Slideshare.net (beta)

Home Browse My Slidespace Upload Community Tags Widgets

Latest | Most Viewed | Most Embedded | Featured | Most Favorited | Most Downloaded | Slidecasts

 
Post to TwitterPost to Twitter
Post: 
Myspace Hi5 Friendster Xanga LiveJournal Facebook Blogger Tagged Typepad Freewebs BlackPlanet gigya icons

All comments

Add a comment on Slide 1

If you have a SlideShare account, login to comment; else you can comment as a guest


Showing 1-50 of 0 (more)

Security4all Desktop Security

From security4all, 4 months ago

137 views  |  0 comments  |  0 favorites  |  1 embed (Stats)
Share
Download not available ?
 

Categories

Add Category
 
 

Tags

 

 
 

Groups / Events

 

 
Embed
options

More Info

This slideshow is Public
Total Views: 137
on Slideshare: 122
from embeds: 15

Slideshow transcript

Slide 1: Desktop Security How to protect our desktop computers Security4all Information Security Consultant

Slide 3: The unsinkable ship

Slide 4: Today’s Agenda • The risk landscape • The effectiveness of our technology • Possible countermeasures

Slide 5: Know your Risks

Slide 7: Motivations evolved from play to business • Revenge • Extortion • Competetive Sabotage • Industrial espionage • Political Activism 2001 2003 2005 2007 Political/Main Experimental Extortion For Hire stream 2002 2004 2006

Slide 8: “heike” 黑客

Slide 9: N.C.P.H. “For-profit” Hacker group 玫瑰 Wicked Rose Source: www.mghacker.com

Slide 10: $242 (1,967 RMB)

Slide 11: $625 (5,000 RMB) +150%

Slide 12: Table: Breakdown of goods available for sale on underground economy servers Source: Symantec Corporation Rank Item Percentage Range of Prices 1 Credit cards 22% 0.50$ - 5$ 2 Bank accounts 21% 30$ - 400$ 3 Email passwords 8% 1$ - 350$ 4 Mailers 8% 8$ - 10$ 5 Email addresses 6% 2$/MB – 4$/MB 6 Proxies 6% 0.50$ - 3$ 7 Full identity 6% 10$ - 150$ 8 Scams 6% 10$/week 9 Social security 3% 5$ - 7$ numbers 10 Compromised 2% 2$ - 10$ unix shells

Slide 14: Russian Business Network • Mpack • Storm Worm • Phishing • Banking Trojans www.bizeul.org/files/RBN_study.pdf

Slide 15: Titan Rain

Slide 16: November 2007 concentrated campaign of cyber espionage against UK businesses

Slide 17: November 2007 160GB

Slide 18: March 2008

Slide 19: The technology

Slide 21: Virus scanners

Slide 22: 11 October MS07-60

Slide 23: File .doc received on 23.10.2007 Result: 10/32 (31.25%)

Slide 24: File .doc received on 10.02.2008 Result: 11/32 (34.38%)

Slide 25: Report: All Your iFrame Are Point to Us (11 February 2008)

Slide 29: Firewalls

Slide 30: Firewalls are not security devices, they are more for network hygiene

Slide 31: DNS tunneling

Slide 33: Patching

Slide 34: 55 Days 16 January 11 March

Slide 35: Don’t forget to patch these ! • Macromedia Flash • Acrobat Reader (PDF) • Sun Java • RealPlayer • Apple Quicktime

Slide 37: Encryption

Slide 40: Countermeasures

Slide 42: \"A false sense of security, is worse than insecurity\" - Steve Gibson

© 2008 SlideShare Inc. All Rights Reserved.
App10.ss is serving you.