• Home

  • Education

  • IT Security landscape and the latest threats and trends
37
Threat Landscape John Shier Sr. Security Advisor @john_shier November 2016

IT Security landscape and the latest threats and trends

Embed Size (px)

Citation preview

Page 1: IT Security landscape and the latest threats and trends

Threat Landscape

John Shier Sr. Security Advisor @john_shier

November 2016

Page 2: IT Security landscape and the latest threats and trends

Phishing

Page 3: IT Security landscape and the latest threats and trends

How not to phish

3

Page 4: IT Security landscape and the latest threats and trends

How not to phish

4

http://[IP ADDRESS]/fcid/6a6f686e2e736869657240736f70686f732e636f6d/

Page 5: IT Security landscape and the latest threats and trends

Modern phishing

5

Page 6: IT Security landscape and the latest threats and trends

Modern phishing

6

Page 7: IT Security landscape and the latest threats and trends

HD phishing

7

Page 8: IT Security landscape and the latest threats and trends

Locally targeted

8

Page 9: IT Security landscape and the latest threats and trends

Malvertising

Page 10: IT Security landscape and the latest threats and trends

10

Page 11: IT Security landscape and the latest threats and trends

RTB Ad network Third party

Malvertising threat chain

Page 12: IT Security landscape and the latest threats and trends

No site is immune

12

Page 13: IT Security landscape and the latest threats and trends

Exploit kits

13

Page 14: IT Security landscape and the latest threats and trends

A decade of misery

14

2006 2013 2016

Page 15: IT Security landscape and the latest threats and trends

Exploits as a Service

15

Initial Request

Victims

Exploit Kit Customers Redirection

Malicious Payloads

Stats

Landing Page

Exploits

Payloads

Get Current Domain

Get Stats

Update payloads

Management Panel Malware Distribution Servers

Gateway Servers

VPN

Exploit Kit Admin Spammer/Malvertiser Exploit merchant

Ransomware author

Page 16: IT Security landscape and the latest threats and trends

EK prominence – October 2016

16

RIG

Nuclear

Chinese EK

Da Gong/Gondad

Angler

Fiesta

Neutrino v2

Other

Page 17: IT Security landscape and the latest threats and trends

Document malware

17

Page 18: IT Security landscape and the latest threats and trends

Why does document malware work?

18

•Out of the spotlight

•Familiarity and trust

•Email as file transfer protocol

•Patching failure

•Call to action

Page 19: IT Security landscape and the latest threats and trends

Curiosity infected the cat

19

Page 20: IT Security landscape and the latest threats and trends

Build Your Own

20

Page 21: IT Security landscape and the latest threats and trends

How to protect against document malware?

21

•Email filtering

•Sandbox

•Cloud services

•Document viewers

•Share files differently

Page 22: IT Security landscape and the latest threats and trends

Data stealing malware

22

Page 23: IT Security landscape and the latest threats and trends

Why does data stealing malware work?

23

•Multiple security failures

•Needs a human actor

•Poor network segregation

•Over privileged users

•Poor outbound filtering

•Unknown baseline

Page 24: IT Security landscape and the latest threats and trends

How does data stealing malware work?

24

Page 25: IT Security landscape and the latest threats and trends

Target(ed) exfiltration

25

Page 26: IT Security landscape and the latest threats and trends

How to protect against data stealing malware?

26

•Multiple security failures

•Needs a human actor

•Poor network segregation

•Over privileged users

•Poor outbound filtering

•Unknown baseline

Page 27: IT Security landscape and the latest threats and trends

Ransomware

27

Page 28: IT Security landscape and the latest threats and trends

Why does ransomware work?

28

•Complex threat chain

•Social Engineering

•No need for persistence

•Uses existing tools

•Geographically targeted, locally customized

•It ’s your data

Page 29: IT Security landscape and the latest threats and trends

Locky/Zepto/Odin

29

Page 30: IT Security landscape and the latest threats and trends

CryptoWall 4.0

30

Page 31: IT Security landscape and the latest threats and trends

Zcrypt

31

Page 32: IT Security landscape and the latest threats and trends

Stampado/Philadelphia

32

Page 33: IT Security landscape and the latest threats and trends

6 tips for preventing ransomware

33

1. Back up your files regularly and keep them offline

2. Don’t enable m acros in em ailed docs

3. Tell Windows to show file extensions

4. Don’t open script or shortcut files sent by em ail

5. Don’t give yourself m ore login power than necessary

6. Patch early, patch often

Page 34: IT Security landscape and the latest threats and trends

34

Page 35: IT Security landscape and the latest threats and trends

Users

35

Page 36: IT Security landscape and the latest threats and trends

It ’s n o t a ll b a d n e w s

36

•Social engineering works •People like to help •Stop worrying about the

Nigerians •OSINT •Training isn’t alw ays the

answer •Create a security culture •Use your remote sensors

Page 37: IT Security landscape and the latest threats and trends

The Latest Data Threats in the Cloud…and What They Mean to You

The Latest Data Threats in the Cloud…and What They Mean to You

Technology
Cyber threats landscape and defense

Cyber threats landscape and defense

Internet
H1 2010 E-Threat Landscape Report - Bitdefender...H1 2010 E-Threats Landscape Report 8 1. Trojan.AutorunINF.Gen Trojan.AutorunINF.Gen ranks first in the BitDefender half-yearly malware

H1 2010 E-Threat Landscape Report - Bitdefender...H1 2010 E-Threats Landscape Report 8 1. Trojan.AutorunINF.Gen Trojan.AutorunINF.Gen ranks first in the BitDefender half-yearly malware

Documents
H2 2008 E-Threats Landscape Report - Bitdefenderdownload.bitdefender.com/.../H2_2008_E-Threats_Landscape_Report.pdf · E-Threats Landscape Report ... not limited to World Wide Web

H2 2008 E-Threats Landscape Report - Bitdefenderdownload.bitdefender.com/.../H2_2008_E-Threats_Landscape_Report.pdf · E-Threats Landscape Report ... not limited to World Wide Web

Documents
CAST - ARIZONA Infotech · The rapidly evolving information security landscape now requires professionals to stay up to date on the latest security technologies, threats and remediation

CAST - ARIZONA Infotech · The rapidly evolving information security landscape now requires professionals to stay up to date on the latest security technologies, threats and remediation

Documents
Timing Security: Mitigating Threats in a Changing ... · Timing Security: Mitigating Threats in a Changing Landscape Webinar May 22, 2018 Panelists: Barry Dropping, Senior Director,

Timing Security: Mitigating Threats in a Changing ... · Timing Security: Mitigating Threats in a Changing Landscape Webinar May 22, 2018 Panelists: Barry Dropping, Senior Director,

Documents
Cisco Security Brochure...administration of web access policies and custom URL categories A Proactive Approach to Threats Cisco’s security products stay ahead of the latest threats

Cisco Security Brochure...administration of web access policies and custom URL categories A Proactive Approach to Threats Cisco’s security products stay ahead of the latest threats

Documents
Combat Cyber Security Threats - IOGEAR · Combat Cyber Security Threats IOGEAR’s new Secure KVM Switches are certified with the latest NIAP/ Common Criteria for Peripheral Sharing

Combat Cyber Security Threats - IOGEAR · Combat Cyber Security Threats IOGEAR’s new Secure KVM Switches are certified with the latest NIAP/ Common Criteria for Peripheral Sharing

Documents
Threat Landscape Report Q4 2017 - fortinet.com · Q4 2017 threat landscape not with threats, but rather with some trends about infrastructure and application usage. When looking at

Threat Landscape Report Q4 2017 - fortinet.com · Q4 2017 threat landscape not with threats, but rather with some trends about infrastructure and application usage. When looking at

Documents
THE ‘SECURITY LANDSCAPE’ IS CHANGING RAPIDLY...THE CHANGING ‘SECURITY LANDSCAPE’? The combination of threats, challenges, expectationsand the context in which theytake place

THE ‘SECURITY LANDSCAPE’ IS CHANGING RAPIDLY...THE CHANGING ‘SECURITY LANDSCAPE’? The combination of threats, challenges, expectationsand the context in which theytake place

Documents
H1 2010 E-Threat Landscape Report - Bitdefenderdownload.bitdefender.com/resources/files/Main/file/H1... · 2010. 7. 15. · H1 2010 E-Threats Landscape Report 6 Phishing messages

H1 2010 E-Threat Landscape Report - Bitdefenderdownload.bitdefender.com/resources/files/Main/file/H1... · 2010. 7. 15. · H1 2010 E-Threats Landscape Report 6 Phishing messages

Documents
Cyber Security the Latest Threats P Romness

Cyber Security the Latest Threats P Romness

Documents
The latest threats on digital security -

The latest threats on digital security -

Technology
The Employer Branding landscape in early 2017 · The Employer Branding landscape in early 2017 – organisational threats and opportunities Actionable research from Sam Monteath and

The Employer Branding landscape in early 2017 · The Employer Branding landscape in early 2017 – organisational threats and opportunities Actionable research from Sam Monteath and

Documents
SECURING GOVERNMENT DESKTOPS from Cyber Threats with …€¦ · Securing Government Desktops from Cyber Threats with the Latest KVM Technology 5 The Belkin Solution Based in California,

SECURING GOVERNMENT DESKTOPS from Cyber Threats with …€¦ · Securing Government Desktops from Cyber Threats with the Latest KVM Technology 5 The Belkin Solution Based in California,

Documents
COMING THREATS Stay vigilant in the ever changing threat landscape

COMING THREATS Stay vigilant in the ever changing threat landscape

Documents
Security Report 2019 - IT Best of Breed · In the 2019 Security Report we review the latest threats facing organizations in the fifth generation of the cyber landscape and provide

Security Report 2019 - IT Best of Breed · In the 2019 Security Report we review the latest threats facing organizations in the fifth generation of the cyber landscape and provide

Documents
Regional Landscape Surveillance for New Weed Threats ... › Content › Publications › Herbariu… · New Weed Threats Project: A compilation of the annual reports on new plant

Regional Landscape Surveillance for New Weed Threats ... › Content › Publications › Herbariu… · New Weed Threats Project: A compilation of the annual reports on new plant

Documents
Cyber Security Landscape: Changes, Threats and Challenges

Cyber Security Landscape: Changes, Threats and Challenges

Technology
JOINT CHIEFS’ LANDSCAPE RESTORATION PARTNERSHIP …Landscape Restoration Partnership, the two USDA agencies are restoring landscapes by reducing wildfire threats to communities and

JOINT CHIEFS’ LANDSCAPE RESTORATION PARTNERSHIP …Landscape Restoration Partnership, the two USDA agencies are restoring landscapes by reducing wildfire threats to communities and

Documents
Latest Threats and Attacks in Web Security Iftach Ian Amit Director, Security Research Finjan inc

Latest Threats and Attacks in Web Security Iftach Ian Amit Director, Security Research Finjan inc

Documents
Credit Unions in the Crosshairs of the Latest Online Threats (Credit Union Conference Presentation)

Credit Unions in the Crosshairs of the Latest Online Threats (Credit Union Conference Presentation)

Business
H2 2008 E-Threats Landscape Report

H2 2008 E-Threats Landscape Report

Documents
Latest Threats in Digital Security - SecurBay (Hotel_Digital_Security_Seminar_Sept19'14)

Latest Threats in Digital Security - SecurBay (Hotel_Digital_Security_Seminar_Sept19'14)

Technology
OWASP Plan - Strawman · jamunas@hexaware.com 9790997743 31-07-July . OWASP 2 Application Security Agenda Threats Landscape Application Threats Survey Samples

OWASP Plan - Strawman · [email protected] 9790997743 31-07-July . OWASP 2 Application Security Agenda Threats Landscape Application Threats Survey Samples

Documents
Cyber Security threats and Latest Trends

Cyber Security threats and Latest Trends

Documents
Advanced Protection and Threat Intelligence to …...1 Enterprise Threats Landscape Targeted attacks and advanced threats – including Advanced Persistent Threats (APTs) – are some

Advanced Protection and Threat Intelligence to …...1 Enterprise Threats Landscape Targeted attacks and advanced threats – including Advanced Persistent Threats (APTs) – are some

Documents
Mobile Telecommunications Security Threat …...report have been updated to reflect the current threats facing the industry. As the threat landscape has evolved, several threats seen

Mobile Telecommunications Security Threat …...report have been updated to reflect the current threats facing the industry. As the threat landscape has evolved, several threats seen

Documents
Is Your MSP Offering Able to Protect Against the Latest ... · Real Threats –Current Threat Landscape Source: Webroot Threat Research 2018 Malware & PUAs Ransomware RDP Incursions

Is Your MSP Offering Able to Protect Against the Latest ... · Real Threats –Current Threat Landscape Source: Webroot Threat Research 2018 Malware & PUAs Ransomware RDP Incursions

Documents
Understanding the Advanced Threat Landscape...Understanding the Advanced Threat Landscape Cu˜ing through the APT hype to help businesses prevent, detect and mitigate advanced threats

Understanding the Advanced Threat Landscape...Understanding the Advanced Threat Landscape Cu˜ing through the APT hype to help businesses prevent, detect and mitigate advanced threats

Documents