SlideShare a Scribd company logo

Sotw 2017 slideshare v2

Download as PPTX, PDF
M
MenloSecurity

The document discusses trust hacking and web risks in 2017. It found that every website calls on an average of 25 background sites for content. More than 32,000 sites relied on the vulnerable Microsoft IIS 7.5 software from 2009. The business and economy category had the most "known bad" sites and vulnerable sites, and suffered the most breaches over the last year compared to other categories. Categories of websites can change their reputations and phishing sites were found across different categories using legitimate hosting services.

Internet
1 of 14
Trust Hacking State of the Web 2017
| © 2018 / Menlo Security, Inc. All rights reserved.2 Weaponizing Trust
| © 2018 / Menlo Security, Inc. All rights reserved.3 Background Radiation Our researchers found that every time a user visits a website, that site calls on an average of 25 background sites for content
| © 2018 / Menlo Security, Inc. All rights reserved.4 Widespread Use of Vulnerable Software More than 32,000 of the sites we studied rely on Microsoft IIS 7.5, which was released in 2009
| © 2018 / Menlo Security, Inc. All rights reserved.5 Web Risk by Category
| © 2018 / Menlo Security, Inc. All rights reserved.6 Top Categories with Known Bad Sites Consider Business and Economy. It had more “known bad” sites than any other traditionally trusted category, with more than 12,000. That’s fewer than in Adult and Pornography, but more than in Gambling.
| © 2018 / Menlo Security, Inc. All rights reserved.7 Top Categories with Vulnerable Sites More sites in Business and Economy relied on vulnerable software than in any other category, for the second year in a row. Many of these sites still use Microsoft’s IIS 5 web server, which the company stopped supporting 12 years ago.
| © 2018 / Menlo Security, Inc. All rights reserved.8 Top Categories with Recent Threat History Business and Economy sites also in the Last Year suffered more breaches and other successful attacks than any other category.
| © 2018 / Menlo Security, Inc. All rights reserved.9 Categories Can and Will Change One reputation service rightly identified email.complianceonline.com as malicious— except for a brief period when it didn’t.
| © 2018 / Menlo Security, Inc. All rights reserved.10 Categories Containing Phishing Sites In 2017, we discovered 4,600 phishing sites using legitimate hosting services.
| © 2018 / Menlo Security, Inc. All rights reserved.11 Common Typosquatting Categories
| © 2018 / Menlo Security, Inc. All rights reserved.12 Best Practices to Mitigate Web and Email Risk
| © 2018 / Menlo Security, Inc. All rights reserved.13 Download the Report Today http://info.menlosecurity.com/state-of-the-web-2017.html
Sotw 2017 slideshare v2

Recommended

Why Your Business Can’t Ignore the Need for a Password Manager Any Longer
Why Your Business Can’t Ignore the Need for a Password Manager Any LongerWhy Your Business Can’t Ignore the Need for a Password Manager Any Longer
Why Your Business Can’t Ignore the Need for a Password Manager Any Longer
Digital Transformation EXPO Event Series
 
CPSU Presentation
CPSU PresentationCPSU Presentation
CPSU PresentationTodd Rowe
 
Mimecast Case Study - Targeted Threat Protection - Berrymans Lace Mawer
Mimecast Case Study - Targeted Threat Protection - Berrymans Lace MawerMimecast Case Study - Targeted Threat Protection - Berrymans Lace Mawer
Mimecast Case Study - Targeted Threat Protection - Berrymans Lace MawerEliza Hedegaard
 
Websecurity fundamentals for beginners
Websecurity fundamentals for beginnersWebsecurity fundamentals for beginners
Websecurity fundamentals for beginners
Samvel Gevorgyan
 
Board and Cyber Security
Board and Cyber SecurityBoard and Cyber Security
Board and Cyber Security
Leon Fouche
 
Information Security Management System in the Banking Sector
Information Security Management System in the Banking SectorInformation Security Management System in the Banking Sector
Information Security Management System in the Banking Sector
Samvel Gevorgyan
 
DOL Fiduciary Rule Infographic
DOL Fiduciary Rule InfographicDOL Fiduciary Rule Infographic
DOL Fiduciary Rule Infographic
EAI Information Systems
 
Palo Alto Networks 2016 Cybersecurity Predictions
Palo Alto Networks 2016 Cybersecurity PredictionsPalo Alto Networks 2016 Cybersecurity Predictions
Palo Alto Networks 2016 Cybersecurity Predictions
PaloAltoNetworks
 

Recommended

Why Your Business Can’t Ignore the Need for a Password Manager Any Longer
Why Your Business Can’t Ignore the Need for a Password Manager Any LongerWhy Your Business Can’t Ignore the Need for a Password Manager Any Longer
Why Your Business Can’t Ignore the Need for a Password Manager Any Longer
Digital Transformation EXPO Event Series
 
CPSU Presentation
CPSU PresentationCPSU Presentation
CPSU PresentationTodd Rowe
 
Mimecast Case Study - Targeted Threat Protection - Berrymans Lace Mawer
Mimecast Case Study - Targeted Threat Protection - Berrymans Lace MawerMimecast Case Study - Targeted Threat Protection - Berrymans Lace Mawer
Mimecast Case Study - Targeted Threat Protection - Berrymans Lace MawerEliza Hedegaard
 
Websecurity fundamentals for beginners
Websecurity fundamentals for beginnersWebsecurity fundamentals for beginners
Websecurity fundamentals for beginners
Samvel Gevorgyan
 
Board and Cyber Security
Board and Cyber SecurityBoard and Cyber Security
Board and Cyber Security
Leon Fouche
 
Information Security Management System in the Banking Sector
Information Security Management System in the Banking SectorInformation Security Management System in the Banking Sector
Information Security Management System in the Banking Sector
Samvel Gevorgyan
 
DOL Fiduciary Rule Infographic
DOL Fiduciary Rule InfographicDOL Fiduciary Rule Infographic
DOL Fiduciary Rule Infographic
EAI Information Systems
 
Palo Alto Networks 2016 Cybersecurity Predictions
Palo Alto Networks 2016 Cybersecurity PredictionsPalo Alto Networks 2016 Cybersecurity Predictions
Palo Alto Networks 2016 Cybersecurity Predictions
PaloAltoNetworks
 
Equifax Breach - Lessons - Cyber Rescue - 16th may 2018
Equifax Breach - Lessons - Cyber Rescue - 16th may 2018Equifax Breach - Lessons - Cyber Rescue - 16th may 2018
Equifax Breach - Lessons - Cyber Rescue - 16th may 2018
Kevin Duffey
 
4 Different Types of Insider Attacks
4 Different Types of Insider Attacks4 Different Types of Insider Attacks
4 Different Types of Insider Attacks
Megan Thudium
 
The relation between internet of things, critical infrastructure and cyber se...
The relation between internet of things, critical infrastructure and cyber se...The relation between internet of things, critical infrastructure and cyber se...
The relation between internet of things, critical infrastructure and cyber se...
Ramiro Cid
 
Google peter logli & jake shea
Google peter logli & jake sheaGoogle peter logli & jake shea
Google peter logli & jake shea
ColloqueRISQ
 
7 top tips to protect your business from BEC [infographic] By Stellarise
7 top tips to protect your business from BEC [infographic] By Stellarise7 top tips to protect your business from BEC [infographic] By Stellarise
7 top tips to protect your business from BEC [infographic] By Stellarise
Elena Tatarenkova
 
Top Threats Facing Organizations Cloud / SaaS Data
Top Threats Facing Organizations Cloud / SaaS DataTop Threats Facing Organizations Cloud / SaaS Data
Top Threats Facing Organizations Cloud / SaaS Data
SysCloud
 
Advantages Of Using Cyber Security Solution
Advantages Of Using Cyber Security SolutionAdvantages Of Using Cyber Security Solution
Advantages Of Using Cyber Security Solution
Cyber Infrastructure INC
 
The Equifax Data Breach - How to Tell if You've Been Impacted
The Equifax Data Breach - How to Tell if You've Been ImpactedThe Equifax Data Breach - How to Tell if You've Been Impacted
The Equifax Data Breach - How to Tell if You've Been Impacted
CBIZ, Inc.
 
Notorious 9 ciso platform moshe
Notorious 9 ciso platform moshe Notorious 9 ciso platform moshe
Notorious 9 ciso platform moshe
Priyanka Aash
 
Equifax Flyer Aug 2017
Equifax Flyer Aug 2017Equifax Flyer Aug 2017
Equifax Flyer Aug 2017
Daniel Michels
 
Cyber Security Services
Cyber Security ServicesCyber Security Services
Cyber Security Services
Saratechnology
 
Dr. Kalyan Kankanala was the key note speaker at Cisco on April 6, 2017
Dr. Kalyan Kankanala was the key note speaker at Cisco on April 6, 2017Dr. Kalyan Kankanala was the key note speaker at Cisco on April 6, 2017
Dr. Kalyan Kankanala was the key note speaker at Cisco on April 6, 2017
Dr. Kalyan C. Kankanala
 
Open Source Software Security
Open Source Software SecurityOpen Source Software Security
Open Source Software Security
Netizen Corporation
 
Digital Gen: Security Infographic
Digital Gen: Security InfographicDigital Gen: Security Infographic
Digital Gen: Security Infographic
Unisys Corporation
 
BITGLASS - DATA BREACH DISCOVERY DATASHEET
BITGLASS - DATA BREACH DISCOVERY DATASHEETBITGLASS - DATA BREACH DISCOVERY DATASHEET
BITGLASS - DATA BREACH DISCOVERY DATASHEET
Edgar Alejandro Villegas
 
Let’s rethink cloud application security in 2016 - Patrick Kerpan's Secure360...
Let’s rethink cloud application security in 2016 - Patrick Kerpan's Secure360...Let’s rethink cloud application security in 2016 - Patrick Kerpan's Secure360...
Let’s rethink cloud application security in 2016 - Patrick Kerpan's Secure360...
Cohesive Networks
 
Check your network security
Check your network securityCheck your network security
Check your network security
Your Virtual CTO
 
Cyber security awareness & training 2.1
Cyber security awareness & training 2.1Cyber security awareness & training 2.1
Cyber security awareness & training 2.1
Mark Mair
 
NASA Cyber Security Webinar: Phishing Detection Strategies
NASA Cyber Security Webinar: Phishing Detection StrategiesNASA Cyber Security Webinar: Phishing Detection Strategies
NASA Cyber Security Webinar: Phishing Detection Strategies
Paubox, Inc.
 
Future of Marketing The Cloud - John fearon, DropMySite
Future of Marketing The Cloud - John fearon, DropMySiteFuture of Marketing The Cloud - John fearon, DropMySite
Future of Marketing The Cloud - John fearon, DropMySite
ResellerClub
 
Global CCISO Forum 2018 | Ondrej Krehel | The Era of Cyber Extortion and Rans...
Global CCISO Forum 2018 | Ondrej Krehel | The Era of Cyber Extortion and Rans...Global CCISO Forum 2018 | Ondrej Krehel | The Era of Cyber Extortion and Rans...
Global CCISO Forum 2018 | Ondrej Krehel | The Era of Cyber Extortion and Rans...
EC-Council
 
Funsec3e ppt ch11
Funsec3e ppt ch11Funsec3e ppt ch11
Funsec3e ppt ch11
Skillspire LLC
 

More Related Content

What's hot

Equifax Breach - Lessons - Cyber Rescue - 16th may 2018
Equifax Breach - Lessons - Cyber Rescue - 16th may 2018Equifax Breach - Lessons - Cyber Rescue - 16th may 2018
Equifax Breach - Lessons - Cyber Rescue - 16th may 2018
Kevin Duffey
 
4 Different Types of Insider Attacks
4 Different Types of Insider Attacks4 Different Types of Insider Attacks
4 Different Types of Insider Attacks
Megan Thudium
 
The relation between internet of things, critical infrastructure and cyber se...
The relation between internet of things, critical infrastructure and cyber se...The relation between internet of things, critical infrastructure and cyber se...
The relation between internet of things, critical infrastructure and cyber se...
Ramiro Cid
 
Google peter logli & jake shea
Google peter logli & jake sheaGoogle peter logli & jake shea
Google peter logli & jake shea
ColloqueRISQ
 
7 top tips to protect your business from BEC [infographic] By Stellarise
7 top tips to protect your business from BEC [infographic] By Stellarise7 top tips to protect your business from BEC [infographic] By Stellarise
7 top tips to protect your business from BEC [infographic] By Stellarise
Elena Tatarenkova
 
Top Threats Facing Organizations Cloud / SaaS Data
Top Threats Facing Organizations Cloud / SaaS DataTop Threats Facing Organizations Cloud / SaaS Data
Top Threats Facing Organizations Cloud / SaaS Data
SysCloud
 
Advantages Of Using Cyber Security Solution
Advantages Of Using Cyber Security SolutionAdvantages Of Using Cyber Security Solution
Advantages Of Using Cyber Security Solution
Cyber Infrastructure INC
 
The Equifax Data Breach - How to Tell if You've Been Impacted
The Equifax Data Breach - How to Tell if You've Been ImpactedThe Equifax Data Breach - How to Tell if You've Been Impacted
The Equifax Data Breach - How to Tell if You've Been Impacted
CBIZ, Inc.
 
Notorious 9 ciso platform moshe
Notorious 9 ciso platform moshe Notorious 9 ciso platform moshe
Notorious 9 ciso platform moshe
Priyanka Aash
 
Equifax Flyer Aug 2017
Equifax Flyer Aug 2017Equifax Flyer Aug 2017
Equifax Flyer Aug 2017
Daniel Michels
 
Cyber Security Services
Cyber Security ServicesCyber Security Services
Cyber Security Services
Saratechnology
 
Dr. Kalyan Kankanala was the key note speaker at Cisco on April 6, 2017
Dr. Kalyan Kankanala was the key note speaker at Cisco on April 6, 2017Dr. Kalyan Kankanala was the key note speaker at Cisco on April 6, 2017
Dr. Kalyan Kankanala was the key note speaker at Cisco on April 6, 2017
Dr. Kalyan C. Kankanala
 
Open Source Software Security
Open Source Software SecurityOpen Source Software Security
Open Source Software Security
Netizen Corporation
 
Digital Gen: Security Infographic
Digital Gen: Security InfographicDigital Gen: Security Infographic
Digital Gen: Security Infographic
Unisys Corporation
 
BITGLASS - DATA BREACH DISCOVERY DATASHEET
BITGLASS - DATA BREACH DISCOVERY DATASHEETBITGLASS - DATA BREACH DISCOVERY DATASHEET
BITGLASS - DATA BREACH DISCOVERY DATASHEET
Edgar Alejandro Villegas
 
Let’s rethink cloud application security in 2016 - Patrick Kerpan's Secure360...
Let’s rethink cloud application security in 2016 - Patrick Kerpan's Secure360...Let’s rethink cloud application security in 2016 - Patrick Kerpan's Secure360...
Let’s rethink cloud application security in 2016 - Patrick Kerpan's Secure360...
Cohesive Networks
 
Check your network security
Check your network securityCheck your network security
Check your network security
Your Virtual CTO
 
Cyber security awareness & training 2.1
Cyber security awareness & training 2.1Cyber security awareness & training 2.1
Cyber security awareness & training 2.1
Mark Mair
 
NASA Cyber Security Webinar: Phishing Detection Strategies
NASA Cyber Security Webinar: Phishing Detection StrategiesNASA Cyber Security Webinar: Phishing Detection Strategies
NASA Cyber Security Webinar: Phishing Detection Strategies
Paubox, Inc.
 
Future of Marketing The Cloud - John fearon, DropMySite
Future of Marketing The Cloud - John fearon, DropMySiteFuture of Marketing The Cloud - John fearon, DropMySite
Future of Marketing The Cloud - John fearon, DropMySite
ResellerClub
 

What's hot (20)

Equifax Breach - Lessons - Cyber Rescue - 16th may 2018
Equifax Breach - Lessons - Cyber Rescue - 16th may 2018Equifax Breach - Lessons - Cyber Rescue - 16th may 2018
Equifax Breach - Lessons - Cyber Rescue - 16th may 2018
 
4 Different Types of Insider Attacks
4 Different Types of Insider Attacks4 Different Types of Insider Attacks
4 Different Types of Insider Attacks
 
The relation between internet of things, critical infrastructure and cyber se...
The relation between internet of things, critical infrastructure and cyber se...The relation between internet of things, critical infrastructure and cyber se...
The relation between internet of things, critical infrastructure and cyber se...
 
Google peter logli & jake shea
Google peter logli & jake sheaGoogle peter logli & jake shea
Google peter logli & jake shea
 
7 top tips to protect your business from BEC [infographic] By Stellarise
7 top tips to protect your business from BEC [infographic] By Stellarise7 top tips to protect your business from BEC [infographic] By Stellarise
7 top tips to protect your business from BEC [infographic] By Stellarise
 
Top Threats Facing Organizations Cloud / SaaS Data
Top Threats Facing Organizations Cloud / SaaS DataTop Threats Facing Organizations Cloud / SaaS Data
Top Threats Facing Organizations Cloud / SaaS Data
 
Advantages Of Using Cyber Security Solution
Advantages Of Using Cyber Security SolutionAdvantages Of Using Cyber Security Solution
Advantages Of Using Cyber Security Solution
 
The Equifax Data Breach - How to Tell if You've Been Impacted
The Equifax Data Breach - How to Tell if You've Been ImpactedThe Equifax Data Breach - How to Tell if You've Been Impacted
The Equifax Data Breach - How to Tell if You've Been Impacted
 
Notorious 9 ciso platform moshe
Notorious 9 ciso platform moshe Notorious 9 ciso platform moshe
Notorious 9 ciso platform moshe
 
Equifax Flyer Aug 2017
Equifax Flyer Aug 2017Equifax Flyer Aug 2017
Equifax Flyer Aug 2017
 
Cyber Security Services
Cyber Security ServicesCyber Security Services
Cyber Security Services
 
Dr. Kalyan Kankanala was the key note speaker at Cisco on April 6, 2017
Dr. Kalyan Kankanala was the key note speaker at Cisco on April 6, 2017Dr. Kalyan Kankanala was the key note speaker at Cisco on April 6, 2017
Dr. Kalyan Kankanala was the key note speaker at Cisco on April 6, 2017
 
Open Source Software Security
Open Source Software SecurityOpen Source Software Security
Open Source Software Security
 
Digital Gen: Security Infographic
Digital Gen: Security InfographicDigital Gen: Security Infographic
Digital Gen: Security Infographic
 
BITGLASS - DATA BREACH DISCOVERY DATASHEET
BITGLASS - DATA BREACH DISCOVERY DATASHEETBITGLASS - DATA BREACH DISCOVERY DATASHEET
BITGLASS - DATA BREACH DISCOVERY DATASHEET
 
Let’s rethink cloud application security in 2016 - Patrick Kerpan's Secure360...
Let’s rethink cloud application security in 2016 - Patrick Kerpan's Secure360...Let’s rethink cloud application security in 2016 - Patrick Kerpan's Secure360...
Let’s rethink cloud application security in 2016 - Patrick Kerpan's Secure360...
 
Check your network security
Check your network securityCheck your network security
Check your network security
 
Cyber security awareness & training 2.1
Cyber security awareness & training 2.1Cyber security awareness & training 2.1
Cyber security awareness & training 2.1
 
NASA Cyber Security Webinar: Phishing Detection Strategies
NASA Cyber Security Webinar: Phishing Detection StrategiesNASA Cyber Security Webinar: Phishing Detection Strategies
NASA Cyber Security Webinar: Phishing Detection Strategies
 
Future of Marketing The Cloud - John fearon, DropMySite
Future of Marketing The Cloud - John fearon, DropMySiteFuture of Marketing The Cloud - John fearon, DropMySite
Future of Marketing The Cloud - John fearon, DropMySite
 

Similar to Sotw 2017 slideshare v2

Global CCISO Forum 2018 | Ondrej Krehel | The Era of Cyber Extortion and Rans...
Global CCISO Forum 2018 | Ondrej Krehel | The Era of Cyber Extortion and Rans...Global CCISO Forum 2018 | Ondrej Krehel | The Era of Cyber Extortion and Rans...
Global CCISO Forum 2018 | Ondrej Krehel | The Era of Cyber Extortion and Rans...
EC-Council
 
Funsec3e ppt ch11
Funsec3e ppt ch11Funsec3e ppt ch11
Funsec3e ppt ch11
Skillspire LLC
 
The Silicon Valley Security Debate: Demo by Symphony’s CTO and CSO
The Silicon Valley Security Debate: Demo by Symphony’s CTO and CSOThe Silicon Valley Security Debate: Demo by Symphony’s CTO and CSO
The Silicon Valley Security Debate: Demo by Symphony’s CTO and CSO
Symphony.com
 
Don't Trust, And Verify - Mobile Application Attacks
Don't Trust, And Verify - Mobile Application AttacksDon't Trust, And Verify - Mobile Application Attacks
Don't Trust, And Verify - Mobile Application Attacks
Prathan Phongthiproek
 
Reducing Attack Surface in Budget Constrained Environments
Reducing Attack Surface in Budget Constrained EnvironmentsReducing Attack Surface in Budget Constrained Environments
Reducing Attack Surface in Budget Constrained Environments
Denim Group
 
Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11
Dr. Ahmed Al Zaidy
 
Webinar–Open Source Risk in M&A by the Numbers
Webinar–Open Source Risk in M&A by the NumbersWebinar–Open Source Risk in M&A by the Numbers
Webinar–Open Source Risk in M&A by the Numbers
Synopsys Software Integrity Group
 
Security/Compliance - Advanced Threat Detection and Compliance
Security/Compliance - Advanced Threat Detection and ComplianceSecurity/Compliance - Advanced Threat Detection and Compliance
Security/Compliance - Advanced Threat Detection and Compliance
Advanced Technology Consulting (ATC)
 
106 Threat defense and information security development trends
106 Threat defense and information security development trends106 Threat defense and information security development trends
106 Threat defense and information security development trends
SsendiSamuel
 
CASB — Your new best friend for safe cloud adoption?
CASB — Your new best friend for safe cloud adoption? CASB — Your new best friend for safe cloud adoption?
CASB — Your new best friend for safe cloud adoption?
Digital Transformation EXPO Event Series
 
Tineola: Taking A Bite Out of Enterprise Blockchain
Tineola: Taking A Bite Out of Enterprise BlockchainTineola: Taking A Bite Out of Enterprise Blockchain
Tineola: Taking A Bite Out of Enterprise Blockchain
Priyanka Aash
 
人工智慧雲服務與金融服務應用
人工智慧雲服務與金融服務應用人工智慧雲服務與金融服務應用
人工智慧雲服務與金融服務應用Amazon Web Services
 
Trend Micro 10 Minute Overview
Trend Micro 10 Minute OverviewTrend Micro 10 Minute Overview
Trend Micro 10 Minute Overview
John D. Haden
 
Chapter 5.pdf
Chapter 5.pdfChapter 5.pdf
Chapter 5.pdf
MehediHasan875455
 
Security and Privacy: What Nonprofits Need to Know
Security and Privacy: What Nonprofits Need to KnowSecurity and Privacy: What Nonprofits Need to Know
Security and Privacy: What Nonprofits Need to Know
TechSoup
 
2017 Security Report Presentation
2017 Security Report Presentation2017 Security Report Presentation
2017 Security Report Presentation
ixiademandgen
 
Do You Manage Software? Understanding Your Role in Cybersecurity Defense
Do You Manage Software? Understanding Your Role in Cybersecurity DefenseDo You Manage Software? Understanding Your Role in Cybersecurity Defense
Do You Manage Software? Understanding Your Role in Cybersecurity Defense
Flexera
 
AWS Startup Day Toronto - Sudip Chakrabarti- Building & Selling AI-Powered En...
AWS Startup Day Toronto - Sudip Chakrabarti- Building & Selling AI-Powered En...AWS Startup Day Toronto - Sudip Chakrabarti- Building & Selling AI-Powered En...
AWS Startup Day Toronto - Sudip Chakrabarti- Building & Selling AI-Powered En...
Amazon Web Services
 
Leveraging Compliance to “Help” Prevent a Future Breach
Leveraging Compliance to “Help” Prevent a Future BreachLeveraging Compliance to “Help” Prevent a Future Breach
Leveraging Compliance to “Help” Prevent a Future Breach
Kevin Murphy
 
5 Mobile App Security MUST-DOs in 2018
5 Mobile App Security MUST-DOs in 20185 Mobile App Security MUST-DOs in 2018
5 Mobile App Security MUST-DOs in 2018
NowSecure
 

Similar to Sotw 2017 slideshare v2 (20)

Global CCISO Forum 2018 | Ondrej Krehel | The Era of Cyber Extortion and Rans...
Global CCISO Forum 2018 | Ondrej Krehel | The Era of Cyber Extortion and Rans...Global CCISO Forum 2018 | Ondrej Krehel | The Era of Cyber Extortion and Rans...
Global CCISO Forum 2018 | Ondrej Krehel | The Era of Cyber Extortion and Rans...
 
Funsec3e ppt ch11
Funsec3e ppt ch11Funsec3e ppt ch11
Funsec3e ppt ch11
 
The Silicon Valley Security Debate: Demo by Symphony’s CTO and CSO
The Silicon Valley Security Debate: Demo by Symphony’s CTO and CSOThe Silicon Valley Security Debate: Demo by Symphony’s CTO and CSO
The Silicon Valley Security Debate: Demo by Symphony’s CTO and CSO
 
Don't Trust, And Verify - Mobile Application Attacks
Don't Trust, And Verify - Mobile Application AttacksDon't Trust, And Verify - Mobile Application Attacks
Don't Trust, And Verify - Mobile Application Attacks
 
Reducing Attack Surface in Budget Constrained Environments
Reducing Attack Surface in Budget Constrained EnvironmentsReducing Attack Surface in Budget Constrained Environments
Reducing Attack Surface in Budget Constrained Environments
 
Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11
 
Webinar–Open Source Risk in M&A by the Numbers
Webinar–Open Source Risk in M&A by the NumbersWebinar–Open Source Risk in M&A by the Numbers
Webinar–Open Source Risk in M&A by the Numbers
 
Security/Compliance - Advanced Threat Detection and Compliance
Security/Compliance - Advanced Threat Detection and ComplianceSecurity/Compliance - Advanced Threat Detection and Compliance
Security/Compliance - Advanced Threat Detection and Compliance
 
106 Threat defense and information security development trends
106 Threat defense and information security development trends106 Threat defense and information security development trends
106 Threat defense and information security development trends
 
CASB — Your new best friend for safe cloud adoption?
CASB — Your new best friend for safe cloud adoption? CASB — Your new best friend for safe cloud adoption?
CASB — Your new best friend for safe cloud adoption?
 
Tineola: Taking A Bite Out of Enterprise Blockchain
Tineola: Taking A Bite Out of Enterprise BlockchainTineola: Taking A Bite Out of Enterprise Blockchain
Tineola: Taking A Bite Out of Enterprise Blockchain
 
人工智慧雲服務與金融服務應用
人工智慧雲服務與金融服務應用人工智慧雲服務與金融服務應用
人工智慧雲服務與金融服務應用
 
Trend Micro 10 Minute Overview
Trend Micro 10 Minute OverviewTrend Micro 10 Minute Overview
Trend Micro 10 Minute Overview
 
Chapter 5.pdf
Chapter 5.pdfChapter 5.pdf
Chapter 5.pdf
 
Security and Privacy: What Nonprofits Need to Know
Security and Privacy: What Nonprofits Need to KnowSecurity and Privacy: What Nonprofits Need to Know
Security and Privacy: What Nonprofits Need to Know
 
2017 Security Report Presentation
2017 Security Report Presentation2017 Security Report Presentation
2017 Security Report Presentation
 
Do You Manage Software? Understanding Your Role in Cybersecurity Defense
Do You Manage Software? Understanding Your Role in Cybersecurity DefenseDo You Manage Software? Understanding Your Role in Cybersecurity Defense
Do You Manage Software? Understanding Your Role in Cybersecurity Defense
 
AWS Startup Day Toronto - Sudip Chakrabarti- Building & Selling AI-Powered En...
AWS Startup Day Toronto - Sudip Chakrabarti- Building & Selling AI-Powered En...AWS Startup Day Toronto - Sudip Chakrabarti- Building & Selling AI-Powered En...
AWS Startup Day Toronto - Sudip Chakrabarti- Building & Selling AI-Powered En...
 
Leveraging Compliance to “Help” Prevent a Future Breach
Leveraging Compliance to “Help” Prevent a Future BreachLeveraging Compliance to “Help” Prevent a Future Breach
Leveraging Compliance to “Help” Prevent a Future Breach
 
5 Mobile App Security MUST-DOs in 2018
5 Mobile App Security MUST-DOs in 20185 Mobile App Security MUST-DOs in 2018
5 Mobile App Security MUST-DOs in 2018
 

Recently uploaded

一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
ufdana
 
学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作
学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作
学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作
zyfovom
 
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
cuobya
 
Gen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needsGen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needs
Laura Szabó
 
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
CIOWomenMagazine
 
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
3ipehhoa
 
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Brad Spiegel Macon GA
 
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdfMeet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Florence Consulting
 
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
keoku
 
[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024
hackersuli
 
7 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 20247 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 2024
Danica Gill
 
Italy Agriculture Equipment Market Outlook to 2027
Italy Agriculture Equipment Market Outlook to 2027Italy Agriculture Equipment Market Outlook to 2027
Italy Agriculture Equipment Market Outlook to 2027
harveenkaur52
 
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC
 
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
eutxy
 
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
uehowe
 
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdfJAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
Javier Lasa
 
Bài tập unit 1 English in the world.docx
Bài tập unit 1 English in the world.docxBài tập unit 1 English in the world.docx
Bài tập unit 1 English in the world.docx
nhiyenphan2005
 
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
fovkoyb
 
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
cuobya
 
Search Result Showing My Post is Now Buried
Search Result Showing My Post is Now BuriedSearch Result Showing My Post is Now Buried
Search Result Showing My Post is Now Buried
Trish Parr
 

Recently uploaded (20)

一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
 
学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作
学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作
学位认证网(DU毕业证)迪肯大学毕业证成绩单一比一原版制作
 
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
 
Gen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needsGen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needs
 
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
 
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
 
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
 
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdfMeet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
 
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
 
[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024
 
7 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 20247 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 2024
 
Italy Agriculture Equipment Market Outlook to 2027
Italy Agriculture Equipment Market Outlook to 2027Italy Agriculture Equipment Market Outlook to 2027
Italy Agriculture Equipment Market Outlook to 2027
 
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
 
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
 
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
 
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdfJAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
 
Bài tập unit 1 English in the world.docx
Bài tập unit 1 English in the world.docxBài tập unit 1 English in the world.docx
Bài tập unit 1 English in the world.docx
 
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
 
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
 
Search Result Showing My Post is Now Buried
Search Result Showing My Post is Now BuriedSearch Result Showing My Post is Now Buried
Search Result Showing My Post is Now Buried
 

Sotw 2017 slideshare v2

  • 1. Trust Hacking State of the Web 2017
  • 2. | © 2018 / Menlo Security, Inc. All rights reserved.2 Weaponizing Trust
  • 3. | © 2018 / Menlo Security, Inc. All rights reserved.3 Background Radiation Our researchers found that every time a user visits a website, that site calls on an average of 25 background sites for content
  • 4. | © 2018 / Menlo Security, Inc. All rights reserved.4 Widespread Use of Vulnerable Software More than 32,000 of the sites we studied rely on Microsoft IIS 7.5, which was released in 2009
  • 5. | © 2018 / Menlo Security, Inc. All rights reserved.5 Web Risk by Category
  • 6. | © 2018 / Menlo Security, Inc. All rights reserved.6 Top Categories with Known Bad Sites Consider Business and Economy. It had more “known bad” sites than any other traditionally trusted category, with more than 12,000. That’s fewer than in Adult and Pornography, but more than in Gambling.
  • 7. | © 2018 / Menlo Security, Inc. All rights reserved.7 Top Categories with Vulnerable Sites More sites in Business and Economy relied on vulnerable software than in any other category, for the second year in a row. Many of these sites still use Microsoft’s IIS 5 web server, which the company stopped supporting 12 years ago.
  • 8. | © 2018 / Menlo Security, Inc. All rights reserved.8 Top Categories with Recent Threat History Business and Economy sites also in the Last Year suffered more breaches and other successful attacks than any other category.
  • 9. | © 2018 / Menlo Security, Inc. All rights reserved.9 Categories Can and Will Change One reputation service rightly identified email.complianceonline.com as malicious— except for a brief period when it didn’t.
  • 10. | © 2018 / Menlo Security, Inc. All rights reserved.10 Categories Containing Phishing Sites In 2017, we discovered 4,600 phishing sites using legitimate hosting services.
  • 11. | © 2018 / Menlo Security, Inc. All rights reserved.11 Common Typosquatting Categories
  • 12. | © 2018 / Menlo Security, Inc. All rights reserved.12 Best Practices to Mitigate Web and Email Risk
  • 13. | © 2018 / Menlo Security, Inc. All rights reserved.13 Download the Report Today http://info.menlosecurity.com/state-of-the-web-2017.html