Presentation is loading. Please wait.

Presentation is loading. Please wait.

Challenges In The Morphing Threat Landscape Apr 2011, Arnhem Tamas Rudnai, Websense Security Labs.

Similar presentations


Presentation on theme: "Challenges In The Morphing Threat Landscape Apr 2011, Arnhem Tamas Rudnai, Websense Security Labs."— Presentation transcript:

1 Challenges In The Morphing Threat Landscape Apr 2011, Arnhem Tamas Rudnai, Websense Security Labs

2 Agenda How Has The Threat Landscape Changed? Advanced Persistent Threats Web 2.0 Blended Threats Websense Security Labs

3

4 Something has Changed Rich Internet Applications Cloud Computing Social Web

5 Threat Report % increase in number of malicious websites from 2009 to % of malicious sites we see were legitimate Since April ‘10, the ThreatSeeker Network has identified between 1 and 2 million malicious sites per month

6 Threat Report continued 52% of web-based attacks are data-stealing 9 out of 10 unwanted s contain a URL 84% of messages were spam More info:

7 Top Compromised Site Categories

8 Advanced Persistent Threats

9 APT Advanced: They know what they are doing! Persistent: They have a mission. Threats: They are funded, motivated, organized, and connected

10 “Aurora” Timeline * Independent firm, Virus Total ** Websense Security Labs February 23 Intel confirms “sophisticated” attacks coinciding with Google’s Week of February sites use the exploit to deliver other malware** January 21 Microsoft patch released. Only 26% of AV vendors offer protection* January 16 Exploit code available January 14 0-day identified publicly January 12 Google announcement Sites Compromised 9 Days Nov-Dec, 2009 Multiple phishing attacks

11 Anatomy of Aurora 1 Corporate Network 1 Exploit code posted to target and Web 2.0 enabled sites 2 Spoofed s sent to target companies with URL lure to infected Web site 3 Employees clicked on lures in s and on social networking sites and became infected 4 Infected machines sent sensitive information via the Web to host Web sites 3 AV & URL Filters 4 & URL Filters 2 Filters

12 0-day Timeline 2010 JuneJulyAugustSeptember Total of 79 Days of vulnerable software and counting… 6 Days to patch Adobe Flash 25 Days to patch Adobe Acrobat Reader 15 Days to patch9 Days to patch17 Days to patch7 Days to patch Adobe Flash and Acrobat Reader CVE Microsoft LNK Vulnerability CVE JailbreakMe drive- by attacks on iOS Apple QuickTime “_MARSHALES_P UNK” 0-day CVE Adobe Flash CVE Days to patch Adobe Acrobat Reader CVE

13 Modern Security for Modern Threats ThreatSeeker Network

14 ACE protects customers against the most complex known and unknown threats in the areas of; web exploits, web 2.0, malware, data leakage, and real-time content classification in 95+ categories.

15 ACE: Composite Security Engine PreciseID Reputation Anti-SPAM Real-time Web 2.0 Classification Real-Time Security Classification URL Classification Antivirus ++ Fingerprints Known Good, Known Bad Statistical Machine Learning Logical Regular Expressions Reputation Contextual Correlation Combining Analytics All-purpose real-time analytics All major content types supported

16 LizaMoon – Mass Injection

17 LizaMoon – Mass Injection

18 ? Q & A

19 Thank You Websense Security Labs’ Blog Keep in touch


Download ppt "Challenges In The Morphing Threat Landscape Apr 2011, Arnhem Tamas Rudnai, Websense Security Labs."

Similar presentations


Ads by Google