Download presentation
Presentation is loading. Please wait.
Published byRudolph Gilbert Modified over 9 years ago
1
The Cyber Defense center and its services portfolio McAfee Professional Services – Foundstone Services
2
Intro Threat Landscape. Services DISCUSSION TOPICS Threat Intelligence.
3
The CDC Physical Presence CERT Regional Support Reactive, Proactive, Quality Mgt
4
Cyber Defense Center Incident Response Training Advanced Malware Analysis Strategic Services/Ass essments Contextual Threat intelligence Mobile Forensics Computer Forensics What is it? CERT Computer Emergency Response Team What is it? CERT Computer Emergency Response Team ReactiveProactive Security Quality Management Incident Handling Vulnerability Handling Artifact Handling Announcements Technology Watch Security Audits or Assessments Configuration and Maintenance of Security Tools, Applications, and Infrastructures Development of Security Tools Intrusion Detection Services Threat Intelligence Risk Analysis Business Continuity and Disaster Recovery Planning Security Consulting Awareness Building Education/Training Product Evaluation Computer Emergency Response Team (CERT)
5
Threat Landscape. Services. DISCUSSION TOPICS Threat Intelligence.
7
Spotlight Qatar Qatar 86.2% internet penetration by June 2012 [2] Highest GDP per capita by 2012 [3] 66% higher malware rate vs. worldwide in Q2 2012 [4] Critical infrastructure directly tied to largest segment of economy [1] McAfee Foundstone EMEA Cyber Defense Centre [2] InternetWorldFacts.com [3] CIA World Factbook [4] Microsoft Security Intelligence Report – Volume 13 [1]
8
Threat Intelligence Cyber Defense Centre – A Threat Intelligence System Developed in ME. Focused on E(ME)A. Open Source Intelligence Public & Underground Private data sources & API’s
9
Cryptolocker Infections Gulf Region
10
Threat Intelligence
11
Qatari Hackers Loosely organized Members of general Arabic hacking discussion groups Small footprint compared to other Arab hacker communities
12
Threat Profile - Islamic Security 6,861 members and 55,279+ posts since May, 2012. Administrators include: aBo aLi, Mr.Dm4r, Lov3rDns Topics Include: - Hacking Tutorials and Targets - Tool Development and Distribution - Services and Tools for Sale - “Achievements” of Intrusions
13
Islamic Security – Posts Per Day
14
Islamic Security – Attachment Uploads Per Day
15
Islamic Security – Tool Sharing
17
Threat Intelligence Profile: Qatar-Attack 61 reported hackings Methods: Defacements via SQL, file upload, XSS and DDOS using open source tools Attacked domains in 11+ countries on 5 continents Maintains or contributes videos and blog posts that assist others in hacking
18
Threat Intelligence Profile: Qatar-Attack Names:Qatar-Attack DB-Attack Qatar-Sniper n1tr0g3n / n1tr0g3n0xid3 MrAboght alOahTaNi Aboqhht Qahtani Naef Alqahtani Emails:qatar.attack@gmail.com MrAboqht@gmail.com Q.8L@hotmail.com sad-h4cker@hotmail.com sad@bsdmail.com w7s@windowslive.com Twitter:@MrAboqht YouTube:MrAboqht Domains:secur1ty.org s-war.com db-attack.com Affiliations:alm3r3fh Group v4-team
19
Threat Intelligence.QA Domain Hacked Locations.QA Hacked Operating Systems
20
Threat Profile - Islamic Security 6,861 members and 55,279+ posts since May, 2012. Administrators include: aBo aLi, Mr.Dm4r, Lov3rDns Topics Include: - Hacking Tutorials and Targets - Tool Development and Distribution - Services and Tools for Sale - “Achievements” of Intrusions
21
Islamic Security – Attachment Uploads Per Day
22
Trends in attacks
24
Dexter Dec 2012 Vskimmer Jan 2013 BlackPOS March 2013 Alina Oct 2012 The rise of the RAM Scrapers
25
Example: VSKIMMER
26
Where is the CCArd data?
27
Example: VSKIMMER What is the name of the USB stick? Writing the dumpfile to USB-stick
28
Example: BlackPOS
29
Latest in the world of POS You swipe and pay, Meanwhile track-data of your card is send by SMS to criminal…. Shukran!
30
EMERGENCY?
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.