Presented at Kaseya Connect 2015

Similar documents
Survey: Endpoint Security Concerns 2014 The issues keeping IT admins awake into the New Year

Anti-exploit tools: The next wave of enterprise security

MALWARE THREATS AND TRENDS. Chris Blow, Director Dustin Hutchison, Director

Trends in Malware DRAFT OUTLINE. Wednesday, October 10, 12

What Do You Mean My Cloud Data Isn t Secure?

Why a Network-based Security Solution is Better than Using Point Solutions Architectures

The Hillstone and Trend Micro Joint Solution

Web site security issues White paper November Maintaining trust: protecting your Web site users from malware.

Zscaler Cloud Web Gateway Test

Spyware. Michael Glenn Technology Management 2004 Qwest Communications International Inc.

WEBTHREATS. Constantly Evolving Web Threats Require Revolutionary Security. Securing Your Web World

Hope is not a strategy. Jérôme Bei

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:

of firms with remote users say Web-borne attacks impacted company financials.

white paper Malware Security and the Bottom Line

Fighting Advanced Threats

isheriff CLOUD SECURITY

How to easily clean an infected computer (Malware Removal Guide)

Advanced Persistent Threats

ABOUT LAVASOFT. Contact. Lavasoft Product Sheet: Ad-Aware Free Antivirus+

Advanced Persistent Threats

Driving Success in 2013: Enabling a Smart Protection Strategy in the age of Consumerization, Cloud and new Cyber Threats. Eva Chen CEO and Co-Founder

Advanced Persistent. From FUD to Facts. A Websense Brief By Patrick Murray, Senior Director of Product Management

Towards a Comprehensive Internet Security Strategy for SMEs

2016 Trends in Cybersecurity: A Quick Guide to the Most Important Insights in Security

24/7 Visibility into Advanced Malware on Networks and Endpoints

Don t Fall Victim to Cybercrime:

Netsweeper Whitepaper

WEB ATTACKS AND COUNTERMEASURES

Closing the Antivirus Protection Gap

Host-based Intrusion Prevention System (HIPS)

Symantec Endpoint Protection

Kaseya 2. User Guide. Version 1.1

WHITE PAPER: Cyber Crime and the Critical Need for Endpoint Security

WHITE PAPER. Understanding How File Size Affects Malware Detection

Practical Steps To Securing Process Control Networks

Spyware Doctor Enterprise Technical Data Sheet

QUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY

Symantec Advanced Threat Protection: Network

How To Protect Yourself From A Web Attack

Active Threat Control

What you need to know to keep your computer safe on the Internet

Modern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth

The Key to Secure Online Financial Transactions

Malware, Spyware, Adware, Viruses. Gracie White, Scott Black Information Technology Services

User Documentation Web Traffic Security. University of Stavanger

Building a Business Case:

Marble & MobileIron Mobile App Risk Mitigation

Top 10 Anti-fraud Tips: The Cybersecurity Breach Aftermath

Secure Your Mobile Workplace

Why The Security You Bought Yesterday, Won t Save You Today

Integrating MSS, SEP and NGFW to catch targeted APTs

Spyware Linkages to Malware and its Affects A Multi-Layered Approach to Stopping Information Theft

FOR MAC. Quick Start Guide. Click here to download the most recent version of this document

Types of cyber-attacks. And how to prevent them

INTERNET & COMPUTER SECURITY March 20, Scoville Library. ccayne@biblio.org

Security workshop Protection against botnets. Belnet Aris Adamantiadis Brussels 18 th April 2013

5 Steps to Advanced Threat Protection

Cisco Advanced Malware Protection

Cisco Advanced Malware Protection. Ross Shehov Security Virtual Systems Engineer March 2016

Sophistication of attacks will keep improving, especially APT and zero-day exploits

TRENDS IN THE THREAT LANDSCAPE

Kaseya White Paper. Endpoint Security. Fighting Cyber Crime with Automated, Centralized Management.

Outpost Pro PC security products Security Suite, Antivirus, Firewall

Corporate Account Takeover & Information Security Awareness. Customer Training

Remove ANY TOOLBAR from Internet Explorer, Firefox and Chrome

Trust the Innovator to Simplify Cloud Security

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

EXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY

Ten Tips to Avoid Viruses and Spyware

Powerful and reliable virus and spam protection for your GMS installation

Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)

Trend Micro OfficeScan 11.0 SP1. Best Practice Guide for Malware

Securing Your Business s Bank Account

PC & Internet Security

Protecting Organizations from Spyware

Defending Against Data Beaches: Internal Controls for Cybersecurity

Symantec Endpoint Protection

Malware B-Z: Inside the Threat From Blackhole to ZeroAccess

Integrated Protection for Systems. João Batista Territory Manager

Endpoint Security 2.0: The Emerging Role of Application Whitelisting Solutions. Todd Schell

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

A Case for Managed Security

Internet threats: steps to security for your small business

Conducting an Phishing Campaign

Spyware: Securing gateway and endpoint against data theft

Endpoint Security: Moving Beyond AV

Defending Against Cyber Attacks with SessionLevel Network Security

Attacks from the Inside

COULD YOUR BUSINESS SURVIVE A CRYPTOR? Learn how to guard against crypto-ransomware. #SecureBiz

GlobalSign Malware Monitoring

Technical Product Overview. Employing cloud-based technologies to address security risks to endpoint systems

Trend Micro OfficeScan Best Practice Guide for Malware

INDUSTRY OVERVIEW: FINANCIAL

CYBERSECURITY - STRATEGIES. What any company or enterprise must have in mind regarding cybersecurity.

SECURITY REIMAGINED SPEAR PHISHING ATTACKS WHY THEY ARE SUCCESSFUL AND HOW TO STOP THEM. Why Automated Analysis Tools are not Created Equal

Towards a comprehensive Internet security strategy for SMEs

Get Started Guide - PC Tools Internet Security

AppGuard. Defeats Malware

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 2 Systems Threats and Risks

Transcription:

Presented at Kaseya Connect 2015 1

Crushes malware. Restores confidence.

Malwarebytes by the numbers. 1.9B+ Real-time protection events Industries fastest response time to new threats- both known and unknown. 5B+ Pieces of malware removed to date Teaming reputable researchers along with our proven heuristics technology, Malwarebytes continues to win awards. Malwarebytes targets threats, we don t just detect them, taking the fight to the criminals. 250M+ Highest Unique PC s cleaned in 2014 User installed consumer anti-malware scanner worldwide* 30M+ Active monthly users * MBAM Free / OPSWAT 1

Today s Threat Landscape

Malware, viruses WHAT?!?! The word MALWARE is a contraction: MALICIOUS + SOFTWARE = MALWARE A virus is malicious, so it too, technically, is malware. PROBLEM: The industry uses the terms (virus and malware) almost interchangeably and your clients don t really understand the differences. Wikipedia: A computer virus is a computer program that can replicate itself and spread from one computer to another. The term "virus" is also commonly, but erroneously, used to refer to other types of malware, including but not limited to adware and spyware programs that do not have a reproductive ability. The reality is this: Malware is bad. Viruses are bad. There is some overlap and one thing is certain You don t want either one on your clients computers! * MBAM Free / OPSWAT 2

It s all over the news: Current defenses are FAILING 3

RISK Malwarebytes Evolving threat landscape Rogue AV Trojan PUP and PUM Rootkits Exploits APTs Ransomware Multi-stage malware Email Worms Network Worms Spyware File-Infectors Viruses 4

Modern Malware and PUPs Ransomware Encrypt files and hold them for ransom Ex. Cryptolocker, Cryptowall, FBI Ransomware Banking Trojans Steals banking info by man in the middle keystroke logging Also now seen being used to steal credentials of SaaS applications (Salesforce) Ex. Zeus, Citadel, Spyeye, Carberp, Dyre Potentially Unwanted Programs Obtrusive advertising, inserting ads, Pop-ups, Hijack search engine/home page, bundled with other software, etc. Used to deliver malware 5

Malvertising Malicious Advertising (Malvertising) is a type of online attack wherein malicious code hidden within an online ad infects your computer with malware How it works: User visits a legitimate site and is presented with banners or pop up adds Malvertising utilizes tactics like iframes that redirect users to exploit landing pages where malicious code attacks the system Cybercriminals are able to use malvertising by submitting boobytrapped ads to ad networks for real time bidding; after the ad wins the bid it is propagated in real time Malicious ads rotate with normal ads so hard to detect 6

Vulnerabilities and Exploit Kits Exploit Kits infect people by using holes in outdated software that billions of people use like Internet Explorer, Adobe Flash, Adobe reader The holes or vulnerabilities give cyber criminals an undefended window into users computers allowing them to install and monitor what they want Run payload in memory only Open reverse TCP shell to attacker Migrate code to a Windows System process Kill or suspend the AV Drop & run malware.exe 7

How easy is it to get infected? https://youtu.be/34rrjkrkj1s 8

How common are Exploit Kits? 10

But are YOUR CLIENTS being affected? Survey says In August, 2014 Malwarebytes commissioned a blind online survey designed by independent research firm Lawless Research Responding were 685 endpoint security purchase decision-makers from Research Now online panel in US companies with 50 or more employees 50 to 99: 121 100 to 999: 343 1,000+: 221 11

67% of firms experienced malware In the past 12 months, did your company experience the following infections, threats or attacks? Total N=685 Malware (viruses, worms, spyware and other malicious programs) 67% Potentially Unwanted Program (PUP) 42% File infector virus 40% Hacking or network intrusion 29% Drive-by download 19% Advanced Persistent Threat (APT, a targeted attack aimed at your organization) 17% DoS or DDoS 16% Ransomware 15% Four in ten companies had PUPs and file infector viruses Almost two in ten dealt with APTs, DoS/DDoS, and ransomware Source: The Challenge of Endpoint Security. August 2014. Malwarebytes. N=685 firms with 50+ employees. 12

Highest Severity: Ransomware & APTs In the past 12 months, did your company experience the following infections, threats or attacks? Total N=685 How severe were they? Low Severity Medium Severity High Severity Ransomware 15% 23% 39% 38% Advanced Persistent Threat (APT, a targeted attack aimed at your organization) 17% 28% 35% 37% DoS or DDoS 16% 25% 51% 24% File infector virus 40% 36% 41% 23% Hacking or network intrusion 29% 31% 46% 23% Drive-by download 19% 40% 40% 20% Malware (viruses, worms, spyware and other malicious programs) 67% 40% 42% 18% Potentially Unwanted Program (PUP) 42% 50% 38% 13% Source: The Challenge of Endpoint Security. August 2014. Malwarebytes. N=685 firms with 50+ employees. 13

Impact of threats and attacks is high What impact did the threats or attacks have on your organization? N=561 No Impact Low Impact Medium Impact High Impact Increased help-desk time 12% 25% 40% 24% Reduced employee productivity 13% 31% 37% 20% Difficult to remediate 18% 37% 32% 13% Customer data lost or compromised 50% 22% 19% 9% Intellectual property lost or compromised 49% 24% 19% 8% Negative effect on reputation or sales 51% 25% 18% 6% Medium to High Impact 64%: Increased help-desk time 57%: Reduced employee productivity 45%: Difficult to remediate Source: The Challenge of Endpoint Security. August 2014. Malwarebytes. N=685 firms with 50+ employees. 14

Actions Taken to Remove Threats What actions do you take when a threat is not removed by your AV or anti-malware? Quarantine the machine and reimage Contact our endpoint security vendor for help Look for a solution online Use a free malware removal tool 34% 39% 48% 47% When a threat isn t removed by anti-virus or anti-malware: Five in ten quarantine/reimage the machine and contact their security vendor for more help Use Use a a purchased malware removal toold 28% 0% 10% 20% 30% 40% 50% 60% Source: The Challenge of Endpoint Security. August 2014. Malwarebytes. N=685 firms with 50+ employees. 15

Anti-Exploit Anti-Malware Better Endpoint Security

Better Endpoint Security A layered approach Prevents start of advanced attack chain Malwarebytes Endpoint Security: Proactive Zero-Day Exploit Prevention Proactive Zero-Day Malware Protection Advanced Threat Removal Zero-Day Layer Traditional Layer Zero-Day Threat Protection for Endpoints Removes advanced malware already present Prevents installation of zero-day malware Antivirus Web filtering Whitelisting IDS/IPS, Firewall 16

Risk So what is Zero Day? Zero-Day 3+ days later Malware Traditional Anti-Virus Solutions Malwarebytes Age of Threat 17

Anti-Exploit Stops unknown and known exploit attacks Focuses on HOW vs. WHAT is being delivered Prevents exploit attacks against software vulnerabilities by shielding popular applications and browsers Proactive technology; doesn t rely on signatures, blacklisting, sandboxing or VMs Extremely lightweight footprint (3MB) Minimal to no configuration - set it, and forget it ADDED BENEFIT - Enables security patching on YOUR timetable 18

Anti-Malware Eliminates zero-hour malware your endpoint security can miss Award-winning detection/remediation engine Publicly recommended by other security vendors Leverages malware detection/removal from 300M+ user community Real-time IP blocker stops malware command & control path and prevents phishing Tiny endpoint footprint improves performance (8MB vs. 300MB industry standard)** ** Passmark Performance Test October 2014-80% score vs competition (average 55%) 20

THANK YOU Questions? Your presenters from Malwarebytes: Chad Bacher, VP of Products cbacher@malwarebytes.org Terry Fleming, VP of Channel Sales tfleming@malwarebytes.org Malwarebytes Anti-Exploit Video URL: https://youtu.be/34rrjkrkj1s

Join the IT Management Cloud Revolution Take the complexity out of IT management & security with Kaseya www.kaseya.com 24

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information