The authors analyzed over 82,000 tweets collected over 132 days to evaluate if Twitter messages could help identify and provide early warnings of potential security problems. They found that 91% of tweets were related to security issues, with 60% directly reporting security alerts. Over 40% of tweets reported issues before specialized security sites, supporting the hypothesis that Twitter can disseminate security information rapidly. Users actively retweeted alerts to warn others, with some messages reaching over 500,000 people. The study confirmed Twitter's potential for collaboratively spreading computer security information.
Recently a ransomware variant titled “WannaCry” has infected thousands of unpatched endpoints worldwide.This quick presentation will provide a synopsis of what this threat might mean for end users and what actions can be taken in response to this new information.
What you need to know about ExPetr ransomwareKaspersky
On Thursday, 29 June, Kaspersky Lab teamed up with Comae Technologies to present an emergency webinar for businesses to help them understand and defend against the Petya/ExPetr ransomware. The malware has affected companies in a range of industry sectors across the world, with Ukraine, Russia and number of Western European countries most affected.
Juan Andres Guerrero-Saade, senior security researcher in Kaspersky Lab’s Global Research and Analysis Team, will be joined by Matt Suiche from Comae Technologies to present the very latest information on the ransomware’s attack vectors, the infection process and how it spreads through company networks. They will provide mitigation guidance and explain the actions organizations need to take to secure their computers and networks against this threat.
More technical details regarding this threat: https://kas.pr/cf6w
Advice on how to protect your files: https://kas.pr/s8dp
https://kas.pr/2nvh
https://kas.pr/yg72
And how to you can protect yourself with our free tool: https://go.kaspersky.com/Anti-ransomware-tool_soc.html?utm_source=smm_yt&utm_medium=ww_yt_o_0516
- What is WannaCry?
- What are its Worm, Exploit, Botnet, Backdoor, Ransomware characteristics?
- WannaCry and the end of the world?
- Malware Prevention?
- Is it a big deal? Comparison with other malware
- WannaCry, a Military and Political Perspective
Technical guidance to prevent wanna cry ransomware attackAvanzo net
Along with the rise of Ransomware attacks around the world named WannaCry or WannaCrypt, a
new variant malware that is believed to be developed using NSA's exploit tools to attack computers with
Microsoft Windows operating system, ISACA ID tries to help provide preventive guidance to avoid those
malware attacks.
Recently a ransomware variant titled “WannaCry” has infected thousands of unpatched endpoints worldwide.This quick presentation will provide a synopsis of what this threat might mean for end users and what actions can be taken in response to this new information.
What you need to know about ExPetr ransomwareKaspersky
On Thursday, 29 June, Kaspersky Lab teamed up with Comae Technologies to present an emergency webinar for businesses to help them understand and defend against the Petya/ExPetr ransomware. The malware has affected companies in a range of industry sectors across the world, with Ukraine, Russia and number of Western European countries most affected.
Juan Andres Guerrero-Saade, senior security researcher in Kaspersky Lab’s Global Research and Analysis Team, will be joined by Matt Suiche from Comae Technologies to present the very latest information on the ransomware’s attack vectors, the infection process and how it spreads through company networks. They will provide mitigation guidance and explain the actions organizations need to take to secure their computers and networks against this threat.
More technical details regarding this threat: https://kas.pr/cf6w
Advice on how to protect your files: https://kas.pr/s8dp
https://kas.pr/2nvh
https://kas.pr/yg72
And how to you can protect yourself with our free tool: https://go.kaspersky.com/Anti-ransomware-tool_soc.html?utm_source=smm_yt&utm_medium=ww_yt_o_0516
- What is WannaCry?
- What are its Worm, Exploit, Botnet, Backdoor, Ransomware characteristics?
- WannaCry and the end of the world?
- Malware Prevention?
- Is it a big deal? Comparison with other malware
- WannaCry, a Military and Political Perspective
Technical guidance to prevent wanna cry ransomware attackAvanzo net
Along with the rise of Ransomware attacks around the world named WannaCry or WannaCrypt, a
new variant malware that is believed to be developed using NSA's exploit tools to attack computers with
Microsoft Windows operating system, ISACA ID tries to help provide preventive guidance to avoid those
malware attacks.
Your Guide to tackle the Ransomware threat "WannaCry" | SysforeSysfore Technologies
WannaCry, Wanna Decryptor, WannaCrypt – whatever it's referred to as, is by and large the same bitcoin-demanding beast. In this article, we explain
everything we know about the ransomware that has been raking havoc globally and how you can safeguard yourself against this threat
WannaCry/WannaCrypt Ransomware. Prepared by the SANS Technology Institute Internet Storm Center. Released under a “Creative Commons Attribution-ShareAlike” License: Use, modify and share these slides. Please attribute the work to us.
WannaCry Ransomware Attack: What to Do NowIBM Security
View on-demand webinar: http://bit.ly/2qoNQ8v
What you need to know and how to protect against the WannaCry Ransomware Attack, the largest coordinated cyberattack of its kind. WannaCry has already crippled critical infrastructure and multiple hospitals and telecommunications organizations, infecting 100s of thousands of endpoints in over 100 countries. In this on-demand webinar, we discuss the anatomy of this unprecedented attack and IBM Researchers share expert insights into what you can do now to protect your organization from this attack and the next one.
Your Guide to tackle the Ransomware threat "WannaCry" | SysforeSysfore Technologies
WannaCry, Wanna Decryptor, WannaCrypt – whatever it's referred to as, is by and large the same bitcoin-demanding beast. In this article, we explain
everything we know about the ransomware that has been raking havoc globally and how you can safeguard yourself against this threat
WannaCry/WannaCrypt Ransomware. Prepared by the SANS Technology Institute Internet Storm Center. Released under a “Creative Commons Attribution-ShareAlike” License: Use, modify and share these slides. Please attribute the work to us.
WannaCry Ransomware Attack: What to Do NowIBM Security
View on-demand webinar: http://bit.ly/2qoNQ8v
What you need to know and how to protect against the WannaCry Ransomware Attack, the largest coordinated cyberattack of its kind. WannaCry has already crippled critical infrastructure and multiple hospitals and telecommunications organizations, infecting 100s of thousands of endpoints in over 100 countries. In this on-demand webinar, we discuss the anatomy of this unprecedented attack and IBM Researchers share expert insights into what you can do now to protect your organization from this attack and the next one.
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryTrend Micro
Targeted attacks and advanced persistent threats (APTs) are becoming the new norm of cyber security threats— encompassing organized, focused efforts that are custom-created to penetrate enterprises and government agencies for valuable data, trade secrets, and access to internal systems. We explore the anatomy of targeted attacks: the inner workings of the APT lifecycle, along with an in-depth overview of Trend Micro Deep Discovery advanced threat protection solution, and how it enables enterprise IT to adopt a custom defense strategy that modernizes its risk management program to defend against targeted attacks.
ESET Technology: The multi-layered approach and its effectivenessESET Middle East
In this document we summarize the ways in which ESET uses multilayered
technologies to go far beyond the capabilities of basic antivirus.
We do this by explaining which layers are involved in solving specific problems and what benefits they provide to the user.
Malware evolution and Endpoint Detection and Response Adrian Guthrie
As malware evolves into targeted Advance Persistent Threat the response has to change to more proactive security model.
Automated Prevention Block malware and exploits to prevent Automated Detection -Targeted and zero-day attack are block in real time
Automated Forensics - Forensic information for in-dept analysis of every attempted attack
Automated Remediation - Automated malware removal
all made possible by Big Data analytics and Collective Intelligence .
Malware evolution and Endpoint Detection and Response TechnologyAdrian Guthrie
As Malware evolves into targeted Advance Persistent Threat the response has to be layered, proactive response, and highly visible
Automated Prevention- Block Malware and exploits prevent future attacks
Automated Detection- Targeted and Zero-day attacks are block in real time without signature files.
Automated Forensic- Forensic information for in-dept analysis of every attempted attack
Automated remediation- Automated malware removal to reduce burden on administrator.
All made possible by big data analytic and collective intelligence
Brief study of Wannacry and the massive attack that took place on May 12, 2017, where the Spanish telecommunications company Telefónica was one of the first victims of this ransomware. The timeline of the events, the vulnerabilities of the company, the costs left by the attack and the possible prevention measures are reviewed.
Author: Sergio Renteria Nuñez
Ransomware is a PC or Mac-based malicious piece of software that encrypts a user or company’s files and forces them to pay a fee to the hacker in order to regain access to their own files.
Not only can ransomware encrypt the files on your computer; the software is smart enough to travel across your network and encrypt any files located on shared network drives. This can lead to a catastrophic situation whereby one infected user can bring an entire company to a halt.
Today's security is that the main downside and every one the work is finished over the net mistreatment knowledge. whereas the information is out there, there square measure many varieties of users who act with knowledge and a few of them for his or her would like it all for his or her gaining data. There square measure numerous techniques used for cover of information however the hacker or cracker is a lot of intelligent to hack the security, there square measure 2 classes of hackers theyre completely different from one another on the idea of their arrange. The one who has smart plans square measure referred to as moral hackers as a result of the ethics to use their talent and techniques of hacking to supply security to the organization. this idea describes concerning the hacking, styles of hackers, rules of moral hacking and also the blessings of the moral hacking. Mukesh. M | Dr. S. Vengateshkumar "Ethical Hacking" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-6 , October 2019, URL: https://www.ijtsrd.com/papers/ijtsrd29351.pdf Paper URL: https://www.ijtsrd.com/engineering/computer-engineering/29351/ethical-hacking/mukesh-m
Evaluating the Utilization of Twitter Messages as a Source of Security Alerts
1. Evaluating the Utilization of
Twitter Messages as a
Source of Security Alerts
Authors:
Luiz Arthur F. Santos Daniel Macêdo Batista
luizsantos@utfpr.edu.br batista@ime.usp.br
Rodrigo Campiolo Marco Aurélio Gerosa
rcampiolo@utfpr.edu.br gerosa@ime.usp.br
These slides from Luiz Arthur Feitosa Santos, Rodrigo Campiolo, Daniel Macêdo Batista e Marco Aurélio Gerosa
was licensed with a license Creative Commons - Attribution – Non-Commercial 3.0 Not adjusted.
2. Introduction:
●Research Problem:
Delay in propagation of information from new threats (Zero-day
vulnerabilities).
Specialized applications are not fully effective against new
threats.
● Potential Solutions:
The problem can be mitigated by rapid propagation of alerts.
Use of social networks.
2
3. Objective:
Analyze a set of Twitter messages to verify that these messages
can help in the identification and early warning of potential security
problems.
Contributions:
Confirm that there is collaboration in social networks in relation to
computer security.
Characterization of security messages.
3
4. Hypotheses:
H1 - There is information about computer security in Twitter
messages and many of these messages indicate potential threats.
H2 - Twitter reports issues of information security before some
specialized sites.
H3 - Users on Twitter are concerned to warn another users about
security issues.
4
6. Methodology:
1. Get tweets
a. … Problem X …
b. ...PROBLEM Y … http...
c. ... Problem … X … http...
d. Threat Y ... #virus
e. … @user … Problem X …
f. New Malware Z...
g. X Solution.. http
Searches in the range of
1 minute for 132 days:
security AND (virus OR worm
OR attack OR intrusion
OR invasion OR ddos
OR hacker OR cracker
OR exploit OR malware)
6
7. Methodology:
1. Get tweets
a. … Problem X …
b. ...PROBLEM Y … http...Tweet
tweet
c. ... Problem … X … http...
TWEET
d. Threat Y ... #virus TwEet
e. … @user … Problem X …
f. New Malware Z...
g. X Solution.. http
3. Similarity and cluster
1a. … Problem X …
1c. ... Problem … X … http...
1e. … @user … Problem X …
2d. Threat Y ... #virus
2b. ...PROBLEM Y … http...
3f. New Malware Z...
Degree of similarity:
4g. X Solution... http 0,5 – tweets with tweets
7
8. Methodology:
1. Get tweets
a. … Problem X …
b. ...PROBLEM Y … http... 2. Get Feeds
c. ... Problem … X … http...
d. Threat Y ... #virus a. Problem X... new exploit...
e. … @user … Problem X … b. Problem Z...
f. New Malware Z...
g. X Solution.. http
Searches for 2 months
3. Similarity and cluster
using 30 websites of security.
1a. … Problem X … We also used a web crawler.
1c. ... Problem … X … http...
1e. … @user … Problem X …
2d. Threat Y ... #virus
2b. ...PROBLEM Y … http...
3f. New Malware Z...
4g. X Solution... http
8
9. Methodology:
1. Get tweets
a. … Problem X …
b. ...PROBLEM Y … http... 2. Get Feeds
c. ... Problem … X … http...
d. Threat Y ... #virus a. Problem X... new exploit...
e. … @user … Problem X … b. Problem Z...
f. New Malware Z...
g. X Solution.. http
Degree of similarity:
3. Similarity and cluster 0,2 – news with tweets
1a. … Problem X …
1c. ... Problem … X … http...
1e. … @user … Problem X … 4. Important messages
2d. Threat Y ... #virus 1a. … Problem X …
2b. ...PROBLEM Y … http...
3f. New Malware Z... 3f. New Malware Z...
4g. X Solution... http
9
10. Data Collected:
Twitter - from 28/Apr/2012 to 06/Nov/2012
●Number of tweets: 82,355
●Average of tweets per day: ~623
●Number of user: 42,340
●with links to URLs: 87.6 %
●with mention users - @: 37.7 %
●with hashtags - #: 37 %
Feeds - from 01/Apr/2012 to 15/Nov/2012
● Number of feeds: 4,546
10
11. Data Analysis:
Words most used by security tweets
Searched terms Security terms
Qty Words Qty Words
51.197 security 4.671 android
23.030 malware 4.536 flame
22.108 attack 4.214 infosec
10.196 hacker 4.200 news
9.893 virus 4.056 cyber
5.695 exploit 3.270 anti
2.359 ddos 2.788 computer
951 worm 2.637 hacking
816 intrusion 2.419 iran
699 invasion 2.398 apple
246 cracker 2.336 internet
11
12. Data Analysis:
Sample of relevant tweets:
Pos tweets Message excerpts
1 512 Malicious code on Adobe Flash player http...
2 463 How Flame virus has changed everything for online security firms ...
http://t.co...
3 374 New Java Zero-Day Exploit Hits http...
4 373 Kaspersky Anti-Virus Internet Security ... http://t.co/D0Gqh3RR
438 37 Only 9 of 22 virus scanners block Java exploit http://t.co/rw1sa3jf
439 37 ...Microsoft Services Agreement email notifications lead to latest Java
exploit http...
440 36 RT @CompuSec... Hackers, rootkit find place in new novel...
441 36 # Android Map Malware http://t.co/...
1735 10 ...Gevaarlijk wis-virus verwijdert brandende VS-vlag - Er is een nieuwe
variant...
1736 10 Valse Amazon-bestelling bevat Java-exploit ... http://t.co/f1KIGG2s via
@shareth...
1737 10 ...malware via Java-lek Op de website van de Telegraaf hebben
aanvallers kwaadaardige...
1738 10 Mobile Malware On The Rise, Android Most At Risk, Says McAfee
http://t.co/iyhKXaxE
12
13. Data Analysis:
Classification of tweets grouped with the specialized sites.
82%
are related with
Classification % Tweets security!
Relevant 62%
Irrelevant 20%
Spams 10%
Others 8%
13
14. Data Analysis:
Classification of tweets after clustering.
Evaluating a sample of 100 groups of a total 1.738.
Classification % Tweets 91 %
are related with
Security alerts 60% security!
General security 31%
Others 9%
14
15. Evaluation of Hypotheses:
H1 - There is information about computer security in Twitter
messages and many of these messages indicate potential threats.
82.355 tweets in 132 days, averaging of 623,90 tweets per day.
91% tweets reported security issues.
60% tweets report security alerts.
15
16. Evaluation of Hypotheses:
● H2 - Twitter reports issues of information security before some
specialized sites.
43% of tweets have most recent date.
Example:
PHP-CGI query string parameter vulnerability
➢Post on 02/May/2012 at CERT.
➢Posted in Twitter on 04/May/2012.
➢Cataloged in NIST on 11/May/2012.
16
18. Evaluation of Hypotheses:
H3 - Users on Twitter are concerned to warn another users about
●
security issues.
Average time of propagation is 12 days.
10 retweets hit ~10,000 users. The last
two messages respectively hit 22,468
and 52,074 Twitter users.
The message most propagate hit
~512,000 people.
18
19. Final Considerations:
● Difficulty selecting tweets (content and size).
● Social networks propagate security alerts.
● The alerts achieve high and rapid spread.
19
20. Future Work:
● Make new queries using other terms of the security.
● Improve the filter anti-spam/messages out of context.
● Evaluation of security alerts on other social networks.
●Develop an automated early warning of security based on social
networks.
20
21. Questions?
Luiz Arthur F. Santos Daniel Macêdo Batista
luizsantos@utfpr.edu.br batista@ime.usp.br
Rodrigo Campiolo Marco Aurélio Gerosa
rcampiolo@utfpr.edu.br gerosa@ime.usp.br
Thanks / Obrigado!
21