Trend Statistics Page 2 Table of Contents Management Overview 3 2007 Highlights 3 Vulnerability Analysis 5 2007 Vulnerability
More informationAccelerate Patching Progress in the Enterprise. Wolfgang Kandek CTO Qualys, Inc.
Accelerate Patching Progress in the Enterprise Wolfgang Kandek CTO Qualys, Inc. Introduction Patch Management Patch Progress Data Common Steps Case Studies Actions Summary References Q&A 2 Patch Management
More informationfor businesses with more than 25 seats
for businesses with more than 25 seats ESET Business Solutions 1/6 Whether your business is just starting out or is established, there are a few things that you should expect from the software you use
More informationStaying a step ahead of the hackers: the importance of identifying critical Web application vulnerabilities.
Managing business infrastructure White paper Staying a step ahead of the hackers: the importance of identifying critical Web application vulnerabilities. September 2008 2 Contents 2 Overview 5 Understanding
More informationBasic Security Considerations for Email and Web Browsing
Basic Security Considerations for Email and Web Browsing There has been a significant increase in spear phishing and other such social engineering attacks via email in the last quarter of 2015, with notable
More informationFive Tips to Reduce Risk From Modern Web Threats
Five Tips to Reduce Risk From Modern Web Threats By Chris McCormack, Senior Product Marketing Manager and Chester Wisniewski, Senior Security Advisor Modern web threats can infect your network, subvert
More informationMALWARE THREATS AND TRENDS. Chris Blow, Director Dustin Hutchison, Director
MALWARE THREATS AND TRENDS Chris Blow, Director Dustin Hutchison, Director WHAT IS MALWARE? Malicious Software Viruses Worms Trojans Rootkits Spyware Ransomware 2 MALWARE ORIGINS Users bring it from home
More information============================================================= =============================================================
Stephan Lantos Subject: FW: @RISK: The Consensus Security Vulnerability Alert: Vol. 13, Num. 23 In partnership with SANS and Sourcefire, Qualys is pleased to provide you with the @RISK Newsletter. This
More informationTHREAT VISIBILITY & VULNERABILITY ASSESSMENT
THREAT VISIBILITY & VULNERABILITY ASSESSMENT Date: April 15, 2015 IKANOW Analysts: Casey Pence IKANOW Platform Build: 1.34 11921 Freedom Drive, Reston, VA 20190 IKANOW.com TABLE OF CONTENTS 1 Key Findings
More informationSecurity Challenges and Solutions for Higher Education. May 2011
Security Challenges and Solutions for Higher Education May 2011 Discussion Topics Security Threats and Challenges Education Risks and Trends ACH and Wire Fraud Malware and Phishing Techniques Prevention
More informationIBM Security re-defines enterprise endpoint protection against advanced malware
IBM Security re-defines enterprise endpoint protection against advanced malware Break the cyber attack chain to stop advanced persistent threats and targeted attacks Highlights IBM Security Trusteer Apex
More informationCyber Security and Critical Information Infrastructure
Cyber Security and Critical Information Infrastructure Dr. Gulshan Rai Director General Indian Computer Emergency Response Team (CERT- In) grai [at] cert-in.org.in The Complexity of Today s Network Changes
More information2015 TRUSTWAVE GLOBAL SECURITY REPORT
2015 TRUSTWAVE GLOBAL SECURITY REPORT Rahul Samant Trustwave Australia WHY DO CYBERCRIMINALS DO WHAT THEY DO? 1,425% Return on Investment (ROI) Estimated ROI for a one-month ransomware campaign Based on
More informationCurrent Threat Scenario and Recent Attack Trends
Current Threat Scenario and Recent Attack Trends Anil Sagar Additional Director Indian Computer Emergency Response Team (CERT-In) Objectives Current Cyber space Nature of cyberspace and associated risks
More informationRIA SECURITY TECHNOLOGY
RIA SECURITY TECHNOLOGY Ulysses Wang Security Researcher, Websense Hermes Li Security Researcher, Websense 2009 Websense, Inc. All rights reserved. Agenda RIA Introduction Flash Security Attack Vectors
More informationWhat Do You Mean My Cloud Data Isn t Secure?
Kaseya White Paper What Do You Mean My Cloud Data Isn t Secure? Understanding Your Level of Data Protection www.kaseya.com As today s businesses transition more critical applications to the cloud, there
More informationMalware B-Z: Inside the Threat From Blackhole to ZeroAccess
Malware B-Z: Inside the Threat From Blackhole to ZeroAccess By Richard Wang, Manager, SophosLabs U.S. Over the last few years the volume of malware has grown dramatically, thanks mostly to automation and
More informationDeep Security Vulnerability Protection Summary
Deep Security Vulnerability Protection Summary Trend Micro, Incorporated This documents outlines the process behind rules creation and answers common questions about vulnerability coverage for Deep Security
More informationWeb Security. Discovering, Analyzing and Mitigating Web Security Threats
Web Security Discovering, Analyzing and Mitigating Web Security Threats Expectations and Outcomes Mitigation strategies from an infrastructure, architecture, and coding perspective Real-world implementations
More informationCommon Cyber Threats. Common cyber threats include:
Common Cyber Threats: and Common Cyber Threats... 2 Phishing and Spear Phishing... 3... 3... 4 Malicious Code... 5... 5... 5 Weak and Default Passwords... 6... 6... 6 Unpatched or Outdated Software Vulnerabilities...
More informationCreating Stronger, Safer, Web Facing Code. JPL IT Security Mary Rivera June 17, 2011
Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011 Agenda Evolving Threats Operating System Application User Generated Content JPL s Application Security Program Securing
More informationVirtualization Journey Stages
Deep Security 7.5 Todd Thiemann Sr. Dir. of Datacenter Security Marketing Trend Micro Harish Agastya Director of Datacenter Security Marketing Trend Micro Classification 11/12/2010 1 Virtualization Journey
More informationwhite paper Malware Security and the Bottom Line
Malware Security Report: Protecting Your BusineSS, Customers, and the Bottom Line Contents 1 Malware is crawling onto web sites everywhere 1 What is Malware? 2 The anatomy of Malware attacks 3 The Malware
More informationSurviving and operating services despite highly skilled and well-funded organised crime groups. Romain Wartel, CERN CHEP 2015, Okinawa
Surviving and operating services despite highly skilled and well-funded organised crime groups Romain Wartel, CERN CHEP 2015, Okinawa 1 Operation Windigo (2011 - now) 30,000+ unique servers compromised
More informationProtect Your Business and Customers from Online Fraud
DATASHEET Protect Your Business and Customers from Online Fraud What s Inside 2 WebSafe 5 F5 Global Services 5 More Information Online services allow your company to have a global presence and to conveniently
More informationCertified Secure Computer User
Certified Secure Computer User Exam Info Exam Name CSCU (112-12) Exam Credit Towards Certification Certified Secure Computer User (CSCU). Students need to pass the online EC-Council exam to receive the
More informationSecure Your Mobile Workplace
Secure Your Mobile Workplace Sunny Leung Senior System Engineer Symantec 3th Dec, 2013 1 Agenda 1. The Threats 2. The Protection 3. Q&A 2 The Mobile Workplaces The Threats 4 Targeted Attacks up 42% in
More informationIntegrated Protection for Systems. João Batista Joao_batista@mcafee.com Territory Manager
Integrated Protection for Systems João Batista Joao_batista@mcafee.com Territory Manager 2 McAfee Overview Proven Expertise And what it means to you Proof of Expertise Impact of Expertise 1 17 100 300
More informationThe Importance of Patching Non-Microsoft Applications
The Importance of Patching Non-Microsoft Applications Technical WHITE PAPER The Importance of Patching Non-Microsoft Applications In the past, organizations patched only Microsoft operating systems. As
More informationEndUser Protection. Peter Skondro. Sophos
EndUser Protection Peter Skondro Sophos Agenda Sophos EndUser Solutions Endpoint Usecases Sophos Mobile Solutions Mobile Usecases Endpoint Sophos EndUser Solutions EndUser Protection AV Firewall Application
More informationCyber Security Presentation Cyber Security Month Curtis McNay, Director of IT Security
Cyber Security Presentation Cyber Security Month Curtis McNay, Director of IT Security The IT Security Office (ITSO) What We Do? Risk Assessment Network and System Security Monitoring Vulnerability Scanning
More informationCountry Case Study on Incident Management Capabilities CERT-TCC, Tunisia
Country Case Study on Incident Management Capabilities CERT-TCC, Tunisia Helmi Rais CERT-TCC Team Manager National Agency for Computer Security, Tunisia helmi.rais@ansi.tn helmi.rais@gmail.com Framework
More informationEl costo oculto de las aplicaciones Vulnerables. Faustino Sanchez. WW Security Sales Enablement. IBM Canada
El costo oculto de las aplicaciones Vulnerables. Faustino Sanchez. WW Security Sales Enablement. IBM Canada The Traditional Approach is Changing. Security is no longer controlled and enforced through the
More informationWeb 2.0 and Data Protection. Paul Tsang Security Consultant McAfee
Web 2.0 and Data Protection Paul Tsang Security Consultant McAfee Criminal Motivators For Profit Targeted Attacks Cyber Warfare (Credit Cards, PII, Criminal Infrastructure) (Nation-State Secrets, Trade
More informationCOORDINATED THREAT CONTROL
APPLICATION NOTE COORDINATED THREAT CONTROL Interoperability of Juniper Networks IDP Series Intrusion Detection and Prevention Appliances and SA Series SSL VPN Appliances Copyright 2010, Juniper Networks,
More informationThe Top Web Application Attacks: Are you vulnerable?
QM07 The Top Web Application Attacks: Are you vulnerable? John Burroughs, CISSP Sr Security Architect, Watchfire Solutions jburroughs@uk.ibm.com Agenda Current State of Web Application Security Understanding
More informationQUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY
QUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY EXPLOIT KITS UP 75 PERCENT The Infoblox DNS Threat Index, powered by IID, stood at 122 in the third quarter of 2015, with exploit kits up 75 percent
More informationProtection for Mac and Linux computers: genuine need or nice to have?
Protection for Mac and Linux computers: genuine need or nice to have? The current risk to computers running non-windows platforms is small but growing. As Mac and Linux computers become more prevalent
More informationIBM Rational AppScan: Application security and risk management
IBM Software Security November 2011 IBM Rational AppScan: Application security and risk management Identify, prioritize, track and remediate critical security vulnerabilities and compliance demands 2 IBM
More informationComprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)
Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus February 3, 2015 (Revision 4) Table of Contents Overview... 3 Malware, Botnet Detection, and Anti-Virus Auditing... 3 Malware
More informationZNetLive Malware Monitoring
Introduction The criminal ways of distributing malware or malicious software online have gone through a change in past years. In place of using USB drives, attachments or disks to distribute viruses, hackers
More informationCyber Exploits: Improving Defenses Against Penetration Attempts
Cyber Exploits: Improving Defenses Against Penetration Attempts Mark Burnette, CPA, CISA, CISSP, CISM, CGEIT, CRISC, QSA LBMC Security & Risk Services Today s Agenda Planning a Cyber Defense Strategy How
More informationModern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth
Modern Cyber Threats how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure Axel Wirth Healthcare Solutions Architect Distinguished Systems Engineer AAMI 2013 Conference
More informationUnderstanding Web Application Security Issues
Understanding Web Application Security Issues Pankaj Sharma January 30, 2009 Indian Computer Emergency Response Team ( CERT - IN ) Department Of Information Technology 1 Agenda Introduction What are Web
More informationRecommended Practice Case Study: Cross-Site Scripting. February 2007
Recommended Practice Case Study: Cross-Site Scripting February 2007 iii ACKNOWLEDGEMENT This document was developed for the U.S. Department of Homeland Security to provide guidance for control system cyber
More informationWhy The Security You Bought Yesterday, Won t Save You Today
9th Annual Courts and Local Government Technology Conference Why The Security You Bought Yesterday, Won t Save You Today Ian Robertson Director of Information Security Michael Gough Sr. Risk Analyst About
More informationCertified Secure Computer User
Certified Secure Computer User Course Outline Module 01: Foundations of Security Essential Terminologies Computer Security Why Security? Potential Losses Due to Security Attacks Elements of Security The
More informationMedical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak Capture Link Server V1.00
Medical Device Security Health Imaging Digital Capture Security Assessment Report for the Kodak Capture Link Server V1.00 Version 1.0 Eastman Kodak Company, Health Imaging Group Page 1 Table of Contents
More informationThe purpose of this report is to educate our prospective clients about capabilities of Hackers Locked.
This sample report is published with prior consent of our client in view of the fact that the current release of this web application is three major releases ahead in its life cycle. Issues pointed out
More informationDATA CENTER IPS COMPARATIVE ANALYSIS
DATA CENTER IPS COMPARATIVE ANALYSIS Security 2014 Thomas Skybakmoen, Jason Pappalexis Tested Products Fortinet FortiGate 5140B, Juniper SRX 5800, McAfee NS- 9300, Sourcefire 8290-2 Data Center Overview
More informationLASTLINE WHITEPAPER. Large-Scale Detection of Malicious Web Pages
LASTLINE WHITEPAPER Large-Scale Detection of Malicious Web Pages Abstract Malicious web pages that host drive-by-download exploits have become a popular means for compromising hosts on the Internet and,
More informationGetting Ahead of Malware
IT@Intel White Paper Intel Information Technology Security December 2009 Getting Ahead of Malware Executive Overview Since implementing our security event monitor and detection processes two years ago,
More informationConficker by the numbers
Conficker by the numbers Sebastián Bortnik Security Analyst at ESET Latin America This is a translation for ESET LLC of a document previously available in Spanish by ESET Latin America (see http://eset-la.com/centro-amenazas/2241-conficker-numeros).
More informationManaging Web Security in an Increasingly Challenging Threat Landscape
Managing Web Security in an Increasingly Challenging Threat Landscape Cybercriminals have increasingly turned their attention to the web, which has become by far the predominant area of attack. Small wonder.
More informationKASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com
KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global
More informationWHITE PAPER. Understanding How File Size Affects Malware Detection
WHITE PAPER Understanding How File Size Affects Malware Detection FORTINET Understanding How File Size Affects Malware Detection PAGE 2 Summary Malware normally propagates to users and computers through
More informationINDUSTRY OVERVIEW: HEALTHCARE
ii IBM MSS INDUSTRY OVERVIEW: HEALTHCARE RESEARCH AND INTELLIGENCE REPORT RELEASE DATE: OCTOBER 7, 2014 BY: JOHN KUHN, SENIOR THREAT RESEARCHER iii TABLE OF CONTENTS EXECUTIVE OVERVIEW/KEY FINDINGS...
More informationYour Web and Applications
Governance and Risk Management Your Web and Applications The Hacker s New Target Anthony Lim MBA CISSP CSSLP FCITIL Director, Security, Asia Pacific Rational Software Social Engineering in the Business
More information