We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published bySarai Lattimore
Modified about 1 year ago
Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012
Advanced Persistent Threat(APT)
Or Mass Malware Attacks
Attack Example #1
ExploitKits CVE-2006-0003 (MDAC)… CVE-2011-3544 (Rhino)
Website ExploitKit Server C&C Server
Website ExploitKit Server C&C Server Has Traffic Was exploited to plant links
Website ExploitKit Server C&C Server Serves Exploits Browser/ Plug-in vulnerabilities Has Traffic Was exploited to plant links
Controls malware Website ExploitKit Server C&C Server Serves Exploits Browser/ Plug-in vulnerabilities Has Traffic Was exploited to plant links
CVE-2011-3544 Java Rhino CVE-2011-2140 Flash 10 CVE-2011-2100 Adobe Reader CVE-2011-0611 Flash 10 CVE-2010-3971 IE8 …
Patching Apps and Browser
Patching Apps and Browser and OS
Attack Example #2
Attack Vector E-Mail
Live Demo planned- Similar to slides that follow
Flash 0-day running
The Embedded Attachment
Poison Ivy mincesur.com
DEP Data Execution Prevention XP SP2 forward
Attack Example #3
Java Applet Attack Pentest Special
1C00 to 0 In Zone 3
Mac OS X
Made it now simpler
Mac OS X Made it now simpler Java 1.6U31 will autodisable if Not used in 35 days
Restrict Java IE – trusted sites
Attack Example #4
Adobe Reader 0-day
Flash 0-day Adobe Reader 0-day
Microsoft Office 2010 Protected View Sandbox
NoDriveTypeAutoRun -> FF
MSFT SIR: Malware propagation
Win 7 > XP
Office 2010 > 2007
Adobe Reader X > 9
IE9 > 8,7,6
How to apply what you have seen Run latest software Office 2010 Adobe Reader X Be fully patched Applications OS
Thank you. email@example.com @wkandek http://laws.qualys.com
1C00 -> 0 in Zone 3
ZERO-DAY ATTACKS By Hiranmayi Pai Neeraj Jain. Table of Contents Introduction Evolution of Vulnerabilities and Threats Propagation of Zero-Day Threats.
Vulnerabilities in Operating Systems Michael Gaydeski COSC December 2008.
Client and Server-Side Vulnerabilities Stephen Reese.
Streeterville Group M. Aghajanian, M. Blackburn, T. Heller Defending Against Users Executing Malware Code via .
Phish your victims in 5 quick steps. Phish yourself today In less than 5 minutes What is Phish5? Phish5 is a Security Awareness service With Phish5, a.
Basic Computer Security Sankardas Roy Department of Computing and Information Sciences Kansas State University.
Securing the Human. Presented by Thomas Nee, Computer Coordinator Town of Hanover, Massachusetts hanover-ma.gov/information-technology October is Cyber.
To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.
PARTNER CHAT TROUBLESHOOTING TIPS FOR USING vistahigherlearning.com/chat.
Candidate’s System Specification & Configuration.
PDF Security Issues Doing your bit to help Betsy Kent May 2010.
11-01: Get Started with SCP Supply Chain Platform Training Presentation Updated April 2009.
To receive our video stream in Live Meeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.
Testing Exploits and Malware in an isolated environment Luca Allodi – Fabio Massacci – Vadim Kotov
1 © 2004, Cisco Systems, Inc. All rights reserved. CISCO CONFIDENTIAL Using Internet Explorer 7.0 to Access Cisco Unity 5.0(1) Web Interfaces Unity 5.0(1)
Slide Heading Seminar Series: Managing IT Risk In 2010 Understanding End User Attack Vectors Brian Judd, CISSP SynerComm January 20, 2009.
Windows Security Tech Talk 9/25/07. What is a virus? A computer program designed to self replicate without permission from the end user The program.
IT N EWS ▪As of today, 1 st April: ▪Support (i.e. updates & security fixes) has terminated for Google Chrome browser on: ▪Windows XP, Windows Vista, &
Esri UC 2014 | Demo Theater | Configuring the Live,Work, Locate Application Nikki Golding.
Amol Sarwate Director of Vulnerability Labs, Qualys Inc State of Vulnerability Exploits.
Rhonda J. Layfield Sr. Technical Consultant RJL, INC. SESSION CODE: WCL311.
Norman Enterprise Security Suite Increased control reduce TCO.
CSCE 201 Web Browser Security Fall CSCE Farkas2 Web Evolution Web Evolution Past: Human usage – HTTP – Static Web pages (HTML) Current: Human.
The Elderwood Project Brian Bowlby CompNet. Review of material on Symantec website (www.symantec.com)www.symantec.com
CNIT 124: Advanced Ethical Hacking Ch 10: Client-Side Exploitation.
Module 5 : Security I Jong S. Bok
DOJ CYBER RISK REPORT 2015 BREACHES & THE CYBER LANDSCAPE CYBER SECURITY? HUH?
Hacking Windows 9X/ME. Hacking framework Initial access physical access brute force trojans Privilege escalation Administrator, root privileges Consolidation.
Patch Deployment Patch Creation Vulnerability Scanning Vulnerability Intelligence.
Web browsers It’s a software application for retrieving and presenting information on WWW. An information resource is identified by a Uniform Resource.
Group Policy in Microsoft Windows Active Directory.
PREVIOUS GNEWS. 4 Patches / 5 Vulns – 3 Critical Affecting Winodow (all of them), Office, IE, SharePoint,.net Other updates, MSRT, Defender Definitions,
PREVIOUS GNEWS. 11 Patches – 5 Critical Affecting most everything Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS IE, Remote Execution.
Advanced Multimedia Application Mobile Multimedia Textbook Jeremy Reyniers | Simon Debacq | Sam De Roeck.
Medisoft Web Conferencing MEDISOFT TELEMEDICINE PVT. LTD.
Active X and Signed Applets Chad Bollard. Overview ActiveX Security Features Hidden Problems Signed Applets Security Features Security Problems.
Improving Service, Avoiding Costs, and Increasing Reliability and Security of Network Clients Via Distribution of a Computing Services Orientation CD Chuck.
Computer Security and Penetration Testing Chapter 13 Programming Exploits.
1 Internet Browsing Vulnerabilities and Security ECE4112 Final Lab Ye Yan Frank Park Scott Kim Neil Joshi.
Dial In Number Pin: 3959 Information About Microsoft’s January 2013 Out-of-Band Security Bulletin Jonathan Ness Security Development Manager.
RFC6520 defines SSL Heartbeats - What are they? 1. SSL Heartbeats are used to keep a connection alive without the need to constantly renegotiate the SSL.
James Tam Web Browsers In this section of notes you will learn about the web browsing process, some of the important features of popular browsers and a.
Browser Comparisons Internet Explorer 8 & 9, Chrome 11 and Firefox 4 Security, Privacy, Add-ons & Convenience.
Virtual techdays INDIA │ 9-11 February 2011 Security Discussion: Ask the Experts M.S.Anand │ MTC Technology Specialist │ Microsoft Corporation Anirudh.
L EVERAGING A CTIVE D IRECTORY G ROUP P OLICY TO P ATCH C OMMON W INDOWS A PPLICATIONS Joseph Fisher Systems Administrator Enterprise IT Services, University.
COMPUTER SECURITY BEST PRACTICES. SECURE YOUR STUFF! Physically secure your workstation by locking your screen when away Secure any small, easy to.
© 2017 SlidePlayer.com Inc. All rights reserved.