SlideShare a Scribd company logo

Symantec Website Security Threats: February 2014 Update.

Download as PPTX, PDF
Symantec Website Security
Symantec Website Security

This document provides a summary of website security threats from February 2014. It discusses the following key points: - Malware tactics are evolving, with the return of the Redkit exploit toolkit and the emergence of fake browser update sites designed to trick users into downloading malware. - Mobile applications are still not as secure as they should be, with many banking apps found to be vulnerable to man-in-the-middle attacks and data leakage issues reported for other popular apps. - Social media continues to be exploited through scams on platforms like Snapchat, WhatsApp, and fake celebrity death notices. - Some good news includes the arrest of a notorious hacker, and more services like Yahoo enabling encryption

Technology
1 of 11
WEBSITE SECURITY THREATS: FEBRUARY 2014 UPDATE Thursday 13th February 2014 Andrew Horbury Andrew Shepherd Product Marketing Manager EMEA Marketing Manager andy_horbury@symantec.com andrew_shepherd@symantec.com Website Security Threats: February 2014 Update
Agenda 1 Month in Numbers 2 Malware tactics: Redkit, Fake Browsers 3 Mobile Applications 4 Social Media Scams 5 Stranger than fiction 6 Good news Website Security Threats: February 2014 Update
The month in numbers • 82% of enterprise Mac users not getting security updates • 16 million online accounts in Germany compromised • 20 million credit card details stolen in South Korea • UK government: “Half of UK people are not protecting themselves online” • Attackers steal personal details from 800,000 Orange customers • Eleven US high school students expelled for hacking teacher accounts, and augmenting their grades • Around 45 retailers affected by POS malware. Website Security Threats: February 2014 Update
Malware and toolkits – Redkit, Fake Browser, FedEx • After an absence of 18 months Redkit exploit toolkit returns after Blackhole’s author (Paunch’s) arrest • Phony FedEx: malicious email campaign that impersonates FedEx targets unsuspecting home and business users • Chrime or Chrome? Fake browser update sites aims to trick users into download malware posing as a browser update. Website Security Threats: February 2014 Update
Mobile Applications not quite as secure as you would hope • Issues with global banking apps – 4 in 10 banking apps, vulnerable to man in the middle attacks because they don’t validate server SSL certificates – 90 percent of analysed apps contain several unencrypted links which could potentially let an attacker intercept traffic and inject code to display fake login screens to the user. • Its not just the banks… – Starbucks have updated their app after data leakage reported Website Security Threats: February 2014 Update
Social Media Scams – RIP, SnapChat, WhatsApp • RIP Scams continue to work and work – The online list of alive ‘dead’ celebs continues to grow – Linking to malicious, apps, sites and phony surveys • SnapChat Spam – Spam uses sexually suggestive images and compromised short URLs • WhatsApp being used to spread malware – messages claim that WhatsApp for PC is available & that the recipient has 11 pending invitations from friends. Website Security Threats: February 2014 Update
Stranger than fiction • Thanks but no thanks! Teenager reported to the police for finding website vulnerability • Its that time again…. Academics discover the prefect time for cyber attacks • Who’s to blame for security problems? Surveys say….you, me them, us… EVERYONE Website Security Threats: February 2014 Update
Stranger than fiction part two Live from the security HQ at the Superbowl #oops Website Security Threats: February 2014 Update
Good News • The fridge comes back in from the cold…. – Spamming fridge is not quite what it seems • Guccifer the celebrity hating hacker arrested – Leaker of Downton Abbey and Sex and City scripts finally shut down • Yahoo defaults to AOSSL • Yahoo enables https encryption by default and more services being added all the time • Tumblr activated SSL this past week Website Security Threats: February 2014 Update
Link glossary • POS attacks http://bit.ly/1aTXsfe • Fake Browsers: – http://bit.ly/1eThlCQ – http://bit.ly/1iO7YVN • Redkit http://bit.ly/1dHcwYs • SnapChat http://bit.ly/LTYY5q • WhatsApp http://bit.ly/1gsYXze • Yahoo and SSL http://tnw.co/1bo9Ncc • Symantec Intelligence Report December 2013 http://bit.ly/1fYlxzb • Symantec IOT blog http://bit.ly/1hb4aAy • Rest In Peace Scams http://bit.ly/1ntvUOm • Slides available to download on SlideShare http://slidesha.re/1j2jxIi Website Security Threats: February 2014 Update
Next webinar: Thursday 13th March 2014 9.30am UK / 10.30am CET Thank you! Andrew Shepherd andrew_shepherd@symantec.com / +44 7912 552 896 Andrew Horbury andy_horbury@symantec.com / +44 7703 468 966 @andyhorbury Copyright © 2013 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Website Security Threats: February 2014 Update

Recommended

Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual Jay Nagar
 
Trojan and Virus,Trojan horse,virus,how to make and defend the virus
Trojan and Virus,Trojan horse,virus,how to make and defend the virusTrojan and Virus,Trojan horse,virus,how to make and defend the virus
Trojan and Virus,Trojan horse,virus,how to make and defend the virusABHAY PATHAK
 
Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018imc-isec-comp
 
Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018imc-isec-comp
 
Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018imc-isec-comp
 
Building a culture of security
Building a culture of securityBuilding a culture of security
Building a culture of securityCourion Corporation
 
security privacy,security,web,internet,prevention from hackers,the onion rout...
security privacy,security,web,internet,prevention from hackers,the onion rout...security privacy,security,web,internet,prevention from hackers,the onion rout...
security privacy,security,web,internet,prevention from hackers,the onion rout...ABHAY PATHAK
 
Cake - An Ethereum Powered Social Network Aggregator
Cake - An Ethereum Powered Social Network AggregatorCake - An Ethereum Powered Social Network Aggregator
Cake - An Ethereum Powered Social Network Aggregatoraatkin1971
 

Recommended

Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual Jay Nagar
 
Trojan and Virus,Trojan horse,virus,how to make and defend the virus
Trojan and Virus,Trojan horse,virus,how to make and defend the virusTrojan and Virus,Trojan horse,virus,how to make and defend the virus
Trojan and Virus,Trojan horse,virus,how to make and defend the virusABHAY PATHAK
 
Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018imc-isec-comp
 
Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018imc-isec-comp
 
Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018imc-isec-comp
 
Building a culture of security
Building a culture of securityBuilding a culture of security
Building a culture of securityCourion Corporation
 
security privacy,security,web,internet,prevention from hackers,the onion rout...
security privacy,security,web,internet,prevention from hackers,the onion rout...security privacy,security,web,internet,prevention from hackers,the onion rout...
security privacy,security,web,internet,prevention from hackers,the onion rout...ABHAY PATHAK
 
Cake - An Ethereum Powered Social Network Aggregator
Cake - An Ethereum Powered Social Network AggregatorCake - An Ethereum Powered Social Network Aggregator
Cake - An Ethereum Powered Social Network Aggregatoraatkin1971
 
Real Business Threats!
Real Business Threats!Real Business Threats!
Real Business Threats!Rochester Security Summit
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness TrainingDmitriy Scherbina
 
Dos and Don'ts of Internet Security
Dos and Don'ts of Internet SecurityDos and Don'ts of Internet Security
Dos and Don'ts of Internet SecurityQuick Heal Technologies Ltd.
 
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!EMBplc.com
 
Cyber security-awareness-for-social-media-users - Devsena Mishra
Cyber security-awareness-for-social-media-users - Devsena MishraCyber security-awareness-for-social-media-users - Devsena Mishra
Cyber security-awareness-for-social-media-users - Devsena MishraDevsena Mishra
 
Notes to The Ten Commandments of Online Security and Privacy
Notes to The Ten Commandments of Online Security and PrivacyNotes to The Ten Commandments of Online Security and Privacy
Notes to The Ten Commandments of Online Security and PrivacyJonathan Bacon
 
Can your company survive a modern day cyber attack?
Can your company survive a modern day cyber attack?Can your company survive a modern day cyber attack?
Can your company survive a modern day cyber attack?Symptai Consulting Limited
 
Ten Important Rules
Ten Important RulesTen Important Rules
Ten Important Rulesritz482
 
Computer Security
Computer SecurityComputer Security
Computer Securitysecrettub
 
Online Safety -- Securing your space as a Netizen
Online Safety -- Securing your space as a NetizenOnline Safety -- Securing your space as a Netizen
Online Safety -- Securing your space as a NetizenKofi Kafui Kornu
 
Viruses
VirusesViruses
VirusesRedentine Cini
 
14 tips to increase cybersecurity awareness
14 tips to increase cybersecurity awareness14 tips to increase cybersecurity awareness
14 tips to increase cybersecurity awarenessMichel Bitter
 
Security At Home
Security At HomeSecurity At Home
Security At HomeAngela Samuels
 
Safe Computing
Safe ComputingSafe Computing
Safe ComputingDr. Dheeraj Mehrotra (National Awardee)
 
Computing and ethics
Computing and ethicsComputing and ethics
Computing and ethicsNikki Shree
 
Internet security
Internet securityInternet security
Internet securityat1211
 
Securitytips
SecuritytipsSecuritytips
SecuritytipsSantosh Khadsare
 
Online Netiquette
Online NetiquetteOnline Netiquette
Online NetiquetteZoro18
 
Cybersecurity Awareness
Cybersecurity AwarenessCybersecurity Awareness
Cybersecurity AwarenessJoshuaWisniewski3
 
Renfrow Internet Safety
Renfrow Internet SafetyRenfrow Internet Safety
Renfrow Internet Safetymrenfrow
 
Symantec Website Security Threats: March 2014 update.
Symantec Website Security Threats: March 2014 update.Symantec Website Security Threats: March 2014 update.
Symantec Website Security Threats: March 2014 update.Symantec Website Security
 
Website Security Threats - January 2014 Update
Website Security Threats - January 2014 Update Website Security Threats - January 2014 Update
Website Security Threats - January 2014 Update Symantec Website Security
 

More Related Content

What's hot

101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!EMBplc.com
 
Cyber security-awareness-for-social-media-users - Devsena Mishra
Cyber security-awareness-for-social-media-users - Devsena MishraCyber security-awareness-for-social-media-users - Devsena Mishra
Cyber security-awareness-for-social-media-users - Devsena MishraDevsena Mishra
 
Notes to The Ten Commandments of Online Security and Privacy
Notes to The Ten Commandments of Online Security and PrivacyNotes to The Ten Commandments of Online Security and Privacy
Notes to The Ten Commandments of Online Security and PrivacyJonathan Bacon
 
Can your company survive a modern day cyber attack?
Can your company survive a modern day cyber attack?Can your company survive a modern day cyber attack?
Can your company survive a modern day cyber attack?Symptai Consulting Limited
 
Ten Important Rules
Ten Important RulesTen Important Rules
Ten Important Rulesritz482
 
Computer Security
Computer SecurityComputer Security
Computer Securitysecrettub
 
Online Safety -- Securing your space as a Netizen
Online Safety -- Securing your space as a NetizenOnline Safety -- Securing your space as a Netizen
Online Safety -- Securing your space as a NetizenKofi Kafui Kornu
 
14 tips to increase cybersecurity awareness
14 tips to increase cybersecurity awareness14 tips to increase cybersecurity awareness
14 tips to increase cybersecurity awarenessMichel Bitter
 
Computing and ethics
Computing and ethicsComputing and ethics
Computing and ethicsNikki Shree
 
Internet security
Internet securityInternet security
Internet securityat1211
 
Online Netiquette
Online NetiquetteOnline Netiquette
Online NetiquetteZoro18
 
Renfrow Internet Safety
Renfrow Internet SafetyRenfrow Internet Safety
Renfrow Internet Safetymrenfrow
 

What's hot (20)

Real Business Threats!
Real Business Threats!Real Business Threats!
Real Business Threats!
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
 
Dos and Don'ts of Internet Security
Dos and Don'ts of Internet SecurityDos and Don'ts of Internet Security
Dos and Don'ts of Internet Security
 
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
 
Cyber security-awareness-for-social-media-users - Devsena Mishra
Cyber security-awareness-for-social-media-users - Devsena MishraCyber security-awareness-for-social-media-users - Devsena Mishra
Cyber security-awareness-for-social-media-users - Devsena Mishra
 
Notes to The Ten Commandments of Online Security and Privacy
Notes to The Ten Commandments of Online Security and PrivacyNotes to The Ten Commandments of Online Security and Privacy
Notes to The Ten Commandments of Online Security and Privacy
 
Can your company survive a modern day cyber attack?
Can your company survive a modern day cyber attack?Can your company survive a modern day cyber attack?
Can your company survive a modern day cyber attack?
 
Ten Important Rules
Ten Important RulesTen Important Rules
Ten Important Rules
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
Online Safety -- Securing your space as a Netizen
Online Safety -- Securing your space as a NetizenOnline Safety -- Securing your space as a Netizen
Online Safety -- Securing your space as a Netizen
 
Viruses
VirusesViruses
Viruses
 
14 tips to increase cybersecurity awareness
14 tips to increase cybersecurity awareness14 tips to increase cybersecurity awareness
14 tips to increase cybersecurity awareness
 
Security At Home
Security At HomeSecurity At Home
Security At Home
 
Safe Computing
Safe ComputingSafe Computing
Safe Computing
 
Computing and ethics
Computing and ethicsComputing and ethics
Computing and ethics
 
Internet security
Internet securityInternet security
Internet security
 
Securitytips
SecuritytipsSecuritytips
Securitytips
 
Online Netiquette
Online NetiquetteOnline Netiquette
Online Netiquette
 
Cybersecurity Awareness
Cybersecurity AwarenessCybersecurity Awareness
Cybersecurity Awareness
 
Renfrow Internet Safety
Renfrow Internet SafetyRenfrow Internet Safety
Renfrow Internet Safety
 

Similar to Symantec Website Security Threats: February 2014 Update.

Symantec Website Security Threats: March 2014 update.
Symantec Website Security Threats: March 2014 update.Symantec Website Security Threats: March 2014 update.
Symantec Website Security Threats: March 2014 update.Symantec Website Security
 
Website Security Threats - January 2014 Update
Website Security Threats - January 2014 Update Website Security Threats - January 2014 Update
Website Security Threats - January 2014 Update Symantec Website Security
 
Symantec Website Threat Report Part-1 2015
Symantec Website Threat Report Part-1 2015Symantec Website Threat Report Part-1 2015
Symantec Website Threat Report Part-1 2015RapidSSLOnline.com
 
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat Report
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat ReportTECHNICAL WHITE PAPER▶ Symantec Website Security Threat Report
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat ReportSymantec
 
Cybersecurity-Awareness-Presentation-17-May-22.pptx
Cybersecurity-Awareness-Presentation-17-May-22.pptxCybersecurity-Awareness-Presentation-17-May-22.pptx
Cybersecurity-Awareness-Presentation-17-May-22.pptxRahulDasari12
 
Cybersecurity-Awareness-Presentation-17-May-22 (1).pptx
Cybersecurity-Awareness-Presentation-17-May-22 (1).pptxCybersecurity-Awareness-Presentation-17-May-22 (1).pptx
Cybersecurity-Awareness-Presentation-17-May-22 (1).pptxSanjaiJinSanjaiJin
 
Most notable apt_ attacks_of_2015_and_2016 predictions
Most notable apt_ attacks_of_2015_and_2016 predictionsMost notable apt_ attacks_of_2015_and_2016 predictions
Most notable apt_ attacks_of_2015_and_2016 predictionsCyphort
 
Preventing Cybercrime in Libraries
Preventing Cybercrime in LibrariesPreventing Cybercrime in Libraries
Preventing Cybercrime in LibrariesMary Rayme
 
2014: The Year of the Data Breach
2014: The Year of the Data Breach2014: The Year of the Data Breach
2014: The Year of the Data BreachSkyhigh Networks
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
 
Online Safety, Security, Ethics and Netiquette.pptx
Online Safety, Security, Ethics and Netiquette.pptxOnline Safety, Security, Ethics and Netiquette.pptx
Online Safety, Security, Ethics and Netiquette.pptxBobby Dait
 
Ransomware and email security ver - 1.3
Ransomware and email security ver - 1.3Ransomware and email security ver - 1.3
Ransomware and email security ver - 1.3Denise Bailey
 
Business under cyberassault
Business under cyberassaultBusiness under cyberassault
Business under cyberassaultMohammad Husain
 
What You Can Do to Keep Your Email, Bank Accounts and Business Safe from Cybe...
What You Can Do to Keep Your Email, Bank Accounts and Business Safe from Cybe...What You Can Do to Keep Your Email, Bank Accounts and Business Safe from Cybe...
What You Can Do to Keep Your Email, Bank Accounts and Business Safe from Cybe...nexxtep
 
Passwords are passé. WebAuthn is simpler, stronger and ready to go
Passwords are passé. WebAuthn is simpler, stronger and ready to goPasswords are passé. WebAuthn is simpler, stronger and ready to go
Passwords are passé. WebAuthn is simpler, stronger and ready to goMichael Furman
 
18-mobile-malware.pptx
18-mobile-malware.pptx18-mobile-malware.pptx
18-mobile-malware.pptxsundar110567
 
A Comedy of Errors in Web Application Security
A Comedy of Errors in Web Application SecurityA Comedy of Errors in Web Application Security
A Comedy of Errors in Web Application SecurityRob Dudley
 

Similar to Symantec Website Security Threats: February 2014 Update. (20)

Symantec Website Security Threats: March 2014 update.
Symantec Website Security Threats: March 2014 update.Symantec Website Security Threats: March 2014 update.
Symantec Website Security Threats: March 2014 update.
 
Website Security Threats - January 2014 Update
Website Security Threats - January 2014 Update Website Security Threats - January 2014 Update
Website Security Threats - January 2014 Update
 
Symantec Website Threat Report Part-1 2015
Symantec Website Threat Report Part-1 2015Symantec Website Threat Report Part-1 2015
Symantec Website Threat Report Part-1 2015
 
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat Report
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat ReportTECHNICAL WHITE PAPER▶ Symantec Website Security Threat Report
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat Report
 
Cybersecurity-Awareness-Presentation-17-May-22.pptx
Cybersecurity-Awareness-Presentation-17-May-22.pptxCybersecurity-Awareness-Presentation-17-May-22.pptx
Cybersecurity-Awareness-Presentation-17-May-22.pptx
 
Cybersecurity-Awareness-Presentation-17-May-22 (1).pptx
Cybersecurity-Awareness-Presentation-17-May-22 (1).pptxCybersecurity-Awareness-Presentation-17-May-22 (1).pptx
Cybersecurity-Awareness-Presentation-17-May-22 (1).pptx
 
Most notable apt_ attacks_of_2015_and_2016 predictions
Most notable apt_ attacks_of_2015_and_2016 predictionsMost notable apt_ attacks_of_2015_and_2016 predictions
Most notable apt_ attacks_of_2015_and_2016 predictions
 
Preventing Cybercrime in Libraries
Preventing Cybercrime in LibrariesPreventing Cybercrime in Libraries
Preventing Cybercrime in Libraries
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
2014: The Year of the Data Breach
2014: The Year of the Data Breach2014: The Year of the Data Breach
2014: The Year of the Data Breach
 
Cyber Security Predictions 2016
Cyber Security Predictions 2016Cyber Security Predictions 2016
Cyber Security Predictions 2016
 
Pubcon Vegas Session - WordPress Site Security Audits
Pubcon Vegas Session - WordPress Site Security AuditsPubcon Vegas Session - WordPress Site Security Audits
Pubcon Vegas Session - WordPress Site Security Audits
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
 
Online Safety, Security, Ethics and Netiquette.pptx
Online Safety, Security, Ethics and Netiquette.pptxOnline Safety, Security, Ethics and Netiquette.pptx
Online Safety, Security, Ethics and Netiquette.pptx
 
Ransomware and email security ver - 1.3
Ransomware and email security ver - 1.3Ransomware and email security ver - 1.3
Ransomware and email security ver - 1.3
 
Business under cyberassault
Business under cyberassaultBusiness under cyberassault
Business under cyberassault
 
What You Can Do to Keep Your Email, Bank Accounts and Business Safe from Cybe...
What You Can Do to Keep Your Email, Bank Accounts and Business Safe from Cybe...What You Can Do to Keep Your Email, Bank Accounts and Business Safe from Cybe...
What You Can Do to Keep Your Email, Bank Accounts and Business Safe from Cybe...
 
Passwords are passé. WebAuthn is simpler, stronger and ready to go
Passwords are passé. WebAuthn is simpler, stronger and ready to goPasswords are passé. WebAuthn is simpler, stronger and ready to go
Passwords are passé. WebAuthn is simpler, stronger and ready to go
 
18-mobile-malware.pptx
18-mobile-malware.pptx18-mobile-malware.pptx
18-mobile-malware.pptx
 
A Comedy of Errors in Web Application Security
A Comedy of Errors in Web Application SecurityA Comedy of Errors in Web Application Security
A Comedy of Errors in Web Application Security
 

More from Symantec Website Security

Сертификаты подписания кода Symantec
Сертификаты подписания кода SymantecСертификаты подписания кода Symantec
Сертификаты подписания кода SymantecSymantec Website Security
 
Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...
Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...
Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...Symantec Website Security
 
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...Symantec Website Security
 
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarli
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarliGuida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarli
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarliSymantec Website Security
 
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clientsGuía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clientsSymantec Website Security
 
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clientsGuía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clientsSymantec Website Security
 
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...Symantec Website Security
 
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“Symantec Website Security
 
Symantec: The rise of hacktivism and insider threats
Symantec: The rise of hacktivism and insider threatsSymantec: The rise of hacktivism and insider threats
Symantec: The rise of hacktivism and insider threatsSymantec Website Security
 
Maine, turvallisuus, luotettavuus... verkkokaupan valuutta
Maine, turvallisuus, luotettavuus... verkkokaupan valuuttaMaine, turvallisuus, luotettavuus... verkkokaupan valuutta
Maine, turvallisuus, luotettavuus... verkkokaupan valuuttaSymantec Website Security
 

More from Symantec Website Security (20)

Symantec Code Sign (NAM)
Symantec Code Sign (NAM)Symantec Code Sign (NAM)
Symantec Code Sign (NAM)
 
Symantec Code Signing (SE)
Symantec Code Signing (SE)Symantec Code Signing (SE)
Symantec Code Signing (SE)
 
Сертификаты подписания кода Symantec
Сертификаты подписания кода SymantecСертификаты подписания кода Symantec
Сертификаты подписания кода Symantec
 
Symantec Code Signing (IT)
Symantec Code Signing (IT)Symantec Code Signing (IT)
Symantec Code Signing (IT)
 
Symantec Code Signing (FR)
Symantec Code Signing (FR)Symantec Code Signing (FR)
Symantec Code Signing (FR)
 
Code signing de Symantec (ES)
Code signing de Symantec (ES)Code signing de Symantec (ES)
Code signing de Symantec (ES)
 
Symantec Code Signing (DE)
Symantec Code Signing (DE)Symantec Code Signing (DE)
Symantec Code Signing (DE)
 
Symantec Code Signing (CH)
Symantec Code Signing (CH)Symantec Code Signing (CH)
Symantec Code Signing (CH)
 
Symantec Code Signing (UK)
Symantec Code Signing (UK)Symantec Code Signing (UK)
Symantec Code Signing (UK)
 
Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...
Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...
Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...
 
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
 
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarli
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarliGuida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarli
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarli
 
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clientsGuía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
 
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clientsGuía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
 
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
 
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“
 
Symantec: The rise of hacktivism and insider threats
Symantec: The rise of hacktivism and insider threatsSymantec: The rise of hacktivism and insider threats
Symantec: The rise of hacktivism and insider threats
 
Symantec SSL Explained
Symantec SSL ExplainedSymantec SSL Explained
Symantec SSL Explained
 
Cybercrime - Attack of the Cyber Spies
Cybercrime - Attack of the Cyber SpiesCybercrime - Attack of the Cyber Spies
Cybercrime - Attack of the Cyber Spies
 
Maine, turvallisuus, luotettavuus... verkkokaupan valuutta
Maine, turvallisuus, luotettavuus... verkkokaupan valuuttaMaine, turvallisuus, luotettavuus... verkkokaupan valuutta
Maine, turvallisuus, luotettavuus... verkkokaupan valuutta
 

Recently uploaded

Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 

Recently uploaded (20)

Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 

Symantec Website Security Threats: February 2014 Update.

  • 1. WEBSITE SECURITY THREATS: FEBRUARY 2014 UPDATE Thursday 13th February 2014 Andrew Horbury Andrew Shepherd Product Marketing Manager EMEA Marketing Manager andy_horbury@symantec.com andrew_shepherd@symantec.com Website Security Threats: February 2014 Update
  • 2. Agenda 1 Month in Numbers 2 Malware tactics: Redkit, Fake Browsers 3 Mobile Applications 4 Social Media Scams 5 Stranger than fiction 6 Good news Website Security Threats: February 2014 Update
  • 3. The month in numbers • 82% of enterprise Mac users not getting security updates • 16 million online accounts in Germany compromised • 20 million credit card details stolen in South Korea • UK government: “Half of UK people are not protecting themselves online” • Attackers steal personal details from 800,000 Orange customers • Eleven US high school students expelled for hacking teacher accounts, and augmenting their grades • Around 45 retailers affected by POS malware. Website Security Threats: February 2014 Update
  • 4. Malware and toolkits – Redkit, Fake Browser, FedEx • After an absence of 18 months Redkit exploit toolkit returns after Blackhole’s author (Paunch’s) arrest • Phony FedEx: malicious email campaign that impersonates FedEx targets unsuspecting home and business users • Chrime or Chrome? Fake browser update sites aims to trick users into download malware posing as a browser update. Website Security Threats: February 2014 Update
  • 5. Mobile Applications not quite as secure as you would hope • Issues with global banking apps – 4 in 10 banking apps, vulnerable to man in the middle attacks because they don’t validate server SSL certificates – 90 percent of analysed apps contain several unencrypted links which could potentially let an attacker intercept traffic and inject code to display fake login screens to the user. • Its not just the banks… – Starbucks have updated their app after data leakage reported Website Security Threats: February 2014 Update
  • 6. Social Media Scams – RIP, SnapChat, WhatsApp • RIP Scams continue to work and work – The online list of alive ‘dead’ celebs continues to grow – Linking to malicious, apps, sites and phony surveys • SnapChat Spam – Spam uses sexually suggestive images and compromised short URLs • WhatsApp being used to spread malware – messages claim that WhatsApp for PC is available & that the recipient has 11 pending invitations from friends. Website Security Threats: February 2014 Update
  • 7. Stranger than fiction • Thanks but no thanks! Teenager reported to the police for finding website vulnerability • Its that time again…. Academics discover the prefect time for cyber attacks • Who’s to blame for security problems? Surveys say….you, me them, us… EVERYONE Website Security Threats: February 2014 Update
  • 8. Stranger than fiction part two Live from the security HQ at the Superbowl #oops Website Security Threats: February 2014 Update
  • 9. Good News • The fridge comes back in from the cold…. – Spamming fridge is not quite what it seems • Guccifer the celebrity hating hacker arrested – Leaker of Downton Abbey and Sex and City scripts finally shut down • Yahoo defaults to AOSSL • Yahoo enables https encryption by default and more services being added all the time • Tumblr activated SSL this past week Website Security Threats: February 2014 Update
  • 10. Link glossary • POS attacks http://bit.ly/1aTXsfe • Fake Browsers: – http://bit.ly/1eThlCQ – http://bit.ly/1iO7YVN • Redkit http://bit.ly/1dHcwYs • SnapChat http://bit.ly/LTYY5q • WhatsApp http://bit.ly/1gsYXze • Yahoo and SSL http://tnw.co/1bo9Ncc • Symantec Intelligence Report December 2013 http://bit.ly/1fYlxzb • Symantec IOT blog http://bit.ly/1hb4aAy • Rest In Peace Scams http://bit.ly/1ntvUOm • Slides available to download on SlideShare http://slidesha.re/1j2jxIi Website Security Threats: February 2014 Update
  • 11. Next webinar: Thursday 13th March 2014 9.30am UK / 10.30am CET Thank you! Andrew Shepherd andrew_shepherd@symantec.com / +44 7912 552 896 Andrew Horbury andy_horbury@symantec.com / +44 7703 468 966 @andyhorbury Copyright © 2013 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Website Security Threats: February 2014 Update