SlideShare a Scribd company logo

WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid - 20160602

Download as PPTX, PDF
Orbid
Orbid

Cybercriminelen werken steeds gerichter en focussen zich niet meer alleen op de multinationals van deze wereld. Ook uw onderneming kan het doelwit zijn van dataverlies en -diefstal. IT-security klimt dan ook steeds hoger op de prioriteitenlijst van CEO’s en CIO’s. En terecht. Om bedrijven te informeren over de belangrijkste veiligheidsrisico’s en beschermingsmaatregelen organiseerden Orbid, Proximus, Veeam en WatchGuard een gratis lunch & learn: “Cybercrime en de continuïteit van uw onderneming” op 2 juni in de opnamestudio's van RTV in Westerlo.

Internet
1 of 27
Cryptolocker & het gevecht tegen IT’s grootste nieuwe vijand Martijn Nielen Sr. Sales Engineer WatchGuard
Houston, we have a problem! • « My antivirus and IPS are updated but I got infected anyway »
First reason: « Zero Day » • The vulnerabilty is still unkown • Or the fix is still not available
Second reason: Technology changes, including hackers… • “Antivirus is Dead” Brian Dye Senior VP of Symantec
*Malwise - An Effective and Efficient Classification System for Packed and Polymorphic Malware, Deakin University, Victoria, June 2013 Nearly 88% of malware morphs to evade signature-based antivirus solutions* Antivirus can’t keep up
AV Vendor Review 7 http://labs.lastline.com/lastline-labs-av-isnt-dead-it-just-cant-keep-up • Average of 2 days for at least one AV scanner to detect what was not detected on day 0 • Detection rates increase to 61% after two weeks • After a year 10% of scanners still do not detect some malware • The 1-perecentile of malware least likely to be detected was undetected by a majority of AV scanners for Months • In some cases the malware was never detected
Advanced Persistent Threat (APT) • Nation-State techniques now used for financial gain • Antivirus can’t keep up. New malware has been created as a variant of existing malware to avoid detection by classic techniques 8
9 Evolution of APTs Today, normal criminal malware exploits the same advanced tactics as nation-state APTs. Every organization is at risk of advanced threats! Zeus copies Stuxnet 0day Criminals use 0day malware (Cryptolocker) Zeus uses stolen certificates Criminal spear phishing Criminal watering hole attacks
10 « Cryptolockers » APT or not APT…
11
13
Simple Threats OpportunisticAttacks APT Solutions Antivirus Solutions TargetedAttacks Packing Sophisticated Threats Plain Virus Poly- morphic C&C Fluxing Persistent Threats Evasive Threats Malware (r)evolution
AV OS / ApplicationSandBox Malware And Virus Detection Zero Day Threat Curve
Sandbox OS – XP /Win 7 Hypervisor Server Process Emulation XP /Win 7 Functions XP /Win 7 Functions XP /Win 7 Functions XP /Win 7 Functions CPU Memory Server System Emulation OS – XP /Win 7 CPU / Memory Server High Fidelity Low Visibility Low Fidelity High Visibility High Fidelity High Visibility Advanced Malware Analysis 1st 2nd 3rd
APT Blocker with Code Emulation • Evasion detection is critical 17
Stalling Looping Malware? Exploit Key logger C&C Network Traffic Inaction • Malware Checks the Environment • Multi-Path execution • Next step based on results • Stalling / Looping • Wait long enough for analysis to time out Malware Checks the Environment Stalling / Looping Multi-Path execution Wait long enough for analysis to time out Next step based on results Dynamic evasions
AntiVirus URL Filtering AntiSpam IPS App Control Data Loss Prevention APT Platform WatchGuard Management WatchGuard Best of Breed Defense in Depth
Lastline recommended by NSS: 2015 BDS Security Value Map 23
Unified Threat Management Platform Security Eco System 24 Default Threat Protection Proxy – Web, Email, FTP Application Control / IPS Webblocker / RED / SpamBlocker AV - Malware APTBlocker
25 APT Blocker: Configuration
APTBlocker Local Cache Remote “Cache” File inspection APT Blocker
Did you get Locky ? http://watchguardsecuritycenter.com Once I verified that many of our UTM’s security services could detect Locky, I ran through one last test… I personally tried to download the malicious file “Rechnung-263-0779.xls” from my webmail. I’ve configured my WatchGuard Firebox with HTTPS Deep Inspection. This feature allows WatchGuard’s security services, such as GAV and Intrusion Prevention Service (IPS), to run security scans even on encrypted web traffic, like the webmail I was using to download this ransomware. Despite the encrypted webmail connection, our Firebox detected and blocked the Locky invoice file with the GAV service. It was unable to reach my workstation. As you can see, WatchGuard XTM and Firebox appliances have several features that can help prevent ransomware like Locky. However, these protections only work if you turn them on and configure them properly. If you want to keep Locky off your network , I highly recommend you read the Knowledgebase Article “How to prevent ransomware and other malicious malware with your Firebox” — Jonas Spieckermann You need to enable HTTPS DPI on your Firebox! 34
An APT solution should • not be dependent on (AV) signatures • not depend on traditional sandbox technology • detect evasions • take prompt actions in real-time 35
36 Advanced Malware in Security Dashboard Visibility in WatchGuard Dimension
True APT’s – even obvious from the Dutch file-names • Advanced: trigger interest • Targeted e.g. containing the name of the organization • Threats: True APT’s • Watering holes – “Eucharistieviering”, Dutch • Chain-of-Trust: by using ‘religious activities’ and social engineering based factors • Non-profit organizations targeted 38
40
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid - 20160602

Recommended

How to Rapidly Identify Assets at Risk to WannaCry Ransomware
How to Rapidly Identify Assets at Risk to WannaCry RansomwareHow to Rapidly Identify Assets at Risk to WannaCry Ransomware
How to Rapidly Identify Assets at Risk to WannaCry RansomwareQualys
 
How to protect your business from Wannacry Ransomware
How to protect your business from Wannacry RansomwareHow to protect your business from Wannacry Ransomware
How to protect your business from Wannacry RansomwareKaspersky
 
What you need to know about ExPetr ransomware
What you need to know about ExPetr ransomwareWhat you need to know about ExPetr ransomware
What you need to know about ExPetr ransomwareKaspersky
 
Te chnical presentation networkexploits and security
Te chnical presentation networkexploits and securityTe chnical presentation networkexploits and security
Te chnical presentation networkexploits and securityKartik Rao
 
Threat predictions 2011
Threat predictions 2011 Threat predictions 2011
Threat predictions 2011 Trend Micro
 
Cyber kill chain
Cyber kill chainCyber kill chain
Cyber kill chainAnkita Ganguly
 
Palestra Filipi Pires - Ransomware – Existe proteção para isso?
Palestra Filipi Pires - Ransomware – Existe proteção para isso?Palestra Filipi Pires - Ransomware – Existe proteção para isso?
Palestra Filipi Pires - Ransomware – Existe proteção para isso?BHack Conference
 
CSF18 - Incident Response in the Cloud - Yuri Diogenes
CSF18 - Incident Response in the Cloud - Yuri DiogenesCSF18 - Incident Response in the Cloud - Yuri Diogenes
CSF18 - Incident Response in the Cloud - Yuri DiogenesNCCOMMS
 

Recommended

How to Rapidly Identify Assets at Risk to WannaCry Ransomware
How to Rapidly Identify Assets at Risk to WannaCry RansomwareHow to Rapidly Identify Assets at Risk to WannaCry Ransomware
How to Rapidly Identify Assets at Risk to WannaCry RansomwareQualys
 
How to protect your business from Wannacry Ransomware
How to protect your business from Wannacry RansomwareHow to protect your business from Wannacry Ransomware
How to protect your business from Wannacry RansomwareKaspersky
 
What you need to know about ExPetr ransomware
What you need to know about ExPetr ransomwareWhat you need to know about ExPetr ransomware
What you need to know about ExPetr ransomwareKaspersky
 
Te chnical presentation networkexploits and security
Te chnical presentation networkexploits and securityTe chnical presentation networkexploits and security
Te chnical presentation networkexploits and securityKartik Rao
 
Threat predictions 2011
Threat predictions 2011 Threat predictions 2011
Threat predictions 2011 Trend Micro
 
Cyber kill chain
Cyber kill chainCyber kill chain
Cyber kill chainAnkita Ganguly
 
Palestra Filipi Pires - Ransomware – Existe proteção para isso?
Palestra Filipi Pires - Ransomware – Existe proteção para isso?Palestra Filipi Pires - Ransomware – Existe proteção para isso?
Palestra Filipi Pires - Ransomware – Existe proteção para isso?BHack Conference
 
CSF18 - Incident Response in the Cloud - Yuri Diogenes
CSF18 - Incident Response in the Cloud - Yuri DiogenesCSF18 - Incident Response in the Cloud - Yuri Diogenes
CSF18 - Incident Response in the Cloud - Yuri DiogenesNCCOMMS
 
Encryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Encryption in the Public Cloud: 16 Bits of Advice for Security TechniquesEncryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Encryption in the Public Cloud: 16 Bits of Advice for Security TechniquesTrend Micro
 
Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Behind the scene of malware operators. Insights and countermeasures. CONFiden...Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Behind the scene of malware operators. Insights and countermeasures. CONFiden...Marco Balduzzi
 
Equifax Breach Postmortem
Equifax Breach PostmortemEquifax Breach Postmortem
Equifax Breach PostmortemAdrian Sanabria
 
IT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest ThreatIT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest ThreatETech 7
 
In search of unique behaviour
In search of unique behaviourIn search of unique behaviour
In search of unique behaviourDefCamp
 
Tech Demo: Take the Ransom Out of Ransomware
Tech Demo: Take the Ransom Out of RansomwareTech Demo: Take the Ransom Out of Ransomware
Tech Demo: Take the Ransom Out of Ransomwaremarketingunitrends
 
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...Kaspersky
 
Palestra Jeferson Propheta - Wanna Cry more
Palestra Jeferson Propheta - Wanna Cry morePalestra Jeferson Propheta - Wanna Cry more
Palestra Jeferson Propheta - Wanna Cry moreBHack Conference
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...James Anderson
 
Antispam aneb plnoleté řešení
Antispam aneb plnoleté řešeníAntispam aneb plnoleté řešení
Antispam aneb plnoleté řešeníMarketingArrowECS_CZ
 
NTXISSA September 2016 Meeting - How to Get More from Your Security Investmen...
NTXISSA September 2016 Meeting - How to Get More from Your Security Investmen...NTXISSA September 2016 Meeting - How to Get More from Your Security Investmen...
NTXISSA September 2016 Meeting - How to Get More from Your Security Investmen...North Texas Chapter of the ISSA
 
Azlan Security Offering
Azlan Security OfferingAzlan Security Offering
Azlan Security OfferingGianandrea Daverio
 
Advanced Threat Protection Lifecycle Infographic
Advanced Threat Protection Lifecycle InfographicAdvanced Threat Protection Lifecycle Infographic
Advanced Threat Protection Lifecycle InfographicBlue Coat
 
Shadow IT
Shadow ITShadow IT
Shadow ITRisk Analysis Consultants, s.r.o.
 
The state of endpoint defense in 2021
The state of endpoint defense in 2021The state of endpoint defense in 2021
The state of endpoint defense in 2021Adrian Sanabria
 
CAS MAA Infographic
CAS MAA InfographicCAS MAA Infographic
CAS MAA InfographicBlue Coat
 
Cerdant Security State of the Union
Cerdant Security State of the UnionCerdant Security State of the Union
Cerdant Security State of the UnionDavid Perkins
 
MITRE ATT&CKcon 2.0: The World's Most Dangerous ATT&CKers; Robert Lipovsky, ESET
MITRE ATT&CKcon 2.0: The World's Most Dangerous ATT&CKers; Robert Lipovsky, ESETMITRE ATT&CKcon 2.0: The World's Most Dangerous ATT&CKers; Robert Lipovsky, ESET
MITRE ATT&CKcon 2.0: The World's Most Dangerous ATT&CKers; Robert Lipovsky, ESETMITRE - ATT&CKcon
 
Securing Systems - Still Crazy After All These Years
Securing Systems - Still Crazy After All These YearsSecuring Systems - Still Crazy After All These Years
Securing Systems - Still Crazy After All These YearsAdrian Sanabria
 
Revolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionRevolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionBlue Coat
 
Untitled Presentation
Untitled PresentationUntitled Presentation
Untitled PresentationJulieth Gonzalez
 
Presentacion
PresentacionPresentacion
PresentacionDavid Garcia Pineda
 

More Related Content

What's hot

Encryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Encryption in the Public Cloud: 16 Bits of Advice for Security TechniquesEncryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Encryption in the Public Cloud: 16 Bits of Advice for Security TechniquesTrend Micro
 
Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Behind the scene of malware operators. Insights and countermeasures. CONFiden...Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Behind the scene of malware operators. Insights and countermeasures. CONFiden...Marco Balduzzi
 
Equifax Breach Postmortem
Equifax Breach PostmortemEquifax Breach Postmortem
Equifax Breach PostmortemAdrian Sanabria
 
IT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest ThreatIT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest ThreatETech 7
 
In search of unique behaviour
In search of unique behaviourIn search of unique behaviour
In search of unique behaviourDefCamp
 
Tech Demo: Take the Ransom Out of Ransomware
Tech Demo: Take the Ransom Out of RansomwareTech Demo: Take the Ransom Out of Ransomware
Tech Demo: Take the Ransom Out of Ransomwaremarketingunitrends
 
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...Kaspersky
 
Palestra Jeferson Propheta - Wanna Cry more
Palestra Jeferson Propheta - Wanna Cry morePalestra Jeferson Propheta - Wanna Cry more
Palestra Jeferson Propheta - Wanna Cry moreBHack Conference
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...James Anderson
 
NTXISSA September 2016 Meeting - How to Get More from Your Security Investmen...
NTXISSA September 2016 Meeting - How to Get More from Your Security Investmen...NTXISSA September 2016 Meeting - How to Get More from Your Security Investmen...
NTXISSA September 2016 Meeting - How to Get More from Your Security Investmen...North Texas Chapter of the ISSA
 
Advanced Threat Protection Lifecycle Infographic
Advanced Threat Protection Lifecycle InfographicAdvanced Threat Protection Lifecycle Infographic
Advanced Threat Protection Lifecycle InfographicBlue Coat
 
The state of endpoint defense in 2021
The state of endpoint defense in 2021The state of endpoint defense in 2021
The state of endpoint defense in 2021Adrian Sanabria
 
CAS MAA Infographic
CAS MAA InfographicCAS MAA Infographic
CAS MAA InfographicBlue Coat
 
Cerdant Security State of the Union
Cerdant Security State of the UnionCerdant Security State of the Union
Cerdant Security State of the UnionDavid Perkins
 
MITRE ATT&CKcon 2.0: The World's Most Dangerous ATT&CKers; Robert Lipovsky, ESET
MITRE ATT&CKcon 2.0: The World's Most Dangerous ATT&CKers; Robert Lipovsky, ESETMITRE ATT&CKcon 2.0: The World's Most Dangerous ATT&CKers; Robert Lipovsky, ESET
MITRE ATT&CKcon 2.0: The World's Most Dangerous ATT&CKers; Robert Lipovsky, ESETMITRE - ATT&CKcon
 
Securing Systems - Still Crazy After All These Years
Securing Systems - Still Crazy After All These YearsSecuring Systems - Still Crazy After All These Years
Securing Systems - Still Crazy After All These YearsAdrian Sanabria
 
Revolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionRevolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionBlue Coat
 

What's hot (20)

Encryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Encryption in the Public Cloud: 16 Bits of Advice for Security TechniquesEncryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Encryption in the Public Cloud: 16 Bits of Advice for Security Techniques
 
Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Behind the scene of malware operators. Insights and countermeasures. CONFiden...Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Behind the scene of malware operators. Insights and countermeasures. CONFiden...
 
Equifax Breach Postmortem
Equifax Breach PostmortemEquifax Breach Postmortem
Equifax Breach Postmortem
 
IT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest ThreatIT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest Threat
 
In search of unique behaviour
In search of unique behaviourIn search of unique behaviour
In search of unique behaviour
 
Tech Demo: Take the Ransom Out of Ransomware
Tech Demo: Take the Ransom Out of RansomwareTech Demo: Take the Ransom Out of Ransomware
Tech Demo: Take the Ransom Out of Ransomware
 
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
 
Palestra Jeferson Propheta - Wanna Cry more
Palestra Jeferson Propheta - Wanna Cry morePalestra Jeferson Propheta - Wanna Cry more
Palestra Jeferson Propheta - Wanna Cry more
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
 
Antispam aneb plnoleté řešení
Antispam aneb plnoleté řešeníAntispam aneb plnoleté řešení
Antispam aneb plnoleté řešení
 
NTXISSA September 2016 Meeting - How to Get More from Your Security Investmen...
NTXISSA September 2016 Meeting - How to Get More from Your Security Investmen...NTXISSA September 2016 Meeting - How to Get More from Your Security Investmen...
NTXISSA September 2016 Meeting - How to Get More from Your Security Investmen...
 
Azlan Security Offering
Azlan Security OfferingAzlan Security Offering
Azlan Security Offering
 
Advanced Threat Protection Lifecycle Infographic
Advanced Threat Protection Lifecycle InfographicAdvanced Threat Protection Lifecycle Infographic
Advanced Threat Protection Lifecycle Infographic
 
Shadow IT
Shadow ITShadow IT
Shadow IT
 
The state of endpoint defense in 2021
The state of endpoint defense in 2021The state of endpoint defense in 2021
The state of endpoint defense in 2021
 
CAS MAA Infographic
CAS MAA InfographicCAS MAA Infographic
CAS MAA Infographic
 
Cerdant Security State of the Union
Cerdant Security State of the UnionCerdant Security State of the Union
Cerdant Security State of the Union
 
MITRE ATT&CKcon 2.0: The World's Most Dangerous ATT&CKers; Robert Lipovsky, ESET
MITRE ATT&CKcon 2.0: The World's Most Dangerous ATT&CKers; Robert Lipovsky, ESETMITRE ATT&CKcon 2.0: The World's Most Dangerous ATT&CKers; Robert Lipovsky, ESET
MITRE ATT&CKcon 2.0: The World's Most Dangerous ATT&CKers; Robert Lipovsky, ESET
 
Securing Systems - Still Crazy After All These Years
Securing Systems - Still Crazy After All These YearsSecuring Systems - Still Crazy After All These Years
Securing Systems - Still Crazy After All These Years
 
Revolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionRevolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat Protection
 

Viewers also liked

Introduction to BladeTec High Volume Low Speed HVLS Fan Indonesia
Introduction to BladeTec High Volume Low Speed HVLS Fan IndonesiaIntroduction to BladeTec High Volume Low Speed HVLS Fan Indonesia
Introduction to BladeTec High Volume Low Speed HVLS Fan IndonesiaTawada Cleantech
 
Storage front garage sales infographic
Storage front garage sales infographicStorage front garage sales infographic
Storage front garage sales infographicStorage Front
 
The human heart medical images for power point
The human heart medical images for power pointThe human heart medical images for power point
The human heart medical images for power pointMedical_PPT_Images
 
MTH101 - Calculus and Analytical Geometry- Lecture 42
MTH101 - Calculus and Analytical Geometry- Lecture 42MTH101 - Calculus and Analytical Geometry- Lecture 42
MTH101 - Calculus and Analytical Geometry- Lecture 42Bilal Ahmed
 
Perkembangan Dan Perubahan Organisasi
Perkembangan Dan Perubahan OrganisasiPerkembangan Dan Perubahan Organisasi
Perkembangan Dan Perubahan OrganisasiAkadusyifa .
 
Satuan acara perkuliahan Metode Numerik Pendidikan matematika UMT
Satuan acara perkuliahan Metode Numerik Pendidikan matematika UMTSatuan acara perkuliahan Metode Numerik Pendidikan matematika UMT
Satuan acara perkuliahan Metode Numerik Pendidikan matematika UMTrukmono budi utomo
 
Presentation 211 b linda lorentzen_ helping your constituents navigate life ...
Presentation 211 b linda lorentzen_ helping your constituents navigate life ...Presentation 211 b linda lorentzen_ helping your constituents navigate life ...
Presentation 211 b linda lorentzen_ helping your constituents navigate life ...The ALS Association
 
Presentation 214 b. bartja wachtel meaningful_the life practice of mindful ...
Presentation 214 b. bartja wachtel meaningful_the life practice of mindful ...Presentation 214 b. bartja wachtel meaningful_the life practice of mindful ...
Presentation 214 b. bartja wachtel meaningful_the life practice of mindful ...The ALS Association
 
Presentation 220 richard strozewski building an als telehealth support syst...
Presentation 220 richard strozewski building an als telehealth support syst...Presentation 220 richard strozewski building an als telehealth support syst...
Presentation 220 richard strozewski building an als telehealth support syst...The ALS Association
 
Control de calidad
Control de calidadControl de calidad
Control de calidadHANNACLOR
 
Prilozhenie o personal6nykh_dannykh_danip
Prilozhenie o personal6nykh_dannykh_danipPrilozhenie o personal6nykh_dannykh_danip
Prilozhenie o personal6nykh_dannykh_danipdanip-ru
 

Viewers also liked (20)

Untitled Presentation
Untitled PresentationUntitled Presentation
Untitled Presentation
 
Presentacion
PresentacionPresentacion
Presentacion
 
Introduction to BladeTec High Volume Low Speed HVLS Fan Indonesia
Introduction to BladeTec High Volume Low Speed HVLS Fan IndonesiaIntroduction to BladeTec High Volume Low Speed HVLS Fan Indonesia
Introduction to BladeTec High Volume Low Speed HVLS Fan Indonesia
 
Studi hukum islam kel.2
Studi hukum islam kel.2Studi hukum islam kel.2
Studi hukum islam kel.2
 
Storage front garage sales infographic
Storage front garage sales infographicStorage front garage sales infographic
Storage front garage sales infographic
 
The human heart medical images for power point
The human heart medical images for power pointThe human heart medical images for power point
The human heart medical images for power point
 
Bilangan Pi
Bilangan PiBilangan Pi
Bilangan Pi
 
MTH101 - Calculus and Analytical Geometry- Lecture 42
MTH101 - Calculus and Analytical Geometry- Lecture 42MTH101 - Calculus and Analytical Geometry- Lecture 42
MTH101 - Calculus and Analytical Geometry- Lecture 42
 
Kelompok 2
Kelompok 2Kelompok 2
Kelompok 2
 
7(1)
7(1)7(1)
7(1)
 
Perkembangan Dan Perubahan Organisasi
Perkembangan Dan Perubahan OrganisasiPerkembangan Dan Perubahan Organisasi
Perkembangan Dan Perubahan Organisasi
 
Studi hukum islam kel.2
Studi hukum islam kel.2Studi hukum islam kel.2
Studi hukum islam kel.2
 
Ten facts about child rights
Ten facts about child rightsTen facts about child rights
Ten facts about child rights
 
Satuan acara perkuliahan Metode Numerik Pendidikan matematika UMT
Satuan acara perkuliahan Metode Numerik Pendidikan matematika UMTSatuan acara perkuliahan Metode Numerik Pendidikan matematika UMT
Satuan acara perkuliahan Metode Numerik Pendidikan matematika UMT
 
Presentation 211 b linda lorentzen_ helping your constituents navigate life ...
Presentation 211 b linda lorentzen_ helping your constituents navigate life ...Presentation 211 b linda lorentzen_ helping your constituents navigate life ...
Presentation 211 b linda lorentzen_ helping your constituents navigate life ...
 
Presentation 214 b. bartja wachtel meaningful_the life practice of mindful ...
Presentation 214 b. bartja wachtel meaningful_the life practice of mindful ...Presentation 214 b. bartja wachtel meaningful_the life practice of mindful ...
Presentation 214 b. bartja wachtel meaningful_the life practice of mindful ...
 
Presentation 220 richard strozewski building an als telehealth support syst...
Presentation 220 richard strozewski building an als telehealth support syst...Presentation 220 richard strozewski building an als telehealth support syst...
Presentation 220 richard strozewski building an als telehealth support syst...
 
Child labour& economic conditions
Child labour& economic conditionsChild labour& economic conditions
Child labour& economic conditions
 
Control de calidad
Control de calidadControl de calidad
Control de calidad
 
Prilozhenie o personal6nykh_dannykh_danip
Prilozhenie o personal6nykh_dannykh_danipPrilozhenie o personal6nykh_dannykh_danip
Prilozhenie o personal6nykh_dannykh_danip
 

Similar to WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid - 20160602

PoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail IndustryPoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail IndustryInvincea, Inc.
 
OSB120 Beat Ransomware
OSB120 Beat RansomwareOSB120 Beat Ransomware
OSB120 Beat RansomwareIvanti
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security PresentationSimplex
 
Complete Endpoint protection
Complete Endpoint protectionComplete Endpoint protection
Complete Endpoint protectionxband
 
Behind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced ThreatsBehind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced ThreatsCisco Canada
 
Best practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresBest practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresAlexander Benoit
 
Is av dead or just missing in action - avar2016
Is av dead or just missing in action - avar2016Is av dead or just missing in action - avar2016
Is av dead or just missing in action - avar2016rajeshnikam
 
The Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day RealityThe Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day RealityLumension
 
How Malware Works - Understanding Software Vulnerabilities
How Malware Works - Understanding Software VulnerabilitiesHow Malware Works - Understanding Software Vulnerabilities
How Malware Works - Understanding Software VulnerabilitiesBunmi Sowande
 
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Reacting to Advanced, Unknown Attacks in Real-Time with LastlineReacting to Advanced, Unknown Attacks in Real-Time with Lastline
Reacting to Advanced, Unknown Attacks in Real-Time with LastlineLastline, Inc.
 
Investigation of CryptoLocker Ransomware Trojans - Microsoft Windows
Investigation of CryptoLocker Ransomware Trojans - Microsoft WindowsInvestigation of CryptoLocker Ransomware Trojans - Microsoft Windows
Investigation of CryptoLocker Ransomware Trojans - Microsoft WindowsAaron ND Sawmadal
 
Investigation of CryptoLocker Ransomware Trojans - Microsoft Windows
Investigation of CryptoLocker Ransomware Trojans - Microsoft WindowsInvestigation of CryptoLocker Ransomware Trojans - Microsoft Windows
Investigation of CryptoLocker Ransomware Trojans - Microsoft WindowsAaron ND Sawmadal
 
It's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityIt's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityLumension
 
The next generation of IT security
The next generation of IT securityThe next generation of IT security
The next generation of IT securitySophos Benelux
 
FBI & Secret Service- Business Email Compromise Workshop
FBI & Secret Service- Business Email Compromise WorkshopFBI & Secret Service- Business Email Compromise Workshop
FBI & Secret Service- Business Email Compromise WorkshopErnest Staats
 

Similar to WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid - 20160602 (20)

NetWitness
NetWitnessNetWitness
NetWitness
 
Cybersecurity Concerns You Should be Thinking About
Cybersecurity Concerns You Should be Thinking AboutCybersecurity Concerns You Should be Thinking About
Cybersecurity Concerns You Should be Thinking About
 
PoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail IndustryPoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail Industry
 
OSB120 Beat Ransomware
OSB120 Beat RansomwareOSB120 Beat Ransomware
OSB120 Beat Ransomware
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security Presentation
 
Complete Endpoint protection
Complete Endpoint protectionComplete Endpoint protection
Complete Endpoint protection
 
Malware
MalwareMalware
Malware
 
Behind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced ThreatsBehind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced Threats
 
Best practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresBest practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included features
 
Is Antivirus (AV) Dead or Just Missing in Action
Is Antivirus (AV) Dead or Just Missing in Action Is Antivirus (AV) Dead or Just Missing in Action
Is Antivirus (AV) Dead or Just Missing in Action
 
Is av dead or just missing in action - avar2016
Is av dead or just missing in action - avar2016Is av dead or just missing in action - avar2016
Is av dead or just missing in action - avar2016
 
The Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day RealityThe Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day Reality
 
How Malware Works - Understanding Software Vulnerabilities
How Malware Works - Understanding Software VulnerabilitiesHow Malware Works - Understanding Software Vulnerabilities
How Malware Works - Understanding Software Vulnerabilities
 
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Reacting to Advanced, Unknown Attacks in Real-Time with LastlineReacting to Advanced, Unknown Attacks in Real-Time with Lastline
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
 
Investigation of CryptoLocker Ransomware Trojans - Microsoft Windows
Investigation of CryptoLocker Ransomware Trojans - Microsoft WindowsInvestigation of CryptoLocker Ransomware Trojans - Microsoft Windows
Investigation of CryptoLocker Ransomware Trojans - Microsoft Windows
 
Investigation of CryptoLocker Ransomware Trojans - Microsoft Windows
Investigation of CryptoLocker Ransomware Trojans - Microsoft WindowsInvestigation of CryptoLocker Ransomware Trojans - Microsoft Windows
Investigation of CryptoLocker Ransomware Trojans - Microsoft Windows
 
It's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityIt's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint Security
 
The next generation of IT security
The next generation of IT securityThe next generation of IT security
The next generation of IT security
 
Bezpečnost není jen antivirus
Bezpečnost není jen antivirusBezpečnost není jen antivirus
Bezpečnost není jen antivirus
 
FBI & Secret Service- Business Email Compromise Workshop
FBI & Secret Service- Business Email Compromise WorkshopFBI & Secret Service- Business Email Compromise Workshop
FBI & Secret Service- Business Email Compromise Workshop
 

More from Orbid

Online samenwerken anno 2017
Online samenwerken anno 2017Online samenwerken anno 2017
Online samenwerken anno 2017Orbid
 
Professionaliseer uw technische dienst en facility management
Professionaliseer uw technische dienst en facility managementProfessionaliseer uw technische dienst en facility management
Professionaliseer uw technische dienst en facility managementOrbid
 
Orbid - Grow your business
Orbid - Grow your businessOrbid - Grow your business
Orbid - Grow your businessOrbid
 
Orbid updates Microsoft Dynamics CRM
Orbid updates Microsoft Dynamics CRMOrbid updates Microsoft Dynamics CRM
Orbid updates Microsoft Dynamics CRMOrbid
 
Proximus - Cyber security workshop - Orbid - 20160602
Proximus - Cyber security workshop - Orbid - 20160602Proximus - Cyber security workshop - Orbid - 20160602
Proximus - Cyber security workshop - Orbid - 20160602Orbid
 
Orbid - Cybercrime en de continuiteit van uw onderneming
Orbid - Cybercrime en de continuiteit van uw ondernemingOrbid - Cybercrime en de continuiteit van uw onderneming
Orbid - Cybercrime en de continuiteit van uw ondernemingOrbid
 
Cyber security workshop - Proximus
Cyber security workshop - ProximusCyber security workshop - Proximus
Cyber security workshop - ProximusOrbid
 
Cloud & connectiviteit - Proximus
Cloud & connectiviteit - ProximusCloud & connectiviteit - Proximus
Cloud & connectiviteit - ProximusOrbid
 
IT security - continuïteit van uw onderneming - Orbid
IT security - continuïteit van uw onderneming - OrbidIT security - continuïteit van uw onderneming - Orbid
IT security - continuïteit van uw onderneming - OrbidOrbid
 

More from Orbid (9)

Online samenwerken anno 2017
Online samenwerken anno 2017Online samenwerken anno 2017
Online samenwerken anno 2017
 
Professionaliseer uw technische dienst en facility management
Professionaliseer uw technische dienst en facility managementProfessionaliseer uw technische dienst en facility management
Professionaliseer uw technische dienst en facility management
 
Orbid - Grow your business
Orbid - Grow your businessOrbid - Grow your business
Orbid - Grow your business
 
Orbid updates Microsoft Dynamics CRM
Orbid updates Microsoft Dynamics CRMOrbid updates Microsoft Dynamics CRM
Orbid updates Microsoft Dynamics CRM
 
Proximus - Cyber security workshop - Orbid - 20160602
Proximus - Cyber security workshop - Orbid - 20160602Proximus - Cyber security workshop - Orbid - 20160602
Proximus - Cyber security workshop - Orbid - 20160602
 
Orbid - Cybercrime en de continuiteit van uw onderneming
Orbid - Cybercrime en de continuiteit van uw ondernemingOrbid - Cybercrime en de continuiteit van uw onderneming
Orbid - Cybercrime en de continuiteit van uw onderneming
 
Cyber security workshop - Proximus
Cyber security workshop - ProximusCyber security workshop - Proximus
Cyber security workshop - Proximus
 
Cloud & connectiviteit - Proximus
Cloud & connectiviteit - ProximusCloud & connectiviteit - Proximus
Cloud & connectiviteit - Proximus
 
IT security - continuïteit van uw onderneming - Orbid
IT security - continuïteit van uw onderneming - OrbidIT security - continuïteit van uw onderneming - Orbid
IT security - continuïteit van uw onderneming - Orbid
 

Recently uploaded

Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Dana Luther
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012rehmti665
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Complet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled PersonComplet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled Personfurqan222004
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一Fs
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Roomdivyansh0kumar0
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMartaLoveguard
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhimiss dipika
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一Fs
 
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一3sw2qly1
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMgdsc13
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts servicevipmodelshub1
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Sonam Pathan
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Roomishabajaj13
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一Fs
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Paul Calvano
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一Fs
 

Recently uploaded (20)

Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
 
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Complet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled PersonComplet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled Person
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptx
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhi
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
 
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITM
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
 
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
 

WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid - 20160602

  • 1. Cryptolocker & het gevecht tegen IT’s grootste nieuwe vijand Martijn Nielen Sr. Sales Engineer WatchGuard
  • 2. Houston, we have a problem! • « My antivirus and IPS are updated but I got infected anyway »
  • 3. First reason: « Zero Day » • The vulnerabilty is still unkown • Or the fix is still not available
  • 4. Second reason: Technology changes, including hackers… • “Antivirus is Dead” Brian Dye Senior VP of Symantec
  • 5. *Malwise - An Effective and Efficient Classification System for Packed and Polymorphic Malware, Deakin University, Victoria, June 2013 Nearly 88% of malware morphs to evade signature-based antivirus solutions* Antivirus can’t keep up
  • 6. AV Vendor Review 7 http://labs.lastline.com/lastline-labs-av-isnt-dead-it-just-cant-keep-up • Average of 2 days for at least one AV scanner to detect what was not detected on day 0 • Detection rates increase to 61% after two weeks • After a year 10% of scanners still do not detect some malware • The 1-perecentile of malware least likely to be detected was undetected by a majority of AV scanners for Months • In some cases the malware was never detected
  • 7. Advanced Persistent Threat (APT) • Nation-State techniques now used for financial gain • Antivirus can’t keep up. New malware has been created as a variant of existing malware to avoid detection by classic techniques 8
  • 8. 9 Evolution of APTs Today, normal criminal malware exploits the same advanced tactics as nation-state APTs. Every organization is at risk of advanced threats! Zeus copies Stuxnet 0day Criminals use 0day malware (Cryptolocker) Zeus uses stolen certificates Criminal spear phishing Criminal watering hole attacks
  • 10. 11
  • 11. 13
  • 13. AV OS / ApplicationSandBox Malware And Virus Detection Zero Day Threat Curve
  • 14. Sandbox OS – XP /Win 7 Hypervisor Server Process Emulation XP /Win 7 Functions XP /Win 7 Functions XP /Win 7 Functions XP /Win 7 Functions CPU Memory Server System Emulation OS – XP /Win 7 CPU / Memory Server High Fidelity Low Visibility Low Fidelity High Visibility High Fidelity High Visibility Advanced Malware Analysis 1st 2nd 3rd
  • 15. APT Blocker with Code Emulation • Evasion detection is critical 17
  • 16. Stalling Looping Malware? Exploit Key logger C&C Network Traffic Inaction • Malware Checks the Environment • Multi-Path execution • Next step based on results • Stalling / Looping • Wait long enough for analysis to time out Malware Checks the Environment Stalling / Looping Multi-Path execution Wait long enough for analysis to time out Next step based on results Dynamic evasions
  • 18. Lastline recommended by NSS: 2015 BDS Security Value Map 23
  • 19. Unified Threat Management Platform Security Eco System 24 Default Threat Protection Proxy – Web, Email, FTP Application Control / IPS Webblocker / RED / SpamBlocker AV - Malware APTBlocker
  • 22. Did you get Locky ? http://watchguardsecuritycenter.com Once I verified that many of our UTM’s security services could detect Locky, I ran through one last test… I personally tried to download the malicious file “Rechnung-263-0779.xls” from my webmail. I’ve configured my WatchGuard Firebox with HTTPS Deep Inspection. This feature allows WatchGuard’s security services, such as GAV and Intrusion Prevention Service (IPS), to run security scans even on encrypted web traffic, like the webmail I was using to download this ransomware. Despite the encrypted webmail connection, our Firebox detected and blocked the Locky invoice file with the GAV service. It was unable to reach my workstation. As you can see, WatchGuard XTM and Firebox appliances have several features that can help prevent ransomware like Locky. However, these protections only work if you turn them on and configure them properly. If you want to keep Locky off your network , I highly recommend you read the Knowledgebase Article “How to prevent ransomware and other malicious malware with your Firebox” — Jonas Spieckermann You need to enable HTTPS DPI on your Firebox! 34
  • 23. An APT solution should • not be dependent on (AV) signatures • not depend on traditional sandbox technology • detect evasions • take prompt actions in real-time 35
  • 24. 36 Advanced Malware in Security Dashboard Visibility in WatchGuard Dimension
  • 25. True APT’s – even obvious from the Dutch file-names • Advanced: trigger interest • Targeted e.g. containing the name of the organization • Threats: True APT’s • Watering holes – “Eucharistieviering”, Dutch • Chain-of-Trust: by using ‘religious activities’ and social engineering based factors • Non-profit organizations targeted 38
  • 26. 40

Editor's Notes

  1. Traditional Sandboxing Technology Limited visibility due to reliance on OS system calls and library instrumentation Susceptible to evasive techniques Detectable inside sandbox