The number of devices running with the Android operating system has been on the rise. By the end of 2012, it will account for nearly half of the world's smartphone market. Along with its growth, the importance of security has also risen. A proportional increase in the number of vulnerabilities is also happening to the extent that there are a limited number of security applications available to protect these devices. The efficacies of these applications have not been empirically established. These slides analyzes some of the security tools written for the Android platform to gauge their effectiveness at mitigating spyware and malware
In the past two decades of tech booms, busts, and bubbles, two things have not changed - hackers are still nding ways to breach security measures in place, and the endpoint remains the primary target. And now, with cloud and mobile computing, endpoint devices have become the new enterprise security perimeter, so there is even more pressure to lock them down.
Companies are deploying piles of software on the endpoint to secure it - antivirus, anti- malware, desktop rewalls, intrusion detection, vulnerability management, web ltering, anti-spam, and the list goes on. Yet with all of the solutions in place, high pro le companies are still being breached. The recent attacks on large retail and hospitality organizations are prime examples, where hackers successfully used credit-card-stealing-malware targeting payment servers to collect customer credit card information.
Recent studies have shown that 90% of security breaches involve a software vulnerability caused by a missing patch – even if the patch is made available to public.
Most organisations do not realise that a vulnerable system connected to the enterprise network potentially puts the entire organisation to risk by being easy targets of cyber-attacks. Many service providers scan the network and provide a comprehensive report of the vulnerabilities existing in the end point systems. However, they do not take the next step of removing these vulnerabilities.
Read this whitepaper to know how Saner ensures enterprise security by remediating vulnerabilities in the endpoints.
Following months of in-depth worldwide business user research and thousands of man-hours spent on its development, we are proudly introducing the new, completely re-engineered and redesigned line of #ESET business security products, now available worldwide. Check out our multi-layered security solutions and #DoMore!
http://www.eset.com/int/about/press/articles/products/article/esets-next-generation-business-security-products-now-available-worldwide
The number of devices running with the Android operating system has been on the rise. By the end of 2012, it will account for nearly half of the world's smartphone market. Along with its growth, the importance of security has also risen. A proportional increase in the number of vulnerabilities is also happening to the extent that there are a limited number of security applications available to protect these devices. The efficacies of these applications have not been empirically established. These slides analyzes some of the security tools written for the Android platform to gauge their effectiveness at mitigating spyware and malware
In the past two decades of tech booms, busts, and bubbles, two things have not changed - hackers are still nding ways to breach security measures in place, and the endpoint remains the primary target. And now, with cloud and mobile computing, endpoint devices have become the new enterprise security perimeter, so there is even more pressure to lock them down.
Companies are deploying piles of software on the endpoint to secure it - antivirus, anti- malware, desktop rewalls, intrusion detection, vulnerability management, web ltering, anti-spam, and the list goes on. Yet with all of the solutions in place, high pro le companies are still being breached. The recent attacks on large retail and hospitality organizations are prime examples, where hackers successfully used credit-card-stealing-malware targeting payment servers to collect customer credit card information.
Recent studies have shown that 90% of security breaches involve a software vulnerability caused by a missing patch – even if the patch is made available to public.
Most organisations do not realise that a vulnerable system connected to the enterprise network potentially puts the entire organisation to risk by being easy targets of cyber-attacks. Many service providers scan the network and provide a comprehensive report of the vulnerabilities existing in the end point systems. However, they do not take the next step of removing these vulnerabilities.
Read this whitepaper to know how Saner ensures enterprise security by remediating vulnerabilities in the endpoints.
Following months of in-depth worldwide business user research and thousands of man-hours spent on its development, we are proudly introducing the new, completely re-engineered and redesigned line of #ESET business security products, now available worldwide. Check out our multi-layered security solutions and #DoMore!
http://www.eset.com/int/about/press/articles/products/article/esets-next-generation-business-security-products-now-available-worldwide
ESET: Delivering Benefits to Medium and Large BusinessesESET
Following months of in-depth worldwide business user research and thousands of man-hours spent on its development, we are proudly introducing the new, completely re-engineered and redesigned line of #ESET business security products, now available worldwide. Check out our multi-layered security solutions and #DoMore!
http://www.eset.com/int/about/press/articles/products/article/esets-next-generation-business-security-products-now-available-worldwide
Checkout Dividend Stocks Research for free Articles! http://www.dividendstocksresearch.com/dividend-newsletter
The search for dividend yield can lure you down some expensive alleys. Here’s how to find a better dividend yield with fewer dangers and more rewards. $CB $DOV $ITW
ESET: #DoMore With Our Comprehensive Range of Business ProductsESET
Following months of in-depth worldwide business user research and thousands of man-hours spent on its development, we are proudly introducing the new, completely re-engineered and redesigned line of #ESET business security products, now available worldwide. Check out our multi-layered security solutions and #DoMore!
http://www.eset.com/int/about/press/articles/products/article/esets-next-generation-business-security-products-now-available-worldwide
Symantec Cyber Security Solutions minimize the potential business impact of increasingly sophisticated and targeted attacks by reducing the time it takes to detect, assess and respond to security incidents.
What? Why? Who? How? Of Application Security Testing TEST Huddle
A penetration testing expert is better at pen-testing than me, but should I simply delegate application security to specialists and network firewalls? Actually no, I shouldn’t and neither should anyone else involved in the systems development lifecycle.
For years I treated security testing as something akin to black magic beyond my comprehension and penetration testers as technical wizards who could cast out evil hacking spells. Obviously that was daft, but it took some effort to see what was really happening behind the smoke and mirrors of application security, and to de-mystify it for my colleagues.
Follow the journey that led Declan O'Riordan to believe that every well-formed tester can and must have a basic understanding of what application security is, why it is important, who should be doing it, and how.
After this presentation you can stop describing security as ‘Out of Scope’ from your test plans.
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...Lumension
Today, more than 1.6 million new malware signatures are identified each month. And more organizations are falling prey to "zero-day" attacks - malware for which an anti-virus signature does not exist. It’s no surprise that roughly half of the organizations surveyed in a 2010 Ponemon Institute study reported an increase in their IT operating expenses - a main driver of that cost increase was malware. Traditional anti-virus simply can't keep up in the malware arms race and relying on it as your primary defense will prove costly.
In this webcast, Paul Henry, security and forensics expert, and Chris Merritt, Director of Solution Marketing with Lumension, will examine:
* The true cost of anti-virus in terms of PC performance, network bandwidth, IT helpdesk costs, prevention of malware and more
* Why application whitelisting is a better approach to defend against rising targeted attacks
* How application whitelisting has evolved to provide a new level of intelligence that delivers more effective security and necessary flexibility to improve productivity - in even rapidly changing endpoint environments
Michael Roytman's CyberTech EU presentation. This was presented in October 2023 and includes data about vulnerabilities from 660 Cisco Vulnerability Management Customers. For a deeper dive, see the prioritization to prediction reports: https://www.cyentia.com/prioritization-to-prediction-v9/.
All of the data is generated from aggregated data from Cisco VM (Kenna) customers, or from telemetry data from Cisco, Alienvault, Reversings Labs, etc.
CNS - Hut3 - Mobile Application (In)SecurityCNS Group
Explaining common mobile application security weaknesses and how to mitigate them. Presentation by Adrian Hayter and Andy Swift at the CNS Security Chapter event series.
DevOps Indonesia "How Security with DevOps can Deliver more secure software"
Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - Remediation) by Mr. Faisal Yahya
Now in a day mobile internet user increasing. Along with this mobile banking, online purchase increasing also. So secure your mobile with bitdefender android security.
The 2018 Vulnerability Stats report covering off a fullstack review of cyber security across 1000's of web applictions, end-points and cloud based systems globally.
Microsoft has announced the BlueKeep vulnerability, a wormable Remote Desktop vulnerability that has a high potential of being exploited in legacy operating systems.
Be warned, this vulnerability can be exploited remotely with no authentication required. Protect yourself from what people are calling the next WannaCry.
ESET: Delivering Benefits to Medium and Large BusinessesESET
Following months of in-depth worldwide business user research and thousands of man-hours spent on its development, we are proudly introducing the new, completely re-engineered and redesigned line of #ESET business security products, now available worldwide. Check out our multi-layered security solutions and #DoMore!
http://www.eset.com/int/about/press/articles/products/article/esets-next-generation-business-security-products-now-available-worldwide
Checkout Dividend Stocks Research for free Articles! http://www.dividendstocksresearch.com/dividend-newsletter
The search for dividend yield can lure you down some expensive alleys. Here’s how to find a better dividend yield with fewer dangers and more rewards. $CB $DOV $ITW
ESET: #DoMore With Our Comprehensive Range of Business ProductsESET
Following months of in-depth worldwide business user research and thousands of man-hours spent on its development, we are proudly introducing the new, completely re-engineered and redesigned line of #ESET business security products, now available worldwide. Check out our multi-layered security solutions and #DoMore!
http://www.eset.com/int/about/press/articles/products/article/esets-next-generation-business-security-products-now-available-worldwide
Symantec Cyber Security Solutions minimize the potential business impact of increasingly sophisticated and targeted attacks by reducing the time it takes to detect, assess and respond to security incidents.
What? Why? Who? How? Of Application Security Testing TEST Huddle
A penetration testing expert is better at pen-testing than me, but should I simply delegate application security to specialists and network firewalls? Actually no, I shouldn’t and neither should anyone else involved in the systems development lifecycle.
For years I treated security testing as something akin to black magic beyond my comprehension and penetration testers as technical wizards who could cast out evil hacking spells. Obviously that was daft, but it took some effort to see what was really happening behind the smoke and mirrors of application security, and to de-mystify it for my colleagues.
Follow the journey that led Declan O'Riordan to believe that every well-formed tester can and must have a basic understanding of what application security is, why it is important, who should be doing it, and how.
After this presentation you can stop describing security as ‘Out of Scope’ from your test plans.
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...Lumension
Today, more than 1.6 million new malware signatures are identified each month. And more organizations are falling prey to "zero-day" attacks - malware for which an anti-virus signature does not exist. It’s no surprise that roughly half of the organizations surveyed in a 2010 Ponemon Institute study reported an increase in their IT operating expenses - a main driver of that cost increase was malware. Traditional anti-virus simply can't keep up in the malware arms race and relying on it as your primary defense will prove costly.
In this webcast, Paul Henry, security and forensics expert, and Chris Merritt, Director of Solution Marketing with Lumension, will examine:
* The true cost of anti-virus in terms of PC performance, network bandwidth, IT helpdesk costs, prevention of malware and more
* Why application whitelisting is a better approach to defend against rising targeted attacks
* How application whitelisting has evolved to provide a new level of intelligence that delivers more effective security and necessary flexibility to improve productivity - in even rapidly changing endpoint environments
Michael Roytman's CyberTech EU presentation. This was presented in October 2023 and includes data about vulnerabilities from 660 Cisco Vulnerability Management Customers. For a deeper dive, see the prioritization to prediction reports: https://www.cyentia.com/prioritization-to-prediction-v9/.
All of the data is generated from aggregated data from Cisco VM (Kenna) customers, or from telemetry data from Cisco, Alienvault, Reversings Labs, etc.
CNS - Hut3 - Mobile Application (In)SecurityCNS Group
Explaining common mobile application security weaknesses and how to mitigate them. Presentation by Adrian Hayter and Andy Swift at the CNS Security Chapter event series.
DevOps Indonesia "How Security with DevOps can Deliver more secure software"
Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - Remediation) by Mr. Faisal Yahya
Now in a day mobile internet user increasing. Along with this mobile banking, online purchase increasing also. So secure your mobile with bitdefender android security.
The 2018 Vulnerability Stats report covering off a fullstack review of cyber security across 1000's of web applictions, end-points and cloud based systems globally.
Microsoft has announced the BlueKeep vulnerability, a wormable Remote Desktop vulnerability that has a high potential of being exploited in legacy operating systems.
Be warned, this vulnerability can be exploited remotely with no authentication required. Protect yourself from what people are calling the next WannaCry.
This is the AVG Community Powered Threat Report for Q3 2012.
The report investigates a number of malicious software developments including the newly launched 2.0 version of the Blackhole Exploit Toolkit, the evolution in malware targeting mobile banking services, a surge in malicious ads targeting social network users and a trick to hide malware inside image files.
The Mobile Device: The New Center of the Fraud Prevention Universe with Aite ...TransUnion
iovation joins Aite Group to explore the emerging opportunities for businesses to:
* Leverage the mobile device to not only better secure mobile channel transactions but also add mobile security and enhance the user experience in all other channels.
* Harness valuable bank data and convert it into actionable intelligence.
* Plan for continued investment in remote channel security.
CSO CXO Series Breakfast in partnership with Kaspersky Lab,, 11th Nov Sydney....CSO_Presentations
This event features an international keynote presentation by Vicente Diaz, Principal Security Researcher with Kaspersky Lab's Global Research and Analysis Team (GReAT). CSO attendees also participated in an interactive top level panel session with key security and business executives sharing their experiences and best-practice solutions - with the ultimate goal of providing a better understanding of how best to survive in today’s ever more-intense security environment.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Assuring Contact Center Experiences for Your Customers With ThousandEyes
CSO Breakfast in Partnership with ESET - Juraj Malcho Presentation
1.
2. Are we doing enough?
Juraj Malcho
Chief Research Officer
ESET
3. Agenda
• Malware scene of today
• Anything special about Australia?
• Are security solutions dead and ineffective?
• How to manage to survive (and sleep at night)?
• How dark is the future of ICT security?
13. Filecoders prevalence 2015 consumer vs business
Country infection share total share
Australia 2.70% 0.16%
Spain 2.36% 0.16%
Italy 2.44% 0.12%
South Africa 1.47% 0.11%
United States 2.73% 0.10%
Canada 1.81% 0.09%
Belgium 1.50% 0.07%
Malaysia 0.74% 0.07%
United Kingdom 0.98% 0.06%
Russia 0.96% 0.06%
Bulgaria 0.93% 0.06%
Portugal 0.88% 0.06%
United Arab Emirates 0.45% 0.05%
Netherlands 1.18% 0.04%
Country infection share total share
South Africa 1.39% 0.10%
Spain 1.45% 0.09%
United States 1.80% 0.07%
Australia 1.50% 0.07%
Israel 0.82% 0.06%
Canada 1.12% 0.05%
United Kingdom 0.87% 0.05%
Turkey 0.63% 0.05%
Thailand 0.41% 0.05%
New Zealand 1.07% 0.04%
Netherlands 0.97% 0.04%
Italy 0.91% 0.04%
Singapore 0.50% 0.04%
Belgium 0.83% 0.03%
27. Massive spreading not en vogue anymore
• The most burning issues rarely make it to top20
today: ransomware, banking Trojans, targeted
malware
• Top ranks are completely taken by Potentially
Unwanted Software
• Staying under the radar and tailoring malware
for specific targets is the main focus today
28. IoT aka Internet of Threats
• The history repeats again: Time to market is the
most important thing, not security
• Problematic from simple ones to complex ones –
smart sensors, bulbs, intelligent home devices,
smart TVs, internet routers, cars, mobile phones
• Could I get a “non-smart” option, please???
29. Fixing IoT
• Simple ones need strict End of Life policy
– They won’t update, they’re extremely cheap
• Complex ones must be easy to update
– Really? Home routers, cars, mobile phones?
• Are legislation and industry standards going to save
us?
• Endpoint protection is almost impossible
– We hear those saying firewalls are dead
33. APT or TPA?
• If detected out of the box then the attacker failed
• Advanced Persistent Threat is completely wrong
– those threats are usually not advanced, not everything is
Stuxnet
– the malware itself is just a tool to perform an attack
– it’s the attacker who’s persistent
• Targeted Persistent Attack is much more spot on
– Attackers combine different methods when doing
reconnaissance – phishing phone call, targeting email
borne malware to different people in an organization
34. Is AV dead?
• Yes, for about 20 years if you’re talking about the original
technology
• However, it followed malware evolution:
– Network communication inspection – botnets, exploitation,
exfiltration
– Emulation/sandboxing of analyzed code
– Behavioral monitoring and memory scanning
– Exploitation blocking
– Cloud-based reputation systems
– Stealth detections which can’t be tested by malware writers
– Gradual move from automatic to more verbose/interactive solutions
35. Bold words from the other side
• Q: What types of security devices/services/techniques
legitimately make your life harder as a blackhat? Any that you
think are a complete waste of money?
• A: Hmmmm, DDoS protection is a serious knock back,
although as many groups have proven before it’s easy to
bypass – e.g. cloudflare resolver before they changed the
protection method (almost bypassable lol). Things that are a
waste of money… Hmm, anti-virus is completely useless —
yes it may protect you from skids using non-FUD files but
that’s it. Every botnet that gets sold comes FUD as default.
People do it for free, it’s that easy.
37. "HAHAHA THE AVS FELL FOR THE LAST STRING
F*****G ICARUS AND ASQUARED
I JUST WISH NOD32 WOULD LEAVE ME ALONE
FOR A FEW DAT ITS PISSING ME OFF THIS IS
HOW I LIVE"
"THIS-IS-HOW-I-LIVE-AND-PAY-MY-BILLS-GIVE-
ME-A-BREAK"
The irritated author of Dorkbot
38. The Irritated Author of Win32/Dorkbot
"HAHAHA THE AVS FELL FOR THE LAST STRING
FUCKING ICARUS AND ASQUARED
I JUST WISH NOD32 WOULD LEAVE ME ALONE
FOR A FEW DAT ITS PISSING ME OFF THIS IS
HOW I LIVE"
"THIS-IS-HOW-I-LIVE-AND-PAY-MY-BILLS-GIVE-
ME-A-BREAK"
HOW CAN I PAY BILLS RENT FOOD WEALTH
AND EVERYTHING NECESSARY IF NOD IS
ALWAYS F******G UP MY CODES
39. What else is out there?
• Endpoint Detection and Response systems provide
insight into behavior of your IT systems, however,
there’s a reporting challenge
• Malware Prevention Systems (automated
sandboxing and analysis)
• Intelligence Services and Managed Security
• Deception techniques
• SIEM
40. How to choose the right solution?
• Consulting analysts such as Gartner or public
testers may help but doesn’t provide definitive
answer and might have bias you’re not aware of
• Internal testing is best but very difficult; you will
likely be biased, too, but aware of it
• Depending also on your needs: not only
detection is important, but footprint, reliability,
manageability, support quality etc
41. What’s the right SMB defense?
• Unless a very specific vertical it’s unlikely that a true high
profile targeted attack would be conducted
• Typically not enough expertise in SMBs
• Automagic solutions work best, but of course can be
bypassed
• If unable to manage more complex/interactive solutions,
look for MSSP
• Cloud-based solutions may help where applicable as
large providers can implement better security measures
42. How about enterprise?
• Defense needs have to adequately cover your
potential adversaries
• Combine different layers and don’t advertise
them; SIEM management
• Educate your teams
• Trust but verify – employ network logging and
look for anomaly
43. Future issues
• When IoT truly lifts off
• When cloud adoption will be massive (access
management, governance, political issues)
• Conflicting legislation: strict privacy and
encryption laws vs lawful(?) surveillance =>
leading to governments attacking security SW
• Global e-conflicts, cyber armies and attribution
44. Solving the situation
• Active & Adequate Cyber Defense
• Training, Education and Awareness
• Responsible design and usage
• Research & Investigation, cooperation with LE
• Hitting criminals’ money flow
• Preventing criminals from becoming criminals
Editor's Notes
Rovnix here – pretty surprising
Development of incident rates in 2013, 2014, 2015
Consumer 9.4%, 6.0%, 4.7%
Business 10.1%, 6.7%, 5.9%
Compared to US the situation is worse, and if we looked at Japan it’s even further away. US incidents under 4%, Japan 2.3% vs 1.6% (B vs C)
IND incident rate 20%
CTB Locker
Torrent Locker
Since March 2014, this Bitcoin wallet has transferred over 82 272 BTC. With 1 BTC currently valued at US$480, the total transactions are roughly equal to 40 millions US$.
Authors - Hesperbot
VirLock is another one…
Parasitic virus - polymorphic
New version of typical police lockscreen…
Some try to scare you…
Some try to scare you…
Some try to scare you…
Some are…mystic
Some are creepy
Not afraid of colors
Something for little kids
Something for older kids
No comment
Overall malware quantity doesn’t seem to rise as it used to, Microsoft is speaking about virtually stopping. We see that in Android malware this year.
Any device that allows user to input sensitive data can be potentially misused – antiphishing protection
Google unable to patch all devices, albeit it’s not exactly their hardware
But what if the device talks to the net via GSM, so that you can’t even sit on a single communication point to analyze traffic anomaly?
Are legislation and standards going to be the solution?
One thing that should be clear about targeted attack: it’s a human perp trying to learn what you have and then break your system, not some super intelligent code itself; if the attacker doesn’t succeed then he’s lame
Dorkbot globally top3 in 2013, top10 in 2014
Now under CME campaign
Of course, with cloud there’s a catch with data protection and recently legislation pressures
Predicting ICT future is hard because it can be influenced by tiny changes – an example about Ransomware and random successful campaign
Cloud adoption – well, if everything is in the cloud then the right solution to attack is physically going after the right people; it is a bit of single point of failure
People work best when they understand each other. Business angle needs to understand and accept security issues, and vice versa.
Last but not least – never trust a guy who’s promising to have the silver bullet. I always tell this specifically to students, explore things yourself and don’t trust anyone, but you. Not even me. ;)Learn, understand and build your own customized defense.
Security folks are an interesting group of people. Security is implemented by people who care, who deeply understand the problem and feel moral responsibility to help out others. Feels good to be a part of the club.