Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Cyber Defense center and its services portfolio McAfee Professional Services – Foundstone Services.

Similar presentations


Presentation on theme: "The Cyber Defense center and its services portfolio McAfee Professional Services – Foundstone Services."— Presentation transcript:

1 The Cyber Defense center and its services portfolio McAfee Professional Services – Foundstone Services

2 Intro Threat Landscape. Services DISCUSSION TOPICS Threat Intelligence.

3 The CDC Physical Presence CERT Regional Support Reactive, Proactive, Quality Mgt

4 Cyber Defense Center Incident Response Training Advanced Malware Analysis Strategic Services/Ass essments Contextual Threat intelligence Mobile Forensics Computer Forensics What is it? CERT Computer Emergency Response Team What is it? CERT Computer Emergency Response Team ReactiveProactive Security Quality Management Incident Handling Vulnerability Handling Artifact Handling Announcements Technology Watch Security Audits or Assessments Configuration and Maintenance of Security Tools, Applications, and Infrastructures Development of Security Tools Intrusion Detection Services Threat Intelligence Risk Analysis Business Continuity and Disaster Recovery Planning Security Consulting Awareness Building Education/Training Product Evaluation Computer Emergency Response Team (CERT)

5 Threat Landscape. Services. DISCUSSION TOPICS Threat Intelligence.

6

7 Spotlight Qatar Qatar 86.2% internet penetration by June 2012 [2] Highest GDP per capita by 2012 [3] 66% higher malware rate vs. worldwide in Q2 2012 [4] Critical infrastructure directly tied to largest segment of economy [1] McAfee Foundstone EMEA Cyber Defense Centre [2] InternetWorldFacts.com [3] CIA World Factbook [4] Microsoft Security Intelligence Report – Volume 13 [1]

8 Threat Intelligence Cyber Defense Centre – A Threat Intelligence System  Developed in ME.  Focused on E(ME)A.  Open Source Intelligence  Public & Underground  Private data sources & API’s

9 Cryptolocker Infections Gulf Region

10 Threat Intelligence

11 Qatari Hackers  Loosely organized  Members of general Arabic hacking discussion groups  Small footprint compared to other Arab hacker communities

12 Threat Profile - Islamic Security 6,861 members and 55,279+ posts since May, 2012. Administrators include: aBo aLi, Mr.Dm4r, Lov3rDns Topics Include: - Hacking Tutorials and Targets - Tool Development and Distribution - Services and Tools for Sale - “Achievements” of Intrusions

13 Islamic Security – Posts Per Day

14 Islamic Security – Attachment Uploads Per Day

15 Islamic Security – Tool Sharing

16

17 Threat Intelligence Profile: Qatar-Attack  61 reported hackings  Methods: Defacements via SQL, file upload, XSS and DDOS using open source tools  Attacked domains in 11+ countries on 5 continents  Maintains or contributes videos and blog posts that assist others in hacking

18 Threat Intelligence Profile: Qatar-Attack Names:Qatar-Attack DB-Attack Qatar-Sniper n1tr0g3n / n1tr0g3n0xid3 MrAboght alOahTaNi Aboqhht Qahtani Naef Alqahtani Emails:qatar.attack@gmail.com MrAboqht@gmail.com Q.8L@hotmail.com sad-h4cker@hotmail.com sad@bsdmail.com w7s@windowslive.com Twitter:@MrAboqht YouTube:MrAboqht Domains:secur1ty.org s-war.com db-attack.com Affiliations:alm3r3fh Group v4-team

19 Threat Intelligence.QA Domain Hacked Locations.QA Hacked Operating Systems

20 Threat Profile - Islamic Security 6,861 members and 55,279+ posts since May, 2012. Administrators include: aBo aLi, Mr.Dm4r, Lov3rDns Topics Include: - Hacking Tutorials and Targets - Tool Development and Distribution - Services and Tools for Sale - “Achievements” of Intrusions

21 Islamic Security – Attachment Uploads Per Day

22 Trends in attacks

23

24 Dexter Dec 2012 Vskimmer Jan 2013 BlackPOS March 2013 Alina Oct 2012 The rise of the RAM Scrapers

25 Example: VSKIMMER

26 Where is the CCArd data?

27 Example: VSKIMMER What is the name of the USB stick? Writing the dumpfile to USB-stick

28 Example: BlackPOS

29 Latest in the world of POS You swipe and pay, Meanwhile track-data of your card is send by SMS to criminal…. Shukran!

30 EMERGENCY?

31

32


Download ppt "The Cyber Defense center and its services portfolio McAfee Professional Services – Foundstone Services."

Similar presentations


Ads by Google