When less is more (Spear-Phishing and Other Methods to Steal Data) Alexander Raczyński
|
|
- Solomon Cameron
- 8 years ago
- Views:
Transcription
1 When less is more (Spear-Phishing and Other Methods to Steal Data) Alexander Raczyński 1
2
3 Agenda Spear-Fishing the new CEO Fear How to Fight Spear-Fishing It s All About the Data
4 Evolution of the bad guys modus operandi EASY TO PROTECT HARD TO PROTECT
5 The Enemy is in your Blind Spots SSL Spear Phishing AD, SAM, Password extraction Custom Encryption Malware
6 Security Trends Spam huge volumes ensure penetration often used as the first stage in many attacks 92 % of spam contains a URL The total percent of spam that can be categorized as leading to a traditional phishing is approximately 1.62 % The percentage of virus-related spam is only 0.4 % phishing attempts outnumber malicious executables in volume 6
7 How to Lure? Four out of the top five phishing subject lines are related to security. These types of attacks represent the largest volume of recent subject lines designed to lure in victims. Top five phishing subject lines: Your account has been accessed by a third party (Bank Name) Internet Banking Customer Service Message Security Measures Verify your activity Account security Notification *Based on July September 2012 research 7
8 Time for Phishing 8
9 Lures Prey on Human Curiosity Spear-Phishing The key to major data theft attacks last year 92 % of spam contains a web link Defenses focused on high volume known attacks which are less effective 9
10 Attack Scenario A typical attack of this type would have the bad guy doing the following: Find a URL that can be easily compromised but do nothing at that time. Leave it as is for now. Craft an that will not trigger spam, AV or other security measures based on its content, but include links to the currently safe URL. Since they typically pretend to be something legitimate, it is best to simply copy a legitimate message and only change one link to the safe URL. Send the over the weekend, or late at night, so defenses will approve the and deliver it into the user s mailbox. Just before you believe employees will begin accessing , compromise the URL and install that part of the attack strategy. 10
11 New Defense Game 11
12 The decline of AV effectiveness NUMBER OF MALWARE THREATS DETECTED BY WEBSENSE ADVANCED DETECTION PER DAY NOT DETECTED BY FIVE TOP AV ENGINES
13 30% 25% 20% What is your best security solution? AV? Firewall? 15% 10% 5% 0% Web Security Gateway SIEM- Intelligence Vulnerability Mgmt DLP Endpoint IDM IDS/IPS Encryption GRC Firewall Security (AV, 2012 etc.) Websense, Inc. Security & IT Exec s Surveyed
14 14
15 Three Ways to Stop Spear-phishing Websense recommends a three-pronged approach designed to stop percent of spear-phishing attempts: Employee education Inbound sandboxing Real-time analysis and inspection of your web traffic 15
16 The human element is incredibly important. Employee education is fundamental to preventing a spear-phish attack. Consider pen-testing your users. Show them why they need to think before they click. 16
17 Sandboxing Spear-phishing technique Embedded web link in lure Time malware infection after delivery security sees a clean link Sunday Monday Security OK Target Web Site Web Target Site Infected 4am Web 17
18 ACE: Composite Security Engine Security Technologies Embedded in ACE 18
19 Advanced Classification Engine (ACE) 19
20 ACE New Defenses Advanced Classification Engine Predictive Inline Analytical Engine 10 New Defenses in ACE to protect against Advanced Threats & Data Theft New ACE Analytics/Defenses: Advanced Malware Payloads Potentially Exploited Documents Mobile Malware Criminal Encrypted Uploads Files Containing Passwords Advanced Malware Command & Control Unauthorized Mobile Marketplaces OCR (Optical Character Recognition) Behavioral (Drip) DLP Geo-Location INBOUND WSG OUTBOUND WSG OUTBOUND WSGA 20
21 aceinsight.com 21
22 Spear-Phishing examples The White House became the victim of a spear-phishing attack. It is alleged that Chinese hackers attempted to gain access to an unclassified network within the office. Last year, an spear-phishing attack succeeded at Oak Ridge National Laboratory before the organization cut off internet access to workers. The Oak Ridge facility handles classified and non-classified research for the federal government and is known for researching cybersecurity initiatives. A targeted was sent to specific employees masquerading as an employee benefits from the human resource department. In March 2011, executives from security company RSA announced a possible breach of SecurID product information from a spear-phishing attack. A spear-phishing was sent to two small groups within the company. Though the was automatically marked as Junk, the subject of the message ("2011 Recruitment Plan") tricked one employee into opening it anyway. GhostNet, Night Dragon, and the Operation Aurora attack against Google, Adobe and approximately a dozen other companies, and many of the other so-called advanced persistent threats (APT) that have been publicly documented have been initiated at least in part through targeted spear phishing s. 22
23 Watering the hole: the new way to hunt In May 2012, the Websense ThreatSeeker Network detected that the Institute for National Security Studies (INSS) website in Israel was injected with malicious code. INSS is described in its website as an independent academic institute that studies key issues relating to Israel's national security and Middle East affairs. 23
24 Even more water... Nepalese government websites were compromised to serve Zegost RAT in August Also, in May 2012, the Amnesty International UK website was compromised to serve Gh0st RAT. All of these used the same vulnerability (CVE ). 24
25 New Defense Game 25
26 Criminal Encrypted Uploads Proprietary encryption Cloak comms & data theft Crimeware toolkit enabled Blind spot for defenses Web 26
27 Password File Data Theft Password files Active Directory/SAM database Expand reach/control within target First priority once inside Web 27
28 Non-Document Data Theft Image files Confidential information Smart phone pictures Blind spot for defenses Web 28
29 Slow Data Leaks Remain below the radar Low record count per request/incident Steal data in small chunks Persistence and patience One data record One data record Web 29
30 Protection & Containment One data record Criminal Encrypted Uploads Password File Data Theft Image OCR/Text Analysis Drip (Stateful) DLP Cloud Sandboxing for Monday Redirect Wrapper Real-time web security analysis Target Site Infected 4am Web 30
31 31
32 Threat Dashboard 32
33 Forensic Reporting Know WHO was compromised Know HOW the malware operates (intent) Know WHERE the data was being sent Know WHAT was prevented from being stolen 33
34 During the presentation 34
35 CyberSecurity Intelligence Services "It's becoming clear that many of these emerging threats cannot be defended against in-house, creating a shift in security posture toward being more proactive. IDC Senior Analyst Christine Liebert IDC press release, Jan. 31, 2012, CSI: On-Demand ThreatScope malware analysis sandbox Priority access to research tools/services Video resources from research presentations & TAB events Online security training CSI: Live Direct access to Security Labs researchers Forensic investigation partner 3-day classes w/hands-on labs Regular security reviews Customer Allow/Deny lists Full security posture Includes CSI: On-Demand 35
36 Questions 36
TRENDS IN THE THREAT LANDSCAPE
TRENDS IN THE THREAT LANDSCAPE Guy Eilon, SEE Regional Manager April 2013 geilon@websense.com TRITON STOPS MORE THREATS. WE CAN PROVE IT. 2013 Websense, Inc. Page 1 CHANGING CUSTOMERS NEEDS 90% of companies
More informationENABLING FAST RESPONSES THREAT MONITORING
ENABLING FAST RESPONSES TO Security INCIDENTS WITH THREAT MONITORING Executive Summary As threats evolve and the effectiveness of signaturebased web security declines, IT departments need to play a bigger,
More informationGOING BEYOND BLOCKING AN ATTACK
Websense Executive Summary GOING BEYOND BLOCKING AN ATTACK WEBSENSE TRITON VERSION 7.7 Introduction We recently announced several new advanced malware and data theft protection capabilities in version
More informationComprehensive real-time protection against Advanced Threats and data theft
TRITON AP-WEB Comprehensive real-time protection against Advanced Threats and data theft Your business and its data are under constant attack. Traditional security solutions no longer provide sufficient
More informationTRITON APX. Websense TRITON APX
TRITON APX Unified protection and intelligence against Advanced Threats and data theft Your organization is faced with an increasing number of Advanced Threats that lead to data theft, denial of service
More informationTRITON AP-WEB COMPREHENSIVE REAL-TIME PROTECTION AGAINST ADVANCED THREATS & DATA THEFT
TRITON AP-WEB COMPREHENSIVE REAL-TIME PROTECTION AGAINST ADVANCED THREATS & DATA THEFT TRITON AP-WEB COMPREHENSIVE REAL-TIME PROTECTION AGAINST ADVANCED THREATS AND DATA THEFT Your business and its data
More informationStop advanced targeted attacks, identify high risk users and control Insider Threats
TRITON AP-EMAIL Stop advanced targeted attacks, identify high risk users and control Insider Threats From socially engineered lures to targeted phishing, most large cyberattacks begin with email. As these
More informationWEBSENSE TRITON SOLUTIONS
WEBSENSE TRITON SOLUTIONS INNOVATIVE SECURITY FOR WEB, EMAIL, DATA AND MOBILE TRITON STOPS MORE THREATS. WE CAN PROVE IT. PROTECTION AS ADVANCED AND DYNAMIC AS THE THREATS THEMSELVES The security threats
More informationDefending Against. Phishing Attacks
Defending Against Today s Targeted Phishing Attacks DeFending Against today s targeted phishing attacks 2 Introduction Is this email a phish or is it legitimate? That s the question that employees and
More informationFighting Advanced Threats
Fighting Advanced Threats With FortiOS 5 Introduction In recent years, cybercriminals have repeatedly demonstrated the ability to circumvent network security and cause significant damages to enterprises.
More informationWHAT S NEW IN WEBSENSE TRITON RELEASE 7.8
WHAT S NEW IN WEBSENSE TRITON RELEASE 7.8 Overview Global organizations are constantly battling with advanced persistent threats (APTs) and targeted attacks focused on extracting intellectual property
More informationWEBSENSE EMAIL SECURITY SOLUTIONS OVERVIEW
WEBSENSE EMAIL SECURITY SOLUTIONS OVERVIEW Challenge The nature of email threats has changed over the past few years. Gone are the days when email security, better known as anti-spam, was primarily tasked
More informationEvolution Of Cyber Threats & Defense Approaches
Evolution Of Cyber Threats & Defense Approaches Antony Abraham IT Architect, Information Security, State Farm Kevin McIntyre Tech Lead, Information Security, State Farm Agenda About State Farm Evolution
More informationAdvanced Persistent. From FUD to Facts. A Websense Brief By Patrick Murray, Senior Director of Product Management
A Websense Brief By Patrick Murray, Senior Director of Product Management Advanced Persistent Threats: From FUD to Facts With Websense, you can stay a step ahead of the threats. From our roots in web filtering,
More informationTRITON AP-ENDPOINT STOP ADVANCED THREATS AND SECURE SENSITIVE DATA FOR ROAMING USERS
TRITON AP-ENDPOINT STOP ADVANCED THREATS AND SECURE SENSITIVE DATA FOR ROAMING USERS TRITON AP-ENDPOINT STOP ADVANCED THREATS AND SECURE SENSITIVE DATA FOR ROAMING USERS From a damaged reputation to regulatory
More informationAdvanced Persistent Threats
White Paper INTRODUCTION Although most business leaders and IT managers believe their security technologies adequately defend against low-level threats, instances of (APTs) have increased. APTs, which
More informationWebsense Solutions. TRITON v7.7 Architecture
Websense Solutions TRITON v7.7 Architecture Unified Platform Unified architecture Unified security intelligence Unified console Unified policy & reporting TRITON Architecture Solution Stacks for v7.7
More informationOffice 365 Cloud App Security MARKO DJORDJEVIC CLOUD BUSINESS LEAD EE TREND MICRO EMEA LTD.
Office 365 Cloud App Security MARKO DJORDJEVIC CLOUD BUSINESS LEAD EE TREND MICRO EMEA LTD. Your Valuable Data In The Cloud? How To Get The Best Protection! A world safe for exchanging digital information
More informationADVANCED PERSISTENT THREATS AND OTHER ADVANCED ATTACKS:
A Websense White Paper ADVANCED PERSISTENT THREATS AND OTHER ADVANCED ATTACKS: THREAT ANALYSIS AND DEFENSE STRATEGIES FOR SMB, MID-SIZE, AND ENTERPRISE ORGANIZATIONS REV 2 ADVANCED PERSISTENT THREATS AND
More informationSECURITY REIMAGINED SPEAR PHISHING ATTACKS WHY THEY ARE SUCCESSFUL AND HOW TO STOP THEM. Why Automated Analysis Tools are not Created Equal
WHITE PAPER SPEAR PHISHING ATTACKS WHY THEY ARE SUCCESSFUL AND HOW TO STOP THEM Why Automated Analysis Tools are not Created Equal SECURITY REIMAGINED CONTENTS Executive Summary...3 Introduction: The Rise
More informationYou ll learn about our roadmap across the Symantec email and gateway security offerings.
#SymVisionEmea In this session you will hear how Symantec continues to focus our comprehensive security expertise, global intelligence and portfolio on giving organizations proactive, targeted attack protection
More informationThe Cloud App Visibility Blindspot
The Cloud App Visibility Blindspot Understanding the Risks of Sanctioned and Unsanctioned Cloud Apps and How to Take Back Control Introduction Today, enterprise assets are more at risk than ever before
More informationThreat Intelligence: The More You Know the Less Damage They Can Do. Charles Kolodgy Research VP, Security Products
Threat Intelligence: The More You Know the Less Damage They Can Do Charles Kolodgy Research VP, Security Products IDC Visit us at IDC.com and follow us on Twitter: @IDC 2 Agenda Evolving Threat Environment
More informationSpear Phishing Attacks Why They are Successful and How to Stop Them
White Paper Spear Phishing Attacks Why They are Successful and How to Stop Them Combating the Attack of Choice for Cybercriminals White Paper Contents Executive Summary 3 Introduction: The Rise of Spear
More informationUnified Security, ATP and more
SYMANTEC Unified Security, ATP and more TAKE THE NEXT STEP Martin Werner PreSales Consultant, Symantec Switzerland AG MEET SWISS INFOSEC! 27.01.2016 Unified Security 2 Symantec Enterprise Security Users
More informationPreparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS
Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS CONTENTS PAGE RECONNAISSANCE STAGE 4 INCURSION STAGE 5 DISCOVERY STAGE 6 CAPTURE STAGE 7 EXFILTRATION STAGE
More informationStreamlining Web and Email Security
How to Protect Your Business from Malware, Phishing, and Cybercrime The SMB Security Series Streamlining Web and Email Security sponsored by Introduction to Realtime Publishers by Don Jones, Series Editor
More informationPrimer TROUBLE IN YOUR INBOX 5 FACTS EVERY SMALL BUSINESS SHOULD KNOW ABOUT EMAIL-BASED THREATS
A Primer TROUBLE IN YOUR INBOX 5 FACTS EVERY SMALL BUSINESS SHOULD KNOW ABOUT EMAIL-BASED THREATS Even with today s breakthroughs in online communication, email is still one of the main ways that most
More informationThe Next Generation IPS
The Next Generation IPS Comprehensive Defense Against Advanced Persistent Threats Contents Introduction.............................................. 1 What Are Advanced Persistent Threats?.............................
More informationINCREASINGLY, ORGANIZATIONS ARE ASKING WHAT CAN T GO TO THE CLOUD, RATHER THAN WHAT CAN. Albin Penič Technical Team Leader Eastern Europe
INCREASINGLY, ORGANIZATIONS ARE ASKING WHAT CAN T GO TO THE CLOUD, RATHER THAN WHAT CAN Albin Penič Technical Team Leader Eastern Europe Trend Micro 27 years focused on security software Headquartered
More informationWHITE PAPER Cloud-Based, Automated Breach Detection. The Seculert Platform
WHITE PAPER Cloud-Based, Automated Breach Detection The Seculert Platform Table of Contents Introduction 3 Automatic Traffic Log Analysis 4 Elastic Sandbox 5 Botnet Interception 7 Speed and Precision 9
More informationAdvanced Threat Protection with Dell SecureWorks Security Services
Advanced Threat Protection with Dell SecureWorks Security Services Table of Contents Summary... 2 What are Advanced Threats?... 3 How do advanced threat actors operate?... 3 Addressing the Threat... 5
More informationFighting Off an Advanced Persistent Threat & Defending Infrastructure and Data. Dave Shackleford February, 2012
Fighting Off an Advanced Persistent Threat & Defending Infrastructure and Data Dave Shackleford February, 2012 Agenda Attacks We ve Seen Advanced Threats what s that mean? A Simple Example What can we
More informationQUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY
QUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY EXPLOIT KITS UP 75 PERCENT The Infoblox DNS Threat Index, powered by IID, stood at 122 in the third quarter of 2015, with exploit kits up 75 percent
More informationITAR Compliance Best Practices Guide
ITAR Compliance Best Practices Guide 1 Table of Contents Executive Summary & Overview 3 Data Security Best Practices 4 About Aurora 10 2 Executive Summary & Overview: International Traffic in Arms Regulations
More informationTrends in Advanced Threat Protection
Trends in Advanced Threat Protection John Martin Senior Security Architect IBM Security Systems Division 1 2012 IBM Corporation John Martin Senior Security Architect IBM Security Systems Division Security
More informationFireEye Advanced Threat Report 1H 2012
FireEye Advanced Threat Report 1H 2012 FireEye, Inc. FireEye Advanced Threat Report 1H 2012 1 Advanced Threat Report Contents Inside This Report 2 Executive Summary 2 Finding 1 3 Explosion in Advanced
More informationLab Testing Detailed Report DR130214. Competitive Testing of the Websense TRITON Web Security Gateway Anywhere v7.7.3
Lab Testing Detailed Report DR130214 Competitive Testing of the v7.7.3 February 2013 Miercom www.miercom.com Contents 1.0 Executive Summary... 3 2.0 Key Findings... 4 3.0 Methodology... 5 3.1 Systems Under
More informationRETHINKING CYBER SECURITY Changing the Business Conversation
RETHINKING CYBER SECURITY Changing the Business Conversation October 2015 Introduction: Diane Smith Michigan Delegate Higher Education Conference Speaker Board Member 2 1 1. Historical Review Agenda 2.
More informationREPORT FIREEYE ADVANCED THREAT REPORT 1H 2012 SECURITY REIMAGINED
REPORT FIREEYE ADVANCED THREAT REPORT 1H 2012 SECURITY REIMAGINED CONTENTS Inside This Report...3 Executive Summary...3 Finding 1 Explosion in Advanced Malware Bypassing Traditional Signature-Based Defenses...4
More information2012 Data Breach Investigations Report
2012 Data Breach Investigations Report A study conducted by the Verizon RISK Team with cooperation from the Australian Federal Police, Dutch National High Tech Crime Unit, Irish Reporting & Information
More informationHigh End Information Security Services
High End Information Security Services Welcome Trion Logics Security Solutions was established after understanding the market's need for a high end - End to end security integration and consulting company.
More informationThe Mile High Denver Chapter of ARMA welcomes you to our virtual meeting!
The Mile High Denver Chapter of ARMA welcomes you to our virtual meeting! March 18 th Meeting ediscovery and Social Media -- What Records Managers Need to Know By: Kelly Twigger Americans spend an average
More informationAdvanced Persistent Threats
Advanced Persistent Threats George R Magee~ FCNSA, FCNSP, Fortinet Larry Cushing~ CEO, Unified Technologies Visit us at Booth #11 1 May 27, 2014 2 Threat landscape An Internet Minute 7 7 Fortinet Confidential
More informationProtection Against Advanced Persistent Threats
Protection Against Advanced Persistent Threats Peter Mesjar Systems Engineer, CCIE 17428 October 2014 Agenda Modern Threats Advanced Malware Protection Solution Why Cisco? Cisco Public 2 The Problem are
More informationThe Federal CISO Dilemma. You have to do FISMA. You must defend against cyber threats.
The Federal CISO Dilemma You have to do FISMA. You must defend against cyber threats. October 2012 Executive Summary Federal CISOs face a unique cyber security challenge copious amounts of regulatory compliance
More informationCyber Security in Taiwan's Government Institutions: From APT To. Investigation Policies
Cyber Security in Taiwan's Government Institutions: From APT To Investigation Policies Ching-Yu, Hung Investigation Bureau, Ministry of Justice, Taiwan, R.O.C. Abstract In this article, we introduce some
More informationAddressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave
More informationAB 1149 Compliance: Data Security Best Practices
AB 1149 Compliance: Data Security Best Practices 1 Table of Contents Executive Summary & Overview 3 Data Security Best Practices 4 About Aurora 10 2 Executive Summary & Overview: AB 1149 is a new California
More informationINDUSTRY OVERVIEW: FINANCIAL
ii IBM MSS INDUSTRY OVERVIEW: FINANCIAL RESEARCH AND INTELLIGENCE REPORT RELEASE DATE: NOVEMBER 5, 2014 BY: JOHN KUHN, SENIOR THREAT RESEARCHER iii TABLE OF CONTENTS EXECUTIVE OVERVIEW... 1 MAJOR FINANCIAL
More informationSophistication of attacks will keep improving, especially APT and zero-day exploits
FAQ Isla Q&A General What is Isla? Isla is an innovative, enterprise-class web malware isolation system that prevents all browser-borne malware from penetrating corporate networks and infecting endpoint
More informationSPEAR PHISHING AN ENTRY POINT FOR APTS
SPEAR PHISHING AN ENTRY POINT FOR APTS threattracksecurity.com 2015 ThreatTrack, Inc. All rights reserved worldwide. INTRODUCTION A number of industry and vendor studies support the fact that spear phishing
More informationWebsense Web Security Solutions. Websense Web Security Gateway Websense Web Security Websense Web Filter Websense Express Websense Hosted Web Security
Web Security Gateway Web Security Web Filter Express Hosted Web Security Web Security Solutions The Approach In the past, most Web content was static and predictable. But today s reality is that Web content
More informationWebsense Web Security Solutions. Websense Web Security Gateway Websense Web Security Websense Web Filter Websense Hosted Web Security
Web Security Gateway Web Security Web Filter Hosted Web Security Web Security Solutions The Approach In the past, most Web content was static and predictable. But today s reality is that Web content even
More informationModern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth
Modern Cyber Threats how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure Axel Wirth Healthcare Solutions Architect Distinguished Systems Engineer AAMI 2013 Conference
More informationMalicious Websites uncover vulnerabilities (browser, plugins, webapp, server), initiate attack steal sensitive information, install malware, compromise victim s machine Malicious Websites uncover vulnerabilities
More informationdefending against advanced persistent threats: strategies for a new era of attacks agility made possible
defending against advanced persistent threats: strategies for a new era of attacks agility made possible security threats as we know them are changing The traditional dangers IT security teams have been
More informationIBM Security Strategy
IBM Security Strategy Intelligence, Integration and Expertise Kate Scarcella CISSP Security Tiger Team Executive M.S. Information Security IBM Security Systems IBM Security: Delivering intelligence, integration
More informationSecure Your Mobile Workplace
Secure Your Mobile Workplace Sunny Leung Senior System Engineer Symantec 3th Dec, 2013 1 Agenda 1. The Threats 2. The Protection 3. Q&A 2 The Mobile Workplaces The Threats 4 Targeted Attacks up 42% in
More informationEndpoint & Server Protection. Brent Biernat First Vice President Network Services May 13, 2014
Endpoint & Server Protection Brent Biernat First Vice President Network Services May 13, 2014 The Evolution of Cyber Crime 1878 Bell Telephone Teenage Switchboard Operator Disconnected calls, eavesdropped,
More informationTOP 10 TIPS FOR EDUCATING EMPLOYEES ABOUT CYBERSECURITY. Mark Villinski @markvillinski
TOP 10 TIPS FOR EDUCATING EMPLOYEES ABOUT CYBERSECURITY Mark Villinski @markvillinski Why do we have to educate employees about cybersecurity? 2014 Corporate Threats Survey 94% of business s suffered one
More information場 次 :C-3 公 司 名 稱 :RSA, The Security Division of EMC 主 題 : 如 何 應 用 網 路 封 包 分 析 對 付 資 安 威 脅 主 講 人 :Jerry.Huang@rsa.com Sr. Technology Consultant GCR
場 次 :C-3 公 司 名 稱 :RSA, The Security Division of EMC 主 題 : 如 何 應 用 網 路 封 包 分 析 對 付 資 安 威 脅 主 講 人 :Jerry.Huang@rsa.com Sr. Technology Consultant GCR Minimum Requirements of Security Management and Compliance
More informationProtect your internal users on the Internet with Secure Web Gateway. Richard Bible EMEA Security Solution Architect
Protect your internal users on the Internet with Secure Web Gateway Richard Bible EMEA Security Solution Architect Identity and Access Management (IAM) Solution Authentication, Authorization, and SSO to
More informationDefending Against Cyber Attacks with SessionLevel Network Security
Defending Against Cyber Attacks with SessionLevel Network Security May 2010 PAGE 1 PAGE 1 Executive Summary Threat actors are determinedly focused on the theft / exfiltration of protected or sensitive
More informationThe Cloud App Visibility Blind Spot
WHITE PAPER The Cloud App Visibility Blind Spot Understanding the Risks of Sanctioned and Unsanctioned Cloud Apps and How to Take Back Control Line-of-business leaders everywhere are bypassing IT departments
More informationCISO Guide to Next Generation Threats
White Paper CISO Guide to Next Generation Threats Combating Advanced Malware, Zero-Day and Targeted APT Attacks White Paper Table of Contents Introduction The Moving Target: From PII to IP to Credentials
More informationSymantec Advanced Threat Protection: Network
Symantec Advanced Threat Protection: Network DR150218C April 2015 Miercom www.miercom.com Contents 1.0 Executive Summary... 3 2.0 Overview... 4 2.1 Products Tested... 4 2.2. Malware Samples... 5 3.0 How
More informationUsing big data analytics to identify malicious content: a case study on spam emails
Using big data analytics to identify malicious content: a case study on spam emails Mamoun Alazab & Roderic Broadhurst Mamoun.alazab@anu.edu.au http://cybercrime.anu.edu.au 2 Outline Background Cybercrime
More informationContent Security: Protect Your Network with Five Must-Haves
White Paper Content Security: Protect Your Network with Five Must-Haves What You Will Learn The continually evolving threat landscape is what makes the discovery of threats more relevant than defense as
More informationWho Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015
Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence AIBA Quarterly Meeting September 10, 2015 The Answer 2 Everyone The relationship between the board, C-suite, IT, and compliance leaders
More informationSecuring Cloud-Based Email
White Paper Securing Cloud-Based Email A Guide for Government Agencies White Paper Contents Executive Summary 3 Introduction 3 The Risks Posed to Agencies Running Email in the Cloud 4 How FireEye Secures
More information4 Steps to Effective Mobile Application Security
Mobile Application Security Whitepaper 4 Steps to Effective Mobile Application Security Table of Contents Executive Summary 3 Mobile Security Risks in Enterprise Environments 4 The Shortcomings of Traditional
More informationGOOD GUYS VS BAD GUYS: USING BIG DATA TO COUNTERACT ADVANCED THREATS. Joe Goldberg. Splunk. Session ID: SPO-W09 Session Classification: Intermediate
GOOD GUYS VS BAD GUYS: USING BIG DATA TO COUNTERACT ADVANCED THREATS Joe Goldberg Splunk Session ID: SPO-W09 Session Classification: Intermediate About Me Joe Goldberg Current: Splunk - Security Evangelist
More informationComprehensive Advanced Threat Defense
1 Comprehensive Advanced Threat Defense June 2014 PAGE 1 PAGE 1 1 INTRODUCTION The hot topic in the information security industry these days is Advanced Threat Defense (ATD). There are many definitions,
More informationApplying the 80/20 approach for Operational Excellence. How to combat new age threats, optimize investments and increase security.
Applying the 80/20 approach for Operational Excellence How to combat new age threats, optimize investments and increase security Vinod Vasudevan Agenda Current Threat Landscape The 80/20 Approach Achieving
More informationASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES
ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES Leonard Levy PricewaterhouseCoopers LLP Session ID: SEC-W03 Session Classification: Intermediate Agenda The opportunity Assuming
More informationWhat s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.
What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things. AGENDA Current State of Information Security Data Breach Statics Data Breach Case Studies Why current
More informationThe Ostrich Effect In Search Of A Realistic Model For Cybersecurity
The Ostrich Effect In Search Of A Realistic Model For Cybersecurity 1 Contents Introduction 3 Threats Stealthy, Sophisticated & Successful 4 Operation Beebus 5 G20 Brisbane 2014 6 Redefining the Debate
More informationCloud Security Primer MALICIOUS NETWORK COMMUNICATIONS: WHAT ARE YOU OVERLOOKING?
A Cloud Security Primer : WHAT ARE YOU OVERLOOKING? LEGAL DISCLAIMER The information provided herein is for general information and educational purposes only. It is not intended and should not be construed
More informationInternet threats: steps to security for your small business
Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential
More informationWEB PROTECTION. Features SECURITY OF INFORMATION TECHNOLOGIES
WEB PROTECTION Features SECURITY OF INFORMATION TECHNOLOGIES The web today has become an indispensable tool for running a business, and is as such a favorite attack vector for hackers. Injecting malicious
More informationBreaking the Cyber Attack Lifecycle
Breaking the Cyber Attack Lifecycle Palo Alto Networks: Reinventing Enterprise Operations and Defense March 2015 Palo Alto Networks 4301 Great America Parkway Santa Clara, CA 95054 www.paloaltonetworks.com
More informationTrend Micro Cloud App Security for Office 365. October 27, 2015 Trevor Richmond
Trend Micro Cloud App Security for Office 365 October 27, 2015 Trevor Richmond Too many malware incidents >90% Targeted Attacks Start with Email Attackers: Target specific companies or individuals Research
More informationInnovations in Network Security
Innovations in Network Security Michael Singer April 18, 2012 AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies.
More informationENDPOINT SECURITY WHITE PAPER. Endpoint Security and Advanced Persistent Threats WWW.COMODO.COM
WHITE PAPER Endpoint Security and Advanced Persistent Threats The Invisible Threat They re out there waiting. Sitting at their computers hoping for you to make a mistake. And you will. Because no one is
More information16 CLOUD APPS YOU NEED TO KNOW IF EMPLOYEES ARE USING
16 CLOUD APPS YOU NEED TO KNOW IF EMPLOYEES ARE USING One of the biggest risks that companies face today is the growing popularity and availability of cloud-based applications shadow IT. These applications
More information10 Smart Ideas for. Keeping Data Safe. From Hackers
0100101001001010010001010010101001010101001000000100101001010101010010101010010100 0100101001001010010001010010101001010101001000000100101001010101010010101010010100000 0100101001001010010001010010101001010101001000000100101001010101010010101010010100000
More informationSecuring the Borderless Enterprise
Securing the Borderless Enterprise Websense TRITON Solution The Web 2.0 Workplace: New Opportunities, New Risks Web-enabled technologies are reshaping the modern enterprise. Powerful, cloud-based business
More informationTraining Employees to Recognise & Avoid Advanced Threats
Training Employees to Recognise & Avoid Advanced Threats Joe Ferrara, President & CEO, Wombat Security Technologies Rashmi Knowles, Chief Security Architect EMEA, RSA The Security Division of EMC Session
More informationAnalyzing Security for Retailers An analysis of what retailers can do to improve their network security
Analyzing Security for Retailers An analysis of what retailers can do to improve their network security Clone Systems Business Security Intelligence Properly Secure Every Business Network Executive Summary
More informationMalware, Phishing, and Cybercrime Dangerous Threats Facing the SMB State of Cybercrime
How to Protect Your Business from Malware, Phishing, and Cybercrime The SMB Security Series Malware, Phishing, and Cybercrime Dangerous Threats Facing the SMB State of Cybercrime sponsored by Introduction
More informationData Center security trends
Data Center security trends Tomislav Tucibat Major accounts Manager, Adriatic Copyright Fortinet Inc. All rights reserved. IT Security evolution How did threat market change over the recent years? Problem:
More information2014 Entry Form (Complete one for each entry.) Fill out the entry name exactly as you want it listed in the program.
2014 Entry Form (Complete one for each entry.) Fill out the entry name exactly as you want it listed in the program. Entry Name HFA Submission Contact Phone Email Qualified Entries must be received by
More informationFight Malware, Malfeasance, and Malingering with F5
Fight Malware, Malfeasance, and Malingering with F5 F5 give organizations control and visibility to secure their users Internet usage. The solution helps protect against malware and data loss, ensure compliance,
More informationBalancing Cloud-Based Email Benefits With Security. White Paper
Balancing Cloud-Based Email Benefits With Security White Paper Balancing Cloud-Based Email Benefits With Security Balancing Cloud-Based Email Benefits With Security CONTENTS Trouble Spots in Cloud Email
More informationCybercrime: evoluzione del malware e degli attacchi. Cesare Radaelli Regional Sales Manager, Italy cradaelli@paloaltonetworks.com
Cybercrime: evoluzione del malware e degli attacchi Cesare Radaelli Regional Sales Manager, Italy cradaelli@paloaltonetworks.com About Palo Alto Networks We are the network security company World-class
More informationHow Attackers are Targeting Your Mobile Devices. Wade Williamson
How Attackers are Targeting Your Mobile Devices Wade Williamson Today s Agenda Brief overview of mobile computing today Understanding the risks Analysis of recently discovered malware Protections and best
More informationAgenda. 3 2012, Palo Alto Networks. Confidential and Proprietary.
Agenda Evolution of the cyber threat How the cyber threat develops Why traditional systems are failing Need move to application controls Need for automation 3 2012, Palo Alto Networks. Confidential and
More informationRSA Security Analytics
RSA Security Analytics This is what SIEM was Meant to Be 1 The Original Intent of SIEM Single compliance & security interface Compliance yes, but security? Analyze & prioritize alerts across various sources
More informationFSOEP Web Banking & Fraud: Corporate Treasury Attacks
FSOEP Web Banking & Fraud: Corporate Treasury Attacks Your Presenters Who Are We? Tim Wainwright Managing Director Chris Salerno Senior Consultant Led 200+ penetration tests Mobile security specialist
More information