Presentation is loading. Please wait.

Presentation is loading. Please wait.

Challenges In The Morphing Threat Landscape Apr 2011, Arnhem Tamas Rudnai, Websense Security Labs.

Published byDonte Torell Modified over 9 years ago

Similar presentations

Presentation on theme: "Challenges In The Morphing Threat Landscape Apr 2011, Arnhem Tamas Rudnai, Websense Security Labs."— Presentation transcript:

1 Challenges In The Morphing Threat Landscape Apr 2011, Arnhem Tamas Rudnai, Websense Security Labs

2 Agenda How Has The Threat Landscape Changed? Advanced Persistent Threats Web 2.0 Blended Threats Websense Security Labs

3

4 Something has Changed Rich Internet Applications Cloud Computing Social Web

5 Threat Report 2010 111% increase in number of malicious websites from 2009 to 2010 80% of malicious sites we see were legitimate Since April ‘10, the ThreatSeeker Network has identified between 1 and 2 million malicious sites per month

6 Threat Report 2010...continued 52% of web-based attacks are data-stealing 9 out of 10 unwanted emails contain a URL 84% of email messages were spam More info: http://www.websense.com/threatreport2010

7 Top Compromised Site Categories

8 Advanced Persistent Threats

9 APT Advanced: They know what they are doing! Persistent: They have a mission. Threats: They are funded, motivated, organized, and connected

10 “Aurora” Timeline * Independent firm, Virus Total ** Websense Security Labs February 23 Intel confirms “sophisticated” attacks coinciding with Google’s Week of February 22 200+ sites use the exploit to deliver other malware** January 21 Microsoft patch released. Only 26% of AV vendors offer protection* January 16 Exploit code available January 14 0-day identified publicly January 12 Google announcement Sites Compromised 9 Days Nov-Dec, 2009 Multiple phishing attacks

11 Anatomy of Aurora 1 Corporate Network 1 Exploit code posted to target and Web 2.0 enabled sites 2 Spoofed emails sent to target companies with URL lure to infected Web site 3 Employees clicked on lures in emails and on social networking sites and became infected 4 Infected machines sent sensitive information via the Web to host Web sites 3 AV & URL Filters 4 Email & URL Filters 2 Email Filters http://

12 0-day Timeline 2010 JuneJulyAugustSeptember Total of 79 Days of vulnerable software and counting… 6 Days to patch Adobe Flash 25 Days to patch Adobe Acrobat Reader 15 Days to patch9 Days to patch17 Days to patch7 Days to patch Adobe Flash and Acrobat Reader CVE-2010-1297 Microsoft LNK Vulnerability CVE- 2010-2568 JailbreakMe drive- by attacks on iOS Apple QuickTime “_MARSHALES_P UNK” 0-day CVE- 2010-1818 Adobe Flash CVE- 2010-2884 27 Days to patch Adobe Acrobat Reader CVE-2010-2883

13 Modern Security for Modern Threats 0101010101010101000101 1010110111010101110111 ThreatSeeker Network 110101010101010110010110010101001010101010 0101010100010001100101010110100110 101000111101010001100100101010101001 11010100100101101010010101001011 010110011010001110101011100011 0101010101010101000

14 ACE protects customers against the most complex known and unknown threats in the areas of; web exploits, web 2.0, malware, data leakage, and real-time content classification in 95+ categories.

15 ACE: Composite Security Engine PreciseID Reputation Anti-SPAM Real-time Web 2.0 Classification Real-Time Security Classification URL Classification Antivirus ++ Fingerprints Known Good, Known Bad Statistical Machine Learning Logical Regular Expressions Reputation Contextual Correlation Combining Analytics All-purpose real-time analytics All major content types supported

16 LizaMoon – Mass Injection

17 LizaMoon – Mass Injection

18 ? Q & A

19 Thank You Websense Security Labs’ Blog http://securitylabs.websense.com/ @websenselabs http://twitter.com/websenselabs Keep in touch http://twitter.com/trudnai

Download ppt "Challenges In The Morphing Threat Landscape Apr 2011, Arnhem Tamas Rudnai, Websense Security Labs."

Similar presentations

Worry-Free Business Security 7

Worry-Free Business Security 7
1 Network-Level Spam Detection Nick Feamster Georgia Tech.

1 Network-Level Spam Detection Nick Feamster Georgia Tech.
Nathan Labadie Systems Engineer, US-Central FireEye

Nathan Labadie Systems Engineer, US-Central FireEye
Intrusion Prevention anno 2012: Widening the IPS concept.

Intrusion Prevention anno 2012: Widening the IPS concept.
ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security.

ACT User Meeting June Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security.
TrustPort Net Gateway Web traffic protection. WWW.TRUSTPORT.COM Keep It Secure Contents Latest security threats spam and malware Advantages of entry point.

TrustPort Net Gateway Web traffic protection. Keep It Secure Contents Latest security threats spam and malware Advantages of entry point.
© Blue Coat Systems, Inc. 2011. All Rights Reserved. APTs Are Not a New Type of Malware 1 Source: BC Labs Report: Advanced Persistent Threats.

© Blue Coat Systems, Inc All Rights Reserved. APTs Are Not a New Type of Malware 1 Source: BC Labs Report: Advanced Persistent Threats.
THINK BEFORE YOU CLICK! Cyber Security is everybody’s responsibility Don Winaker Network Security Manager

THINK BEFORE YOU CLICK! Cyber Security is everybody’s responsibility Don Winaker Network Security Manager
By Hiranmayi Pai Neeraj Jain

By Hiranmayi Pai Neeraj Jain
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
The Elderwood Project Brian Bowlby CompNet. Review of material on Symantec website (www.symantec.com)www.symantec.com

The Elderwood Project Brian Bowlby CompNet. Review of material on Symantec website (
Security for Internet Every Day Use Standard Security Practices and New Threats.

Security for Internet Every Day Use Standard Security Practices and New Threats.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Blended Threats and Layered Defenses Security Protection in Today’s Environment Marshall Taylor

Blended Threats and Layered Defenses Security Protection in Today’s Environment Marshall Taylor
 Malicious or unsolicited mail sent to a mailbox without the option to unsubscribe  Often used as a catch-all of any undesired or questionable mail.

 Malicious or unsolicited mail sent to a mailbox without the option to unsubscribe  Often used as a catch-all of any undesired or questionable mail.
Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:

What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:
Lab 3 Cookie Stealing using XSS Kara James, Chelsea Collins, Trevor Norwood, David Johnson.

Lab 3 Cookie Stealing using XSS Kara James, Chelsea Collins, Trevor Norwood, David Johnson.
Herbert Bos Erik van der Kouwe Remco Vermeulen Andrei Bacs

Herbert Bos Erik van der Kouwe Remco Vermeulen Andrei Bacs

Similar presentations

Ads by Google