Presentation is loading. Please wait.

Presentation is loading. Please wait.

Challenges In The Morphing Threat Landscape Apr 2011, Arnhem Tamas Rudnai, Websense Security Labs.

Similar presentations

Presentation on theme: "Challenges In The Morphing Threat Landscape Apr 2011, Arnhem Tamas Rudnai, Websense Security Labs."— Presentation transcript:

1 Challenges In The Morphing Threat Landscape Apr 2011, Arnhem Tamas Rudnai, Websense Security Labs

2 Agenda How Has The Threat Landscape Changed? Advanced Persistent Threats Web 2.0 Blended Threats Websense Security Labs


4 Something has Changed Rich Internet Applications Cloud Computing Social Web

5 Threat Report 2010 111% increase in number of malicious websites from 2009 to 2010 80% of malicious sites we see were legitimate Since April ‘10, the ThreatSeeker Network has identified between 1 and 2 million malicious sites per month

6 Threat Report 2010...continued 52% of web-based attacks are data-stealing 9 out of 10 unwanted emails contain a URL 84% of email messages were spam More info:

7 Top Compromised Site Categories

8 Advanced Persistent Threats

9 APT Advanced: They know what they are doing! Persistent: They have a mission. Threats: They are funded, motivated, organized, and connected

10 “Aurora” Timeline * Independent firm, Virus Total ** Websense Security Labs February 23 Intel confirms “sophisticated” attacks coinciding with Google’s Week of February 22 200+ sites use the exploit to deliver other malware** January 21 Microsoft patch released. Only 26% of AV vendors offer protection* January 16 Exploit code available January 14 0-day identified publicly January 12 Google announcement Sites Compromised 9 Days Nov-Dec, 2009 Multiple phishing attacks

11 Anatomy of Aurora 1 Corporate Network 1 Exploit code posted to target and Web 2.0 enabled sites 2 Spoofed emails sent to target companies with URL lure to infected Web site 3 Employees clicked on lures in emails and on social networking sites and became infected 4 Infected machines sent sensitive information via the Web to host Web sites 3 AV & URL Filters 4 Email & URL Filters 2 Email Filters http://

12 0-day Timeline 2010 JuneJulyAugustSeptember Total of 79 Days of vulnerable software and counting… 6 Days to patch Adobe Flash 25 Days to patch Adobe Acrobat Reader 15 Days to patch9 Days to patch17 Days to patch7 Days to patch Adobe Flash and Acrobat Reader CVE-2010-1297 Microsoft LNK Vulnerability CVE- 2010-2568 JailbreakMe drive- by attacks on iOS Apple QuickTime “_MARSHALES_P UNK” 0-day CVE- 2010-1818 Adobe Flash CVE- 2010-2884 27 Days to patch Adobe Acrobat Reader CVE-2010-2883

13 Modern Security for Modern Threats 0101010101010101000101 1010110111010101110111 ThreatSeeker Network 110101010101010110010110010101001010101010 0101010100010001100101010110100110 101000111101010001100100101010101001 11010100100101101010010101001011 010110011010001110101011100011 0101010101010101000

14 ACE protects customers against the most complex known and unknown threats in the areas of; web exploits, web 2.0, malware, data leakage, and real-time content classification in 95+ categories.

15 ACE: Composite Security Engine PreciseID Reputation Anti-SPAM Real-time Web 2.0 Classification Real-Time Security Classification URL Classification Antivirus ++ Fingerprints Known Good, Known Bad Statistical Machine Learning Logical Regular Expressions Reputation Contextual Correlation Combining Analytics All-purpose real-time analytics All major content types supported

16 LizaMoon – Mass Injection

17 LizaMoon – Mass Injection

18 ? Q & A

19 Thank You Websense Security Labs’ Blog @websenselabs Keep in touch

Download ppt "Challenges In The Morphing Threat Landscape Apr 2011, Arnhem Tamas Rudnai, Websense Security Labs."

Similar presentations

Ads by Google