SlideShare a Scribd company logo

Evolving Threat Landscape Web Spam Bot

Symantec
Symantec

Symantec Vision 2011 Presentation on the Evolving Threat Landscape, including Web, Spam and Phishing Attacks, given by John Harrison, Group Product Manager, Security Technology and Response and Paul Wood, Senior Analyst, Symantec .cloud

TechnologyNews & Politics
1 of 47
Download to read offline
The Evolving Threat Landscape: Web, Spam and Phishing Attacks John Harrison, Group Product Manager, Security Technology and Response Paul Wood, Senior Analyst, Symantec .cloud The Evolving Threat Landscape: Web, Spam and Phishing Attacks 1
Agenda Introduction Threat Landscape 2010 – Anatomy of a Web Attack Latest in Malware and Phishing Attacks Spam Innovations Summary - What Can You Do? The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 2
>LOVEBUG Introduction The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 The Evolving Threat Landscape: 3 Web, Spam
GloucesterAmsterdam Calgary Toronto London Frankfurt Denver New York Courbevoie Munich Cupertino Diegem Tokyo Mesa Tucson Virginia Osaka Oman Hong Kong Pune Singapore Office Network Operation Center South Africa Sydney Data Center • 32,000 businesses with 10 million users in 100 countries • 5 billion email connections per day on average in 2010 • 1 billion web connections per day • 15 data centers spanning 5 continents The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 4
Global Intelligence Network Identifies more threats, takes action faster & prevents impact Calgary, Alberta Dublin, Ireland Tokyo, Japan San Francisco, CA Mountain View, CA Austin, TX Chengdu, China Culver City, CA Taipei, Taiwan Chennai, India Pune, India Worldwide Coverage Global Scope and Scale 24x7 Event Logging Rapid Detection Attack Activity Malware Intelligence Vulnerabilities Spam/Phishing • 240,000 sensors • 133M client, server, • 40,000+ vulnerabilities • 5M decoy accounts • 200+ countries gateways monitored • 14,000 vendors • 8B+ email messages/day • Global coverage • 105,000 technologies • 1B+ web requests/day Preemptive Security Alerts Information Protection Threat Triggered Actions The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 5
>CUTWAIL Threat Landscape 2010 – Anatomy of a Web Attack The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 6
Threat Landscape 2010 Trends  Targeted Attacks continued to evolve Social Networking  + social engineering = compromise Hide and Seek  (zero-day vulnerabilities and rootkits) Attack Kits  get a caffeine boost  Mobile Threats increase The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 7
Anatomy of a Web Based Attack • Enterprise and Consumer users are infected today from Web based attacks: – Web Attack Toolkits -Drive-by downloads – Social Engineering Attacks  Website attacks user’s browser by targeting vulnerabilities  Hacker compromises legitimate Web site URL (drive-by-download) Legitimate  User isowned Web Site machine now User is infected using  Social Engineering techniques (fake AV/fake codec) The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011
Threat Landscape  Social Networking + Social Engineering = Compromise More Info: Detailed review of Social Media threats available in The Risks of Social Networking • Hackers have adopted social networking – Use profile information to create targeted social engineering – Impersonate friends to launch attacks – Leverage news feeds to spread spam, scams and massive attacks The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 9
Threat Landscape Social Networking leads to…. • An attacker’s goldmine to conduct; – Externalizing confidential / sensitive information, Personal/Professional Separation, Account Hijacking, Privacy Issues and Identify Theft, Harassment and Cyber-bullying, Information Obsolescence, Information Harvesting • Protection is often not effective until compromise or infection takes place • Exploits trust between friends. Viral by nature The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 10
Facebook Likejacking Attacks = Like Hijacking Likejacking Attack: • Clicking ANYWHERE on the page results in “Liking” this page • It gets posted to all of your friends without you actually clicking on the LIKE button! • How does it work? An invisible Like button follows the mouse around Do you know what is happening?! The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 11
Threat Landscape Social Engineering • Also called Scareware or Rogueware • Multitude of propagation methods • Most infections are from Intermediate files (e.g., Zlob, FakeAVAlert) rather than Misleading Applications • All components change quickly including domains and EXEs. Average domain life time < 4 hours. The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 12
For more on Cybercrime, Social Networking Attacks and Stuxnet • The Threat Landscape in the Age of CyberCrime and Stuxnet • Wednesday from 5:00 – 6:00pm. SR B30, Kevin Haley The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 13
Threat Landscape More Info:  Web Attack Toolkits Detailed information available in ISTR Mid- Term: Attack Toolkits and Malicious Websites The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 14
Web Attack Toolkits are Easy to Configure The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 15
Effectiveness of the Web Attack Toolkits The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 16
Threat Landscape Web-based threats: Any website can infect you …just by browsing to it • In the past – you had to visit dangerous sites to get infected … but today they’re on legitimate sites attacking you • Exploits leverage software vulnerabilities without user interaction. • Which Web sites can infect you? Your favorite: – News, travel, online games, real estate, government, others • 37.0% of domains hosting web malware were new in March 2011 • 24.5% of web malware was new in March 2011 • In 2010, over 42,926 domains were used to host web malware Source: Symantec.cloud 87.5% of malicious websites blocked in 2010 were legitimate, but compromised The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 17
Threat Landscape – Web-based Threats Attack kits lead to intensified threats • The number of daily Web-based attacks observed was 93% higher in 2010 than in 2009 • Spikes in activity related to specific activities and campaigns The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 18
Malvertising • “Malicious Advertisement” • The main website isn’t infected – one of the advertisements is • Webpages pull content from ANYWHERE on the web • 1 out of 100, 1000 or 10,000 ads could be infected • Difficult to detect and reproduce * This is a fake website The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 19
Threat Landscape  Vulnerabilities Attacked by Web Attack Toolkits • Java exploits added to many existing kits • Up to 25 different vulnerabilities can be exploited • 0-Day Vulnerabilities being targeted more aggressively More Info: Detailed information available in ISTR Mid- Term: Attack Toolkits and Malicious Websites The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 20
Vulnerability Trends Web Browser Plug-In Vulnerabilities • The number of Flash and Reader vulnerabilities continued to grow. The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 21
Demo of Web Attacks The Evolving Threat Landscape: Web, Spam and Phishing Attacks 22
>PSYME Latest in Malware and Phishing Attacks SYMANTEC VISION 2011 The Evolving Threat Landscape:23 Web, Spam
Threat Landscape - Convergence Evolving Threat landscape: From email and IM to web • Threats now span multiple protocols Spoofed Email with Fraudulent IM with Compromised Website Web Link Web Link Hosting Malware Comprehensive Protection Needed Across Email, Web, and IM The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 24
Threat Landscape - Malware Greater pressure on traditional antivirus defenses In 2010 ~13,300 Signatures per day Or 1 every 6.5 seconds! In 2000 ~5 Signatures per day The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 25
Threat Landscape - Malware Case Study: W32.Imsolk.B@mm (aka “Here you have”) • Many business users likely saw something like this in their inboxes on 9 September 2010 The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 26
Case Study: W32.Imsolk.B@mm (aka “Here you have”) Window of vulnerability from non-targeted attacks The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 27
Threat Landscape - Malware Targeted Attacks and Industrial Espionage • 1 or 2 per week in 2005 • 2 per day in 2006 • 10 per day in 2007 • 50+ per day in 2008 • 60+ per day in 2009 • 77 per day in 2010 The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 28
Case Study: Targeted Attacks and Industrial Espionage Example of a Targeted Attack in March 2011 • Exploit CVE-2011-0609 The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 29
Case Study: Targeted Attacks and Industrial Espionage CVE-2011-0609: One Client, One Day: One Hour, 55 Emails The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 30
Case Study: Targeted Attacks and Industrial Espionage CVE-2011-0609: Anatomy of a Targeted Attack Shellcode drops embedded executable and runs it… SWF-1 decodes SWF-2 and provides heap-spray for shellcode SWF-2 SWF-2 exploits CVE- 2011-0609 The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 31
Threat Landscape – Financial Fraud and Identity Theft Typical profile of a phishing attack Malicious URLs appear in emails designed to appear legitimate Spoofed or compromised website is used to capture account information or install malware The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 32
Threat Landscape – Financial Fraud and Identity Theft Classification of organizations targeted by phishing • Banks were spoofed by 56% of phishing attacks in 2010 • Many email-based fraud attempts referred to major events in 2010 The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 33
Threat Landscape – Financial Fraud and Identity Theft Underground economy: Impact on Cybercrime • Credit card information and bank account credentials continue to be the top two advertised items by a large margin • Bulk rates for credit cards range from 10 cards for $17 to 1000 cards for $300 • Location affects credit card prices but not bank credentials The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 34
Threat Landscape - Spam Trends in spam: A decade of evolution and techniques INCREASED COMPLEXITY AND SOPHISTICATION IN GREATER VOLUMES Symantec MessageLabs Intelligence Reports 80% 2000 2011 The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 35
Threat Landscape - Botnets What are spam-sending botnets? • Approx. USD $15 for 10,000 bots Command & Control Botnet Controller The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 36
Threat Landscape - Botnets Where does most of the spam come from? BAGLE RUSTOCK 17.2% Spam 28.5% Spam 8.3bn/day 13.8bn/day LETHIC 4.1% Spam UK & USA: 1 in 200 2.0bn/day Spain: 1 in 100 Japan: 1 in 1000 India: 1 in 30 CUTWAIL Vietnam: 1 in 10 4.5% Spam 2.2bn/day FESTI GRUM 8.7% Spam 3.4% Spam 4.2bn/day 1.6bn/day Brazil: 1 in 20 The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 37
Threat Landscape - Innovations in Spam Automated translation: Maximizing potential impact • Automation: Non-English Spam Increasing • When it goes wrong, artifacts help the good guys! The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 38
Threat Landscape - Innovations in Spam Social networking: Shortcuts for spammers • Each shortened URL received an average of 44.2 visits • Approximately 93.5% of responses were received within 3 days of the spam sent • Approximately 2-3% of all email spam now contains a shortened URL The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 39
Threat Landscape - Innovations in Spam Social networking: Shortcuts for spammers The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 40
>PSYME Summary – What Can You Do? SYMANTEC VISION 2011 The Evolving Threat Landscape:41 Web, Spam
Common Issues and Solutions Found during Malware Investigations • Antivirus on endpoints is not enough • Review Security Software settings • Be aggressive on your updating and patching. • Implement a removable media policy. • Turn off Auto-run! • Update your security content frequently and rapidly. • Investigate and use different security solutions for servers. The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 42
Common Issues and Solutions Found during Malware Investigations (cont) • Restrict email attachments • Maintain an ongoing blacklist of malicious domains. • Ensure that you have infection and incident response procedures in place • Educate users on the changed threat landscape The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 43
Symantec Protection Model Defense in Depth File 17b053e6352ad233 85c59efcbac2490b Website/ Network Domain/ IP address Network File Reputation Behavioral  Network-based Protection  File-based Protection  Reputation-based Protection  Behavioral-based Protection Stops malware as it Looks for and Establishes information Looks at processes as travels over the network eradicates malware about entities e.g. they execute and uses and tries to take up that has already taken websites, files, IP malicious behaviors to residence on a system up residence on a addresses to be used in indicate the presence system effective security of malware  Protocol aware IPS  Antivirus Engine  Domain Reputation  SONAR  Browser Protection  Auto Protect  File Reputation  Behavioral Signatures  Malheur The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 44
Threat Activity Trends Attacks Blocked/Technology - Endpoint Protection 2009 33% 2010 50% AV Detections AV Detection IPS Dections IPS Detections The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 45
Summary Where to go next? symantec.com/threatreport symanteccloud.com/intelligence On the symantec.com and symanteccloud.com: • Email and web stats on homepage • Analysis on MessageLabs Intelligence site • Register to receive latest reports and information • Podcasts, Blog, YouTube, Facebook and Twitter… Podcasts SYMANTEC VISION 2011 46 The Evolving Threat Landscape: Web, Spam and Phishin 46
Thank you! John Harrison (john_harrison@symantec.com) Paul Wood (paul_wood@symantec.com) Copyright © 2011 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. The Evolving Threat Landscape: Web, Spam and Phishing Attacks 47

Recommended

Il Cloud a difesa della mail e del web
Il Cloud a difesa della mail e del webIl Cloud a difesa della mail e del web
Il Cloud a difesa della mail e del webSymantec Italia
 
Spam and Phishing Report - Marzo 2010
Spam and Phishing Report - Marzo 2010Spam and Phishing Report - Marzo 2010
Spam and Phishing Report - Marzo 2010Symantec Italia
 
גיא אילון Websense
גיא אילון Websenseגיא אילון Websense
גיא אילון Websenselihig
 
Is Information Security Worth It?
Is Information Security Worth It?Is Information Security Worth It?
Is Information Security Worth It?martin_lee1969
 
Mobile security hakin9_Revista
Mobile security hakin9_RevistaMobile security hakin9_Revista
Mobile security hakin9_Revistathe_ro0t
 
Hacking - how accessible is it?
Hacking - how accessible is it?Hacking - how accessible is it?
Hacking - how accessible is it?CPPGroup Plc
 
I.T Security Threats
I.T Security ThreatsI.T Security Threats
I.T Security ThreatsUmakant Mishra
 
Enhancing Cybersecurity Readiness Through International Cooperation
Enhancing Cybersecurity Readiness Through International CooperationEnhancing Cybersecurity Readiness Through International Cooperation
Enhancing Cybersecurity Readiness Through International CooperationPositive Hack Days
 

Recommended

Il Cloud a difesa della mail e del web
Il Cloud a difesa della mail e del webIl Cloud a difesa della mail e del web
Il Cloud a difesa della mail e del webSymantec Italia
 
Spam and Phishing Report - Marzo 2010
Spam and Phishing Report - Marzo 2010Spam and Phishing Report - Marzo 2010
Spam and Phishing Report - Marzo 2010Symantec Italia
 
גיא אילון Websense
גיא אילון Websenseגיא אילון Websense
גיא אילון Websenselihig
 
Is Information Security Worth It?
Is Information Security Worth It?Is Information Security Worth It?
Is Information Security Worth It?martin_lee1969
 
Mobile security hakin9_Revista
Mobile security hakin9_RevistaMobile security hakin9_Revista
Mobile security hakin9_Revistathe_ro0t
 
Hacking - how accessible is it?
Hacking - how accessible is it?Hacking - how accessible is it?
Hacking - how accessible is it?CPPGroup Plc
 
I.T Security Threats
I.T Security ThreatsI.T Security Threats
I.T Security ThreatsUmakant Mishra
 
Enhancing Cybersecurity Readiness Through International Cooperation
Enhancing Cybersecurity Readiness Through International CooperationEnhancing Cybersecurity Readiness Through International Cooperation
Enhancing Cybersecurity Readiness Through International CooperationPositive Hack Days
 
Symantec Website Security Threat Report
Symantec Website Security Threat ReportSymantec Website Security Threat Report
Symantec Website Security Threat Reportcheinyeanlim
 
Commercial Cyber Crime - Social Networks Malware
Commercial Cyber Crime - Social Networks MalwareCommercial Cyber Crime - Social Networks Malware
Commercial Cyber Crime - Social Networks MalwareAditya K Sood
 
We present Bugscout
We present BugscoutWe present Bugscout
We present BugscoutJorge Martínez Taboada
 
READ - Risk Exposure Awareness and Deflection - creating an organization-wide...
READ - Risk Exposure Awareness and Deflection - creating an organization-wide...READ - Risk Exposure Awareness and Deflection - creating an organization-wide...
READ - Risk Exposure Awareness and Deflection - creating an organization-wide...Global Risk Forum GRFDavos
 
Unmasking Anonymous: An Eyewitness Account of a Hacktivist Attack
Unmasking Anonymous: An Eyewitness Account of a Hacktivist AttackUnmasking Anonymous: An Eyewitness Account of a Hacktivist Attack
Unmasking Anonymous: An Eyewitness Account of a Hacktivist AttackImperva
 
Is the Web at Risk?
Is the Web at Risk?Is the Web at Risk?
Is the Web at Risk?Carlos Serrao
 
More than words, The changing face of reading | The advent of algorithmic & c...
More than words, The changing face of reading | The advent of algorithmic & c...More than words, The changing face of reading | The advent of algorithmic & c...
More than words, The changing face of reading | The advent of algorithmic & c...Thomas Wong
 
Emerging cyber threats_report2012
Emerging cyber threats_report2012Emerging cyber threats_report2012
Emerging cyber threats_report2012day4justice
 
Scansafe Annual Global Threat Report 2009
Scansafe Annual Global Threat Report 2009Scansafe Annual Global Threat Report 2009
Scansafe Annual Global Threat Report 2009Kim Jensen
 
Ghosts In The Machine Today's Invisible Threats Oct 2009
Ghosts In The Machine Today's Invisible Threats Oct 2009Ghosts In The Machine Today's Invisible Threats Oct 2009
Ghosts In The Machine Today's Invisible Threats Oct 2009Trend Micro
 
Finding Out More with Data Analytics and AWS
Finding Out More with Data Analytics and AWSFinding Out More with Data Analytics and AWS
Finding Out More with Data Analytics and AWSAmazon Web Services
 
Digital Introduction - AU Market
Digital Introduction - AU MarketDigital Introduction - AU Market
Digital Introduction - AU MarketDominique Hind
 
Word of mouth & the internet infographic from Google
Word of mouth & the internet infographic from GoogleWord of mouth & the internet infographic from Google
Word of mouth & the internet infographic from GoogleMitya Voskresensky
 
The internet and WWW
The internet and WWWThe internet and WWW
The internet and WWWBen Lee
 
Phishing Attacks
Phishing AttacksPhishing Attacks
Phishing AttacksJagan Mohan
 
Phishing: Swiming with the sharks
Phishing: Swiming with the sharksPhishing: Swiming with the sharks
Phishing: Swiming with the sharksNalneesh Gaur
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
 
Phishing ppt
Phishing pptPhishing ppt
Phishing pptSanjay Kumar
 
Phishing attacks ppt
Phishing attacks pptPhishing attacks ppt
Phishing attacks pptAryan Ragu
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N Gbensonoo
 
ISTR XV
ISTR XVISTR XV
ISTR XVSymantec
 
Attack Toolkits and Malicious Websites
Attack Toolkits and Malicious WebsitesAttack Toolkits and Malicious Websites
Attack Toolkits and Malicious WebsitesSymantec
 

More Related Content

What's hot

Symantec Website Security Threat Report
Symantec Website Security Threat ReportSymantec Website Security Threat Report
Symantec Website Security Threat Reportcheinyeanlim
 
Commercial Cyber Crime - Social Networks Malware
Commercial Cyber Crime - Social Networks MalwareCommercial Cyber Crime - Social Networks Malware
Commercial Cyber Crime - Social Networks MalwareAditya K Sood
 
READ - Risk Exposure Awareness and Deflection - creating an organization-wide...
READ - Risk Exposure Awareness and Deflection - creating an organization-wide...READ - Risk Exposure Awareness and Deflection - creating an organization-wide...
READ - Risk Exposure Awareness and Deflection - creating an organization-wide...Global Risk Forum GRFDavos
 
Unmasking Anonymous: An Eyewitness Account of a Hacktivist Attack
Unmasking Anonymous: An Eyewitness Account of a Hacktivist AttackUnmasking Anonymous: An Eyewitness Account of a Hacktivist Attack
Unmasking Anonymous: An Eyewitness Account of a Hacktivist AttackImperva
 
More than words, The changing face of reading | The advent of algorithmic & c...
More than words, The changing face of reading | The advent of algorithmic & c...More than words, The changing face of reading | The advent of algorithmic & c...
More than words, The changing face of reading | The advent of algorithmic & c...Thomas Wong
 
Emerging cyber threats_report2012
Emerging cyber threats_report2012Emerging cyber threats_report2012
Emerging cyber threats_report2012day4justice
 
Scansafe Annual Global Threat Report 2009
Scansafe Annual Global Threat Report 2009Scansafe Annual Global Threat Report 2009
Scansafe Annual Global Threat Report 2009Kim Jensen
 
Ghosts In The Machine Today's Invisible Threats Oct 2009
Ghosts In The Machine Today's Invisible Threats Oct 2009Ghosts In The Machine Today's Invisible Threats Oct 2009
Ghosts In The Machine Today's Invisible Threats Oct 2009Trend Micro
 
Finding Out More with Data Analytics and AWS
Finding Out More with Data Analytics and AWSFinding Out More with Data Analytics and AWS
Finding Out More with Data Analytics and AWSAmazon Web Services
 
Digital Introduction - AU Market
Digital Introduction - AU MarketDigital Introduction - AU Market
Digital Introduction - AU MarketDominique Hind
 
Word of mouth & the internet infographic from Google
Word of mouth & the internet infographic from GoogleWord of mouth & the internet infographic from Google
Word of mouth & the internet infographic from GoogleMitya Voskresensky
 
The internet and WWW
The internet and WWWThe internet and WWW
The internet and WWWBen Lee
 

What's hot (14)

Symantec Website Security Threat Report
Symantec Website Security Threat ReportSymantec Website Security Threat Report
Symantec Website Security Threat Report
 
Commercial Cyber Crime - Social Networks Malware
Commercial Cyber Crime - Social Networks MalwareCommercial Cyber Crime - Social Networks Malware
Commercial Cyber Crime - Social Networks Malware
 
We present Bugscout
We present BugscoutWe present Bugscout
We present Bugscout
 
READ - Risk Exposure Awareness and Deflection - creating an organization-wide...
READ - Risk Exposure Awareness and Deflection - creating an organization-wide...READ - Risk Exposure Awareness and Deflection - creating an organization-wide...
READ - Risk Exposure Awareness and Deflection - creating an organization-wide...
 
Unmasking Anonymous: An Eyewitness Account of a Hacktivist Attack
Unmasking Anonymous: An Eyewitness Account of a Hacktivist AttackUnmasking Anonymous: An Eyewitness Account of a Hacktivist Attack
Unmasking Anonymous: An Eyewitness Account of a Hacktivist Attack
 
Is the Web at Risk?
Is the Web at Risk?Is the Web at Risk?
Is the Web at Risk?
 
More than words, The changing face of reading | The advent of algorithmic & c...
More than words, The changing face of reading | The advent of algorithmic & c...More than words, The changing face of reading | The advent of algorithmic & c...
More than words, The changing face of reading | The advent of algorithmic & c...
 
Emerging cyber threats_report2012
Emerging cyber threats_report2012Emerging cyber threats_report2012
Emerging cyber threats_report2012
 
Scansafe Annual Global Threat Report 2009
Scansafe Annual Global Threat Report 2009Scansafe Annual Global Threat Report 2009
Scansafe Annual Global Threat Report 2009
 
Ghosts In The Machine Today's Invisible Threats Oct 2009
Ghosts In The Machine Today's Invisible Threats Oct 2009Ghosts In The Machine Today's Invisible Threats Oct 2009
Ghosts In The Machine Today's Invisible Threats Oct 2009
 
Finding Out More with Data Analytics and AWS
Finding Out More with Data Analytics and AWSFinding Out More with Data Analytics and AWS
Finding Out More with Data Analytics and AWS
 
Digital Introduction - AU Market
Digital Introduction - AU MarketDigital Introduction - AU Market
Digital Introduction - AU Market
 
Word of mouth & the internet infographic from Google
Word of mouth & the internet infographic from GoogleWord of mouth & the internet infographic from Google
Word of mouth & the internet infographic from Google
 
The internet and WWW
The internet and WWWThe internet and WWW
The internet and WWW
 

Viewers also liked

Phishing Attacks
Phishing AttacksPhishing Attacks
Phishing AttacksJagan Mohan
 
Phishing: Swiming with the sharks
Phishing: Swiming with the sharksPhishing: Swiming with the sharks
Phishing: Swiming with the sharksNalneesh Gaur
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
 
Phishing attacks ppt
Phishing attacks pptPhishing attacks ppt
Phishing attacks pptAryan Ragu
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N Gbensonoo
 

Viewers also liked (6)

Phishing Attacks
Phishing AttacksPhishing Attacks
Phishing Attacks
 
Phishing: Swiming with the sharks
Phishing: Swiming with the sharksPhishing: Swiming with the sharks
Phishing: Swiming with the sharks
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
 
Phishing attacks ppt
Phishing attacks pptPhishing attacks ppt
Phishing attacks ppt
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N G
 

Similar to Evolving Threat Landscape Web Spam Bot

Attack Toolkits and Malicious Websites
Attack Toolkits and Malicious WebsitesAttack Toolkits and Malicious Websites
Attack Toolkits and Malicious WebsitesSymantec
 
How to Stop Man in the Browser Attacks
How to Stop Man in the Browser AttacksHow to Stop Man in the Browser Attacks
How to Stop Man in the Browser AttacksImperva
 
Spiceworld 2011 - AppRiver breakout session
Spiceworld 2011 - AppRiver breakout sessionSpiceworld 2011 - AppRiver breakout session
Spiceworld 2011 - AppRiver breakout sessionShane Rice
 
Watch Guard Reputation Enabled Defense (White Paper)Dna
Watch Guard Reputation Enabled Defense (White Paper)DnaWatch Guard Reputation Enabled Defense (White Paper)Dna
Watch Guard Reputation Enabled Defense (White Paper)DnaSylCotter
 
20120208 Strategical approach to tacle cybercrime & the botnet threat
20120208 Strategical approach to tacle cybercrime & the botnet threat20120208 Strategical approach to tacle cybercrime & the botnet threat
20120208 Strategical approach to tacle cybercrime & the botnet threatLuc Beirens
 
Corona - Ph.D. Defense Slides
Corona - Ph.D. Defense SlidesCorona - Ph.D. Defense Slides
Corona - Ph.D. Defense SlidesPluribus One
 
Cloud computing security john abrena - chicago tour
Cloud computing security john abrena - chicago tourCloud computing security john abrena - chicago tour
Cloud computing security john abrena - chicago tourRamon Ray
 
Security Lifecycle Management Process
Security Lifecycle Management ProcessSecurity Lifecycle Management Process
Security Lifecycle Management ProcessBill Ross
 
Owasp e crime-london-2012-final
Owasp e crime-london-2012-finalOwasp e crime-london-2012-final
Owasp e crime-london-2012-finalMarco Morana
 
Paper: A Solution for the Automated Detection of Clickjacking Attacks
Paper: A Solution for the Automated Detection of Clickjacking AttacksPaper: A Solution for the Automated Detection of Clickjacking Attacks
Paper: A Solution for the Automated Detection of Clickjacking AttacksMarco Balduzzi
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Security
 
Metascan Multi-scanning Technology
Metascan Multi-scanning TechnologyMetascan Multi-scanning Technology
Metascan Multi-scanning TechnologyOPSWAT
 
PCTY 2012, Threat landscape and Security Intelligence v. Michael Andersson
PCTY 2012, Threat landscape and Security Intelligence v. Michael AnderssonPCTY 2012, Threat landscape and Security Intelligence v. Michael Andersson
PCTY 2012, Threat landscape and Security Intelligence v. Michael AnderssonIBM Danmark
 
Basics of Cyber Security
Basics of Cyber SecurityBasics of Cyber Security
Basics of Cyber SecurityNikunj Thakkar
 
PC Maker's Support Page Succumbs To Compromise
PC Maker's Support Page Succumbs To CompromisePC Maker's Support Page Succumbs To Compromise
PC Maker's Support Page Succumbs To CompromiseTrend Micro
 
Crack the Code
Crack the CodeCrack the Code
Crack the CodeInnoTech
 

Similar to Evolving Threat Landscape Web Spam Bot (20)

ISTR XV
ISTR XVISTR XV
ISTR XV
 
Attack Toolkits and Malicious Websites
Attack Toolkits and Malicious WebsitesAttack Toolkits and Malicious Websites
Attack Toolkits and Malicious Websites
 
How to Stop Man in the Browser Attacks
How to Stop Man in the Browser AttacksHow to Stop Man in the Browser Attacks
How to Stop Man in the Browser Attacks
 
Spiceworld 2011 - AppRiver breakout session
Spiceworld 2011 - AppRiver breakout sessionSpiceworld 2011 - AppRiver breakout session
Spiceworld 2011 - AppRiver breakout session
 
Watch Guard Reputation Enabled Defense (White Paper)Dna
Watch Guard Reputation Enabled Defense (White Paper)DnaWatch Guard Reputation Enabled Defense (White Paper)Dna
Watch Guard Reputation Enabled Defense (White Paper)Dna
 
20120208 Strategical approach to tacle cybercrime & the botnet threat
20120208 Strategical approach to tacle cybercrime & the botnet threat20120208 Strategical approach to tacle cybercrime & the botnet threat
20120208 Strategical approach to tacle cybercrime & the botnet threat
 
Apresentação Allen ES
Apresentação Allen ESApresentação Allen ES
Apresentação Allen ES
 
Corona - Ph.D. Defense Slides
Corona - Ph.D. Defense SlidesCorona - Ph.D. Defense Slides
Corona - Ph.D. Defense Slides
 
Cloud computing security john abrena - chicago tour
Cloud computing security john abrena - chicago tourCloud computing security john abrena - chicago tour
Cloud computing security john abrena - chicago tour
 
Security Lifecycle Management Process
Security Lifecycle Management ProcessSecurity Lifecycle Management Process
Security Lifecycle Management Process
 
Owasp e crime-london-2012-final
Owasp e crime-london-2012-finalOwasp e crime-london-2012-final
Owasp e crime-london-2012-final
 
Paper: A Solution for the Automated Detection of Clickjacking Attacks
Paper: A Solution for the Automated Detection of Clickjacking AttacksPaper: A Solution for the Automated Detection of Clickjacking Attacks
Paper: A Solution for the Automated Detection of Clickjacking Attacks
 
521 524
521 524521 524
521 524
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security Overview
 
Metascan Multi-scanning Technology
Metascan Multi-scanning TechnologyMetascan Multi-scanning Technology
Metascan Multi-scanning Technology
 
PCTY 2012, Threat landscape and Security Intelligence v. Michael Andersson
PCTY 2012, Threat landscape and Security Intelligence v. Michael AnderssonPCTY 2012, Threat landscape and Security Intelligence v. Michael Andersson
PCTY 2012, Threat landscape and Security Intelligence v. Michael Andersson
 
B&W Netsparker overview
B&W Netsparker overviewB&W Netsparker overview
B&W Netsparker overview
 
Basics of Cyber Security
Basics of Cyber SecurityBasics of Cyber Security
Basics of Cyber Security
 
PC Maker's Support Page Succumbs To Compromise
PC Maker's Support Page Succumbs To CompromisePC Maker's Support Page Succumbs To Compromise
PC Maker's Support Page Succumbs To Compromise
 
Crack the Code
Crack the CodeCrack the Code
Crack the Code
 

More from Symantec

Symantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec
 
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec
 
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec
 
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec
 
Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec
 
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec
 
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec
 

More from Symantec (20)

Symantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of Broadcom
 
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
 
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
 
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own IT
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security Webinar
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat Report
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat Report
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB Projects
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year On
 
Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front Lines
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
 
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
 
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
 

Recently uploaded

Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 

Recently uploaded (20)

Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 

Evolving Threat Landscape Web Spam Bot

  • 1. The Evolving Threat Landscape: Web, Spam and Phishing Attacks John Harrison, Group Product Manager, Security Technology and Response Paul Wood, Senior Analyst, Symantec .cloud The Evolving Threat Landscape: Web, Spam and Phishing Attacks 1
  • 2. Agenda Introduction Threat Landscape 2010 – Anatomy of a Web Attack Latest in Malware and Phishing Attacks Spam Innovations Summary - What Can You Do? The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 2
  • 3. >LOVEBUG Introduction The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 The Evolving Threat Landscape: 3 Web, Spam
  • 4. GloucesterAmsterdam Calgary Toronto London Frankfurt Denver New York Courbevoie Munich Cupertino Diegem Tokyo Mesa Tucson Virginia Osaka Oman Hong Kong Pune Singapore Office Network Operation Center South Africa Sydney Data Center • 32,000 businesses with 10 million users in 100 countries • 5 billion email connections per day on average in 2010 • 1 billion web connections per day • 15 data centers spanning 5 continents The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 4
  • 5. Global Intelligence Network Identifies more threats, takes action faster & prevents impact Calgary, Alberta Dublin, Ireland Tokyo, Japan San Francisco, CA Mountain View, CA Austin, TX Chengdu, China Culver City, CA Taipei, Taiwan Chennai, India Pune, India Worldwide Coverage Global Scope and Scale 24x7 Event Logging Rapid Detection Attack Activity Malware Intelligence Vulnerabilities Spam/Phishing • 240,000 sensors • 133M client, server, • 40,000+ vulnerabilities • 5M decoy accounts • 200+ countries gateways monitored • 14,000 vendors • 8B+ email messages/day • Global coverage • 105,000 technologies • 1B+ web requests/day Preemptive Security Alerts Information Protection Threat Triggered Actions The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 5
  • 6. >CUTWAIL Threat Landscape 2010 – Anatomy of a Web Attack The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 6
  • 7. Threat Landscape 2010 Trends  Targeted Attacks continued to evolve Social Networking  + social engineering = compromise Hide and Seek  (zero-day vulnerabilities and rootkits) Attack Kits  get a caffeine boost  Mobile Threats increase The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 7
  • 8. Anatomy of a Web Based Attack • Enterprise and Consumer users are infected today from Web based attacks: – Web Attack Toolkits -Drive-by downloads – Social Engineering Attacks  Website attacks user’s browser by targeting vulnerabilities  Hacker compromises legitimate Web site URL (drive-by-download) Legitimate  User isowned Web Site machine now User is infected using  Social Engineering techniques (fake AV/fake codec) The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011
  • 9. Threat Landscape  Social Networking + Social Engineering = Compromise More Info: Detailed review of Social Media threats available in The Risks of Social Networking • Hackers have adopted social networking – Use profile information to create targeted social engineering – Impersonate friends to launch attacks – Leverage news feeds to spread spam, scams and massive attacks The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 9
  • 10. Threat Landscape Social Networking leads to…. • An attacker’s goldmine to conduct; – Externalizing confidential / sensitive information, Personal/Professional Separation, Account Hijacking, Privacy Issues and Identify Theft, Harassment and Cyber-bullying, Information Obsolescence, Information Harvesting • Protection is often not effective until compromise or infection takes place • Exploits trust between friends. Viral by nature The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 10
  • 11. Facebook Likejacking Attacks = Like Hijacking Likejacking Attack: • Clicking ANYWHERE on the page results in “Liking” this page • It gets posted to all of your friends without you actually clicking on the LIKE button! • How does it work? An invisible Like button follows the mouse around Do you know what is happening?! The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 11
  • 12. Threat Landscape Social Engineering • Also called Scareware or Rogueware • Multitude of propagation methods • Most infections are from Intermediate files (e.g., Zlob, FakeAVAlert) rather than Misleading Applications • All components change quickly including domains and EXEs. Average domain life time < 4 hours. The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 12
  • 13. For more on Cybercrime, Social Networking Attacks and Stuxnet • The Threat Landscape in the Age of CyberCrime and Stuxnet • Wednesday from 5:00 – 6:00pm. SR B30, Kevin Haley The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 13
  • 14. Threat Landscape More Info:  Web Attack Toolkits Detailed information available in ISTR Mid- Term: Attack Toolkits and Malicious Websites The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 14
  • 15. Web Attack Toolkits are Easy to Configure The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 15
  • 16. Effectiveness of the Web Attack Toolkits The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 16
  • 17. Threat Landscape Web-based threats: Any website can infect you …just by browsing to it • In the past – you had to visit dangerous sites to get infected … but today they’re on legitimate sites attacking you • Exploits leverage software vulnerabilities without user interaction. • Which Web sites can infect you? Your favorite: – News, travel, online games, real estate, government, others • 37.0% of domains hosting web malware were new in March 2011 • 24.5% of web malware was new in March 2011 • In 2010, over 42,926 domains were used to host web malware Source: Symantec.cloud 87.5% of malicious websites blocked in 2010 were legitimate, but compromised The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 17
  • 18. Threat Landscape – Web-based Threats Attack kits lead to intensified threats • The number of daily Web-based attacks observed was 93% higher in 2010 than in 2009 • Spikes in activity related to specific activities and campaigns The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 18
  • 19. Malvertising • “Malicious Advertisement” • The main website isn’t infected – one of the advertisements is • Webpages pull content from ANYWHERE on the web • 1 out of 100, 1000 or 10,000 ads could be infected • Difficult to detect and reproduce * This is a fake website The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 19
  • 20. Threat Landscape  Vulnerabilities Attacked by Web Attack Toolkits • Java exploits added to many existing kits • Up to 25 different vulnerabilities can be exploited • 0-Day Vulnerabilities being targeted more aggressively More Info: Detailed information available in ISTR Mid- Term: Attack Toolkits and Malicious Websites The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 20
  • 21. Vulnerability Trends Web Browser Plug-In Vulnerabilities • The number of Flash and Reader vulnerabilities continued to grow. The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 21
  • 22. Demo of Web Attacks The Evolving Threat Landscape: Web, Spam and Phishing Attacks 22
  • 23. >PSYME Latest in Malware and Phishing Attacks SYMANTEC VISION 2011 The Evolving Threat Landscape:23 Web, Spam
  • 24. Threat Landscape - Convergence Evolving Threat landscape: From email and IM to web • Threats now span multiple protocols Spoofed Email with Fraudulent IM with Compromised Website Web Link Web Link Hosting Malware Comprehensive Protection Needed Across Email, Web, and IM The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 24
  • 25. Threat Landscape - Malware Greater pressure on traditional antivirus defenses In 2010 ~13,300 Signatures per day Or 1 every 6.5 seconds! In 2000 ~5 Signatures per day The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 25
  • 26. Threat Landscape - Malware Case Study: W32.Imsolk.B@mm (aka “Here you have”) • Many business users likely saw something like this in their inboxes on 9 September 2010 The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 26
  • 27. Case Study: W32.Imsolk.B@mm (aka “Here you have”) Window of vulnerability from non-targeted attacks The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 27
  • 28. Threat Landscape - Malware Targeted Attacks and Industrial Espionage • 1 or 2 per week in 2005 • 2 per day in 2006 • 10 per day in 2007 • 50+ per day in 2008 • 60+ per day in 2009 • 77 per day in 2010 The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 28
  • 29. Case Study: Targeted Attacks and Industrial Espionage Example of a Targeted Attack in March 2011 • Exploit CVE-2011-0609 The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 29
  • 30. Case Study: Targeted Attacks and Industrial Espionage CVE-2011-0609: One Client, One Day: One Hour, 55 Emails The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 30
  • 31. Case Study: Targeted Attacks and Industrial Espionage CVE-2011-0609: Anatomy of a Targeted Attack Shellcode drops embedded executable and runs it… SWF-1 decodes SWF-2 and provides heap-spray for shellcode SWF-2 SWF-2 exploits CVE- 2011-0609 The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 31
  • 32. Threat Landscape – Financial Fraud and Identity Theft Typical profile of a phishing attack Malicious URLs appear in emails designed to appear legitimate Spoofed or compromised website is used to capture account information or install malware The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 32
  • 33. Threat Landscape – Financial Fraud and Identity Theft Classification of organizations targeted by phishing • Banks were spoofed by 56% of phishing attacks in 2010 • Many email-based fraud attempts referred to major events in 2010 The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 33
  • 34. Threat Landscape – Financial Fraud and Identity Theft Underground economy: Impact on Cybercrime • Credit card information and bank account credentials continue to be the top two advertised items by a large margin • Bulk rates for credit cards range from 10 cards for $17 to 1000 cards for $300 • Location affects credit card prices but not bank credentials The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 34
  • 35. Threat Landscape - Spam Trends in spam: A decade of evolution and techniques INCREASED COMPLEXITY AND SOPHISTICATION IN GREATER VOLUMES Symantec MessageLabs Intelligence Reports 80% 2000 2011 The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 35
  • 36. Threat Landscape - Botnets What are spam-sending botnets? • Approx. USD $15 for 10,000 bots Command & Control Botnet Controller The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 36
  • 37. Threat Landscape - Botnets Where does most of the spam come from? BAGLE RUSTOCK 17.2% Spam 28.5% Spam 8.3bn/day 13.8bn/day LETHIC 4.1% Spam UK & USA: 1 in 200 2.0bn/day Spain: 1 in 100 Japan: 1 in 1000 India: 1 in 30 CUTWAIL Vietnam: 1 in 10 4.5% Spam 2.2bn/day FESTI GRUM 8.7% Spam 3.4% Spam 4.2bn/day 1.6bn/day Brazil: 1 in 20 The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 37
  • 38. Threat Landscape - Innovations in Spam Automated translation: Maximizing potential impact • Automation: Non-English Spam Increasing • When it goes wrong, artifacts help the good guys! The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 38
  • 39. Threat Landscape - Innovations in Spam Social networking: Shortcuts for spammers • Each shortened URL received an average of 44.2 visits • Approximately 93.5% of responses were received within 3 days of the spam sent • Approximately 2-3% of all email spam now contains a shortened URL The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 39
  • 40. Threat Landscape - Innovations in Spam Social networking: Shortcuts for spammers The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 40
  • 41. >PSYME Summary – What Can You Do? SYMANTEC VISION 2011 The Evolving Threat Landscape:41 Web, Spam
  • 42. Common Issues and Solutions Found during Malware Investigations • Antivirus on endpoints is not enough • Review Security Software settings • Be aggressive on your updating and patching. • Implement a removable media policy. • Turn off Auto-run! • Update your security content frequently and rapidly. • Investigate and use different security solutions for servers. The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 42
  • 43. Common Issues and Solutions Found during Malware Investigations (cont) • Restrict email attachments • Maintain an ongoing blacklist of malicious domains. • Ensure that you have infection and incident response procedures in place • Educate users on the changed threat landscape The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 43
  • 44. Symantec Protection Model Defense in Depth File 17b053e6352ad233 85c59efcbac2490b Website/ Network Domain/ IP address Network File Reputation Behavioral  Network-based Protection  File-based Protection  Reputation-based Protection  Behavioral-based Protection Stops malware as it Looks for and Establishes information Looks at processes as travels over the network eradicates malware about entities e.g. they execute and uses and tries to take up that has already taken websites, files, IP malicious behaviors to residence on a system up residence on a addresses to be used in indicate the presence system effective security of malware  Protocol aware IPS  Antivirus Engine  Domain Reputation  SONAR  Browser Protection  Auto Protect  File Reputation  Behavioral Signatures  Malheur The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 44
  • 45. Threat Activity Trends Attacks Blocked/Technology - Endpoint Protection 2009 33% 2010 50% AV Detections AV Detection IPS Dections IPS Detections The Evolving Threat Landscape: Web, Spam and Phishing Attacks SYMANTEC VISION 2011 45
  • 46. Summary Where to go next? symantec.com/threatreport symanteccloud.com/intelligence On the symantec.com and symanteccloud.com: • Email and web stats on homepage • Analysis on MessageLabs Intelligence site • Register to receive latest reports and information • Podcasts, Blog, YouTube, Facebook and Twitter… Podcasts SYMANTEC VISION 2011 46 The Evolving Threat Landscape: Web, Spam and Phishin 46
  • 47. Thank you! John Harrison (john_harrison@symantec.com) Paul Wood (paul_wood@symantec.com) Copyright © 2011 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. The Evolving Threat Landscape: Web, Spam and Phishing Attacks 47