SlideShare a Scribd company logo

Security Vulnerabilities in Modern Operating Systems

Cisco Canada
Cisco Canada

The Common Exposures and Vulnerabilities database has over 25 years of data on vulnerabilities in it. In this deck we dig through that database and use it to map out trends and general information on vulnerabilities in software in the last quarter century. For more information please visit our website: http://www.cisco.com/web/CA/index.html

Technology
1 of 55
Download to read offline
Security Vulnerabilities in Modern Operating Systems T-SEC-18-B Yves Younan Senior Research Engineer Vulnerability Research Team (Sourcefire, now part of Cisco)
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Overview  A look at more than 25 years of past vulnerabilities – Based on the CVE/NVD data. – CVE started in 1999, but includes historical data going back to 1988. – NVD hosts all CVE information in addition to some extra data about vulnerability types, etc. – Based on Sourcefire report: http://www.sourcefire.com/25yearsofvulns  Updated (with data from 2013, 2014) and data from other sources  A look at the future – What trends do we expect?  A look at exploitation trends based on other reports  What can we do to protect ourselves
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Vulnerabilities Past  Data from 1988-2013 – More than 59,800 vulnerabilities in this period – Majority of vulnerabilities in the last half of this period – Data has some issues though  Depending on reporting, a single CVE issue could cover multiple similar vulnerabilities or not  Sometimes product assignment is spotty (we’ve tried to clean this up a bit for mobile) – Not correctly assigned to a product, multiple product names for the same product  Categories that are used are not very good and their assignment is not all that great – Also a change in categories significantly  We use the “published date” provided by NVD to determine when a vulnerability was published: CVE ids are generated based on when they are requested, not published, so small discrepancies between ids and dates can exist around the end of the year – For example: CVE-2013-6642 was published in 2014
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Common vulnerability scoring system  Analyst answers the following about the vulnerability: – Impact on confidentiality, accessibility, integrity: low, partial, complete – Access vector: local, adjacent network, remote – Authentication required: none, single, multiple  Gives a base score of 0-10  We use the following in the stats:  CVSS >=7 is considered a serious vulnerability (include critical)  CVSS = 10 is considered a critical vulnerability – Note: if insufficient information is available, NVD will consider the vulnerability to be critical  Gives us a measure of vulnerability impact, but can be a little subjective – One score, while multiple platforms may be affected, with different impacts (e.g. due to mitigations)
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Total Vulnerabilities by Year 2 3 11 15 13 13 25 25 75 252 246 894 1020 1677 2156 1528 2451 4931 6609 6516 5636 5731 4638 4151 5281 4747 0 1000 2000 3000 4000 5000 6000 7000 1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Total Serious Vulnerabilities 2 2 8 11 12 8 14 17 45 145 133 424 452 772 1002 678 970 2037 2761 3159 2838 2714 2084 1821 1772 1638 0 500 1000 1500 2000 2500 3000 3500 1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Serious Vulnerabilities Percentage of All Vulnerabilities 100 66.67 72.7373.33 92.31 61.54 56 68 60 57.54 54.07 47.43 44.3146.0346.47 44.37 39.5841.3141.78 48.4850.35 47.36 44.9343.87 33.5534.51 0 20 40 60 80 100 120 1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Total Critical Vulnerabilities 2 1 1 4 3 2 1 7 8 24 23 161 142 149 155 119 211 284 274 475 425 373 258 387 483 437 0 100 200 300 400 500 600 1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Critical Vulnerabilities Percentage of All Vulnerabilities 100 33.33 9.09 26.67 23.08 15.38 4 28 10.67 9.52 9.35 18.01 13.92 8.88 7.19 7.79 8.61 5.76 4.15 7.29 7.54 6.51 5.56 9.32 9.15 9.21 0 20 40 60 80 100 120 1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Vulnerabilities by Type  Common Weakness Enumeration creates a number of categories for vulnerabilities  NVD uses a subset of CWE to categorize vulnerabilities: – Authentication issues: not properly authenticating users – Credentials management: password/credential storage/transmission issues – Access Control: permission errors, privilege errors, etc. – Buffer error: buffer overflows, etc. – CSRF: cross-site request forgery – XSS: cross site scripting
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Vulnerabilities by Type  NVD CWE subset continued: – Cryptographic issues: errors in crypto – Path traversal: incorrectly handling input like “..” – Code injection: executing scripting code or similar – Format string vulnerability: when attackers control the format specifier for a formatting function – Configuration: errors in configuration – Information leak: exposing sensitive information – Input validation: lack of verifying input, overlaps with other categories, kind of a misc. category – Numeric errors: integer overflows, signedness errors, etc.
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Vulnerabilities by Type  NVD CWE subset continued: – OS Command Injections: executing via command line – Race conditions: time of check to time of use errors – Resource management errors: memory leaks, consuming of excess resources, etc. – SQL injection – Link following: following symlinks / hard links
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Vulnerabilities by Type Buffer Errors 15% XSS 13% Access Control 11% Input Validation 10% SQL Injection 10% Not enough info 8% Code Injection 6% Information Leak 5% Resource Management 5% Path Traversal 4% Numeric Errors 2% Configuration 2% Authentication 2% Crypto 1% Credentials 1% CSRF 1% Link Following 1% Race Conditions 1% OS Command Injection 1% [CATEGORY NAME] [PERCENTAGE]
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Serious Vulnerabilities by Type Buffer Errors 23% SQL Injection 19% Access Control 10% Code Injection 10% Not enough info 8% Input Validation 8% Resource Management 4% Path Traversal 3% Numeric Errors 2% Authentication 2% Configuration 2% OS Command Injection 2% Format String 1% Credentials 1% Information Leak 1%Crypto 1% XSS 1%
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Critical Vulnerabilities by Type Buffer Errors 35% Not enough info 22% Access Control 8% Input Validation 6% Code Injection 4% Resource Management 4% OS Command Injection 3% Numeric Errors 3% Configuration 3% Authentication 3% Credentials 2% Format String 2% Path Traversal 2% SQL Injection 1% Information Leak 1% Crypto 1%
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Vulnerability Types Over the Years 0 500 1000 1500 2000 2500 3000 3500 781 1294 874 796 827 594 724 599 939 869 1100 951 515 164 223 277 390 460 422 469 708 921 569 572 548 673 734 719 148 183 229 285 338 187 303 777 572 144 215 250 175 302 474 83 147 1047 560 734 Not enough info Code Injection Configuration Input Validation Access Control Buffer errors SQL Injection XSS
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Vulnerabilities by Vendor  NVD has information on affected product for 58,561 vulnerabilities  Top 10 vendors account for 16,696 vulnerabilities, more than 28% of all vulnerabilities.  Some vendors have lots of products, which can result in a higher total vulnerabilities count  We will also look at specific products later so we can provide more extensive analysis
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Top 10 Vendors for Total Vulnerabilities Microsoft, 3280 Apple, 2122 Oracle, 2025 IBM, 1802 Sun, 1558 Cisco, 1523 Mozilla, 1255 Linux, 1097 HP, 1037 Google, 997
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Top 10 Vendors for Serious Vulnerabilities Microsoft, 1948 Apple, 921 Cisco, 830 Adobe, 757 Sun, 727 IBM, 662 Mozilla, 613 Oracle, 580 Google, 559 HP, 554
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Top 10 Vendors for Critical Vulnerabilities Adobe, 300 Oracle, 287 Mozilla, 246 Sun, 235 HP, 235 IBM, 197 Microsoft, 183 Google, 113 Cisco, 97 Apple, 72
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Top 10 Vendors over the Years 0 100 200 300 400 500 600 Microsoft Apple Oracle IBM Sun Cisco Mozilla Linux HP Google
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Top 10 Vendors, total number of distinct products 23 HP, 1291 Cisco, 889 IBM, 450 Microsoft, 361 Oracle, 232 Sun, 199 Apple, 92 Google, 32 Mozilla, 19 Linux, 7
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Top 10 vendors, unique CVEs to distinct products ratio 24 Linux, 156.7 Mozilla, 66.1 Google, 31.2 [CATEGORY NAME], [VALUE] Microsoft, 9.1 Oracle, 8.7 Sun, 7.8 IBM, 4 Cisco, 1.7 HP, 0.8
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Vulnerabilities by Product  Our vendor comparison gave us an idea who had to deal with the most vulnerabilities  However, vendors have multiple products: having more products, will usually result in suffering from more vulnerabilities – As was seen in the product versus CVE entry comparison  Here we look at product specific comparisons – What products had the most vulnerabilities  Some caveats – Some versions are considered distinct products  Every Windows version is a distinct product
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Top 10 Vulnerable Products Linux Kernel, 1090 Firefox, 1013 Chrome, 886 Mac OSX, 847Windows XP, 717 Seamonkey, 628 Internet Explorer, 625 Mac OSX Server, 608 Thunderbird, 594 Solaris, 557
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Top 10 vulnerable products without shared code bases 27 Linux Kernel, 1090 Firefox, 1013 Chrome, 886 Mac OSX, 847 Windows XP, 717 Internet Explorer, 625 Solaris, 557 JRE, 496 Safari, 460 Linux, 396
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Top 10 vulnerable products, totaled with similar products 28 Linux+Redhat, 1895 All Windows, 1237 Mozilla Suite, 1046 Mac OS, 891 Chrome, 886 Internet Explorer, 625 Solaris, 590 JRE/JDK, 501 Safari, 460 PHP, 353
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Top 10 Seriously Vulnerable Products Firefox, 529 Chrome, 513 Windows XP, 501 Thunderbird, 365Seamonkey, 364 Windows Vista, 346 Windows Server 2008, 337 Windows 2000, 311 Internet Explorer, 307 Windows 2003 Server, 299
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Top 10 Seriously Vulnerable Products, totaled (similar) 30 All Windows, 755 Linux+Redhat, 567 Firefox, 539 Chrome, 513 Internet Explorer, 307 Mac OS X, 303 JDK/JRE, 289 Acrobat, 283 Solaris, 277 Flash/Air, 260
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Top 10 Critically Vulnerable Products Firefox, 234 Thunderbird, 179 Seamonkey, 167 JRE, 152 JDK, 145 Flash Player, 134 Adobe Air, 119 Chrome, 99 Acrobat Reader, 96 Acrobat, 92
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Top 10 Critically Vulnerable Products, totalled (similar) Mozilla suite, 238 JRE/JDK, 153 Flash/Air, 135 All Windows, 103 Linux+Redhat, 101 Chrome, 99 Acrobat, 96 Solaris, 61 Oracle Database, 54 AIX, 49
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Vulnerabilities by Windows Version XP, 717 Server 2003, 618 Win 2000, 504Vista, 455 Server 2008, 450 Win 7, 325 NT, 247 Win 98, 89 Win 8, 63 Win Me, 57 Server 2012, 56 Win 95, 46
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Vulnerabilities by Mobile Phone OS iPhone, 310 Windows, 49 Android, 36 BlackBerry, 13
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Vulnerabilities by Mobile Phone OS Android, 166 iPhone, 164 Windows, 54 BlackBerry, 28
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Microsoft Bulletins  Contain information on all Microsoft vulnerabilities and associated CVEs  Correlate the release dates of the bulletins with the release dates of the CVEs  Gives us insight into how often vulnerabilities are 0 day vulns – If CVE is published before MS bulletin meaning that vulnerability information was available before a response from MS  No particular reason for choosing Microsoft, except that they make the information easily available and usable on their website
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public CVE Correlated with MS Bulletins Bulletin published before CVE, 1185 Bulletin published with CVE, 818 Bulletin publised after CVE, 268
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Microsoft 0 day vulnerabilities  If the MS correlation numbers carry over to other vendors: about 1 out of every 10 vulnerabilities discovered is known by attackers before the vendor can patch – Security products will often not provide protection against these attacks until they know about it – Mitigations are more important in this respect  Attackers could possible evade them, but exploitation cost goes up significantly  Latest Windows/Linux have plenty of mitigations available by default: Windows 8 has improved on many of them  EMET (Free MS tool) can enable protections to make it harder to exploit vulnerabilities in Windows: e.g., better ASLR, RopGuard.
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Present  Let’s take a look at the first quarter of 2014: January 1st until March 31st 2014  We will look at total vulnerabilities this year and severity  We will also look at the top 10 vendor and top 10 products for this quarter  Note: this data may not be completely up to date: while the data was retrieved on April 1st, it may not include all up to date information on a vulnerability, as this may be updated later. – This is especially true for the “unknown” vulnerabilities
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Total vulnerabilities: 2014 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 0 200 400 600 800 1000 1200 1400 1600 1800 2000 Q1 total Q1 >= 7 Q1 = 10 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Vulnerability types: 2014 Not enough info 16% XSS 16% Buffer Errors 13% Access Control 13% Input Validation 10% SQL Injection 5% Resource Management 5% Path Traversal 4% Information Leak 3% CSRF 3% Crypto 3% Authentication 2% Numeric Errors 2% Credentials 2% Code Injection 2% Link Following 1% Race Conditions 1% OS Command Injection 1%
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Top 10 Products: 2014 Internet Explorer, 43 Firefox, 37 JDK, 36 JRE, 36 Chrome, 35 Owncloud, 34 Seamonkey, 32 Linux Kernel, 28 iPhone, 24 Thunderbird, 21
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Future  Plenty of static analysis tools, mitigations, etc. yet buffer overflows remain a very important vulnerability now and will probably will in the future too  Access control / privilege issues will continue to remain important in large part due to better privilege separation  Google will probably start moving up the top 10 more, it entered it for the first time this year, displacing Adobe  Fewer vulnerabilities were reported in 2013 – Serious vulnerabilities have remained stable at 1/3rd of the vulnerabilities – Critical vulnerabilities have also remained stable at 1/10th of all vulnerabilities – In 2014 more vulnerabilities have been reported, slight lower percentage of serious (but the same in absolute terms), but less critical ones
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Vulnerabilities are not the same thing as exploits  Some vulnerabilities end up not being practically exploitable – Mitigations – Too much effort required – Very specific environmental requirements  Not reliable  CVSS doesn’t really take environmental concerns into account  Microsoft study on exploits: Software Vulnerability Exploitation Trends  http://www.microsoft.com/en-us/download/details.aspx?id=39680  Cisco 2014 Annual Security Report  http://www.cisco.com/web/offers/lp/2014-annual-security-report/index.html
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Exploits and exploitation  From Microsoft’s study: – Looked at a number of vulnerabilities that were classified as remote code execution (RCE): 06-12  Looked at about 800 vulnerabilities  29% were exploited, rest of vulnerabilities were not exploited  Most vulnerabilities are exploited after patch, but an increasing number of 0day vulnerabilities are being exploited  Trends shows that fewer vulnerabilities are being exploited since 2012, coincides with the adoption of Windows 7 and IE10  However, there was a lull in 2007 and 2008 too, after Vista was released (the first Windows with real mitigations) – Could mean that this is a similar lull with improved mitigations in both Windows 7 and IE10  In 2012 there were no new exploits vulnerabilities for Windows 2000 – Windows 2000 was end-of-lifed in 2010, so no need for many new vulnerabilities since then, impact could be interesting for XP
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Exploits and exploitation  Microsoft Study also found that – Stack-based buffer overflows were massively exploited in 2006-2009  Decline since then: probably due to mitigations – Heap corruption remained popular entire time – Increased exploitation of use after free vulnerabilities  Most exploited vulnerability for Windows 7 and Vista  Occurs more in client-side applications (browsers)  No mitigations that address use-after-free specifically – Study also looks at exploitation techniques  Exploits increasingly make use of mitigation bypasses
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Exploits and exploitation  Cisco Report: – For web exploits, Java vulnerabilities are the most exploited by attackers: 91% of indicators of compromise monitored by FireAMP were related to Java  Far fewer related to Flash or PDF – 1.2% of all web malware target a specific mobile device – 99% of all that malware targets Android, 0.84% targets J2ME devices (the second most popular target) – Most frequently occurring mobile malware was Andr/Qdplugin-A: 43.8%  Frequently repackaged in legitimate apps distributed on unofficial marketplaces – General malware types: trojans, 64%; adware 20%, worms 8% and viruses 4%
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Trends  Major software projects from important vendors still have plenty of vulnerabilities – Some vendors spend a lot of money and effort to improve the security of their products – They still suffer from significant vulnerabilities – Software is more secure today than it has ever been – Compromises continue – As with other fields, defenders have to be lucky all the time, while attackers only need to be lucky once – Make it as hard as possible for attackers by enabling mitigations, ensuring significant access control
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Trends  Browsers are a very important point of attack  Vulnerabilities in browsers themselves – Major browsers are all 3 categories of top 10 of vulnerable products – Vulnerabilities in file formats parsed by plugins  Media files  PDF: in serious and critical top 10  Java: in all 3 top 10 categories  Flash: also in serious and critical top 10 – Important to run latest browsers:  IE10 and Chrome have invested a lot in mitigations  Disable plugins you don’t need: Java, PDF, etc.
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Trends  Mobile phones also suffer from plenty of vulns:  Ensuring adequate protection on phones (AV, MDM, etc.) is important  Malware is important on mobile phones too, not just vulnerabilities – Mobile Device Management can help against malware, but doesn’t really help against vulnerabilities – Much harder for a user to determine “safe” software  On PC, legitimate software is acquired from a number of trusted sources  On app stores (mainly Android), everything looks legitimate
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Plan for compromise  Attackers breaking in is not inevitable, but a real possibility that must be considered given the number of vulnerabilities  Breaking in doesn’t mean total compromise  Client-side vulnerabilities are very important these days  Users have a higher risk of being compromised  Identify most important assets  Identify risks to those assets  Mitigate risk  Access control (firewalls on internal servers)  Internal detection (IDS/IPS for those servers)  Use SSL/other encryption internally too
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Plan for compromise  Have an incident response plan  Define what an incident is  Establish areas of responsibility for investigation and recovery  Containment  Can you contain the attacker quickly  What steps are required to recover from an incident  Recovery may be different depending on the type of incident  Determine how to restore asset quickly if compromised  Need to identify way of entry to prevent future compromises  Retrospective security can help with this  Examine extent of intrusion: e.g., must all users change passwords?
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Conclusion  Microsoft has significantly improved in the last couple of years, their browser and mobile OS are better than their competitors in terms of vulnerabilities discovered  Google’s entry into the consumer software and hardware (as opposed to running a web service) has been accompanied by a significant number of vulnerabilities  Oracle’s acquisition of Sun has brought quite a number of extra vulnerabilities under the Oracle banner, some are even still counted as Sun right now
Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Conclusion  Vulnerabilities are here to stay – While serious vulnerabilities have been in decline, total vulnerabilities are not and neither are critical – At some point many vendors thought that hunting for enough vulnerabilities would make software secure – New features increase the attack surface or make previously non- exploitable errors exploitable – Using several non-serious vulnerabilities in concert could result in a more serious issue – Buffer overflows have been around for 25 years yet are still one of the top vulnerabilities  Full report (up to 2012) available via http://www.sourcefire.com/25yearsofvulns  Get rid of XP: end of life was last week, no more security updates
Security Vulnerabilities in Modern Operating Systems

Recommended

Office 365 Security: Top Priorities for 30 Days, 90 Days and Beyond
Office 365 Security: Top Priorities for 30 Days, 90 Days and BeyondOffice 365 Security: Top Priorities for 30 Days, 90 Days and Beyond
Office 365 Security: Top Priorities for 30 Days, 90 Days and BeyondPriyanka Aash
 
Corporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Corporate & Regulatory Compliance Boot Camp - Data Privacy ComplianceCorporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Corporate & Regulatory Compliance Boot Camp - Data Privacy ComplianceFinancial Poise
 
Cyber Threat Modeling
Cyber Threat ModelingCyber Threat Modeling
Cyber Threat ModelingEC-Council
 
Impact of Zero Trust Cyber Security on Healthcare 4.0
Impact of Zero Trust Cyber Security on Healthcare 4.0 Impact of Zero Trust Cyber Security on Healthcare 4.0
Impact of Zero Trust Cyber Security on Healthcare 4.0 Glorium Tech
 
160513 Study Sourcing in risk and compliance functions
160513 Study Sourcing in risk and compliance functions160513 Study Sourcing in risk and compliance functions
160513 Study Sourcing in risk and compliance functionsDr. Marc D. Grüter
 
Governance of security operation centers
Governance of security operation centersGovernance of security operation centers
Governance of security operation centersBrencil Kaimba
 
Guide to Risk Management Framework (RMF)
Guide to Risk Management Framework (RMF)Guide to Risk Management Framework (RMF)
Guide to Risk Management Framework (RMF)MetroStar
 
Is Cyber Resilience Really That Difficult?
Is Cyber Resilience Really That Difficult?Is Cyber Resilience Really That Difficult?
Is Cyber Resilience Really That Difficult?John Gilligan
 

Recommended

Office 365 Security: Top Priorities for 30 Days, 90 Days and Beyond
Office 365 Security: Top Priorities for 30 Days, 90 Days and BeyondOffice 365 Security: Top Priorities for 30 Days, 90 Days and Beyond
Office 365 Security: Top Priorities for 30 Days, 90 Days and BeyondPriyanka Aash
 
Corporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Corporate & Regulatory Compliance Boot Camp - Data Privacy ComplianceCorporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Corporate & Regulatory Compliance Boot Camp - Data Privacy ComplianceFinancial Poise
 
Cyber Threat Modeling
Cyber Threat ModelingCyber Threat Modeling
Cyber Threat ModelingEC-Council
 
Impact of Zero Trust Cyber Security on Healthcare 4.0
Impact of Zero Trust Cyber Security on Healthcare 4.0 Impact of Zero Trust Cyber Security on Healthcare 4.0
Impact of Zero Trust Cyber Security on Healthcare 4.0 Glorium Tech
 
160513 Study Sourcing in risk and compliance functions
160513 Study Sourcing in risk and compliance functions160513 Study Sourcing in risk and compliance functions
160513 Study Sourcing in risk and compliance functionsDr. Marc D. Grüter
 
Governance of security operation centers
Governance of security operation centersGovernance of security operation centers
Governance of security operation centersBrencil Kaimba
 
Guide to Risk Management Framework (RMF)
Guide to Risk Management Framework (RMF)Guide to Risk Management Framework (RMF)
Guide to Risk Management Framework (RMF)MetroStar
 
Is Cyber Resilience Really That Difficult?
Is Cyber Resilience Really That Difficult?Is Cyber Resilience Really That Difficult?
Is Cyber Resilience Really That Difficult?John Gilligan
 
September Patch Tuesday Analysis 2018
September Patch Tuesday Analysis 2018September Patch Tuesday Analysis 2018
September Patch Tuesday Analysis 2018Ivanti
 
2020 safecomp-sep18
2020 safecomp-sep182020 safecomp-sep18
2020 safecomp-sep18Kenji Taguchi
 
Security and Virtualization in the Data Center
Security and Virtualization in the Data CenterSecurity and Virtualization in the Data Center
Security and Virtualization in the Data CenterCisco Canada
 
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...BGA Cyber Security
 
TechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecTechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecRobb Boyd
 
Cybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond ComplianceCybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond ComplianceEnergySec
 
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...TI Safe
 
PSOIOT-1151.pdf
PSOIOT-1151.pdfPSOIOT-1151.pdf
PSOIOT-1151.pdfAlekseySolomin
 
During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...Cisco Canada
 
Securing SCADA
Securing SCADA Securing SCADA
Securing SCADA Jeffrey Wang , P.Eng
 
Securing SCADA
Securing SCADASecuring SCADA
Securing SCADAJeffrey Wang , P.Eng
 
NSA advisory about state sponsored cybersecurity threats
NSA advisory about state sponsored cybersecurity threatsNSA advisory about state sponsored cybersecurity threats
NSA advisory about state sponsored cybersecurity threatsRonald Bartels
 
Cybersecurity Presentation at WVONGA spring meeting 2018
Cybersecurity Presentation at WVONGA spring meeting 2018Cybersecurity Presentation at WVONGA spring meeting 2018
Cybersecurity Presentation at WVONGA spring meeting 2018Jack Shaffer
 
[CONFidence 2016] Gaweł Mikołajczyk - Making sense out of the Security Operat...
[CONFidence 2016] Gaweł Mikołajczyk - Making sense out of the Security Operat...[CONFidence 2016] Gaweł Mikołajczyk - Making sense out of the Security Operat...
[CONFidence 2016] Gaweł Mikołajczyk - Making sense out of the Security Operat...PROIDEA
 
Ivanti May 2020 Patch Tuesday
Ivanti May 2020 Patch TuesdayIvanti May 2020 Patch Tuesday
Ivanti May 2020 Patch TuesdayIvanti
 
Mobile Devices & BYOD Security – Deployment & Best Practices
Mobile Devices & BYOD Security – Deployment & Best PracticesMobile Devices & BYOD Security – Deployment & Best Practices
Mobile Devices & BYOD Security – Deployment & Best PracticesCisco Canada
 
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...Cisco Canada
 
Behind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced ThreatsBehind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced ThreatsCisco Canada
 
Chapter 9 lab a security policy development and implementation (instructor ve...
Chapter 9 lab a security policy development and implementation (instructor ve...Chapter 9 lab a security policy development and implementation (instructor ve...
Chapter 9 lab a security policy development and implementation (instructor ve...wosborne03
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonPatricia M Watson
 
Cisco connect montreal 2018 net devops
Cisco connect montreal 2018 net devopsCisco connect montreal 2018 net devops
Cisco connect montreal 2018 net devopsCisco Canada
 
Cisco connect montreal 2018 iot demo kinetic fr
Cisco connect montreal 2018 iot demo kinetic frCisco connect montreal 2018 iot demo kinetic fr
Cisco connect montreal 2018 iot demo kinetic frCisco Canada
 

More Related Content

Similar to Security Vulnerabilities in Modern Operating Systems

September Patch Tuesday Analysis 2018
September Patch Tuesday Analysis 2018September Patch Tuesday Analysis 2018
September Patch Tuesday Analysis 2018Ivanti
 
Security and Virtualization in the Data Center
Security and Virtualization in the Data CenterSecurity and Virtualization in the Data Center
Security and Virtualization in the Data CenterCisco Canada
 
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...BGA Cyber Security
 
TechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecTechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecRobb Boyd
 
Cybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond ComplianceCybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond ComplianceEnergySec
 
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...TI Safe
 
During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...Cisco Canada
 
NSA advisory about state sponsored cybersecurity threats
NSA advisory about state sponsored cybersecurity threatsNSA advisory about state sponsored cybersecurity threats
NSA advisory about state sponsored cybersecurity threatsRonald Bartels
 
Cybersecurity Presentation at WVONGA spring meeting 2018
Cybersecurity Presentation at WVONGA spring meeting 2018Cybersecurity Presentation at WVONGA spring meeting 2018
Cybersecurity Presentation at WVONGA spring meeting 2018Jack Shaffer
 
[CONFidence 2016] Gaweł Mikołajczyk - Making sense out of the Security Operat...
[CONFidence 2016] Gaweł Mikołajczyk - Making sense out of the Security Operat...[CONFidence 2016] Gaweł Mikołajczyk - Making sense out of the Security Operat...
[CONFidence 2016] Gaweł Mikołajczyk - Making sense out of the Security Operat...PROIDEA
 
Ivanti May 2020 Patch Tuesday
Ivanti May 2020 Patch TuesdayIvanti May 2020 Patch Tuesday
Ivanti May 2020 Patch TuesdayIvanti
 
Mobile Devices & BYOD Security – Deployment & Best Practices
Mobile Devices & BYOD Security – Deployment & Best PracticesMobile Devices & BYOD Security – Deployment & Best Practices
Mobile Devices & BYOD Security – Deployment & Best PracticesCisco Canada
 
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...Cisco Canada
 
Behind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced ThreatsBehind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced ThreatsCisco Canada
 
Chapter 9 lab a security policy development and implementation (instructor ve...
Chapter 9 lab a security policy development and implementation (instructor ve...Chapter 9 lab a security policy development and implementation (instructor ve...
Chapter 9 lab a security policy development and implementation (instructor ve...wosborne03
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonPatricia M Watson
 

Similar to Security Vulnerabilities in Modern Operating Systems (20)

September Patch Tuesday Analysis 2018
September Patch Tuesday Analysis 2018September Patch Tuesday Analysis 2018
September Patch Tuesday Analysis 2018
 
2020 safecomp-sep18
2020 safecomp-sep182020 safecomp-sep18
2020 safecomp-sep18
 
Security and Virtualization in the Data Center
Security and Virtualization in the Data CenterSecurity and Virtualization in the Data Center
Security and Virtualization in the Data Center
 
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
 
TechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecTechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSec
 
Cybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond ComplianceCybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond Compliance
 
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
 
PSOIOT-1151.pdf
PSOIOT-1151.pdfPSOIOT-1151.pdf
PSOIOT-1151.pdf
 
During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...
 
Securing SCADA
Securing SCADA Securing SCADA
Securing SCADA
 
Securing SCADA
Securing SCADASecuring SCADA
Securing SCADA
 
NSA advisory about state sponsored cybersecurity threats
NSA advisory about state sponsored cybersecurity threatsNSA advisory about state sponsored cybersecurity threats
NSA advisory about state sponsored cybersecurity threats
 
Cybersecurity Presentation at WVONGA spring meeting 2018
Cybersecurity Presentation at WVONGA spring meeting 2018Cybersecurity Presentation at WVONGA spring meeting 2018
Cybersecurity Presentation at WVONGA spring meeting 2018
 
[CONFidence 2016] Gaweł Mikołajczyk - Making sense out of the Security Operat...
[CONFidence 2016] Gaweł Mikołajczyk - Making sense out of the Security Operat...[CONFidence 2016] Gaweł Mikołajczyk - Making sense out of the Security Operat...
[CONFidence 2016] Gaweł Mikołajczyk - Making sense out of the Security Operat...
 
Ivanti May 2020 Patch Tuesday
Ivanti May 2020 Patch TuesdayIvanti May 2020 Patch Tuesday
Ivanti May 2020 Patch Tuesday
 
Mobile Devices & BYOD Security – Deployment & Best Practices
Mobile Devices & BYOD Security – Deployment & Best PracticesMobile Devices & BYOD Security – Deployment & Best Practices
Mobile Devices & BYOD Security – Deployment & Best Practices
 
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...
 
Behind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced ThreatsBehind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced Threats
 
Chapter 9 lab a security policy development and implementation (instructor ve...
Chapter 9 lab a security policy development and implementation (instructor ve...Chapter 9 lab a security policy development and implementation (instructor ve...
Chapter 9 lab a security policy development and implementation (instructor ve...
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
 

More from Cisco Canada

Cisco connect montreal 2018 net devops
Cisco connect montreal 2018 net devopsCisco connect montreal 2018 net devops
Cisco connect montreal 2018 net devopsCisco Canada
 
Cisco connect montreal 2018 iot demo kinetic fr
Cisco connect montreal 2018 iot demo kinetic frCisco connect montreal 2018 iot demo kinetic fr
Cisco connect montreal 2018 iot demo kinetic frCisco Canada
 
Cisco connect montreal 2018 - Network Slicing: Horizontal Virtualization
Cisco connect montreal 2018 - Network Slicing: Horizontal VirtualizationCisco connect montreal 2018 - Network Slicing: Horizontal Virtualization
Cisco connect montreal 2018 - Network Slicing: Horizontal VirtualizationCisco Canada
 
Cisco connect montreal 2018 secure dc
Cisco connect montreal 2018 secure dcCisco connect montreal 2018 secure dc
Cisco connect montreal 2018 secure dcCisco Canada
 
Cisco connect montreal 2018 enterprise networks - say goodbye to vla ns
Cisco connect montreal 2018 enterprise networks - say goodbye to vla nsCisco connect montreal 2018 enterprise networks - say goodbye to vla ns
Cisco connect montreal 2018 enterprise networks - say goodbye to vla nsCisco Canada
 
Cisco connect montreal 2018 vision mondiale analyse locale
Cisco connect montreal 2018 vision mondiale analyse localeCisco connect montreal 2018 vision mondiale analyse locale
Cisco connect montreal 2018 vision mondiale analyse localeCisco Canada
 
Cisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec Cisco
Cisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec CiscoCisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec Cisco
Cisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec CiscoCisco Canada
 
Cisco connect montreal 2018 collaboration les services webex hybrides
Cisco connect montreal 2018 collaboration les services webex hybridesCisco connect montreal 2018 collaboration les services webex hybrides
Cisco connect montreal 2018 collaboration les services webex hybridesCisco Canada
 
Integration cisco et microsoft connect montreal 2018
Integration cisco et microsoft connect montreal 2018Integration cisco et microsoft connect montreal 2018
Integration cisco et microsoft connect montreal 2018Cisco Canada
 
Cisco connect montreal 2018 compute v final
Cisco connect montreal 2018 compute v finalCisco connect montreal 2018 compute v final
Cisco connect montreal 2018 compute v finalCisco Canada
 
Cisco connect montreal 2018 saalvare md-program-xr-v2
Cisco connect montreal 2018 saalvare md-program-xr-v2Cisco connect montreal 2018 saalvare md-program-xr-v2
Cisco connect montreal 2018 saalvare md-program-xr-v2Cisco Canada
 
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...Cisco Canada
 
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...Cisco Canada
 
Cisco Connect Toronto 2018 an introduction to Cisco kinetic
Cisco Connect Toronto 2018 an introduction to Cisco kineticCisco Connect Toronto 2018 an introduction to Cisco kinetic
Cisco Connect Toronto 2018 an introduction to Cisco kineticCisco Canada
 
Cisco Connect Toronto 2018 DevNet Overview
Cisco Connect Toronto 2018 DevNet OverviewCisco Connect Toronto 2018 DevNet Overview
Cisco Connect Toronto 2018 DevNet OverviewCisco Canada
 
Cisco Connect Toronto 2018 DNA assurance
Cisco Connect Toronto 2018 DNA assuranceCisco Connect Toronto 2018 DNA assurance
Cisco Connect Toronto 2018 DNA assuranceCisco Canada
 
Cisco Connect Toronto 2018 network-slicing
Cisco Connect Toronto 2018 network-slicingCisco Connect Toronto 2018 network-slicing
Cisco Connect Toronto 2018 network-slicingCisco Canada
 
Cisco Connect Toronto 2018 the intelligent network with cisco meraki
Cisco Connect Toronto 2018 the intelligent network with cisco merakiCisco Connect Toronto 2018 the intelligent network with cisco meraki
Cisco Connect Toronto 2018 the intelligent network with cisco merakiCisco Canada
 
Cisco Connect Toronto 2018 sixty to zero
Cisco Connect Toronto 2018 sixty to zeroCisco Connect Toronto 2018 sixty to zero
Cisco Connect Toronto 2018 sixty to zeroCisco Canada
 
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...Cisco Canada
 

More from Cisco Canada (20)

Cisco connect montreal 2018 net devops
Cisco connect montreal 2018 net devopsCisco connect montreal 2018 net devops
Cisco connect montreal 2018 net devops
 
Cisco connect montreal 2018 iot demo kinetic fr
Cisco connect montreal 2018 iot demo kinetic frCisco connect montreal 2018 iot demo kinetic fr
Cisco connect montreal 2018 iot demo kinetic fr
 
Cisco connect montreal 2018 - Network Slicing: Horizontal Virtualization
Cisco connect montreal 2018 - Network Slicing: Horizontal VirtualizationCisco connect montreal 2018 - Network Slicing: Horizontal Virtualization
Cisco connect montreal 2018 - Network Slicing: Horizontal Virtualization
 
Cisco connect montreal 2018 secure dc
Cisco connect montreal 2018 secure dcCisco connect montreal 2018 secure dc
Cisco connect montreal 2018 secure dc
 
Cisco connect montreal 2018 enterprise networks - say goodbye to vla ns
Cisco connect montreal 2018 enterprise networks - say goodbye to vla nsCisco connect montreal 2018 enterprise networks - say goodbye to vla ns
Cisco connect montreal 2018 enterprise networks - say goodbye to vla ns
 
Cisco connect montreal 2018 vision mondiale analyse locale
Cisco connect montreal 2018 vision mondiale analyse localeCisco connect montreal 2018 vision mondiale analyse locale
Cisco connect montreal 2018 vision mondiale analyse locale
 
Cisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec Cisco
Cisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec CiscoCisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec Cisco
Cisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec Cisco
 
Cisco connect montreal 2018 collaboration les services webex hybrides
Cisco connect montreal 2018 collaboration les services webex hybridesCisco connect montreal 2018 collaboration les services webex hybrides
Cisco connect montreal 2018 collaboration les services webex hybrides
 
Integration cisco et microsoft connect montreal 2018
Integration cisco et microsoft connect montreal 2018Integration cisco et microsoft connect montreal 2018
Integration cisco et microsoft connect montreal 2018
 
Cisco connect montreal 2018 compute v final
Cisco connect montreal 2018 compute v finalCisco connect montreal 2018 compute v final
Cisco connect montreal 2018 compute v final
 
Cisco connect montreal 2018 saalvare md-program-xr-v2
Cisco connect montreal 2018 saalvare md-program-xr-v2Cisco connect montreal 2018 saalvare md-program-xr-v2
Cisco connect montreal 2018 saalvare md-program-xr-v2
 
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
 
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...
 
Cisco Connect Toronto 2018 an introduction to Cisco kinetic
Cisco Connect Toronto 2018 an introduction to Cisco kineticCisco Connect Toronto 2018 an introduction to Cisco kinetic
Cisco Connect Toronto 2018 an introduction to Cisco kinetic
 
Cisco Connect Toronto 2018 DevNet Overview
Cisco Connect Toronto 2018 DevNet OverviewCisco Connect Toronto 2018 DevNet Overview
Cisco Connect Toronto 2018 DevNet Overview
 
Cisco Connect Toronto 2018 DNA assurance
Cisco Connect Toronto 2018 DNA assuranceCisco Connect Toronto 2018 DNA assurance
Cisco Connect Toronto 2018 DNA assurance
 
Cisco Connect Toronto 2018 network-slicing
Cisco Connect Toronto 2018 network-slicingCisco Connect Toronto 2018 network-slicing
Cisco Connect Toronto 2018 network-slicing
 
Cisco Connect Toronto 2018 the intelligent network with cisco meraki
Cisco Connect Toronto 2018 the intelligent network with cisco merakiCisco Connect Toronto 2018 the intelligent network with cisco meraki
Cisco Connect Toronto 2018 the intelligent network with cisco meraki
 
Cisco Connect Toronto 2018 sixty to zero
Cisco Connect Toronto 2018 sixty to zeroCisco Connect Toronto 2018 sixty to zero
Cisco Connect Toronto 2018 sixty to zero
 
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
 

Recently uploaded

Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 

Recently uploaded (20)

Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 

Security Vulnerabilities in Modern Operating Systems

  • 1.
  • 2. Security Vulnerabilities in Modern Operating Systems T-SEC-18-B Yves Younan Senior Research Engineer Vulnerability Research Team (Sourcefire, now part of Cisco)
  • 3. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Overview  A look at more than 25 years of past vulnerabilities – Based on the CVE/NVD data. – CVE started in 1999, but includes historical data going back to 1988. – NVD hosts all CVE information in addition to some extra data about vulnerability types, etc. – Based on Sourcefire report: http://www.sourcefire.com/25yearsofvulns  Updated (with data from 2013, 2014) and data from other sources  A look at the future – What trends do we expect?  A look at exploitation trends based on other reports  What can we do to protect ourselves
  • 4. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Vulnerabilities Past  Data from 1988-2013 – More than 59,800 vulnerabilities in this period – Majority of vulnerabilities in the last half of this period – Data has some issues though  Depending on reporting, a single CVE issue could cover multiple similar vulnerabilities or not  Sometimes product assignment is spotty (we’ve tried to clean this up a bit for mobile) – Not correctly assigned to a product, multiple product names for the same product  Categories that are used are not very good and their assignment is not all that great – Also a change in categories significantly  We use the “published date” provided by NVD to determine when a vulnerability was published: CVE ids are generated based on when they are requested, not published, so small discrepancies between ids and dates can exist around the end of the year – For example: CVE-2013-6642 was published in 2014
  • 5. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Common vulnerability scoring system  Analyst answers the following about the vulnerability: – Impact on confidentiality, accessibility, integrity: low, partial, complete – Access vector: local, adjacent network, remote – Authentication required: none, single, multiple  Gives a base score of 0-10  We use the following in the stats:  CVSS >=7 is considered a serious vulnerability (include critical)  CVSS = 10 is considered a critical vulnerability – Note: if insufficient information is available, NVD will consider the vulnerability to be critical  Gives us a measure of vulnerability impact, but can be a little subjective – One score, while multiple platforms may be affected, with different impacts (e.g. due to mitigations)
  • 6. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Total Vulnerabilities by Year 2 3 11 15 13 13 25 25 75 252 246 894 1020 1677 2156 1528 2451 4931 6609 6516 5636 5731 4638 4151 5281 4747 0 1000 2000 3000 4000 5000 6000 7000 1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013
  • 7. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Total Serious Vulnerabilities 2 2 8 11 12 8 14 17 45 145 133 424 452 772 1002 678 970 2037 2761 3159 2838 2714 2084 1821 1772 1638 0 500 1000 1500 2000 2500 3000 3500 1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013
  • 8. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Serious Vulnerabilities Percentage of All Vulnerabilities 100 66.67 72.7373.33 92.31 61.54 56 68 60 57.54 54.07 47.43 44.3146.0346.47 44.37 39.5841.3141.78 48.4850.35 47.36 44.9343.87 33.5534.51 0 20 40 60 80 100 120 1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013
  • 9. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Total Critical Vulnerabilities 2 1 1 4 3 2 1 7 8 24 23 161 142 149 155 119 211 284 274 475 425 373 258 387 483 437 0 100 200 300 400 500 600 1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013
  • 10. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Critical Vulnerabilities Percentage of All Vulnerabilities 100 33.33 9.09 26.67 23.08 15.38 4 28 10.67 9.52 9.35 18.01 13.92 8.88 7.19 7.79 8.61 5.76 4.15 7.29 7.54 6.51 5.56 9.32 9.15 9.21 0 20 40 60 80 100 120 1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013
  • 11. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Vulnerabilities by Type  Common Weakness Enumeration creates a number of categories for vulnerabilities  NVD uses a subset of CWE to categorize vulnerabilities: – Authentication issues: not properly authenticating users – Credentials management: password/credential storage/transmission issues – Access Control: permission errors, privilege errors, etc. – Buffer error: buffer overflows, etc. – CSRF: cross-site request forgery – XSS: cross site scripting
  • 12. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Vulnerabilities by Type  NVD CWE subset continued: – Cryptographic issues: errors in crypto – Path traversal: incorrectly handling input like “..” – Code injection: executing scripting code or similar – Format string vulnerability: when attackers control the format specifier for a formatting function – Configuration: errors in configuration – Information leak: exposing sensitive information – Input validation: lack of verifying input, overlaps with other categories, kind of a misc. category – Numeric errors: integer overflows, signedness errors, etc.
  • 13. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Vulnerabilities by Type  NVD CWE subset continued: – OS Command Injections: executing via command line – Race conditions: time of check to time of use errors – Resource management errors: memory leaks, consuming of excess resources, etc. – SQL injection – Link following: following symlinks / hard links
  • 14. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Vulnerabilities by Type Buffer Errors 15% XSS 13% Access Control 11% Input Validation 10% SQL Injection 10% Not enough info 8% Code Injection 6% Information Leak 5% Resource Management 5% Path Traversal 4% Numeric Errors 2% Configuration 2% Authentication 2% Crypto 1% Credentials 1% CSRF 1% Link Following 1% Race Conditions 1% OS Command Injection 1% [CATEGORY NAME] [PERCENTAGE]
  • 15. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Serious Vulnerabilities by Type Buffer Errors 23% SQL Injection 19% Access Control 10% Code Injection 10% Not enough info 8% Input Validation 8% Resource Management 4% Path Traversal 3% Numeric Errors 2% Authentication 2% Configuration 2% OS Command Injection 2% Format String 1% Credentials 1% Information Leak 1%Crypto 1% XSS 1%
  • 16. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Critical Vulnerabilities by Type Buffer Errors 35% Not enough info 22% Access Control 8% Input Validation 6% Code Injection 4% Resource Management 4% OS Command Injection 3% Numeric Errors 3% Configuration 3% Authentication 3% Credentials 2% Format String 2% Path Traversal 2% SQL Injection 1% Information Leak 1% Crypto 1%
  • 17. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Vulnerability Types Over the Years 0 500 1000 1500 2000 2500 3000 3500 781 1294 874 796 827 594 724 599 939 869 1100 951 515 164 223 277 390 460 422 469 708 921 569 572 548 673 734 719 148 183 229 285 338 187 303 777 572 144 215 250 175 302 474 83 147 1047 560 734 Not enough info Code Injection Configuration Input Validation Access Control Buffer errors SQL Injection XSS
  • 18. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Vulnerabilities by Vendor  NVD has information on affected product for 58,561 vulnerabilities  Top 10 vendors account for 16,696 vulnerabilities, more than 28% of all vulnerabilities.  Some vendors have lots of products, which can result in a higher total vulnerabilities count  We will also look at specific products later so we can provide more extensive analysis
  • 19. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Top 10 Vendors for Total Vulnerabilities Microsoft, 3280 Apple, 2122 Oracle, 2025 IBM, 1802 Sun, 1558 Cisco, 1523 Mozilla, 1255 Linux, 1097 HP, 1037 Google, 997
  • 20. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Top 10 Vendors for Serious Vulnerabilities Microsoft, 1948 Apple, 921 Cisco, 830 Adobe, 757 Sun, 727 IBM, 662 Mozilla, 613 Oracle, 580 Google, 559 HP, 554
  • 21. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Top 10 Vendors for Critical Vulnerabilities Adobe, 300 Oracle, 287 Mozilla, 246 Sun, 235 HP, 235 IBM, 197 Microsoft, 183 Google, 113 Cisco, 97 Apple, 72
  • 22. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Top 10 Vendors over the Years 0 100 200 300 400 500 600 Microsoft Apple Oracle IBM Sun Cisco Mozilla Linux HP Google
  • 23. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Top 10 Vendors, total number of distinct products 23 HP, 1291 Cisco, 889 IBM, 450 Microsoft, 361 Oracle, 232 Sun, 199 Apple, 92 Google, 32 Mozilla, 19 Linux, 7
  • 24. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Top 10 vendors, unique CVEs to distinct products ratio 24 Linux, 156.7 Mozilla, 66.1 Google, 31.2 [CATEGORY NAME], [VALUE] Microsoft, 9.1 Oracle, 8.7 Sun, 7.8 IBM, 4 Cisco, 1.7 HP, 0.8
  • 25. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Vulnerabilities by Product  Our vendor comparison gave us an idea who had to deal with the most vulnerabilities  However, vendors have multiple products: having more products, will usually result in suffering from more vulnerabilities – As was seen in the product versus CVE entry comparison  Here we look at product specific comparisons – What products had the most vulnerabilities  Some caveats – Some versions are considered distinct products  Every Windows version is a distinct product
  • 26. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Top 10 Vulnerable Products Linux Kernel, 1090 Firefox, 1013 Chrome, 886 Mac OSX, 847Windows XP, 717 Seamonkey, 628 Internet Explorer, 625 Mac OSX Server, 608 Thunderbird, 594 Solaris, 557
  • 27. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Top 10 vulnerable products without shared code bases 27 Linux Kernel, 1090 Firefox, 1013 Chrome, 886 Mac OSX, 847 Windows XP, 717 Internet Explorer, 625 Solaris, 557 JRE, 496 Safari, 460 Linux, 396
  • 28. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Top 10 vulnerable products, totaled with similar products 28 Linux+Redhat, 1895 All Windows, 1237 Mozilla Suite, 1046 Mac OS, 891 Chrome, 886 Internet Explorer, 625 Solaris, 590 JRE/JDK, 501 Safari, 460 PHP, 353
  • 29. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Top 10 Seriously Vulnerable Products Firefox, 529 Chrome, 513 Windows XP, 501 Thunderbird, 365Seamonkey, 364 Windows Vista, 346 Windows Server 2008, 337 Windows 2000, 311 Internet Explorer, 307 Windows 2003 Server, 299
  • 30. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Top 10 Seriously Vulnerable Products, totaled (similar) 30 All Windows, 755 Linux+Redhat, 567 Firefox, 539 Chrome, 513 Internet Explorer, 307 Mac OS X, 303 JDK/JRE, 289 Acrobat, 283 Solaris, 277 Flash/Air, 260
  • 31. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Top 10 Critically Vulnerable Products Firefox, 234 Thunderbird, 179 Seamonkey, 167 JRE, 152 JDK, 145 Flash Player, 134 Adobe Air, 119 Chrome, 99 Acrobat Reader, 96 Acrobat, 92
  • 32. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Top 10 Critically Vulnerable Products, totalled (similar) Mozilla suite, 238 JRE/JDK, 153 Flash/Air, 135 All Windows, 103 Linux+Redhat, 101 Chrome, 99 Acrobat, 96 Solaris, 61 Oracle Database, 54 AIX, 49
  • 33. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Vulnerabilities by Windows Version XP, 717 Server 2003, 618 Win 2000, 504Vista, 455 Server 2008, 450 Win 7, 325 NT, 247 Win 98, 89 Win 8, 63 Win Me, 57 Server 2012, 56 Win 95, 46
  • 34. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Vulnerabilities by Mobile Phone OS iPhone, 310 Windows, 49 Android, 36 BlackBerry, 13
  • 35. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Vulnerabilities by Mobile Phone OS Android, 166 iPhone, 164 Windows, 54 BlackBerry, 28
  • 36. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Microsoft Bulletins  Contain information on all Microsoft vulnerabilities and associated CVEs  Correlate the release dates of the bulletins with the release dates of the CVEs  Gives us insight into how often vulnerabilities are 0 day vulns – If CVE is published before MS bulletin meaning that vulnerability information was available before a response from MS  No particular reason for choosing Microsoft, except that they make the information easily available and usable on their website
  • 37. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public CVE Correlated with MS Bulletins Bulletin published before CVE, 1185 Bulletin published with CVE, 818 Bulletin publised after CVE, 268
  • 38. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Microsoft 0 day vulnerabilities  If the MS correlation numbers carry over to other vendors: about 1 out of every 10 vulnerabilities discovered is known by attackers before the vendor can patch – Security products will often not provide protection against these attacks until they know about it – Mitigations are more important in this respect  Attackers could possible evade them, but exploitation cost goes up significantly  Latest Windows/Linux have plenty of mitigations available by default: Windows 8 has improved on many of them  EMET (Free MS tool) can enable protections to make it harder to exploit vulnerabilities in Windows: e.g., better ASLR, RopGuard.
  • 39. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Present  Let’s take a look at the first quarter of 2014: January 1st until March 31st 2014  We will look at total vulnerabilities this year and severity  We will also look at the top 10 vendor and top 10 products for this quarter  Note: this data may not be completely up to date: while the data was retrieved on April 1st, it may not include all up to date information on a vulnerability, as this may be updated later. – This is especially true for the “unknown” vulnerabilities
  • 40. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Total vulnerabilities: 2014 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 0 200 400 600 800 1000 1200 1400 1600 1800 2000 Q1 total Q1 >= 7 Q1 = 10 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014
  • 41. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Vulnerability types: 2014 Not enough info 16% XSS 16% Buffer Errors 13% Access Control 13% Input Validation 10% SQL Injection 5% Resource Management 5% Path Traversal 4% Information Leak 3% CSRF 3% Crypto 3% Authentication 2% Numeric Errors 2% Credentials 2% Code Injection 2% Link Following 1% Race Conditions 1% OS Command Injection 1%
  • 42. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Top 10 Products: 2014 Internet Explorer, 43 Firefox, 37 JDK, 36 JRE, 36 Chrome, 35 Owncloud, 34 Seamonkey, 32 Linux Kernel, 28 iPhone, 24 Thunderbird, 21
  • 43. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Future  Plenty of static analysis tools, mitigations, etc. yet buffer overflows remain a very important vulnerability now and will probably will in the future too  Access control / privilege issues will continue to remain important in large part due to better privilege separation  Google will probably start moving up the top 10 more, it entered it for the first time this year, displacing Adobe  Fewer vulnerabilities were reported in 2013 – Serious vulnerabilities have remained stable at 1/3rd of the vulnerabilities – Critical vulnerabilities have also remained stable at 1/10th of all vulnerabilities – In 2014 more vulnerabilities have been reported, slight lower percentage of serious (but the same in absolute terms), but less critical ones
  • 44. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Vulnerabilities are not the same thing as exploits  Some vulnerabilities end up not being practically exploitable – Mitigations – Too much effort required – Very specific environmental requirements  Not reliable  CVSS doesn’t really take environmental concerns into account  Microsoft study on exploits: Software Vulnerability Exploitation Trends  http://www.microsoft.com/en-us/download/details.aspx?id=39680  Cisco 2014 Annual Security Report  http://www.cisco.com/web/offers/lp/2014-annual-security-report/index.html
  • 45. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Exploits and exploitation  From Microsoft’s study: – Looked at a number of vulnerabilities that were classified as remote code execution (RCE): 06-12  Looked at about 800 vulnerabilities  29% were exploited, rest of vulnerabilities were not exploited  Most vulnerabilities are exploited after patch, but an increasing number of 0day vulnerabilities are being exploited  Trends shows that fewer vulnerabilities are being exploited since 2012, coincides with the adoption of Windows 7 and IE10  However, there was a lull in 2007 and 2008 too, after Vista was released (the first Windows with real mitigations) – Could mean that this is a similar lull with improved mitigations in both Windows 7 and IE10  In 2012 there were no new exploits vulnerabilities for Windows 2000 – Windows 2000 was end-of-lifed in 2010, so no need for many new vulnerabilities since then, impact could be interesting for XP
  • 46. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Exploits and exploitation  Microsoft Study also found that – Stack-based buffer overflows were massively exploited in 2006-2009  Decline since then: probably due to mitigations – Heap corruption remained popular entire time – Increased exploitation of use after free vulnerabilities  Most exploited vulnerability for Windows 7 and Vista  Occurs more in client-side applications (browsers)  No mitigations that address use-after-free specifically – Study also looks at exploitation techniques  Exploits increasingly make use of mitigation bypasses
  • 47. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Exploits and exploitation  Cisco Report: – For web exploits, Java vulnerabilities are the most exploited by attackers: 91% of indicators of compromise monitored by FireAMP were related to Java  Far fewer related to Flash or PDF – 1.2% of all web malware target a specific mobile device – 99% of all that malware targets Android, 0.84% targets J2ME devices (the second most popular target) – Most frequently occurring mobile malware was Andr/Qdplugin-A: 43.8%  Frequently repackaged in legitimate apps distributed on unofficial marketplaces – General malware types: trojans, 64%; adware 20%, worms 8% and viruses 4%
  • 48. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Trends  Major software projects from important vendors still have plenty of vulnerabilities – Some vendors spend a lot of money and effort to improve the security of their products – They still suffer from significant vulnerabilities – Software is more secure today than it has ever been – Compromises continue – As with other fields, defenders have to be lucky all the time, while attackers only need to be lucky once – Make it as hard as possible for attackers by enabling mitigations, ensuring significant access control
  • 49. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Trends  Browsers are a very important point of attack  Vulnerabilities in browsers themselves – Major browsers are all 3 categories of top 10 of vulnerable products – Vulnerabilities in file formats parsed by plugins  Media files  PDF: in serious and critical top 10  Java: in all 3 top 10 categories  Flash: also in serious and critical top 10 – Important to run latest browsers:  IE10 and Chrome have invested a lot in mitigations  Disable plugins you don’t need: Java, PDF, etc.
  • 50. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Trends  Mobile phones also suffer from plenty of vulns:  Ensuring adequate protection on phones (AV, MDM, etc.) is important  Malware is important on mobile phones too, not just vulnerabilities – Mobile Device Management can help against malware, but doesn’t really help against vulnerabilities – Much harder for a user to determine “safe” software  On PC, legitimate software is acquired from a number of trusted sources  On app stores (mainly Android), everything looks legitimate
  • 51. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Plan for compromise  Attackers breaking in is not inevitable, but a real possibility that must be considered given the number of vulnerabilities  Breaking in doesn’t mean total compromise  Client-side vulnerabilities are very important these days  Users have a higher risk of being compromised  Identify most important assets  Identify risks to those assets  Mitigate risk  Access control (firewalls on internal servers)  Internal detection (IDS/IPS for those servers)  Use SSL/other encryption internally too
  • 52. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Plan for compromise  Have an incident response plan  Define what an incident is  Establish areas of responsibility for investigation and recovery  Containment  Can you contain the attacker quickly  What steps are required to recover from an incident  Recovery may be different depending on the type of incident  Determine how to restore asset quickly if compromised  Need to identify way of entry to prevent future compromises  Retrospective security can help with this  Examine extent of intrusion: e.g., must all users change passwords?
  • 53. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Conclusion  Microsoft has significantly improved in the last couple of years, their browser and mobile OS are better than their competitors in terms of vulnerabilities discovered  Google’s entry into the consumer software and hardware (as opposed to running a web service) has been accompanied by a significant number of vulnerabilities  Oracle’s acquisition of Sun has brought quite a number of extra vulnerabilities under the Oracle banner, some are even still counted as Sun right now
  • 54. Cisco and/or its affiliates. All rights reserved.T-SEC-18-B Cisco Public Conclusion  Vulnerabilities are here to stay – While serious vulnerabilities have been in decline, total vulnerabilities are not and neither are critical – At some point many vendors thought that hunting for enough vulnerabilities would make software secure – New features increase the attack surface or make previously non- exploitable errors exploitable – Using several non-serious vulnerabilities in concert could result in a more serious issue – Buffer overflows have been around for 25 years yet are still one of the top vulnerabilities  Full report (up to 2012) available via http://www.sourcefire.com/25yearsofvulns  Get rid of XP: end of life was last week, no more security updates