Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 1 Top 5 Modern Malware Trends Data Connectors – September 12, 2013 Frank Salvatore,

Slides:



Advertisements
Similar presentations
Next Generation Threat Protection
Advertisements

Nathan Labadie Systems Engineer, US-Central FireEye
Challenges In The Morphing Threat Landscape Apr 2011, Arnhem Tamas Rudnai, Websense Security Labs.
BlueRedGreenPurpleOrange.
Tim Davidson System Engineer
Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.
By Hiranmayi Pai Neeraj Jain
PAGE 1 | Gradient colors RGBRGB Diagrams RGBRGB RGBRGB 166.
Next Generation Threat Protection
7 Effective Habits when using the Internet Philip O’Kane 1.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 1 FireEye Overview John Bolger Manager Channels, US-Central FireEye.
1© Copyright 2011 EMC Corporation. All rights reserved. Advanced Persistent Threat Sachin Deshmanya & Srinivas Matta.
Joshua Senzer, CISSP Sr. Systems Engineer – North East Channel
CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.
Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 1 Next Generation Threat Protection Randy Lee– Sr. SE Manager.
 Malicious or unsolicited mail sent to a mailbox without the option to unsubscribe  Often used as a catch-all of any undesired or questionable mail.
1 E LECTRICAL E NGINEERING AND C OMPUTER S CIENCES U NIVERSITY OF C ALIFORNIA Berkeley Combating Stealth Malware and Botnets in Higher Education Educause.
Trend Micro Deployment Kelvin Hwang IT Services University of Windsor.
Herbert Bos Erik van der Kouwe Remco Vermeulen Andrei Bacs
Copyright (c) 2011, FireEye, Inc. All rights reserved. | CONFIDENTIAL 1 Stopping Next-Gen Threats Dan Walters – Sr. Systems Engineer Mgr.
R. FRANK NIMS MIDDLE SCHOOL A BRIEF INTRODUCTION TO VIRUSES.
Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.
11 The Ghost In The Browser Analysis of Web-based Malware Reporter: 林佳宜 Advisor: Chun-Ying Huang /3/29.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)
APT29 HAMMERTOSS Jayakrishnan M.
2002 Symantec Corporation, All Rights Reserved The dilemma European Security Policy and Privacy Ilias Chantzos Government Relations EMEA Terena Conference,
Telling the right story Confidential © Bloor Research 2010 …optimise your IT investments Click to edit Master subtitle style Malware—taking protection.
Palo Alto Networks Modern Malware Cory Grant Regional Sales Manager Palo Alto Networks.
Trend Micro Confidential 9/23/2015 Threat Rules Sharing Advanced Threats Research.
Viruses & Destructive Programs
WEBSENSE ® SECURITY LABS™ 2006 Semi-Annual Web Security Trends Report OWASP Presentation November 9, 2006 Jim Young (301)
Center of Excellence for IT at Bellevue College. Cyber security and information assurance refer to measures for protecting computer systems, networks,
Webroot Web Security SaaS A Better Approach to Web Security
Symantec Targeted Attack Protection 1 Stopping Tomorrow’s Targeted Attacks Today iPuzzlebiz
Chapter 13 Understanding E-Security. 2 OBJECTIVES What are security concerns (examples)? What are two types of threats (client/server) Virus – Computer.
ANTIVIRUS SOFTWARE.  Antivirus software is the most widespread mechanism for defending individual hosts against threats associated with malicious software,
GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.
Web Attacks— Offense… The Whole Story Yuri & The Cheeseheads Mark Glubisz, Jason Kemble, Yuri Serdyuk, Kandyce Giordano.
Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.
Sid Stamm, Zulfikar Ramzan and Markus Jokobsson Erkang Xu.
Module  Introduction Introduction  Techniques and tools used to commit computer crimes Techniques and tools used to commit computer crimes.
Sky Advanced Threat Prevention
n Just as a human virus is passed from person from person, a computer virus is passed from computer to computer. n A virus can be attached to any file.
Copyright © 2015 Cyberlight Global Associates Cyberlight GEORGIAN CYBER SECURITY & ICT INNOVATION EVENT 2015 Tbilisi, Georgia19-20 November 2015 Hardware.
BUFFERZONE Advanced Endpoint Security Data Connectors-Charlotte January 2016 Company Confidential.
Cybersecurity Test Review Introduction to Digital Technology.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
2012 Malnet Report: Breaking the Vicious Cycle Grant Asplund Senior Technology Evangelist.
Rapid Detection & Incident Response What, Why and How March 2016 Ft Gordon.
Enterprise’ Ever-Evolving Challenge & Constraints Dealing with BYOD Challenges Enable Compliance to Regulations Stay Current with New Consumption Models.
Web security | data security | security © 2010 Websense, Inc. All rights reserved. Strategy for Defense Against Web-based Advanced Persistent Threats.
PROTECTING YOUR DATA THREATS TO YOUR DATA SECURITY.
Understanding and breaking the cyber kill chain
Protect your Digital Enterprise
Advanced Endpoint Security Data Connectors-Charlotte January 2016
Botnets A collection of compromised machines
Sophos Intercept Next-Gen Endpoint Protection
Network Security Fundamentals
TOPIC 8 ADVANCED PERSISTENT THREAT (APT) 進階持續性滲透攻擊
Malware, Anti-malware & Rats
Botnets A collection of compromised machines
Jon Peppler, Menlo Security Channels
Risk of the Internet At Home
Spear Phishing Ways to Minimize its Risks
Malware, Phishing and Network Policies
Motivation and Problem Statement
Introduction to Internet Worm
Presentation transcript:

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 1 Top 5 Modern Malware Trends Data Connectors – September 12, 2013 Frank Salvatore, BCOMM Territory Manager, Eastern Canada

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 2 "We're moving towards a world where every attack is effectively zero-day… having a signatured piece of malware, that shouldn't be the foundation on which any security model works." - Chris Young, GVP Cisco Security Tech Week Europe, September 28 th 2012

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 3 "We're moving towards a world where every attack is effectively zero-day… having a signatured piece of malware, that shouldn't be the foundation on which any security model works." - Chris Young, GVP Cisco Security Tech Week Europe, September 28 th 2012

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 4 Modern times… call for modern measures...

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 5 Top CISO Priorities – 2013 Secure Data and Policy Controls Data exfiltration through the use of multi-protocol outbound channels challenges traditional controls Enable Secure Mobility Mobile devices and policies pose major issues as organizations need to enable secure access to data Advanced Attacks Targeting Data Ensuring security of data-at-rest and data-in-motion continues to be challenged with multi-vectored attacks

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 6 Top 5 Global Risks Source: World Economic Forum

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 7 Technological Risks

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 8 High Profile APT Attacks Are Increasingly Common

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 9 We Are Only Seeing the Tip of the Iceberg HEADLINE GRABBING ATTACKS THOUSANDS MORE BELOW THE SURFACE APT Attacks Zero-Day Attacks Polymorphic Attacks Targeted Attacks

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 10 Attacks Increasingly Sophisticated Dynamic Web Attacks Malicious Exploits Spear Phishing s Multi-Vector Delivered via Web or Blended attacks with containing malicious URLs Uses application/OS exploits Multi-Stage Initial exploit stage followed by malware executable download, callbacks and exfiltration Lateral movement to infect other network assets

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 11 Top 5 Modern Malware Trends

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 12 Trend #1: Motivation is Data “Capitalization” Political, Financial, Intellectual Nature of threats changing –From broad, scattershot to advanced, targeted, persistent Advanced attacks accelerating –High profile victims common (e.g., RSA, Symantec, Google) –Numerous APT attacks like Operation Aurora, Shady RAT, GhostNet, Night Dragon, Nitro “Organizations face an evolving threat scenario that they are ill-prepared to deal with….advanced threats that have bypassed their traditional security protection techniques and reside undetected on their systems.” Gartner, Advanced Persistent Threats Zero-day Targeted Attacks Dynamic Trojans Stealth Bots Worms Viruses Disruption Spyware/ Bots Cybercrime Cyber-espionage and Cybercrime Damage of Attacks

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 13 Trend #2: Modern Malware Targets the Application

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 14 Hacking? Not so much…

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 15 Polymorphism on demand

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 16 Blog Post?

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 17 RSS Feed?

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 18 Trend #3: Socialized Attack Vectors Spear-Phishing is a social attack –No real technical countermeasure –Users un(der)trained –Effective way to drive malicious traffic –“Whaling” for high return 83% of spam uses URLs –URL shorteners –Social engineering URLs –Still on the decline Browser/App Infection Vectors –Browser itself –ActiveX / Java –Plug-ins (PDF, QuickTime) –Adobe Flash –JavaScript/AJAX Percent of Spam Containing Links Source: Cisco Systems 18

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 19 LinkedIn is a Gold Mine…

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 20 Successful Spear Phish

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 21 Trend #4: It’s not just about files anymore Modern Malware is about a sequence of protocol flows which serve to exploit an application A file may be invoked or transported, but usually after a successful exploit The new reality of Modern Malware or APT is that file- based analysis is inadequate Exploit Downloads Callback ServerInfection Server Data Exfiltration Binary Download Callbacks

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 22 The Attack Life Cycle – Multiple Stages Exploitation of system 1 3 Callbacks and control established 2 Malware executable download Compromised Web Server, or Web 2.0 Site 1 Callback Server IPS 3 2 Malware spreads laterally 4 Data exfiltration 5 File Share 2 File Share 1 5 4

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 23 Exploit Detection is Critical Malware exploits take a similar form: –Write data to memory –Trick the system to execute that code in memory Exploitation of the system is the first stage –Subsequent stages can be hidden –You will miss attacks if relying on object/file analysis Only FireEye detects the exploit stage –Captures resulting stages –Shares globally

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 24 Timed Malware

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 25 Ho, Ho, Ho… Timed Malware: December 25 th. Where is the IT staff? ;) FireEye works 24/7/365 so you don’t have to events on Xmas.

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 26 Trend #5: Mobile Device Malware

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 27 Trend #5: Mobile Malware Incremental (See Timestamp)

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 28 BYOD = Bring Your own DOOM! Source: “Boy Genius”

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 29 FBI Warning (October 15, 2012) Source:

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 30 Thank You! Frank Salvatore, BCOMM Territory Manager, Eastern Canada

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.