Presentation is loading. Please wait.

Presentation is loading. Please wait.

Threat Landscape Update

Published byJared Perry Modified over 5 years ago

Similar presentations

Presentation on theme: "Threat Landscape Update"— Presentation transcript:

1 Threat Landscape Update
Internet Security Threat Report (ISTR) 2019 volume 24 IETF 104, Monday 25th of March 2019, Prague Arnaud Taddei Candid Wueest

2 Cybercrime Trends – Focused on Profit
FormJacking Cryptojacking activity remains at high levels with 3.5 million blocked events in Dec 2018 Over the course of 2018, total cryptojacking events dropped by 52% as cyptocurrency prices dropped by almost 90% Overall web attacks are up by 56% 1 in 10 URLs was malicious (1 in 16 in 2017) CryptoJacking Formjacking is the use of malicious JavaScript to transparently steal payment card information & PII from compromised websites On average 4,800 websites were compromised by formjacking attacks every month in 2018 We blocked 3.7M formjacking attacks in 2018 on endpoint devices Difficult to detect for end-users

3 Cybercrime Trends – Focused on Profit
Ransomware 1 in 36 mobile devices had a high risk app installed Only 23.7% of Android phones run the latest major OS version. On IPhones 78.3% are on the newest major release Social media increasingly used to spread fake news/propaganda Smartphones Enterprise ransomware infections are up 12% Mobile ransomware infections are up 33% Overall ransomware infections were down by 20% as attackers moved to more lucrative activities -20% %

4 Attack Trends IoT and Cloud
Internet of Things Attacks against AWS, Azure, Kubernetes, Docker, serverless applications and exposed API services increased At least 70 million records leaked from AWS S3 buckets in > more data breaches Vulnerabilities in hardware chips & infrastructure place cloud services at risk: Meltdown, Spectre, RunC, SDN exploits Cloud Environment 75% of compromised devices were routers, followed by cameras 15% 5G connectivity will change the landscape with more directly connected devices Weak passwords & device exploits are most common attack vectors Used for DDoS, crypto jacking, ad-fraud, but other methods grow

5 Living off the Land and Supply Chain Attacks
Attack Trends against Corporations The misuse of legitimate system tools a.k.a. “Living off the Land” increased again in popularity - Simple, but effective Use of malicious PowerShell scripts increased by 1000% Office files accounted for 48% of malicious attachments, up from 5% in 2017 – Supply Chain attacks up by 78% in 2018 Living off the Land and Supply Chain Attacks Targeted Attacks Remain undetected for as long as possible, move lateral to many systems Spear-phishing remains the primary vector for targeted attacks with 65% Intelligence gathering is primary motive (96%) APT groups are going after ICS/IoT devices Less zero day vulnerabilities used

6 QUESTIONS ? THANK YOU ISTR :

Download ppt "Threat Landscape Update"

Similar presentations

The Threat Landscape Jan 2013. 2013 Threat Report 2.

The Threat Landscape Jan Threat Report 2.
1© Copyright 2014 EMC Corporation. All rights reserved. Securing the Cloud Gintaras Pelenis Field Technologist RSA, the Security Division of EMC

1© Copyright 2014 EMC Corporation. All rights reserved. Securing the Cloud Gintaras Pelenis Field Technologist RSA, the Security Division of EMC
Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.

Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
Security for Today’s Threat Landscape Kat Pelak 1.

Security for Today’s Threat Landscape Kat Pelak 1.
Latest Threats Against Mobile Devices Dave Jevans Founder, Chairman and CTO.

Latest Threats Against Mobile Devices Dave Jevans Founder, Chairman and CTO.
Symantec Security Intelligence Internet Security Threat Report Volume XVI June, 2011 Tiffany Jones Director – Programs and Strategy Symantec Public.

Symantec Security Intelligence Internet Security Threat Report Volume XVI June, 2011 Tiffany Jones Director – Programs and Strategy Symantec Public.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
MOBILE MALWARE TOPIC #5 – INFORMATION ASSURANCE AND SECURITY Michael Fine 1.

MOBILE MALWARE TOPIC #5 – INFORMATION ASSURANCE AND SECURITY Michael Fine 1.
Market Trends Enterprise Web Applications Cloud Computing SaaS Applications BYOD Data Compliance Regulations 30 Second Elevator Pitch Web browsers have.

Market Trends Enterprise Web Applications Cloud Computing SaaS Applications BYOD Data Compliance Regulations 30 Second Elevator Pitch Web browsers have.
Cyber Crimes.

Cyber Crimes.
WEBSENSE ® SECURITY LABS™ 2006 Semi-Annual Web Security Trends Report OWASP Presentation November 9, 2006 Jim Young (301) 512-3350.

WEBSENSE ® SECURITY LABS™ 2006 Semi-Annual Web Security Trends Report OWASP Presentation November 9, 2006 Jim Young (301)
Click to edit Master title style Click to edit Master text styles –Second level Third level –Fourth level »Fifth level June 10 th, 2009Event details (title,

Click to edit Master title style Click to edit Master text styles –Second level Third level –Fourth level »Fifth level June 10 th, 2009Event details (title,
Symantec Targeted Attack Protection 1 Stopping Tomorrow’s Targeted Attacks Today iPuzzlebiz

Symantec Targeted Attack Protection 1 Stopping Tomorrow’s Targeted Attacks Today iPuzzlebiz
Click to edit Master title style Click to edit Master text styles –Second level Third level –Fourth level »Fifth level June 10 th, 2009Event details (title,

Click to edit Master title style Click to edit Master text styles –Second level Third level –Fourth level »Fifth level June 10 th, 2009Event details (title,
Strong Security for Your Weak Link: Implementing People-Centric Security Jennifer Cheng, Director of Product Marketing.

Strong Security for Your Weak Link: Implementing People-Centric Security Jennifer Cheng, Director of Product Marketing.
BUFFERZONE Advanced Endpoint Security Data Connectors-Charlotte January 2016 Company Confidential.

BUFFERZONE Advanced Endpoint Security Data Connectors-Charlotte January 2016 Company Confidential.
The cost of Cybercrime 1 Steve Lamb Regional Marketing Manager – EMEA, Enterprise Security Products Twitter: actionlamb.

The cost of Cybercrime 1 Steve Lamb Regional Marketing Manager – EMEA, Enterprise Security Products Twitter: actionlamb.
Https://www.youtube.com/watch?v=1hpU_Neg1KA. INTRODUCTION & QUESTIONS.

INTRODUCTION & QUESTIONS.
1 #UPAugusta2016. 2 3 Today’s Topics What are Deadly IT Sins? Know them. Fear them. Fix them. #UPAugusta201 6.

1 #UPAugusta Today’s Topics What are Deadly IT Sins? Know them. Fear them. Fix them. #UPAugusta201 6.

Similar presentations

Ads by Google