Malware Trend Report, Q April May June
|
|
- Randell Mills
- 8 years ago
- Views:
Transcription
1 Malware Trend Report, Q April May June 5 August 2014 Copyright RedSocks B.V All Rights Reserved.
2 Table of Contents 1. Introduction Overview Collecting Malware Processing Identifying Malware Detecting Malware Classifying Malware Trends Adware Backdoors and Botnets Exploits Rootkits Trojans Worms Others Geolocation Final Word Appendix A: Detecting Malware Appendix B: Classifying Malware Page 1 of 26
3 Table of Figures Figure 1: Unique New Malicious Files... 5 Figure 2: Space Needed in GBs p/m for Storing New Files... 5 Figure 3: New Malicious Files in April... 7 Figure 4: New Malicious Files in May... 7 Figure 5: New Malicious Files in June... 8 Figure 6: Detected vs. Not Detected (April)... 8 Figure 7: Detected vs. Not Detected (May)... 8 Figure 8: Detected vs. Not Detected (June)... 8 Figure 9: Malware Classifications... 9 Figure 10: Amount of Identified Adware (Q2 2014) Figure 11: Amount of Identified Backdoors and Botnets (Q2 2014) Figure 12: Amount of Identified Exploits (Q2 2014) Figure 13: Amount of Identified Rootkits (Q2 2014) Figure 14: Amount of Identified Trojans (Q2 2014) Figure 15: Amount of Identified Worms (Q2 2014) Figure 16: Amount of Identified Other Malware (Q2 2014) Figure 17: Amount of Identified 64-bit Malware Figure 18: 64-bit Malware Q Figure 19: DexterPOS C&C (Map) Figure 20: JackPOS C&C (Map) Figure 21: AlinaPOS C&C (Map) Page 2 of 26
4 1. Introduction This is the second quarterly trend report for 2014 from the RedSocks Malware Research Lab. RedSocks is a Dutch company specialising in Malware detection. Our solution, RedSocks Malware Threat Defender, is a network appliance that analyses digital traffic flows in real-time, based on algorithms and lists of malicious indicators. This critical information is compiled by the RedSocks Malware Intelligence Team. The team consists of specialists whose job it is to identify new threats on the Internet and to translate them into state-of-the-art malware detection capabilities. With this report, we hope to provide the reader with a deeper insight into the trends we see in the Malware we process. In this report we will look at data collected during the second quarter of RedSocks analyses large numbers of malicious files on a daily basis, therefore we can cover only a few topics briefly in this trend report. Protecting your data from Internet-based threats is not an easy task and relying on protection from Anti-Virus companies, no matter how established their brand, is not enough. Comprehensive protection requires an entirely new approach. Page 3 of 26
5 2. Overview The total number of new and unique malicious files processed per month went from 7.1 million in April to 6.8 million in May, and up to 7.2 million in June. The overall detection by Anti-Virus software this quarter remains roughly the same compared to the last quarter. The detection rate for April was percent. For May, it is percent and in June, the average detection was percent. Which might not sound too bad, but it means that around 24 percent, 25 percent and 20 percent was not detected. There is a slight improvement compared with the first quarter. Please note that identification rates can change based on samples chosen and time scanned. During the second quarter, the number of identified Adware dropped from 1.2 million in April, to 1 million in May, to 0.9 million in June. In April, the number of identified Backdoors and Botnets was 243,000. In May this number dropped to 92,000; in June, the numbers dropped further to 68,000 new Backdoors and Botnets. Only 0.04 percent of the files were detected as Exploit and 0.25 percent as Rootkit in April by Anti-virus software. In May, 0.03 percent were detected as Rootkits and 0.05 percent as Exploits. For June it is 0.02 percent Exploits and 0.05 percent for the Rootkits. Like the first quarter of this year, Trojans are by far the most popular type of Malware. In April and May, they made up for 2.9 million. In June, 3.4 million unique files were identified as Trojans. The second most popular Malware was Worms. In April, 554,000 Worm files were identified. In May, the number dropped to 444,000 and kept dropping. In June, only 394,000 thousand worms were added to our databases. Grouped together, all other malicious files such as Flooders, HackTools, Spoofers, Spyware, Viruses, etc., make up for 31, 35, and 34 percent of the total for April, May, and June, respectively. As in the first quarter, most Command & Control (C&C) servers were hosted in the United States, followed by the Russian Federation. During the second quarter, Germany occupied the third place. The Netherlands was the biggest riser in countries hosting C&C servers going from 8 th place in March and April, to 6 th place in May, and finishing on 5 th place in June. Page 4 of 26
6 2.1. Collecting Malware At the RedSocks Malware Research Labs, we track large numbers of Malware from our global-distributed honeypots, honeyclients, spamnets, and through various botnet monitoring sensors. Due to the distribution of our Honeypots, we are able to automatically collect and process new malicious samples from across the globe. We also exchange large quantities of malicious files with the Anti-Virus industry. Figure 1: Unique New Malicious Files 2.2. Processing Working with Malware is what we love to do. More than 200,000 new malicious files arrive every day at our automated Malware collecting machines. All samples were renamed to their hash calculation. We check to see if that particular piece of Malware has already been processed. The picture on the right shows the total amount of disk space needed to store all the new malicious files. While the Figure 2: Space Needed in GBs p/m for Storing New Files numbers of new malicious files stayed more or less the same, the average file size decreased a little bit. During the second quarter, we saw that malicious files, on average, shrunk percent. New file metrics by month April May June Average number of new files per day 236, , ,528 Average file size in bytes 471, , ,308 Average Anti-Virus Detection 75.52% 74.61% 79.76% Page 5 of 26
7 2.3. Identifying Malware Although we collect all types and categories of Malware for all operating systems at RedSocks, we do have a special interest in certain types and categories of Malware. A simple means of identifying malware is by file type. RSMIT uses various analysis tools to determine the statistically most likely file type for each malware sample we analyse. The majority of malware samples target Windows users this causes Windows executable files to be very common while executables for other operating systems are far less common. The top 10 file types are listed in the tables below. April May June Extension Amount Extension Amount Extension Amount EXE 5,549,734 EXE 5,497,557 EXE 6,601,953 DLL 720,121 DLL 553,190 DLL 1,959,634 OCX 109,226 OCX 96,741 SCR 224,864 SCR 54,003 AX 69,730 OCX 201,857 AX 36,644 PDF 3,753 AX 144,237 XLS 5,661 XLS 3,218 DOC 57,450 DOC 4,287 DOC 2,310 PDF 2,378 PDF 4,073 CPL 1,517 XLS 1,681 CAB 1,280 CAB 1,247 CPL 1,598 CPL 1,433 DSK 483 CAB 996 In the second quarter of this year, we saw a total of 43, 41 and 47 different extensions being used by Malware, respectively. Like in the previous quarter,.exe files are by far the most popular way to distribute Malware. 81 percent of all malicious files in the second quarter were.exe files Detecting Malware Within the RedSocks Malware Labs, we use an in-house built classification system for grouping Malware. We have classified over 300 types for which we have created detailed statistics. Once multiple anti-virus scanners (in paranoid mode) have performed their on-demand scan, we know which Malware was detected and, perhaps more importantly, which was not. In the graph below, the blue section shows all the new and unique malicious files per day, the green section shows the sum of all files identified by Anti-Virus software and, in red, the number of files not detected. Page 6 of 26
8 Figure 3: New Malicious Files in April Figure 4: New Malicious Files in May Page 7 of 26
9 Figure 5: New Malicious Files in June Of all the malicious files we processed in April, on average 24 percent of them were not detected by any of the Anti-Virus products we currently use. In May, 25 percent of the samples on average remained undetected. In June, the Anti-Virus detection improved but still missed 20 percent of all malicious samples we processed. Figure 6: Detected vs. Not Detected (April) Figure 7: Detected vs. Not Detected (May) Figure 8: Detected vs. Not Detected (June) Page 8 of 26
10 2.5. Classifying Malware We categorise Malware according to its primary feature. In the second quarter, Malware was grouped as follows: The 'Other' category in 'All Malware' consists of malicious samples that do not fit in the six categories, such as 64-bit Malware, malicious Macros, Packed Malware, Riskware, Spamming Tools, Spoofers, Spyware, All kinds of (Hacking) Tools and the classic Viruses. See Appendix B for the numbers per day, per category and per month. Figure 9: Malware Classifications Page 9 of 26
11 3. Trends Discovering Malware propagation trends starts with an analysis of the raw data behind the collection and processing of Malware. From April to June, RedSocks Malware Research Labs identified the following trends by Malware category. New in this trend report is the Adware category Adware During the second quarter, we identified around three million files as Adware. This makes up for about 15 percent of the total. The overall popularity of Adware seems to have decreased somewhat. During the first quarter, we saw the opposite. Figure 10: Amount of Identified Adware (Q2 2014) Page 10 of 26
12 3.2. Backdoors and Botnets In the first two weeks of April, there was a huge distribution of variants from the Backdoor.Bot family. From the 4 th untill the 13 th of April we identified a little over 48,000 new members. Figure 11: Amount of Identified Backdoors and Botnets (Q2 2014) In the first week of May, we saw two backdoor families being widely distributed. The Backdoor.Nateyes.A, with almost 9,000 new members, and the Backdoor.Wabot.A, with a little over 14,000 new members. The last spike, on the 9 th of June, was mainly caused by almost 9,000 minor variants of the Backdoor:W32/Udr.gen! malware family. During the first quarter of 2014, the popularity of Backdoors-and-Botnets increased. The second quarter shows a decreasing trend in the use of Backdoors-and-Botnets. Page 11 of 26
13 3.3. Exploits An exploit is an attack on a computer system, especially one that takes advantage of a particular vulnerability. Looking at malicious files that were identified with exploits, we see several spikes above 250. Figure 12: Amount of Identified Exploits (Q2 2014) The first spike was mainly caused by variations of the Exploit.PDF-JS.Gen (175). Members of the Exploit.PDF-TTF.Gen family caused the second and third spike on the 3 rd and 6 th of May (67 and 71). Then, on the 13 th of May, we see 54 new variations of the Exploit:W32/Kakara.A. The last spike we want to mention here are 125 variations on the Exploit:W32/CVE B seen on the 29 th of May. A dozen exploits were seen for the Apple Macintosh OSX. All of them are slight modifications of the Exploit:OSX/MS09027.A (used to avoid Anti-Virus detection). During the first quarter of this year, the usage of exploits stayed more or less the same. In the second quarter, we saw a slight decrease in the overall usage of exploits. Page 12 of 26
14 3.4 Rootkits A rootkit is a type of software designed to hide the fact that an operating system has been compromised. This can be done in various ways; for example, by replacing vital executables or by introducing a new kernel module. Rootkits allow Malware to hide in plain sight. Rootkits themselves are not harmful; they are simply used to hide Malware, bots and worms. To install a rootkit, an attacker must first gain sufficient access to the target operating system. This could be accomplished by using an exploit, by obtaining valid account credentials or through social engineering. Because rootkits are activated before your operating system boots up, they are very difficult to detect, and therefore provide a powerful way for attackers to access and use the targeted computer without the owner being aware of it. Due to the way rootkits are used and installed, they are notoriously difficult to remove. Rootkits today are usually not used to gain elevated access, but are instead used to mask Malware payloads more effectively. Figure 13: Amount of Identified Rootkits (Q2 2014) There was only one rootkit worth mentioning during the second quarter, the Rootkit Distribution started on the 11 th and was last seen on the 16 th of April. A total of 7,321 new members were identified. In the first quarter, we saw a slight drop in rootkits. This drop continued in the second quarter. Page 13 of 26
15 3.5. Trojans Trojans are by far the biggest category of Malware. With more than 9.1 million new unique samples in the second quarter of this year, they amounted to 43 percent of the total. Figure 14: Amount of Identified Trojans (Q2 2014) Of all the Trojan families, we will only discuss the top three. At third place, we find Trojan.Inject.ARJ, with 155,000 different samples distributed over 14 days its best day was on the 11 th of June with almost 36,000. Second place is Trojan.Generic with 349,000 files spread over 71 days its best day was on the 12 th of May. Without doubt, the most distributed Trojan family is Trojan.Agent.BDMJ : in 16 days we counted nearly a half million new samples. AV-Identifier Total Amount First Seen Last Seen Best Day Amount Best Day Trojan.Agent.BDMJ 469, , Trojan.Generic , , Trojan.Inject.ARJ 155, , Days Seen The slight increase in Trojan use in the first quarter continued during the second quarter. Page 14 of 26
16 3.6. Worms In roughly 1.4 million new files, we identified worm traces and functionalities. The first spike above 60,000 is primarily caused by 44,000 samples of Win32.Worm.P2p.Picsys.C. On the 27 th of April Worm.Generic , Win32.Worm.P2p.Picsys.C and Win32.Worm.P2p.Picsys.B accounted for 51,000 samples. The last spike, on the last day of May, was again caused by Win32.Worm.P2p.Picsys.C this day we saw 84,000 files. Figure 15: Amount of Identified Worms (Q2 2014) AV-Identifier Total Amount First Seen Last Seen Best Day Amount Best Day Worm.Generic , ,615 1 Worm.Generic , ,477 1 Win32.Worm.P2p.Picsys.C 414, , Days Seen During the first quarter, the tendency of the worms decreased. In the second quarter, it stabilised again. Page 15 of 26
17 3.7. Others After grouping the adware, backdoors/botnets, exploits, rootkits and worms, we are still left with 3.4 million identified malicious files. This is 33 percent of the total detected by the Anti-Virus programs. Figure 16: Amount of Identified Other Malware (Q2 2014) We could fill many pages with graphs conveying the large number of malicious files detected. We would, however, like to share two graphs concerning 64-bit Malware. Figure 17: Amount of Identified 64-bit Malware Page 16 of 26
18 A closer look at the 35,000 identified 64-bit Malware reveals that, besides a handful samples of Backdoor.Win64.Winnti.B and Win64.Abul.A, we only saw members of the Win64.Expiro family. Figure 18: 64-bit Malware Q Recently, anti-virus laboratory discovered an interesting new modification of a file virus known as Expiro which targets 64-bit files for infection. However, the body of this versatile new modification is surprising because it is fully cross-platform, able to infect 32-bit and 64-bit files (also, 64-bit files can be infected by an infected 32-bit file). The virus aims to maximise profit and infects executable files on local, removable and network drives. As for the payload, this Malware installs extensions for the Google Chrome and Mozilla Firefox browsers. The Malware also steals stored certificates and passwords from Internet Explorer, Microsoft Outlook and from the FTP client FileZilla. Browser extensions are used to redirect the user to a malicious URL, as well as to hijack confidential information, such as account credentials or online banking information. The virus disables some services on the compromised computer including Windows Defender and Windows Security Center and can also terminate processes. Page 17 of 26
19 4. Geolocation We can see where the hotspots are located by plotting the Command & Control (C&C) servers with the most traffic and connections on a map. Over the past few months, a number of Malware families targeting Point of Sale (POS) systems got some media attention. First there was DexterPOS (first image below), then there was its sister, AlinaPOS (second image below) and more recently there was JackPOS (third image below). One of the most interesting threads of commonality between these samples is the command and control (C&C) structure used between them. Using a C&C communication channel for data exfiltration, while previously rare, has become more and more common in POS Malware. Figure 19: DexterPOS C&C (Map) Page 18 of 26
20 Figure 21: AlinaPOS C&C (Map) Figure 20: JackPOS C&C (Map) Page 19 of 26
21 During the first quarter of 2014, there were only minor changes at the top of the C&C landscape. Below, the top 10 countries from the first quarter of Top 10 Countries Hosting C&C January February March United States 1129 United States 1196 United States 1596 Russian Federation 472 Russian Federation 473 Russian Federation 424 Germany 282 United Kingdom 262 United Kingdom 261 United Kingdom 234 Germany 256 China 249 China 224 China 247 Germany 240 Turkey 196 Ukraine 201 Iran 179 Iran 191 Iran 170 Turkey 179 Ukraine 160 Turkey 150 Netherlands 147 Korea 134 Korea 129 Ukraine 132 Netherlands 125 Netherlands 116 Korea 128 In the second quarter, the United States still led followed by the Russian Federation. Germany dropped during the first quarter, but held third place during the second quarter. Top 10 Countries Hosting C&C April May June United States 1274 United States 1203 United States 1128 Russian Federation 453 Russian Federation 474 Russian Federation 490 Germany 289 Germany 236 Germany 257 China 226 United Kingdom 206 United Kingdom 200 United Kingdom 213 China 172 The Netherlands 184 Iran 185 The Netherlands 166 China 182 Turkey 142 Turkey 138 Turkey 133 The Netherlands 137 Korea 123 Korea 126 Korea 130 Ukraine 110 Iran 118 Ukraine 118 France and Sweden 107 Ukraine 113 Page 20 of 26
22 5. Final Word In the second quarter of 2014, the total number of new malicious files processed per month changed from 7.1 million in April, to 6.8 million in May, and up to 7.2 million in June. The average sample size in May was 3 percent smaller than in April. Moreover, in June, the average sample was even 9 percent smaller than in May. The overall detection by Anti-Virus software is comparable with the first quarter. In April, 24 percent of threats were not detected, in May 25 percent and in June 20 percent. Altogether, around 8.6 million malicious files were not detected during the second quarter. By grouping and classifying the identified Malware, we detected a decrease of popularity in 5 of the 7 main Malware categories during the second quarter. These five categories are Adware, Backdoors/Botnets, Exploits, Rootkits and Worms. The remaining two categories, Trojans and Others, increased. The most distributed Malware families per main category per month are: Category Family Total number Q2 Adware DomaIQ 655,690 Backdoors/Botnets Bot ,932 Exploit PDF-JS.Gen 1,248 Rootkits Rootkit ,321 Trojans Agent.BDMJ 469,414 Worms Picsys.C 414,002 Others Generic.Malware.FP!dldPk!.A3F6BED5 169,884 Within the top 10 of countries hosting C&C servers, the United States led the second quarter of 2014, followed by the Russian Federation and Germany. In March and April, China held the fourth place. In May and June, Chine dropped two places. While in March, the United Kingdom could be found at the third place in April it dropped to fifth place. Nevertheless, in May, the United Kingdom climbed up to fourth place and stayed there. The Netherlands is found at 8 th place at the end of quarter one. In May, it climbed to 6 th place and ended at 5 th place in June. Page 21 of 26
23 We hope you that you enjoyed our second Malware Trend Report of this year and that it may provide you with insight into the trends we have seen during the second quarter of We continue to innovate so please check back with us for our next trend report for the 3 rd quarter of Questions, comments and requests can be directed towards the RedSocks Malware Research Labs. G.J.Vroon Anti-Malware Behavioural Researcher RedSocks B.V. W: T: +31 (0) E: info@redsocks.nl Page 22 of 26
24 Appendix A: Detecting Malware April May June Day Files/day Detected Undetected Files/day Detected Undetected Files/day Detected Undetected 1 303, ,528 60, , ,424 60, , ,277 19, , ,474 73, , ,716 40, , ,795 79, , ,013 63, , ,390 36, , ,614 28, , ,181 46, , ,352 42, , ,512 38, , ,265 55, , ,392 56, , ,915 39, , ,935 63, , ,072 39, , ,851 30, , ,531 45, , ,430 46, , ,423 26, , ,300 53, , ,670 54, , ,761 54, , ,836 64, , ,697 53, , ,247 53, , ,691 46, , ,087 91, , ,629 44, , ,332 60, , ,625 87, , ,618 43, , ,098 58, , ,357 50, , ,506 55, , ,882 77, , , , , ,697 51, , ,051 42, ,203 96,594 42, , ,106 66, ,168 65,819 22, , ,625 86, , ,424 42, , ,240 51, , ,992 50, , ,047 71, , ,737 46, , ,615 68, , ,160 84, , ,172 45, , ,739 58, , ,094 66, , ,877 62, , ,076 59, , ,919 55, , ,589 88, ,511 82,669 43, , , , , ,447 44,064 94,432 73,421 21, , ,225 24, , ,055 68, ,639 90,488 33, , ,224 90, , ,411 63, , ,808 28, , ,215 45, , ,434 58, , ,524 68, , ,512 52, , ,751 76, , ,568 46, , ,441 45, , ,209 47, ,790 99,017 60, , ,835 22, , ,716 42, , ,021 56, , ,947 30, , ,664 59, , ,654 44, , ,855 33, , ,000 46, , ,135 31, , ,107 35, , ,596 43, , ,199 66, , ,605 42, , ,965 29,929 7,101,558 5,421,834 1,679,724 6,766,688 5,058,110 1,708,578 7,185,850 5,707,969 1,477,881 Page 23 of 26
25 Appendix B: Classifying Malware April Day Adware Backdoors Exploits Rootkits Trojans Worms Other 1 62,898 6, ,182 8, , ,748 1, ,411 7,206 34, ,841 2, ,173 4,671 35, ,215 1, ,703 2,712 35, ,000 5, ,271 10,736 52, ,740 15, ,062 10,291 50, ,303 19, ,171 13,430 38, ,136 11, ,949 28,201 67, ,097 32, ,936 5,298 59, ,987 27, ,206 5,811 58, ,677 11, ,877 9,652 53, ,251 11, , ,630 12,787 72, ,573 11, ,776 88,821 17,364 70, ,252 6, ,893 7,853 68, ,566 1, ,382 4,562 24, ,201 3, ,002 9,323 53, ,739 3, ,061 11,676 64, ,084 2, ,156 64,733 40, ,165 7, ,034 18,735 94, ,075 9, ,938 15, , ,440 3, ,032 8, , ,876 12, ,816 20, , ,172 2, ,973 7,153 71, ,982 4, ,249 7,277 63, ,273 7, ,702 21,924 91, ,630 3, ,276 34,258 76, ,698 2, ,286 37,070 53, ,974 8, ,900 99, , ,330 3, ,163 38, , ,835 4, ,383 10,637 94,287 Totals 1,215, ,084 3,158 17,678 2,878, ,058 2,189,188 Page 24 of 26
26 May Day Adware Backdoors Exploits Rootkits Trojans Worms Other 1 50,326 6, ,940 17,141 70, ,599 6, ,340 19,682 81, ,486 6, ,537 18, , ,936 8, ,239 18,160 83, ,631 11, ,610 21, , ,362 5, ,340 22,017 96, ,558 3, ,361 12,858 98, ,133 2, ,409 10,826 61, ,601 1, ,941 22,071 72, ,602 2, ,408 7,750 63, ,337 1, ,597 2,502 57, ,064 1, ,737 6,666 80, ,546 3, ,537 12, , ,974 1, ,585 2,984 42, ,874 1, ,432 6,220 69, ,872 1, ,252 5,160 79, ,675 2, ,846 6, , ,434 1, ,854 5,276 98, ,924 1, ,612 7,035 75, , ,542 2,691 59, , ,233 2,235 32, , ,644 7,371 46, ,611 1, ,756 7,965 59, ,672 1, ,254 13,688 96, ,172 2, ,006 6, , ,864 1, ,723 2,232 53, ,303 2, ,005 5,887 66, , ,249 11,676 67, ,026 1, ,881 13,793 74, ,290 4, ,455 41,582 80, , , ,167 30,294 Totals 966,216 92,205 3,423 2,332 2,908, ,803 2,349,961 Page 25 of 26
27 June Day Adware Backdoors Exploits Rootkits Trojans Worms Other 1 16,098 1, ,859 6,800 61, ,298 2, ,226 8,993 59, ,457 2, ,118 12,797 59, ,896 3, ,230 17,294 75, ,946 2, ,630 16,052 68, ,879 1, ,959 7,560 57, ,315 1, ,729 3,751 58, ,960 2, ,610 17,164 72, ,293 12, ,227 17,850 90, ,724 1, ,444 10,272 78, , ,284 6,011 47, ,722 4, ,676 10,740 78, ,768 2, ,974 7,819 79, ,395 4, ,731 15, , ,126 3, ,168 14,146 97, ,545 2, ,746 26,181 91, ,460 2, ,195 20,698 85, , ,087 11,200 52, ,121 1, ,852 18, , ,902 1, ,429 32, , ,054 1, ,306 13,374 39, ,757 1, ,612 15,737 96, , ,984 8,455 63, ,242 1, ,798 11,339 99, ,983 1, ,963 12,381 62, , ,080 7,004 54, ,340 1, ,227 7,261 44, ,358 1, ,548 6,820 63, , ,243 13, , ,743 1, ,117 16, ,097 Totals 907,020 68,226 1,540 3,545 3,362, ,797 2,476,483 Page 26 of 26
28 REDSOCKS RedSocks is a Dutch company specialised in malware detection. RedSocks supplies RedSocks malware threat defender as a network appliance. This innovative appliance analyses digital traffic flows in real time based on the algorithms and lists of malicious indicators compiled by the RedSocks Malware Intelligence Team. This team consists of specialists in identifying new threats on the internet and translating them into state-of-the-art malware detection. Boogschutterstraat 9C, 7324 AE Apeldoorn, The Netherlands Tel +31 (0) info@redsocks.nl Website
This page is left blank on purpose.
This page is left blank on purpose. page 1 of 30 Table of Contents 1. Introduction... 5 2. Summary... 6 2.1. Collecting Malware... 7 2.2. Processing Malware... 7 2.3. Identifying Malware... 8 2.4. Detecting
More informationMalware Trend Report, Q4 2014 October November December
Malware Trend Report, Q4 2014 October November December January 2015 Copyright RedSocks B.V. 2014-2015. All Rights Reserved. This page is left blank on purpose. Page 1 of 28 Table of Contents 1. Introduction...
More informationWindows Malware Annual Report 2014 And prognosis 2015
Windows Malware Annual Report 2014 And prognosis 2015 February 2015 Copyright RedSocks B.V. 2014-2015. All Rights Reserved. This page is left blank on purpose. Page 1 Table of Contents 1. Introduction...
More informationMalware Trend Report, Q1 2015 January February March
Malware Trend Report, Q1 215 January February March April 215 Copyright RedSocks B.V. 214-215. All Rights Reserved. This page is left blank on purpose. Page 1 Table of Contents 1. Introduction... 4 2.
More informationComputer Security DD2395
Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/dd2395/dasakh11/ Fall 2011 Sonja Buchegger buc@kth.se Lecture 7 Malicious Software DD2395 Sonja Buchegger 1 Course Admin Lab 2: - prepare
More informationProtection for Mac and Linux computers: genuine need or nice to have?
Protection for Mac and Linux computers: genuine need or nice to have? The current risk to computers running non-windows platforms is small but growing. As Mac and Linux computers become more prevalent
More informationEmail David-Kovarik@northwestern.edu Phone 847-467-5930 Fax 847-467-6000
Information Technology Information and Systems Security/Compliance Northwestern University 1800 Sherman Av Suite 209 Evanston, IL 60201 Email David-Kovarik@northwestern.edu Phone 847-467-5930 Fax 847-467-6000
More informationWHITE PAPER. Understanding How File Size Affects Malware Detection
WHITE PAPER Understanding How File Size Affects Malware Detection FORTINET Understanding How File Size Affects Malware Detection PAGE 2 Summary Malware normally propagates to users and computers through
More informationContact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:
Malicious software About ENISA The European Network and Information Security Agency (ENISA) is an EU agency created to advance the functioning of the internal market. ENISA is a centre of excellence for
More informationComprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)
Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus February 3, 2015 (Revision 4) Table of Contents Overview... 3 Malware, Botnet Detection, and Anti-Virus Auditing... 3 Malware
More informationKeeping you and your computer safe in the digital world.
Keeping you and your computer safe in the digital world. After completing this class, you should be able to: Explain the terms security and privacy as applied to the digital world Identify digital threats
More informationHow to easily clean an infected computer (Malware Removal Guide)
How to easily clean an infected computer (Malware Removal Guide) Malware, short for malicious (or malevolent) software, is software used or programmed by attackers to disrupt computer operation, gather
More informationthriller INTERNET SECURITY
+ thriller INTERNET SECURITY Saturday, October 31, 2009 1:30 PM 3:00 PM Matthew 28:18-20 Website Ministry + Agenda 2 Scripture (Col 3:12-15) Prayer Internet Security Security Threats Security Protection
More informationES ET DE LA VIE PRIVÉE E 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS
ES ET DE LA VIE PRIVÉE E 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISS The Internet Threat Landscape Symantec TM Dean Turner Director Global Intelligence Network Symantec Security
More informationAutomating Linux Malware Analysis Using Limon Sandbox Monnappa K A monnappa22@gmail.com
Automating Linux Malware Analysis Using Limon Sandbox Monnappa K A monnappa22@gmail.com A number of devices are running Linux due to its flexibility and open source nature. This has made Linux platform
More informationUnknown threats in Sweden. Study publication August 27, 2014
Unknown threats in Sweden Study publication August 27, 2014 Executive summary To many international organisations today, cyber attacks are no longer a matter of if but when. Recent cyber breaches at large
More informationMOBILE MALWARE REPORT
TRUST IN MOBILE MALWARE REPORT THREAT REPORT: H2/2014 CONTENTS At a Glance 03-03 Forecasts and trends 04-04 Current situation: 4.500 new Android malware instances every day 05-05 Third-party App-Stores
More informationMicrosoft Security Intelligence Report volume 7 (January through June 2009)
Microsoft Security Intelligence Report volume 7 (January through June 2009) Key Findings Summary Volume 7 of the Microsoft Security Intelligence Report provides an in-depth perspective on malicious and
More informationQUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY
QUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY EXPLOIT KITS UP 75 PERCENT The Infoblox DNS Threat Index, powered by IID, stood at 122 in the third quarter of 2015, with exploit kits up 75 percent
More informationBotnet Analysis Leveraging Domain Ratio Analysis Uncovering malicious activity through statistical analysis of web log traffic
The Leader in Cloud Security RESEARCH REPORT Botnet Analysis Leveraging Domain Ratio Analysis Uncovering malicious activity through statistical analysis of web log traffic ABSTRACT Zscaler is a cloud-computing,
More informationESET NOD32 Antivirus. Table of contents
ESET NOD32 Antivirus ESET NOD32 Antivirus provides state-of-theart protection for your computer against malicious code. Based on the ThreatSense scanning engine first introduced in the awardwinning NOD32
More informationComputer Viruses: How to Avoid Infection
Viruses From viruses to worms to Trojan Horses, the catchall term virus describes a threat that's been around almost as long as computers. These rogue programs exist for the simple reason to cause you
More informationSymantec enterprise security. Symantec Internet Security Threat Report April 2009. An important note about these statistics.
Symantec enterprise security Symantec Internet Security Threat Report April 00 Regional Data Sheet Latin America An important note about these statistics The statistics discussed in this document are based
More informationSpyware: Securing gateway and endpoint against data theft
Spyware: Securing gateway and endpoint against data theft The explosion in spyware has presented businesses with increasing concerns about security issues, from data theft and network damage to reputation
More informationGetting Ahead of Malware
IT@Intel White Paper Intel Information Technology Security December 2009 Getting Ahead of Malware Executive Overview Since implementing our security event monitor and detection processes two years ago,
More informationSymantec Endpoint Protection 12.1.5 Datasheet
Symantec Endpoint Protection 12.1.5 Datasheet Data Sheet: Endpoint Security Overview Malware has evolved from large-scale massive attacks to include Targeted Attacks and Advanced Persistent Threats that
More informationWhat Do You Mean My Cloud Data Isn t Secure?
Kaseya White Paper What Do You Mean My Cloud Data Isn t Secure? Understanding Your Level of Data Protection www.kaseya.com As today s businesses transition more critical applications to the cloud, there
More information24/7 Visibility into Advanced Malware on Networks and Endpoints
WHITEPAPER DATA SHEET 24/7 Visibility into Advanced Malware on Networks and Endpoints Leveraging threat intelligence to detect malware and exploitable vulnerabilities Oct. 24, 2014 Table of Contents Introduction
More informationTypes of cyber-attacks. And how to prevent them
Types of cyber-attacks And how to prevent them Introduction Today s cybercriminals employ several complex techniques to avoid detection as they sneak quietly into corporate networks to steal intellectual
More informationPhishing Activity Trends Report. 1 st Half 2009. Committed to Wiping Out Internet Scams and Fraud
1 st Half 2009 Committed to Wiping Out Internet Scams and Fraud January June 2009 Phishing Report Scope The quarterly APWG analyzes phishing attacks reported to the APWG by its member companies, its Global
More informationOperation Liberpy : Keyloggers and information theft in Latin America
Operation Liberpy : Keyloggers and information theft in Latin America Diego Pérez Magallanes Malware Analyst Pablo Ramos HEAD of LATAM Research Lab 7/7/2015 version 1.1 Contents Introduction... 3 Operation
More informationIntroduction to Computer Security Table of Contents
Introduction to Computer Security Table of Contents Introduction... 2 1 - Viruses... 3 Virus Scanners... 3 2 - Spyware... 7 Spyware Scanners... 8 3 - Firewalls... 10 Windows Firewall... 10 4 - References...
More informationCIT 480: Securing Computer Systems. Malware
CIT 480: Securing Computer Systems Malware Topics 1. Anti-Virus Software 2. Virus Types 3. Infection Methods 4. Rootkits 5. Malware Analysis 6. Protective Mechanisms 7. Malware Factories 8. Botnets Malware
More informationTen Tips to Avoid Viruses and Spyware
Ten Tips to Avoid Viruses and Spyware By James Wilson, CPA (480) 839-4900 ~ JamesW@hhcpa.com Oh, the deck is stacked. Don t think for a minute it s not. As a technology professional responsible for securing
More informationIntroduction: 1. Daily 360 Website Scanning for Malware
Introduction: SiteLock scans your website to find and fix any existing malware and vulnerabilities followed by using the protective TrueShield firewall to keep the harmful traffic away for good. Moreover
More informationHow To Install Avira Small Business Security Suite (Small Business) On A Microsoft Microsoft Server (Small Bserver) For A Small Business (Small) Computer (Small Server)
Avira Small Business Security Suite HowTo Table of Contents 1. Introduction... 3 2. Product Information... 3 2.1 Operation mode...3 2.2 Scope of services...3 2.3 Optimum protection. Fast updates. Efficient
More informationPhishing Activity Trends
Phishing Activity Trends Report for the Month of, 27 Summarization of Report Findings The number of phishing reports received by the (APWG) came to 23,61 in, a drop of over 6, from January s previous record
More informationSecurity A to Z the most important terms
Security A to Z the most important terms Part 1: A to D UNDERSTAND THE OFFICIAL TERMINOLOGY. This is F-Secure Labs. Learn more about the most important security terms with our official explanations from
More informationEndpoint Security and the Case For Automated Sandboxing
WHITE PAPER Endpoint Security and the Case For Automated Sandboxing https://enterprise.comodo.com A World of Constant Threat We live in a world of constant threat. Hackers around the globe work every hour
More informationMalicious Software. Ola Flygt Växjö University, Sweden http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49. Viruses and Related Threats
Malicious Software Ola Flygt Växjö University, Sweden http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49 1 Outline Viruses and Related Threats Malicious Programs The Nature of Viruses Antivirus
More informationAvira Small Business Security Suite Avira Endpoint Security. Quick Guide
Avira Small Business Security Suite Avira Endpoint Security Quick Guide Table of Contents 1. Introduction... 3 2. Product Information... 3 2.1 Operation mode...3 2.2 Scope of services...3 2.3 Optimum protection.
More informationMifflinburg Bank & Trust. Corporate Account Takeover & Information Security Awareness
Mifflinburg Bank & Trust Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This presentation is
More informationZNetLive Malware Monitoring
Introduction The criminal ways of distributing malware or malicious software online have gone through a change in past years. In place of using USB drives, attachments or disks to distribute viruses, hackers
More informationCYBERCRIMINAL IN BRAZIL SHARES MOBILE CREDIT CARD STORE APP
CYBERCRIMINAL IN BRAZIL SHARES MOBILE CREDIT CARD STORE APP August 2014 RSA agents recently traced a threat actor advertising a mobile credit card store application. The cybercriminal shared the information
More informationMALWARE THREATS AND TRENDS. Chris Blow, Director Dustin Hutchison, Director
MALWARE THREATS AND TRENDS Chris Blow, Director Dustin Hutchison, Director WHAT IS MALWARE? Malicious Software Viruses Worms Trojans Rootkits Spyware Ransomware 2 MALWARE ORIGINS Users bring it from home
More informationGlobalSign Malware Monitoring
GLOBALSIGN WHITE PAPER GlobalSign Malware Monitoring Protecting your website from distributing hidden malware GLOBALSIGN WHITE PAPER www.globalsign.com CONTENTS Introduction... 2 Malware Monitoring...
More informationAvira Small Business Security Suite. HowTo
Avira Small Business Security Suite HowTo Table of contents 1. Introduction... 3 2. Product Information... 3 2.1 Operation mode... 3 2.2 Scope of services... 3 2.3 Optimum protection. Fast updates. Efficient
More informationVirtual Desktops Security Test Report
Virtual Desktops Security Test Report A test commissioned by Kaspersky Lab and performed by AV-TEST GmbH Date of the report: May 19 th, 214 Executive Summary AV-TEST performed a comparative review (January
More informationCorporate Account Takeover & Information Security Awareness
Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This presentation is for information purposes
More informationStatistical Analysis of Internet Security Threats. Daniel G. James
Statistical Analysis of Internet Security Threats Daniel G. James ABSTRACT The purpose of this paper is to analyze the statistics surrounding the most common security threats faced by Internet users. There
More informationwhite paper Malware Security and the Bottom Line
Malware Security Report: Protecting Your BusineSS, Customers, and the Bottom Line Contents 1 Malware is crawling onto web sites everywhere 1 What is Malware? 2 The anatomy of Malware attacks 3 The Malware
More informationTHE HOME LOAN SAVINGS BANK. Corporate Account Takeover & Information Security Awareness
THE HOME LOAN SAVINGS BANK Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This presentation is
More informationOverview. Common Internet Threats. Spear Phishing / Whaling. Phishing Sites. Virus: Pentagon Attack. Viruses & Worms
Overview Common Internet Threats Tom Chothia Computer Security, Lecture 19 Phishing Sites Trojans, Worms, Viruses, Drive-bydownloads Net Fast Flux Domain Flux Infiltration of a Net Underground economy.
More informationNUIT Tech Talk. Peeking Behind the Curtain of Security. Jeff Holland Security Vulnerability Analyst Information & Systems Security/Compliance
NUIT Tech Talk Peeking Behind the Curtain of Security Jeff Holland Security Vulnerability Analyst Information & Systems Security/Compliance Definitions Malware: The Virus/Trojan software we ve all come
More informationOhio University Computer Services Center October, 2004 Spyware, Adware, and Virus Guide
Ohio University Computer Services Center October, 2004 Spyware, Adware, and Virus Guide Definitions Malware is term meaning malicious software. Malware is software designed to disrupt a computer system.
More informationAirtel PC Secure Trouble Shooting Guide
Airtel PC Secure Trouble Shooting Guide Table of Contents Questions before installing the software Q: What is required from my PC to be able to use the Airtel PC Secure? Q: Which operating systems does
More informationS3 Control and System Call Indirection
S3 Control Confirma Technology Brief November 2008 Confirma Product Support 11040 Main St., Suite 100, Bellevue, WA 98004-6368, USA Toll free: 877.274.3045 Local: 425.691.1595 Email: support@confirma.com
More informationMultifaceted Approach to Understanding the Botnet Phenomenon
Multifaceted Approach to Understanding the Botnet Phenomenon Christos P. Margiolas University of Crete A brief presentation for the paper: Multifaceted Approach to Understanding the Botnet Phenomenon Basic
More informationPhishing Activity Trends Report June, 2006
Phishing Activity Trends Report, 26 Phishing is a form of online identity theft that employs both social engineering and technical subterfuge to steal consumers' personal identity data and financial account
More informationSECURITY TERMS: Advisory Backdoor - Blended Threat Blind Worm Bootstrapped Worm Bot Coordinated Scanning
SECURITY TERMS: Advisory - A formal notice to the public on the nature of security vulnerability. When security researchers discover vulnerabilities in software, they usually notify the affected vendor
More informationTRAINING FOR AMERICAN MOMENTUM BANK CLIENTS. Corporate Account Takeover & Information Security Awareness
TRAINING FOR AMERICAN MOMENTUM BANK CLIENTS Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This
More informationESET CYBER SECURITY PRO for Mac Quick Start Guide. Click here to download the most recent version of this document
ESET CYBER SECURITY PRO for Mac Quick Start Guide Click here to download the most recent version of this document ESET Cyber Security Pro provides state-of-the-art protection for your computer against
More informationWhat do a banking Trojan, Chrome and a government mail server have in common? Analysis of a piece of Brazilian malware
What do a banking Trojan, Chrome and a government mail server have in common? Analysis of a piece of Brazilian malware Contents Introduction.................................2 Installation: Social engineering
More informationTECHNICAL REPORT. An Analysis of Domain Silver, Inc..pl Domains
TECHNICAL REPORT An Analysis of Domain Silver, Inc..pl Domains July 31, 2013 CONTENTS Contents 1 Introduction 2 2 Registry, registrar and registrant 3 2.1 Rogue registrar..................................
More informationSecurity Intelligence Services. www.kaspersky.com
Kaspersky Security Intelligence Services. Threat Intelligence Services www.kaspersky.com THREAT INTELLIGENCE SERVICES Tracking, analyzing, interpreting and mitigating constantly evolving IT security threats
More informationData Center Security in a World Without Perimeters
www.iss.net Data Center Security in a World Without Perimeters September 19, 2006 Dave McGinnis Director of MSS Architecture Agenda Securing the Data Center What threats are we facing? What are the risks?
More informationSpam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning
Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning Lee Zelyck Network Administrator Regina Public Library Malware, Spyware, Trojans
More informationMcAfee Labs Threat Advisory W32/Autorun.worm.aaeb-h
Summary McAfee Labs Threat Advisory W32/Autorun.worm.aaeb-h August 9, 2013 W32/Autorun.worm.aaeb-h has the ability to infect removable media devices, as well as mounted network shares. Infection starts
More informationUnderstanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them
Lab Exercises Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Review Questions 1) In class, we made the distinction between a front-door attack and
More informationHong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望
Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望 Agenda Information Security Trends Year 2014 in Review Outlook for 2015 Advice to the Public Hong Kong Computer Emergency Response Team Coordination
More informationProtecting Your Network Against Risky SSL Traffic ABSTRACT
Protecting Your Network Against Risky SSL Traffic ABSTRACT Every day more and more Web traffic traverses the Internet in a form that is illegible to eavesdroppers. This traffic is encrypted with Secure
More informationN-CAP Users Guide. Everything You Need to Know About Using the Internet! How Worms Spread via Email (and How to Avoid That)
N-CAP Users Guide Everything You Need to Know About Using the Internet! How Worms Spread via Email (and How to Avoid That) How Worms Spread via Email (and How to Avoid That) Definitions of: A Virus: is
More informationITSC Training Courses Student IT Competence Programme SIIS1 Information Security
ITSC Training Courses Student IT Competence Programme SI1 2012 2013 Prof. Chan Yuen Yan, Rosanna Department of Engineering The Chinese University of Hong Kong SI1-1 Course Outline What you should know
More informationStudent Tech Security Training. ITS Security Office
Student Tech Security Training ITS Security Office ITS Security Office Total Security is an illusion security will always be slightly broken. Find strategies for living with it. Monitor our Network with
More informationYou ll learn about our roadmap across the Symantec email and gateway security offerings.
#SymVisionEmea In this session you will hear how Symantec continues to focus our comprehensive security expertise, global intelligence and portfolio on giving organizations proactive, targeted attack protection
More informationNetsweeper Whitepaper
Netsweeper Inc. Corporate Headquarters 104 Dawson Road Suite 100 Guelph, ON, Canada N1H 1A7 CANADA T: +1 (519) 826-5222 F: +1 (519) 826-5228 Netsweeper Whitepaper The Evolution of Web Security June 2010
More informationVirus Definition and Adware
DANEnet Round Table: Viruses and Spyware Definition of a computer virus: -A computer program that is designed to replicate itself by copying itself into the other programs stored in a computer. It may
More informationFrom Georgia, with Love Win32/Georbot. Is someone trying to spy on Georgians?
From Georgia, with Love Win32/Georbot Is someone trying to spy on Georgians? At the beginning of the year, a curious piece of malware came to our attention. An analyst in our virus laboratory noticed that
More informationThe information contained in this session may contain privileged and confidential information. This presentation is for information purposes only.
The information contained in this session may contain privileged and confidential information. This presentation is for information purposes only. Before acting on any ideas presented in this session;
More informationWHY DOES MY SPEED MONITORING GRAPH SHOW -1 IN THE TOOLTIP? 2 HOW CAN I CHANGE MY PREFERENCES FOR UPTIME AND SPEED MONITORING 2
FAQ WHY DOES MY SPEED MONITORING GRAPH SHOW -1 IN THE TOOLTIP? 2 HOW CAN I CHANGE MY PREFERENCES FOR UPTIME AND SPEED MONITORING 2 WHAT IS UPTIME AND SPEED MONITORING 2 WHEN I TRY TO SELECT A SERVICE FROM
More informationavast! Free Antivirus for Mac Quick Start Guide avast! Free Antivirus for Mac Quick Start Guide
avast! Free Antivirus for Mac Quick Start Guide 1 Introduction Welcome to avast! Free Antivirus for Mac. avast! Free Antivirus for Mac contains the same ICSA Certified scan engine as all avast! antivirus
More informationBOTNETS. Douwe Leguit, Manager Knowledge Center GOVCERT.NL
BOTNETS Douwe Leguit, Manager Knowledge Center GOVCERT.NL Agenda Bots: what is it What is its habitat How does it spread What are its habits Dutch cases Ongoing developments Visibility of malware vs malicious
More informationKASPERSKY LAB. Kaspersky Anti-Virus for Windows Servers 6.0 USER GUIDE
KASPERSKY LAB Kaspersky Anti-Virus for Windows Servers 6.0 USER GUIDE KASPERSKY ANTI-VIRUS FOR WINDOWS SERVERS 6.0 User Guide Kaspersky Lab http://www.kaspersky.com Revision date: September 2008 Table
More informationThe Nitro Attacks. Security Response. Stealing Secrets from the Chemical Industry. Introduction. Targets. Eric Chien and Gavin O Gorman
The Nitro Attacks Stealing Secrets from the Chemical Industry Eric Chien and Gavin O Gorman Contents Introduction... 1 Targets... 1 Attack methodology... 2 Geographic Spread... 3 Attribution... 4 Technical
More informationegambit Forensic egambit, your defensive cyber-weapon system. You have the players. We have the game.
egambit Forensic egambit, your defensive cyber-weapon system. You have the players. We have the game. TEHTRI-Security 2010-2015 www.tehtri-security.com Forensic with egambit In this document, we will introduce
More informationSpyware Doctor Enterprise Technical Data Sheet
Spyware Doctor Enterprise Technical Data Sheet The Best of Breed Anti-Spyware Solution for Businesses Spyware Doctor Enterprise builds on the strength of the industry-leading and multi award-winning Spyware
More informationDETERMINATION OF THE PERFORMANCE
DETERMINATION OF THE PERFORMANCE OF ANDROID ANTI-MALWARE SCANNERS AV-TEST GmbH Klewitzstr. 7 39112 Magdeburg Germany www.av-test.org 1 CONTENT Determination of the Performance of Android Anti-Malware Scanners...
More informationAdvanced Persistent Threats
White Paper INTRODUCTION Although most business leaders and IT managers believe their security technologies adequately defend against low-level threats, instances of (APTs) have increased. APTs, which
More informationEmail Threat Trend Report Second Quarter 2007
Email Threat Trend Report Second Quarter 2007, Ltd. 2550 SW Grapevine Parkway, Suite 150 Grapevine, Texas 76051 Phone: (817) 601-3222 Fax: (817) 601-3223 http://www.altn.com/ 2007 Contents Emerging Email
More informationAdvanced Online Threat Protection: Defending. Malware and Fraud. Andrew Bagnato Senior Systems Engineer
Advanced Online Threat Protection: Defending Your Online Banking Customers Against Modern Malware and Fraud Andrew Bagnato Senior Systems Engineer Agenda Modern malware a targets Account credentials Financial
More informationG DATA MOBILE MALWARE REPORT THREAT REPORT: Q1/2015
G DATA MOBILE MALWARE REPORT THREAT REPORT: Q1/2015 CONTENTS At a glance 03-03 Forecasts and trends 03-03 Current situation: 4,900 new Android malware samples every day 04-04 Half of Android malware is
More informationG DATA MOBILE MALWARE REPORT THREAT REPORT: Q1/2015
G DATA MOBILE MALWARE REPORT THREAT REPORT: Q1/2015 CONTENTS At a glance 03-03 Forecasts and trends 03-03 Current situation: 4,900 new Android malware samples every day 04-04 Half of Android malware is
More informationSpyware. Michael Glenn Technology Management Michael.Glenn@Qwest.com. 2004 Qwest Communications International Inc.
Spyware Michael Glenn Technology Management Michael.Glenn@Qwest.com Agenda Security Fundamentals Current Issues Spyware Definitions Overlaps of Threats Best Practices What Service Providers are Doing References
More informationMalware B-Z: Inside the Threat From Blackhole to ZeroAccess
Malware B-Z: Inside the Threat From Blackhole to ZeroAccess By Richard Wang, Manager, SophosLabs U.S. Over the last few years the volume of malware has grown dramatically, thanks mostly to automation and
More informationPhishing Activity Trends Report for the Month of December, 2007
Phishing Activity Trends Report for the Month of December, 2007 Summarization of December Report Findings The total number of unique phishing reports submitted to APWG in December 2007 was 25,683, a decrease
More informationKaspersky Security 9.0 for Microsoft SharePoint Server Administrator's Guide
Kaspersky Security 9.0 for Microsoft SharePoint Server Administrator's Guide APPLICATION VERSION: 9.0 Dear User! Thank you for choosing our product. We hope that this document will help you in your work
More informationWebsense Web Security Solutions
Web Security Gateway Web Security Web Filter Hosted Web Security Web Security Solutions The Web 2.0 Challenge The Internet is rapidly evolving. Web 2.0 technologies are dramatically changing the way people
More informationDeep Security Vulnerability Protection Summary
Deep Security Vulnerability Protection Summary Trend Micro, Incorporated This documents outlines the process behind rules creation and answers common questions about vulnerability coverage for Deep Security
More informationUsing big data analytics to identify malicious content: a case study on spam emails
Using big data analytics to identify malicious content: a case study on spam emails Mamoun Alazab & Roderic Broadhurst Mamoun.alazab@anu.edu.au http://cybercrime.anu.edu.au 2 Outline Background Cybercrime
More informationBitDefender Client Security Workstation Security and Management
BitDefender Client Security Workstation Security and Management BitDefender Client Security is an easy to use business security and management solution, which delivers superior proactive protection from
More information