IT-security. What has happened in 2H 2008 regarding IT-security. Read about Koobface discovery by Websense Security Labs.Websense Security Labs detailed report.
This document provides an overview of cloud computing security challenges. It discusses how cloud computing introduces new risks by making systems accessible over the internet, shared among multiple tenants, and lacking location specificity. The document outlines common cloud computing models including infrastructure as a service, platform as a service, and software as a service. It also discusses how multitenancy increases the risk of unauthorized access to user data in cloud environments. Overall, the document examines how cloud computing demands new security practices due to its unique architecture and deployment models.
Webinar - Cyber Hygiene: Stay Clean at Work and at HomeWPICPE
This document provides an overview of cybersecurity risks and strategies for risk reduction. It discusses how cyber attacks are growing threats for both businesses and individuals. Common attacker motives are financial gain and espionage. Popular attack methods include phishing emails and exploiting known software vulnerabilities. The document recommends practicing basic "cyber hygiene" behaviors like using strong passwords, updating software, and being wary of unsolicited messages. It also outlines the US National Cybersecurity Workforce Framework for implementing comprehensive cybersecurity programs in organizations.
- Cloud applications have faced a wide variety of threats over the last few years including phishing attacks, malware distribution, and data leakage. Credential stealing, account hijacking, and exploiting vulnerabilities in cloud apps' designs are common attack methods.
- Threat actors include risky employees, malicious insiders, and hackers/state actors. Hackers target cloud apps and users to steal data and access accounts through phishing, malware, or exploiting app vulnerabilities.
- Common threats are credential theft through phishing pages hosted on cloud apps, man-in-the-browser attacks, malware distribution using cloud storage, and data leakage through oversharing of sensitive files on cloud apps. Proper security controls and user awareness are needed to
Dallas Web Security Group - February Meeting - Addressing Top Security ThreatsDallas Web Security Group
Credera is a full-service management and technology consulting firm that provides expert, objective advice to help solve complex business and technology challenges for clients ranging from Fortune 1000 companies to emerging industry leaders. The firm has multiple U.S. offices located in Dallas, Houston, Austin, and Denver.
Corrected some spelling errors from the February version found here: http://www.slideshare.net/DallasWebSecurityGroup/dallas-web-security-group-february-meeting-addressing-top-security-threats
Cloud computing redefines the way we deliver and use services to support the creation of business value. This change in delivery shifts the way data centres provide applications and infrastructure support to users. Like any major IT project, migrating from a traditional IT Infrastructure to a Cloud environment is not an exercise to be taken lightly.
Whether you are planning to running a private, public or hybrid cloud service in your organisation this presentation will help you prepare a cloud ready data centre and enable you to assess & prioritise your workload migration.
This document provides an overview of cloud computing security challenges. It discusses how cloud computing introduces new risks by making systems accessible over the internet, shared among multiple tenants, and lacking location specificity. The document outlines common cloud computing models including infrastructure as a service, platform as a service, and software as a service. It also discusses how multitenancy increases the risk of unauthorized access to user data in cloud environments. Overall, the document examines how cloud computing demands new security practices due to its unique architecture and deployment models.
Webinar - Cyber Hygiene: Stay Clean at Work and at HomeWPICPE
This document provides an overview of cybersecurity risks and strategies for risk reduction. It discusses how cyber attacks are growing threats for both businesses and individuals. Common attacker motives are financial gain and espionage. Popular attack methods include phishing emails and exploiting known software vulnerabilities. The document recommends practicing basic "cyber hygiene" behaviors like using strong passwords, updating software, and being wary of unsolicited messages. It also outlines the US National Cybersecurity Workforce Framework for implementing comprehensive cybersecurity programs in organizations.
- Cloud applications have faced a wide variety of threats over the last few years including phishing attacks, malware distribution, and data leakage. Credential stealing, account hijacking, and exploiting vulnerabilities in cloud apps' designs are common attack methods.
- Threat actors include risky employees, malicious insiders, and hackers/state actors. Hackers target cloud apps and users to steal data and access accounts through phishing, malware, or exploiting app vulnerabilities.
- Common threats are credential theft through phishing pages hosted on cloud apps, man-in-the-browser attacks, malware distribution using cloud storage, and data leakage through oversharing of sensitive files on cloud apps. Proper security controls and user awareness are needed to
Dallas Web Security Group - February Meeting - Addressing Top Security ThreatsDallas Web Security Group
Credera is a full-service management and technology consulting firm that provides expert, objective advice to help solve complex business and technology challenges for clients ranging from Fortune 1000 companies to emerging industry leaders. The firm has multiple U.S. offices located in Dallas, Houston, Austin, and Denver.
Corrected some spelling errors from the February version found here: http://www.slideshare.net/DallasWebSecurityGroup/dallas-web-security-group-february-meeting-addressing-top-security-threats
Cloud computing redefines the way we deliver and use services to support the creation of business value. This change in delivery shifts the way data centres provide applications and infrastructure support to users. Like any major IT project, migrating from a traditional IT Infrastructure to a Cloud environment is not an exercise to be taken lightly.
Whether you are planning to running a private, public or hybrid cloud service in your organisation this presentation will help you prepare a cloud ready data centre and enable you to assess & prioritise your workload migration.
This document summarizes topics related to computer security and privacy. It discusses types of computer crimes like hacking, theft of data, and fraud. It also covers how to secure systems through access controls, software protection, backups, and disaster recovery plans. The document describes viruses, worms, and precautions to prevent infection. Finally, it addresses privacy issues and how personal data can be collected and shared.
The document is an issue of the (IN)SECURE Magazine discussing various topics related to information security. It includes articles on the NSA's efforts to subvert encryption and install backdoors, attacks against PHP applications, allowing large-scale quantum cryptography networks, and other topics. It also includes advertisements, a letter from the editor, and information on how to provide feedback or get in contact with the magazine. Overall, the document provides an overview of several current issues and developments regarding cybersecurity based on research and reporting from various sources.
The document discusses several cybersecurity threats facing the public sector, including data loss, insider threats, cyber espionage, phishing, and ransomware. It provides statistics on data breaches and security incidents affecting the public sector in areas like personal data compromised, compliance issues, and responsibility for incidents. The top 5 threats are identified as ransomware, insider threats, distributed denial of service attacks, cyber espionage, and phishing. Solutions from Seqrite that can help mitigate these threats include endpoint security, unified threat management, mobile device management, and data loss prevention.
Top 5 Cybersecurity Threats in Retail IndustrySeqrite
The document discusses cybersecurity threats facing the retail industry. It notes that the retail industry suffered 215 data breaches in 2016, with an average cost of $172 per compromised record. Common cyber attacks on retail companies include malware, data theft, distributed denial of service (DDoS) attacks, phishing, and vulnerabilities from internet of things devices. Seqrite provides cybersecurity solutions like endpoint security, unified threat management, mobile device management, and data loss prevention to help mitigate these threats.
1. Cyber Ethics and Cyber Crime
2. Security in Social Media & Risk of Child Internet
3. Social media in Schools and photo privacy
4. Risk of OSNs and Security, Privacy of Facebook
5. Risk and Security of Social Networking site Facebook and Twitter
6. Risk analysis of Government and Online Transaction
Tim Willoughby presentation to cloud workshop 2016Tim Willoughby
This document discusses shared services and cloud computing in the context of Local Government Management Agency (LGMA) in Ireland. It notes that LGMA provides shared services to local governments, including procurement, ICT, HR, and other business and technical support services. It then discusses how the pace of technology is rapidly changing, with the growth of cloud computing, web services, and new tools that have democratized technology. It emphasizes that every business is now a technology business and explores some of the opportunities and challenges of cloud computing and shared services for local governments.
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2Damir Delija
The document discusses security threats like worms and Conficker, and challenges facing IT security teams. It introduces EnCase Enterprise for reactive investigations and EnCase Cybersecurity for proactive security auditing. EnCase Cybersecurity uses automated processes to identify undiscovered threats like polymorphic malware, locate data leakage, and help organizations take a proactive stance on information security.
This document provides a 7-step guide for organizations to survive a web attack. It begins with understanding the threat actor and developing a security response plan. The next steps involve locating all applications and servers, scanning them for vulnerabilities, and strengthening application, network, and endpoint security controls. The guide also provides tips for protecting against distributed denial of service attacks and application layer attacks. Overall, it aims to help organizations facing an impending web attack by providing a well-thought out strategy to identify risks and harden their defenses.
Cyber Security - awareness, vulnerabilities and solutionsinLabFIB
This document discusses cybersecurity awareness, vulnerabilities, and solutions. It begins by outlining threats to IoT/ICS/SCADA systems from actors like script kiddies, gray hats, black hats, and state-sponsored groups. Common threats include DDoS attacks and exploiting vulnerabilities in device access controls and software updates. The document then examines solutions like developing response and recovery plans, conducting risk assessments, implementing security controls, and obtaining external cybersecurity support. It emphasizes the importance of cybersecurity awareness training, continuous monitoring, and establishing cooperation between organizations.
The document summarizes a presentation given by Fred Holborn of Psiframe, Inc. on data security for intellectual property managers. It discusses how theft of proprietary information caused the greatest financial losses for many organizations in 2003. It also outlines Psiframe's security assessment services which identify vulnerabilities from an attacker's perspective in order to recommend best practices for protecting information assets and networks. The document provides examples of common vulnerabilities and techniques attackers use, such as exploiting wireless networks and information leakage. It emphasizes the importance of regularly assessing security risks and implementing appropriate safeguards and regulatory compliance.
The document discusses internet and network security risks and solutions. It provides an overview of common security threats like cybercrime, malware, and social engineering attacks. It then describes intrusion detection systems (IDS) and intrusion prevention systems (IPS) as basic concepts. IDS passively monitors network traffic and alerts administrators of potential threats, while IPS actively blocks malicious traffic in addition to detecting and alerting. The document analyzes IDS/IPS solutions and their role in providing security for networks and systems.
This document discusses cyber crime and security. It begins with an overview of topics to be covered, including the history and basics of cyber crimes, various categories of cyber crimes, and motivations for cyber attacks. It then discusses the history of cyber crimes and defines cyber attacks and cyber crimes. Various types of cyber crimes are outlined, including those against persons, property, and government. Common cyber crime techniques like social engineering, viruses, and ransomware are explained. The document notes that cyber crime groups are starting to operate more like organized crime rings. It concludes by discussing how opportunities provided by Web 2.0 technologies can be exploited for cyber crimes.
Cybersecurity training seminars, courses, cybersecurity lawsBryan Len
Cybersecurity risk is expanding, driven by worldwide availability and utilization of cloud administrations to store sensitive data and individual data.
Gone are the times of straightforward firewalls and hostile to infection programming being an organization's sole safety efforts. The ascent of digitalization and other further developed innovative designs has made a huge difference.
Why cybersecurity training ?
Cybercrime throws a wide net. No business, office, association or individual is resistant. As indicated by the 2020 Official Annual Cybercrime Report by Cybersecurity Ventures, cybercrime will cost the world in overabundance of $6 trillion every year by 2021 – up from $3 trillion out of 2015.
Associations have seen security ruptures develop by 67% in the previous five years alone.
What's more, presently it's not simply cybercriminals associations need to stress over. Cybersecurity breaks have different outcomes.
Government guidelines command associations have cybersecurity controls set up to secure delicate information or face significant fines.
Top 4 Cybersecurity laws include:
Payment Card Industry Data Security Standards (PCI DDS)
General Data Protection Regulation (GDPR)
HIPAA
GLBA
Learn considerably more and get the significant training your organization, association or office needs to help secure resources and information. Tonex offers almost three dozen courses in Cybersecurity Foundation.
This incorporates front line courses like:
Automotive Cybersecurity Training
Disaster Recovery and Business Continuity Training
Network Security Training
Software Security Training
ICS Cybersecurity Training
Request more information. Join online courses. Improve your organizations cybersecurity. Visit tonex.com for course and workshop detail.
Cybersecurity training seminars, courses, cybersecurity laws
https://www.tonex.com/cybersecurity-training-seminars-cybersecurity-courses/
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat ReportSymantec
The biggest story in 2014 was, of course, the Heartbleed bug, which shook the foundations of Internet security. This wasn’t about criminals being clever; it was about the inherent vulnerabilities of human-built software, and it reminded everyone of the need for vigilance, better implementation, and more diligent website security.
Of course, while Heartbleed hit the headlines, criminals were still hard at work making their own opportunities for exploitation, theft and disruption. 2014 saw criminals grow more professional, sophisticated, and aggressive in their tactics to the detriment of businesses and individuals alike.
DeepNines Technologies information for IT B2B. Defending against modern threats with DeepNines IT Services. More information located at www.deepnines.com
When money is the at the top of the mind of
cybercriminals, where do they turn their heads to? The
Banking Sector. This SlideShare takes you through the top 5 cybersecurity risks that banks and other financial firms face today.
This document provides an overview of practical cloud security advice. It discusses security risks in cloud computing like unauthorized data exposure and loss of availability. It recommends technical controls like CASB for access monitoring, DLP for data protection, and IRM for persistent data protection. The document also stresses the importance of identity and access management, encryption, and secure configurations.
Trying to prioritize and roadmap effective cyber security investment—people and technology—without fully understanding the cyber threat landscape is like driving 70 MPH in the dark with the lights off while wearing sunglasses. Learn what trends and cyber threats CenturyLink sees globally and get ideas on how to shine a light on your corporation’s technical environment.
Rick Burger, Senior Solutions Architect, CenturyLink; Louie Hollmeyer, Moderator, ATC
Photo Editor Apps for Female College Students - Survey Report - JAKPATJAKPATAPP
The survey results show that:
- 87.4% of respondents use photo editing apps on their smartphones
- The most popular photo editing apps identified were Camera 360, Camera360, Line Camera, Photogrid, B612, and Cymera
- Respondents were allowed to select multiple apps, with a wide variety of apps being used for photo editing purposes
This document summarizes topics related to computer security and privacy. It discusses types of computer crimes like hacking, theft of data, and fraud. It also covers how to secure systems through access controls, software protection, backups, and disaster recovery plans. The document describes viruses, worms, and precautions to prevent infection. Finally, it addresses privacy issues and how personal data can be collected and shared.
The document is an issue of the (IN)SECURE Magazine discussing various topics related to information security. It includes articles on the NSA's efforts to subvert encryption and install backdoors, attacks against PHP applications, allowing large-scale quantum cryptography networks, and other topics. It also includes advertisements, a letter from the editor, and information on how to provide feedback or get in contact with the magazine. Overall, the document provides an overview of several current issues and developments regarding cybersecurity based on research and reporting from various sources.
The document discusses several cybersecurity threats facing the public sector, including data loss, insider threats, cyber espionage, phishing, and ransomware. It provides statistics on data breaches and security incidents affecting the public sector in areas like personal data compromised, compliance issues, and responsibility for incidents. The top 5 threats are identified as ransomware, insider threats, distributed denial of service attacks, cyber espionage, and phishing. Solutions from Seqrite that can help mitigate these threats include endpoint security, unified threat management, mobile device management, and data loss prevention.
Top 5 Cybersecurity Threats in Retail IndustrySeqrite
The document discusses cybersecurity threats facing the retail industry. It notes that the retail industry suffered 215 data breaches in 2016, with an average cost of $172 per compromised record. Common cyber attacks on retail companies include malware, data theft, distributed denial of service (DDoS) attacks, phishing, and vulnerabilities from internet of things devices. Seqrite provides cybersecurity solutions like endpoint security, unified threat management, mobile device management, and data loss prevention to help mitigate these threats.
1. Cyber Ethics and Cyber Crime
2. Security in Social Media & Risk of Child Internet
3. Social media in Schools and photo privacy
4. Risk of OSNs and Security, Privacy of Facebook
5. Risk and Security of Social Networking site Facebook and Twitter
6. Risk analysis of Government and Online Transaction
Tim Willoughby presentation to cloud workshop 2016Tim Willoughby
This document discusses shared services and cloud computing in the context of Local Government Management Agency (LGMA) in Ireland. It notes that LGMA provides shared services to local governments, including procurement, ICT, HR, and other business and technical support services. It then discusses how the pace of technology is rapidly changing, with the growth of cloud computing, web services, and new tools that have democratized technology. It emphasizes that every business is now a technology business and explores some of the opportunities and challenges of cloud computing and shared services for local governments.
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2Damir Delija
The document discusses security threats like worms and Conficker, and challenges facing IT security teams. It introduces EnCase Enterprise for reactive investigations and EnCase Cybersecurity for proactive security auditing. EnCase Cybersecurity uses automated processes to identify undiscovered threats like polymorphic malware, locate data leakage, and help organizations take a proactive stance on information security.
This document provides a 7-step guide for organizations to survive a web attack. It begins with understanding the threat actor and developing a security response plan. The next steps involve locating all applications and servers, scanning them for vulnerabilities, and strengthening application, network, and endpoint security controls. The guide also provides tips for protecting against distributed denial of service attacks and application layer attacks. Overall, it aims to help organizations facing an impending web attack by providing a well-thought out strategy to identify risks and harden their defenses.
Cyber Security - awareness, vulnerabilities and solutionsinLabFIB
This document discusses cybersecurity awareness, vulnerabilities, and solutions. It begins by outlining threats to IoT/ICS/SCADA systems from actors like script kiddies, gray hats, black hats, and state-sponsored groups. Common threats include DDoS attacks and exploiting vulnerabilities in device access controls and software updates. The document then examines solutions like developing response and recovery plans, conducting risk assessments, implementing security controls, and obtaining external cybersecurity support. It emphasizes the importance of cybersecurity awareness training, continuous monitoring, and establishing cooperation between organizations.
The document summarizes a presentation given by Fred Holborn of Psiframe, Inc. on data security for intellectual property managers. It discusses how theft of proprietary information caused the greatest financial losses for many organizations in 2003. It also outlines Psiframe's security assessment services which identify vulnerabilities from an attacker's perspective in order to recommend best practices for protecting information assets and networks. The document provides examples of common vulnerabilities and techniques attackers use, such as exploiting wireless networks and information leakage. It emphasizes the importance of regularly assessing security risks and implementing appropriate safeguards and regulatory compliance.
The document discusses internet and network security risks and solutions. It provides an overview of common security threats like cybercrime, malware, and social engineering attacks. It then describes intrusion detection systems (IDS) and intrusion prevention systems (IPS) as basic concepts. IDS passively monitors network traffic and alerts administrators of potential threats, while IPS actively blocks malicious traffic in addition to detecting and alerting. The document analyzes IDS/IPS solutions and their role in providing security for networks and systems.
This document discusses cyber crime and security. It begins with an overview of topics to be covered, including the history and basics of cyber crimes, various categories of cyber crimes, and motivations for cyber attacks. It then discusses the history of cyber crimes and defines cyber attacks and cyber crimes. Various types of cyber crimes are outlined, including those against persons, property, and government. Common cyber crime techniques like social engineering, viruses, and ransomware are explained. The document notes that cyber crime groups are starting to operate more like organized crime rings. It concludes by discussing how opportunities provided by Web 2.0 technologies can be exploited for cyber crimes.
Cybersecurity training seminars, courses, cybersecurity lawsBryan Len
Cybersecurity risk is expanding, driven by worldwide availability and utilization of cloud administrations to store sensitive data and individual data.
Gone are the times of straightforward firewalls and hostile to infection programming being an organization's sole safety efforts. The ascent of digitalization and other further developed innovative designs has made a huge difference.
Why cybersecurity training ?
Cybercrime throws a wide net. No business, office, association or individual is resistant. As indicated by the 2020 Official Annual Cybercrime Report by Cybersecurity Ventures, cybercrime will cost the world in overabundance of $6 trillion every year by 2021 – up from $3 trillion out of 2015.
Associations have seen security ruptures develop by 67% in the previous five years alone.
What's more, presently it's not simply cybercriminals associations need to stress over. Cybersecurity breaks have different outcomes.
Government guidelines command associations have cybersecurity controls set up to secure delicate information or face significant fines.
Top 4 Cybersecurity laws include:
Payment Card Industry Data Security Standards (PCI DDS)
General Data Protection Regulation (GDPR)
HIPAA
GLBA
Learn considerably more and get the significant training your organization, association or office needs to help secure resources and information. Tonex offers almost three dozen courses in Cybersecurity Foundation.
This incorporates front line courses like:
Automotive Cybersecurity Training
Disaster Recovery and Business Continuity Training
Network Security Training
Software Security Training
ICS Cybersecurity Training
Request more information. Join online courses. Improve your organizations cybersecurity. Visit tonex.com for course and workshop detail.
Cybersecurity training seminars, courses, cybersecurity laws
https://www.tonex.com/cybersecurity-training-seminars-cybersecurity-courses/
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat ReportSymantec
The biggest story in 2014 was, of course, the Heartbleed bug, which shook the foundations of Internet security. This wasn’t about criminals being clever; it was about the inherent vulnerabilities of human-built software, and it reminded everyone of the need for vigilance, better implementation, and more diligent website security.
Of course, while Heartbleed hit the headlines, criminals were still hard at work making their own opportunities for exploitation, theft and disruption. 2014 saw criminals grow more professional, sophisticated, and aggressive in their tactics to the detriment of businesses and individuals alike.
DeepNines Technologies information for IT B2B. Defending against modern threats with DeepNines IT Services. More information located at www.deepnines.com
When money is the at the top of the mind of
cybercriminals, where do they turn their heads to? The
Banking Sector. This SlideShare takes you through the top 5 cybersecurity risks that banks and other financial firms face today.
This document provides an overview of practical cloud security advice. It discusses security risks in cloud computing like unauthorized data exposure and loss of availability. It recommends technical controls like CASB for access monitoring, DLP for data protection, and IRM for persistent data protection. The document also stresses the importance of identity and access management, encryption, and secure configurations.
Trying to prioritize and roadmap effective cyber security investment—people and technology—without fully understanding the cyber threat landscape is like driving 70 MPH in the dark with the lights off while wearing sunglasses. Learn what trends and cyber threats CenturyLink sees globally and get ideas on how to shine a light on your corporation’s technical environment.
Rick Burger, Senior Solutions Architect, CenturyLink; Louie Hollmeyer, Moderator, ATC
Photo Editor Apps for Female College Students - Survey Report - JAKPATJAKPATAPP
The survey results show that:
- 87.4% of respondents use photo editing apps on their smartphones
- The most popular photo editing apps identified were Camera 360, Camera360, Line Camera, Photogrid, B612, and Cymera
- Respondents were allowed to select multiple apps, with a wide variety of apps being used for photo editing purposes
Dave Duarte - Intergrate web & mobile into your marketing mix - Net Prophet 2009RAMP Group
The document discusses integrating web and mobile into marketing strategies. It notes that mobile phones outnumber other technologies in South Africa and that SA ranks highly for mobile web access globally. It then covers some key aspects of digital marketing campaigns, including reach, direct ROI, measurability, stickiness, and immediacy. The document contrasts the industrial economy model of large upfront investments in mass media campaigns with the attention economy approach of focusing on relevance. It emphasizes that annoying and intrusive marketing does not work and that the best digital marketing is useful, relevant and timely.
This document discusses the benefits of unified communications and collaboration (UC&C) systems. UC&C combines communication channels like voice, email, instant messaging, and video conferencing to improve collaboration. The document outlines how UC&C can reduce "communication latency" by making it easier for employees to connect with the right people at the right time. It provides examples of companies that have implemented UC&C through HP and Microsoft solutions and realized cost savings through reduced conferencing costs, simplified management, and other benefits.
The document discusses extraordinary photos of paintings by Pierre-Auguste Renoir, a French artist who lived from 1841 to 1919. One of Renoir's paintings mentioned is called "A Dream of Harmony". The document also references a piece of music by Chopin.
Cyberthreats broke new ground with mobile devices, while reaching deeper into social media. Online criminals also stepped up attacks via email, web and other traditional vectors.
1. The number of malicious web links grew by almost 600% worldwide according to data from Websense Security Labs.
2. 85% of malicious web links were found on legitimate web hosts that had been compromised, indicating websites can no longer be trusted based on their reputation.
3. Traditional anti-virus and firewall defenses are no longer sufficient to prevent web-borne threats, as the web serves both as an attack vector and in supporting other attack vectors like social media, mobile, and email. Advanced defenses that can identify compromised legitimate sites in real-time are needed.
This document discusses how web-based attacks have become the biggest threat today. It provides statistics showing the rise in malicious websites and vulnerabilities. Common web attacks like SQL injection and cross-site scripting are demonstrated. Social networks are highlighted as particularly dangerous due to their combination of technical vulnerabilities and the trusting social environment. Examples are given of actual attacks on social networks, including hacking of popular applications to spread malware. The overall message is that social networks have become a major conduit for web-based threats due to their technical issues compounded by users' trusting social behaviors.
Web Security.cloud is a cloud-based web security service that provides comprehensive protection from web threats. It uses multi-layer scanning to detect malware and enforce acceptable use policies across 14 global data centers with minimal latency. The service offers reporting, mobile access, and a robust SLA to back its security, availability, and performance.
Invincea "The New Threat Vector"dogallama
The document discusses the proliferation of web malware and how current defenses are insufficient. It notes that web malware infections increased 225% in the second half of 2009, exploiting vulnerabilities in browsers and plugins. Traditional solutions like antivirus, firewalls, and web gateways are reactive and cannot keep up with the rapidly evolving threats. The document calls for a new proactive approach to effectively protect against advanced persistent threats, zero-day attacks, and other menaces that traditional solutions fail to prevent.
Ransomware continues to be a major threat. This slidedeck looks at the first six months of 2017, examines why enterprises are being increasingly impacted by ransomware, and reviews the effect of high-profile incidents such as WannaCry and Petya.
For more on this area, read Symantec Security Response's blog and whitepaper: https://www.symantec.com/connect/blogs/businesses-most-risk-new-breed-ransomware
Websense received the 2009 Frost & Sullivan North American Product Innovation of the Year Award in Web Content Management for its development of innovative web security products, including a web filter and web security gateway. These solutions can manage dynamic web content and provide policy-based control over hundreds of network protocols. Websense was founded in 1994 and has over 1,300 employees developing web security technologies to address internet threats.
This document provides an overview of website security threats in 2015 according to a Symantec report. It finds that high-profile vulnerabilities like Heartbleed and Shellshock left many websites at risk in 2014 and these vulnerabilities were quickly exploited by cybercriminals. The total number of reported vulnerabilities continues to rise each year, underscoring the importance of applying software updates and practicing diligent website security. Criminal cyberattacks are also growing more sophisticated with specializations and online marketplaces developing.
The Cisco 2014 Annual Security Report summarizes key findings from Cisco's threat intelligence over the past year. It found that:
1) Malicious exploits are targeting significant internet infrastructure like web servers and nameservers, suggesting the formation of "überbots" seeking high-value assets.
2) Malicious actors are using trusted applications like Java to exploit gaps in perimeter security.
3) Investigations of multinational companies found evidence of internal compromise, with suspicious traffic emanating from their networks to malicious sites.
1. Laptops, smartphones, and social media have created new security risks for enterprises by blurring the lines between personal and corporate devices and enabling more remote access points.
2. Social networks like Facebook and Twitter have become major targets for cybercriminals due to the large number of users and prevalence of user-generated content, allowing automated social engineering at scale.
3. Barracuda's threat intelligence research crawls the web and social media to analyze malware, compromised search results, and suspicious Twitter accounts in order to identify emerging threats and build reputation systems and signatures to protect enterprises.
This document discusses cybersecurity challenges and provides an overview of key concepts. It covers the CIA security model of confidentiality, integrity and availability. It also discusses identification, authentication and authorization. Additional sections outline cybersecurity elements like people, processes, technology and policies. Cybersecurity statistics on data breaches and spending are presented. Common security threats like SQL injection, password attacks, phishing and ransomware are analyzed. Approaches for both reacting to and avoiding security problems are proposed. The document promotes the services of Cyber Gates for cyber defense.
This white paper discusses the key issues surrounding Web security and the need for organizations of all sizes to implement robust Web security processes and technologies – namely, a secure Web gateway.
The document discusses application security and describes a Security and Lifecycle Management Process (SLCMP) to securely develop software. It notes that web application vulnerabilities are common due to less rigorous programming and increasing software variety. The SLCMP aims to increase awareness of web application attacks and how to implement security best practices into the software development lifecycle to build more secure applications. It outlines several common web application attacks like SQL injection, cross-site scripting, and buffer overflows and recommends securing access control, authentication, input validation, error handling and other aspects of applications and infrastructure.
This document provides an overview of cybersecurity topics including statistics on cyberattacks, common types of attacks, vulnerabilities, recent cyberattacks in the US and New Mexico, cybersecurity controls, frameworks, and initiatives. It begins with an agenda covering the internet landscape, statistics on 75% of attacks starting with email and global cybercrime costs reaching $10.5 trillion by 2025. Recent sections discuss the Colonial Pipeline and JBS Foods ransomware attacks, controls like strong passwords and encryption, the NIST Cybersecurity Framework, and potential state initiatives like a New Mexico cybersecurity agency. The presentation aims to raise awareness of cybersecurity risks and best practices.
Our Website Hacked Trend Report provides insights on the top open-source CMS security, out-of-date software, and specific malware families we see on hacked websites in the Sucuri environment.
We’ve built this analysis from prior reports to identify the latest tactics, techniques, and procedures (TTPs) detected by our Remediation Group. A total of 18,302 infected websites and 4,426,795 cleaned files were analyzed in our recent publication.
Tony will discuss high-level findings on a range of topics, including:
- Affected open-source CMS applications
- Outdated CMS and blacklist analysis
- Malware families and their effects
The document summarizes a cyberthreat report from April 2015. It discusses the growing risk of data breaches and malware attacks targeting businesses. Specifically, it highlights attacks targeting healthcare organizations for their valuable personal data, and the increasing use of web malware and macro malware to infiltrate enterprise networks. It provides statistics on prevalent web threats in Q1 2015 like exploit kits and malware focused on generating revenue through hijacking and scams. It emphasizes the ongoing challenge for IT administrators to keep security software updated on all systems to prevent exploits of known vulnerabilities.
This document provides predictions for security issues in 2016 from Forcepoint Security Labs. It predicts that the 2016 U.S. elections will drive significant cyberattacks themed around the elections, with hackers using social media and websites to spread misinformation. It also predicts that new mobile wallet and payment technologies will introduce opportunities for credit card theft and fraud. Finally, it predicts that the addition of new generic top-level domains will provide new opportunities for cybercriminals to use domain names for social engineering and malware attacks.
OpenDNS is a DNS service that aims to make the internet safer, faster, smarter and more reliable. It was founded in 2005 and now has over 30 million active users, processing half a million queries per second and answering 30 billion DNS queries daily. OpenDNS provides content filtering, phishing and malware protection to households, schools and businesses. It translates domain names to IP addresses faster than other DNS services, improving internet speed and reliability.
Infoworld deep dive - Mobile Security2015 updatedKim Jensen
This document provides an overview and comparison of the mobile device management (MDM) capabilities of various mobile platforms, including iOS, Android, BlackBerry, and Windows Phone. It summarizes the new management features introduced in iOS 9 and Android 6.0 Marshmallow, and describes how Android for Work enhances security and management for Android devices running business apps. Key areas discussed include app permissions, device encryption, password policies, and email/calendar management controls available to IT administrators.
Hewlett-Packard Enterprise- State of Security Operations 2015Kim Jensen
This document summarizes findings from 118 security operations maturity assessments of 87 organizations in 18 countries. It finds that the median maturity level remains below the ideal level of 3, and 20% of organizations scored below the minimum level of 1. The top issue facing security operations is the shortage of skilled resources. While organizations are investing in new technologies, many neglect operational budgets and processes, resulting in immature capabilities. Visible breaches have increased focus on security from executive leadership and boards.
5 things needed to know migrating Windows Server 2003Kim Jensen
The document provides five key considerations for organizations migrating from Windows Server 2003:
1. The migration is an opportunity to align IT with business goals and modernize processes, not just a routine system update.
2. Conducting a thorough assessment of all hardware, software, and workflows is necessary to develop an accurate timeline and avoid missed dependencies.
3. Not all existing servers and applications need to be migrated - some may be decommissioned through consolidation or replacement with newer options.
4. Updating hardware in addition to software is important to take advantage of new capabilities and ensure performance supports business needs.
5. Most organizations will benefit from partnering with an outside expert to help plan and execute the migration effectively
The document summarizes security data from Secunia regarding vulnerabilities in software products. Some key findings include:
- The total number of vulnerabilities detected in 2013 was 13,073, a 45% increase over 5 years.
- 16.3% of vulnerabilities were highly critical and 0.4% were extremely critical.
- The top attack vector was remote network access (73.5% of vulnerabilities).
- Vulnerabilities in third-party software accounted for 75.7% of vulnerabilities in the top 50 most common software products.
This document is Cisco's 2013 Annual Security Report which highlights the following key points:
1. The rapid proliferation of devices, applications, and cloud services has created an "any-to-any" world where security has become more challenging. The number of internet-connected devices grew to over 9 billion in 2012.
2. A key trend is the growth of cloud computing, with cloud traffic expected to make up nearly two-thirds of total data center traffic by 2016. This trend complicates security as data is constantly moving.
3. Younger, mobile workers expect to access business services using any device from any location, which also impacts security and data privacy.
The document is a summary of a security survey conducted in 2013 by AV-Comparatives. Some key findings include:
- Over 4,700 computer users worldwide participated in the anonymous online survey.
- Most users are aware of online security risks but some still do not use security software. Detection rates, malware removal, and performance are the most important factors for users.
- Windows 7 and 8 are now the most widely used operating systems. Free antivirus programs are growing in popularity and trust compared to paid solutions.
- Detection testing, real-world protection testing, and tests evaluating heuristic capabilities are the most important types of antivirus testing for users. Performance issues remain a top complaint.
-
Miercom Security Effectiveness Test Report Kim Jensen
The document reports on a test of various web security gateways. It found that Websense blocked the most URLs (132,111 or 5.84%) of over 2.25 million URLs, demonstrating superior web security effectiveness. It also provided the most comprehensive and effective data theft and loss prevention policies. Websense showed advantages in malware blocking, real-time defense, and practical DLP policy implementation. Management of Websense required less time and effort than competitors. Overall, Websense performed well across security effectiveness, malware protection, data protection, and manageability.
Bliv klar til cloud med Citrix Netscaler (pdf)Kim Jensen
This document discusses how Citrix NetScaler outperforms other application delivery controllers (ADCs) in enabling enterprise networks to be cloud ready. It provides 9 key areas where NetScaler beats the competition: 1) Pay-As-You-Grow elasticity to scale capacity on demand; 2) Superior ADC consolidation with higher density; 3) Ability to cluster up to 32 appliances to expand capacity; 4) Full featured virtual ADCs with performance parity to hardware; 5) Cloud bridging functionality for hybrid cloud environments; 6) Open application visibility; 7) SQL load balancing; 8) Intuitive policy engine; 9) Faster SSL performance. The document examines these areas in detail and compares NetScaler's capabilities to other ADC
This document provides a summary and analysis of data from the 2012 Verizon Data Breach Investigations Report (DBIR). Key findings include:
- External threat agents such as hackers were responsible for 98% of breaches and over 99% of compromised records.
- Malware was involved in 69% of breaches and accounted for 95% of compromised records.
- The majority of breaches involved small businesses in the retail, accommodation, and food service industries, though healthcare saw the most compromised records on average per breach.
This document summarizes web traffic trends from Q3 2011 as observed by Zscaler ThreatLabZ across billions of transactions. It finds that while Internet Explorer remains the most used browser, non-browser applications account for over 20% of enterprise HTTP traffic. It also reports that Facebook continues to dominate social networking traffic in enterprises and that browser plugins, especially Adobe Flash, remain out of date and vulnerable to attacks.
This document provides an executive summary and analysis of Forrester's evaluation of mobile collaboration vendors in Q3 of 2011. Forrester evaluated 13 vendors against 15 criteria related to their mobile capabilities and experiences. They found that Adobe, Box, Cisco, IBM, Salesforce, SugarSync, Skype, and Yammer led in their commitment to tablets and smartphones as well as a strategy aligned with mobile workforces. AT&T, Citrix, Dropbox, Evernote, and Google were also strong performers in mobile collaboration. No vendor was considered a contender or risky bet in regards to their mobile support.
The document is a market analysis report from The Radicati Group that examines the corporate web security solutions market in 2011. It segments the market into four categories: specialists, trail blazers, top players, and mature players. The report evaluates vendors based on criteria like functionality and market share. It then plots major vendors in the market into a quadrant chart based on their functionality and size to illustrate their relative position. The report also includes individual analyses of prominent vendors in each category.
Cloud security deep dive infoworld jan 2011Kim Jensen
This document provides an overview of cloud security and how it differs from traditional security models. Some key points:
- Cloud computing introduces new security challenges due to its reliance on sharing resources over the internet, like computing power and storage.
- There are different cloud computing models including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS).
- Cloud computing is defined by traits like internet accessibility, scalability, multitenancy, broad authentication, usage-based pricing, and lack of location specificity. These traits increase security risks.
- Multitenancy, where multiple users share the same cloud resources, introduces the risk of unint
Cloud services deep dive infoworld july 2010Kim Jensen
This document provides an overview of cloud computing services and strategies for businesses. It discusses several types of cloud services including Software as a Service (SaaS) applications, email services, office productivity suites, development/testing platforms, backup/recovery services, and business intelligence tools. The document advises businesses to carefully evaluate their specific needs and compare cloud options to on-premises alternatives before adopting cloud services to ensure the right fit.
Dandelion Hashtable: beyond billion requests per second on a commodity serverAntonios Katsarakis
This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyScyllaDB
Freshworks creates AI-boosted business software that helps employees work more efficiently and effectively. Managing data across multiple RDBMS and NoSQL databases was already a challenge at their current scale. To prepare for 10X growth, they knew it was time to rethink their database strategy. Learn how they architected a solution that would simplify scaling while keeping costs under control.
Monitoring and Managing Anomaly Detection on OpenShift.pdfTosin Akinosho
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfChart Kalyan
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
Building Production Ready Search Pipelines with Spark and MilvusZilliz
Spark is the widely used ETL tool for processing, indexing and ingesting data to serving stack for search. Milvus is the production-ready open-source vector database. In this talk we will show how to use Spark to process unstructured data to extract vector representations, and push the vectors to Milvus vector database for search serving.
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on integration of Salesforce with Bonterra Impact Management.
Interested in deploying an integration with Salesforce for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Trusted Execution Environment for Decentralized Process MiningLucaBarbaro3
Presentation of the paper "Trusted Execution Environment for Decentralized Process Mining" given during the CAiSE 2024 Conference in Cyprus on June 7, 2024.
Main news related to the CCS TSI 2023 (2023/1695)Jakub Marek
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
Taking AI to the Next Level in Manufacturing.pdfssuserfac0301
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3Data Hops
Free A4 downloadable and printable Cyber Security, Social Engineering Safety and security Training Posters . Promote security awareness in the home or workplace. Lock them Out From training providers datahops.com
Skybuffer SAM4U tool for SAP license adoptionTatiana Kojar
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
Choosing The Best AWS Service For Your Website + API.pptx
State of Internet 2H 2008
1. A Websense® White Paper
Websense Security Labs
State of Internet Security, Q3 – Q4, 2008
2. Websense Security Labs
State of Internet Security, Q3 - Q4, 2008
Key Findings
Websense® Security Labs™ uses the patent-pending Websense ThreatSeeker™ Network to discover,
classify, and monitor global Internet threats and trends. Featuring the world’s first Internet HoneyGrid™,
the system uses hundreds of technologies including honeyclients, honeypots, reputation systems,
machine learning and advanced grid computing systems to parse through more than one billion pieces
of content daily, searching for security threats. Every hour, it scans more than 40 million Web sites for
malicious code and scans nearly ten million emails for unwanted content and malicious code. Using more
than 50 million real-time data collecting systems, the Websense ThreatSeeker Network monitors and
classifies Web, messaging, and data content—providing Websense with unparalleled visibility into the
state of content on the Internet and email.
This report summarizes the significant findings of Websense researchers using the ThreatSeeker
Network during the six-month period ending in December 2008.
Websense ThreatSeeker Network Research Highlights, Q3 – Q4 2008
Web Security
• 77 percent of Web sites with malicious code are legitimate sites that have been compromised.
• The number of malicious Web sites identified by Websense Security Labs from January first, 2008 through
January first, 2009 has increased by 46 percent.
• 70 percent of the top 100 sites either hosted malicious content or contained a masked redirect to lure
unsuspecting victims from legitimate sites to malicious sites. This represents a 16 percent increase over the
last six-month period.
Messaging Security
• 84.5 percent of email messages were spam. This represents a 3 percent decrease over the last six months.
• 90.4 percent of all unwanted emails in circulation during this period contained links to spam sites or
malicious Web sites. This represents almost a 6 percent increase in emails containing malicious links to
compromised sites.
• Shopping remained the leading topic of spam (22 percent), followed closely by cosmetics (15 percent)
and medical (14.5 percent). This remained consistent over the last six months. Pornography-related spam
increased sharply by 94 percent, but still only represented 9 percent of all email spam.
• 6 percent of spam messages were phishing attacks, representing a 33 percent decrease over the last six
months. This represents a change in tactics as spammers concentrated on data-stealing Trojan horses and
DNS poisoning tactics to lure victims to malicious sites.
Data Security
• 39 percent of malicious Web attacks included data-stealing code.
• 57 percent of data-stealing attacks are conducted over the Web. This represents a 24 percent increase over
the six-month period.
1
3. Websense Security Labs
State of Internet Security, Q3 - Q4, 2008
With data-stealing Web and email attacks on the rise, Websense Security Labs is tracking where data is
being sent around the globe.
Of the 57 Percent of Malware that Connects via the Web:
• 42 percent of malware connected to the U.S., down 27 percent over the last six-month period
• 16 percent of malware connected to United Kingdom
• 8 percent of malware connected to Brazil
• 8 percent of malware connected to China
• 5 percent of malware connected to Russian Federation
• 20 percent of malware connected to other countries
In the past six months and moving forward, Websense Security Labs expects to see less malware
connecting to the United States as other countries’ infrastructure improves and attackers start
spreading their hosting locations around the world. This shift accounted for the spike in malware
from the United Kingdom during September when a few pieces of malware caused a large number of
connections to U.K. sites.
Where Malware Connects on the Web
July 2008 - December 2008
United States
United Kingdom
Brazil
China
Russian Federation
Others
Jul-08 Aug-08 Sep-08 Oct-08 Nov-08 Dec-08
A Look Back at the Last Six Months
As expected, attackers capitalized on major events over the last six months. The Olympics, the 2008 U.S.
presidential elections, and of course, the end-of-year holidays: Halloween, Thanksgiving and Christmas,
provided fodder for both old and innovative attacks designed to steal personal or business information.
Spammers continued to use malicious spam to invade blogs, search engines, forums, and Web sites to
not only drive traffic to infected sites but also to increase search engine rankings in hopes of attaining
more victims. But the most prevalent trend was the continued use of Web 2.0 content to exploit
weaknesses within the Web infrastructure to attract the greatest number of victims. Search engines and
social networking sites were the biggest targets over the last six months as hackers continued to get
creative and leverage user-created content to compromise sites with good reputations.
2
4. Websense Security Labs
State of Internet Security, Q3 - Q4, 2008
Changes in the Threat Webscape
Websense Security Labs classifies the Webscape into three general sections:
• The top 100 most visited Web properties tend to be classified as social networking or search sites
such as search engines.
• The next 1,000,000 most visited sites, or the known Web, are primarily current events, regional and
genre sites.
• Moving down the “long tail” of the Internet, or the unknown Web are junk, personal and scam sites,
specifically set up for fraud and abuse.
Each area of the Webscape has its own unique security challenges, but the top 100 Web properties that
encompass the largest amount of visitors is a growing target of attackers. Research shows that attackers
continued to focus their attention on the Web 2.0 elements of the evolving Webscape, meaning that
adaptive content classification and dynamic content scanning is now required to protect businesses and
their information.
Not surprisingly, sites that allow user-generated content comprise the majority of the top 50 most
active distributors of malicious content. Sites like mylivepage.com, blogspot.com and blogdrive.com all
offer free hosting and good reputations to malware authors—the perfect combination to compromise
unsuspecting users.
The Dynamic Web
The Known Web
The Unknown Web
The top 100 most visited Web sites:
• Represent the majority of all Web page views, and are the most popular target for attackers. With
their large user base, good reputations and support of Web 2.0 applications, these sites provide
malicious code authors with abundant opportunity.
• Websense Security Labs identified that 90 percent of the top 100 sites are categorized as social
networking or search. This remained static over the last six-month period.
• More than 45 percent of these sites support user-generated content. This remained consistent
over the last six-month period.
• 70 percent of these sites either hosted malicious content or contained a masked redirect to
lure unsuspecting victims from legitimate sites to malicious sites. In many cases these redirects
appeared as the actual Web site, when in fact the content served on that page was being hosted
elsewhere. This represents a 16 percent increase over the last six-month period.
3
5. Websense Security Labs
State of Internet Security, Q3 - Q4, 2008
Business Growth Driving Web 2.0 Adoption in the Workplace
More and more organizations are beginning to embrace Web 2.0 technologies to facilitate collaboration
across organizational and technology silos and to build new communication channels with customers,
partners, and employees around the globe. Web 2.0 aims to enhance user creativity, information
sharing, collaboration, and functionality of the Web. These features enable social networking, video
sharing, blogs, Web publishing, plus other popular methods of information and content creation, editing,
sharing, and distribution. However given the changing threat landscape, organizations need to be aware
of the unique risks these sites pose to their essential information.
A new generation is driving Web 2.0 use in the workplace. The use of social networking sites like
Facebook and MySpace are the “new email” and mode of communication, and the latest generation
expects to be able to use their Web 2.0 devices and sites when they enter the workforce. In addition,
marketing and communication departments are pushing IT departments to open up this access in an
effort to grow and maintain their customer base.
Parallel Trends: The Increased Use of Web 2.0 Sites for Malicious Purposes
As Web 2.0 tools such as Twitter continue to make headway into corporations as a way to improve
customer intimacy and branding, we see a parallel rise in Twitter being used for malicious purposes.
Many organizations lack adequate security technologies and practices to enable safe Web 2.0 use to
protect from data loss and malicious attacks. Spammers and malware authors are using this power to
carry out various attacks.
The nature of Web 2.0 services, which allow users to create their own content, has provided attackers
with more resources to carry out their malicious activities. Over the last six months a slew of security
vulnerabilities have been found on Facebook, Twitter and Justin.tv.
Facebook continues to be plagued with outbreaks caused by a worm known as Koobface that
propagates by sending notes to Facebook friends of someone whose PC has been infected. Attacks
broke out in August but resurfaced again in November when malicious links, disguised as links to
popular video clips, prompted users to download a malicious executable disguised as a codec that
could steal confidential or sensitive information such as credit card numbers or intellectual property
from the user’s desktop. The potential losses in intellectual property ranged from reading of someone
else’s email, forcibly installing Facebook applications on one’s profiles to spreading malicious links
throughout the network.
Spammers continue to abuse Web 2.0 sites and have expanded their tactics beyond email. Instead
of just using the typical obfuscated JavaScript redirect through sites like Blogspot, spammers are
beginning to leverage the pervasiveness of Web 2.0 sites such as YouTube, Livefilestore, Picasa
and Imageshack.
4
6. Websense Security Labs
State of Internet Security, Q3 - Q4, 2008
Security Trends
Blended Threats Deliver Major Hits on Brand-Name Reputations
Continuing the trend identified by Websense during 2007 and the first half of 2008, attackers are taking
advantage of flaws in traditional security measures to bypass reputation-based systems to increase
attack effectiveness.
During the second half of 2008, the volume of legitimate Web sites compromised with malicious code
continued to surpass the number of sites created by attackers specifically for malicious purposes. In
the second half of 2008 more than 77 percent of the Web sites Websense classified as malicious
were actually sites with seemingly good reputations that had been compromised by attackers. This
represents a 2.5 percent increase over the last six months.
In August, Websense was the first to discover that CNET Networks, a media company owned by CBS
Corporation, was compromised when malicious code implanted on its site infected unsuspecting visitors.
In addition, highly visible sites like BusinessWeek.com, BillOreilly.com, and the New York Times faced
serious Web attacks that unknowingly exploited unsuspecting visitors.
The convergence of Web and email threats—or blended threats—has increased by 6 percent since
June 2008. Websense Security Labs reports that now more than 90 percent of all unwanted emails in
circulation during this period contained links to spam sites or malicious Web sites.
During the month of September alone, Websense Security Labs ThreatSeeker Network discovered huge
volumes of spam wrapped up in CNN and MSNBC themed templates. These emails contain links to a
trusted news page containing many legitimate links, but have been designed to encourage users to
download a malicious application posing as a video. The emails entice users to download a video, which
is actually a malicious file, by listing the top 10 stories or a wave of fake celebrity news covering popular
stars including Britney Spears, Jessica Simpson and Paris Hilton.
5
7. Websense Security Labs
State of Internet Security, Q3 - Q4, 2008
Spam innovation
While phishing attacks decreased 33 percent over the last six months, spammers continued to innovate
by switching tactics in order to increase infection success rates. Websense reported an increased use of
data stealing Trojans and DNS poisoning tactics to lure victims to malicious sites.
Spammers continued to use everything in their arsenal, including different hostnames, page names,
executable names and different templates in order to evade detection. Whether it was embedding a link
directly to a malicious executable, or a Web page with a malicious template, or drive-by exploits linked
from inside I Frames in the loaded pages, spammers continued to change their campaigns in order to
gain success.
One of the most successful campaigns over the last six months that accounted for a high percentage of
spam redirected victims to exploit-laden Web pages with pornographic videos, enticing them to install
what really was a Trojan downloader. Generic streaming videos were subsequently used to lure victims
to the path of infection. Spammers then shifted gears by quickly following up with the use of open
redirects and celebrity photos, capitalizing on the world’s fascination with Angelina Jolie, to encourage
recipients to click malicious links.
Further driving innovation was the successful shutdown of two California-based hosting companies,
McColo and Intercage/Atrivo, by upstream providers for hosting botnet command and control (C&C)
servers as well as malicious code. Shutting down McColo in November had the effect of a 50 percent
drop in all spam on the day it was closed, but spammers proved their resilience and rates subsequently
recovered. Shutting down Intercage/Atrivo had a similar effect plus substantially stopped the Storm
botnet from spreading. In the coming months it is likely that spammers will distribute their servers as
well as move to foreign hosting providers to prevent similar shut-downs. Websense Security Labs will be
tracking this trend in future reports.
Leaky Pipes Lead to Data Loss
2008 had fewer high-profile data leaks but maintained the same volume over 2006 and 2007. The
downturn in the economy, cut-backs in personnel, the failure of corporations, and decreased security
investments have created the perfect circumstances for significant data loss in 2009. According to
Websense Security Labs, 57 percent of data-stealing attacks are conducted over the Web. This
represents a 24 percent increase from July to December 2009.
Organizations will be forced to do more with less, and their dogged determination to hit revenue targets
will increase their tolerance to risk. If organizations fail to implement Web-based security to manage the
traffic on their system, these types of attacks are likely to increase in 2009, causing more headaches for
organizations across all industries.
Hotels often offer insufficient IT security, putting traveling employees at risk every time they stay
at a U.S. hotel. But hotels aren’t the only ones struggling; banks continue to be a popular target for
rock phishers. Using their complex and fast-flux infrastructure, Rock Phishers have been successfully
obtaining user account credentials over the last few months. Wachovia, Eastern Bank, Bank of
America, Ocean Bank and Bank of the West were victims of these types of attacks. But perhaps the
most surprising news was that universities continue to be the leading source of data leaks, ranking
significantly higher than organizations in other industries including finance and retail.
6
8. Websense Security Labs
State of Internet Security, Q3 - Q4, 2008
Websense Security Labs Findings Include*:
• Data loss from healthcare organizations rose by 126 percent in 2008 (over 2007)
• Data loss from insurance providers rose by 140 percent in 2008 (over 2007)
• Finance, technology, and manufacturing were the three industries with the greatest number of
records lost (over 46 million records or 63 percent of all records lost in 2008)
• Retail showed a decline in the number of leaks and records lost, year-over-year, in part because
of the massive amount of data loss they incurred in 2007 with such incidents as the TJX breach
• Federal government showed a marked increase in the number of data leaks in the second half
(specifically Q3) of 2008. So too did city government
The Web Remains the Number-One Attack Vector
Attackers continue to target free software downloads or file sharing sites with good reputations
where users can upload or host content for free. The number-one host of malicious files over the
last six months was ironically, cleanmovie.net. Evidently, it wasn’t clean of malware. Cleanmovie.net
accounted for almost eight percent of all malicious files hosted on the Web. Rounding out the top sites
hosting malware between July 2008 and December was kit.net (three percent), variations of the URL
myprivatetube (two percent), and archiveviewsoftware.com (two percent).
URLs remained a popular source of malicious code due to typo squatters, hackers hoping to exploit
users that incorrectly entered a URL and landed on an imitation or fake site that looked very similar
to the legitimate site. Of the top 50 sites hosting malicious code, variations of the popular social
networking site classmates.com accounted for a large number of malicious files and pages on the
Web over the last six months. Other typo-squatter victims included best-soft-for-pc.net and
c-net-download.net.
The number-one host of data-stealing code over the last six-month period was kit.net, accounting for
just about eight percent of all data stealing code on the Web. It was followed closely by more file
sharing or free software download sites including again variations of myprivatetube.net at (six percent),
sapo.pt, (three percent) livefilestore.com (two percent), and cleanmovie.net (one percent). Even Google
pages, with its brand-name reputation, proved to be a dangerous site for users without the right Web
security protection.
7
* Raw data above provided by Data Loss Open Security Foundation.
9. Websense Security Labs
State of Internet Security, Q3 - Q4, 2008
Top 10 Web Attack Vectors in Second Half of 2008:
As Internet users increase, the Web attack vector continues to grow. Web servers are increasingly
compromised through persistent cross-site scripting (XSS) and SQL injection as well as DNS cache-
poisoning attacks. The Web Application Security Consortium reports that 97 percent of sites it studied
continue to be plagued with significant vulnerabilities.
Below are the top ten Web attack vectors over the last six months. Browser vulnerabilities, SQL
injection attacks and the increase of social networking vulnerabilities rounded out the top three
vectors. This list remains relatively consistent with the previous top-ten Web attack vector list cited
during the first half of 2008.
1. Browser vulnerabilities
2. Rogue antivirus/social engineering
3. SQL injection
4. Malicious Web 2.0 components (e.g. Facebook applications, third-party widgets and gadgets,
banner ads)
5. Adobe Flash vulnerabilities
6. DNS Cache Poisoning and DNS Zone file hijacking
7. ActiveX vulnerabilities
8. RealPlayer vulnerabilities
9. Apple QuickTime vulnerabilities
10. Adobe Acrobat Reader PDF vulnerabilities
Browser vulnerabilities continued to plague unsuspecting users. Opera version 9.5.1 enabled attackers to
steal arbitrary samples of data in memory from desktops through specially crafted JavaScript code while
vulnerabilities in Firefox provided attackers additional opportunities for spoofing by exploiting alternate
names on self-signed certificates.
In August 2008, Digg, MSNBC, Newsweek, and MSN Norway were hit by a series of malicious third-party
banner ads, which led visitors to rogue security software sites and hijacked the clipboards of visitors.
One of the vulnerabilities exploited was an integer overflow in Adobe Flash (CVE-2007-0071). That same
month, Websense Security Labs discovered that a major Chinese ISP, China Netcom (CNC), had its DNS
cache poisoned. Unsuspecting customers were redirected to a malicious site when the hostname in a
URL was mistyped.
Additional Metrics
Websense Security Labs tracks the following metrics to identify details about Web and email-based
attacks against data and businesses.
Gone Phishing: Top Countries Hosting Phishing Sites
Despite a decrease in phishing emails, Websense did see an increase in “money mule” and “work
from home” scams designed to extract banking information from unsuspecting victims. These
scams lured users by email to provide account information via a compromised site. The line graph
below demonstrates the top countries hosting phishing sites by month, with the highest number of
phishing attacks.
8
10. Websense Security Labs
State of Internet Security, Q3 - Q4, 2008
Top Countries Hosting Phishing Sites
July 2008 - December 2008
United States
Germany
China
Russian Federation
Netherlands
Others
Jul-08 Aug-08 Sep-08 Oct-08 Nov-08 Dec-08
Flawed Security Sites: Top Countries Hosting Crimeware
According to research published at the Symposium on Usable Privacy and Security meeting at Carnegie
Mellon University on July 23-25, 2008, 75 percent of financial institution Web sites have at least one
security flaw. In September 2008, financial institution ING’s site was found to be susceptible to CSRF
attacks, including one that could enable an attacker to transfer money out of a victim’s account. Web
threats also plagued Erste Bank, a large bank in Central Europe.
The line graph below demonstrates the top countries by month hosting crimeware, a class of malware
designed specifically to automate financial crime. Over the last six months, the majority of malware was
hosted in the United States and Brazil.
Top Countries Hosting Crimeware
July 2008 - December 2008
United States
Brazil
China
Russian Federation
Portugal
Others
Jul-08 Aug-08 Sep-08 Oct-08 Nov-08 Dec-08
9
11. Websense Security Labs
State of Internet Security, Q3 - Q4, 2008
From Discovery to Patch: Window of Vulnerability
The ThreatSeeker Network discovers many malicious applications being circulated via email, drive-by
downloads, exploit code, and other mechanisms employed by creative malware authors. Websense
security supplements antivirus and firewalls by seeking out threats before customers are infected and
provides protection within minutes of discovery—before patches and signatures are available. The chart
below shows the window of exposure between threat detection by Websense ThreatSeeker Network
and the release of the patch by antivirus software providers. The dates below represent the time it took
for the antivirus vendors to publish a signature for the malicious threats Websense detected.
AV Vendor Confirmed Threatseeker Catches
July 2008 - December 2008
120
100
Instances
80
Hours
60
40
20
0
PSW. Win32.Agent.doc
Trojan-Spy.Win32.Zbot.dkf
W32/Trojan3.HK
W32/Trojan3.GB
Spy.Win32.Goldun.bce
W32/Trojan3.AH
W32/Trojan-Gypikon-
w32/Downldr2.ELIH
W32/Trojan3.AC
W32/Trojan2.AUFK
W32/Trojan3.CI
W32/ZbotP.D
W32/Trojan3.BA
W32/Trojan3.T
Downloader.Win32.Obitel.b
based.BA!Maximus
Trojan-
Trojan-
Trojan-
Spam Types
In the past six months Websense Security Labs has seen spammers continue to move away from image
spam and towards the inclusion of links to spam Web content. This is also reflected by malware authors
who opt to distribute malicious content via URLs rather than message attachments.
Spam Type Percentages
July 2008 - December 2008
HTML
17%
10% Plain Text with URL
Plain Text no Link
24% 66%
Image Spam
10
12. Websense Security Labs
State of Internet Security, Q3 - Q4, 2008
Over the last six months, the global number of messages containing viruses is low in comparison to the
number of messages classified as spam. The percentage of email messages flagged as spam decreased
by three percent over the last six months.
Percentage of Global Spam Classified as Spam
or Containing Viruses July 2008 - December 2008
Months of the Year
December 08
November 08 Percentage
Spam
October - 08
September - 08 Percentage
Virus
August - 08
July - 08
80 82 84 86 88 90
Percentage
Over the last six months, the volume of pornographic spam increased 94 percent, but was still only the
seventh most popular target for spammers. The three most popular topics for spam remained shopping
(22 percent), cosmetics (15.1 percent) and medical (14.5 percent.) Despite an announcement from
the Federal Trade Commission in October claiming a major shut down of a global spam network that
advertised fraudulent drugs and accounted for one third of the world’s spam, medical spam increased
by 32 percent over the last six months. This implies that the spammers’ mass-mailing underground
economy is distributed, and posted a strong potential for future online marketing of their products.
Spammers continue to use social networking sites to learn more about their victims. This increased
sophistication helps spammers become more targeted with their attacks and continues to help them
increase their conversion rates. As shown in the bar chart below, Websense Security Labs classifies spam
into the following 14 categories:
2008 Spam Classifications
Travel
Insurance
Scams
Gambling
Spam Categories
Pirated Software
Pump and Dump
Financial
Porn
Education
Dating
Phishing
Medical
Cosmetic
Shopping
0 5 10 15 20 25
Percentage
11
13. Websense Security Labs
State of Internet Security, Q3 - Q4, 2008
Websense Security Labs Firsts
Phishing the Beijing Olympics Lottery
Attack Date: 08/05/2008
Hackers capitalized on the summer Olympics by trying to trick users into buying tickets for the big
event. Websense Security Labs ThreatSeeker Network discovered a rogue Beijing Olympics ticket-lottery
Web site that used the hostname beij***2008.cn, a clear typo-squat to the official Olympic Games Web
site at http://www.beijing2008.cn/. The social engineering tactic lured users into dialing a toll number to
retrieve an access code for an available ticket. The toll number was likely an additional revenue generator
for the scammers as callers would then be charged a premium rate for making that phone call.
Users who input the supplied access code were forwarded to a Web page designed to collect personal
information, including credit card details, to pay a relatively small sum of RMB600 for the ticket
(approximately $87 USD). This phishing Web site employed a phone-call verification step, garnering a
higher level of trust from unsuspecting users. For more information on this alert click here.
CNET Networks Site Compromise
Attack Date: 08/06/2008
CNET Networks, a media company owned by CBS Corporation had one of its Web sites fall prey to
attackers who planted malicious code on CNET’s site aiming to infect visitors to the site. Websense was
the first to discover this attack and promptly reported it to CNET for action. The malicious code was
observed to exploit a known integer overflow vulnerability in Adobe Flash
(CVE-2007-0071).For more details on this compromise, view the alert here.
US Presidential Malware–Barack Obama Interview Lure
Attack Date: 11/05/2008
The elections proved to be a successful topic for spammers over the last six months. In November,
Websense ThreatSeeker Network discovered that malware authors were capitalizing on the announced
results of the 2008 US presidential election. Malicious email lures were being sent, promising a video
showing an interview with the advisors to the newly elected US president. Unsuspecting users who
opened the email risked having malicious software installed designed to steal sensitive or personal
information. For more details on this attack, view the alert here.
Mass Injection Attacks: Energy Conservation Systems Pty Ltd (ECS) Australia
Attack Date: 12/17/2008
Websense Security Labs ThreatSeeker Network discovered that an Energy Conservation Systems Pty
Ltd (ECS) Australia courtesy site was infected with a mass JavaScript injection that delivered a malicious
payload. Multiple pages on the site have been mass injected, attempting to deliver malicious payloads
from 12 different hosts. Energy Conservation Systems Pty Ltd (ECS) is Australia’s market leader in
energy and water management for all market sectors: public, educational, industrial, commercial and
large-scale residential. In an effort to protect their visitors, Websense Security Labs has contacted
Energy Conservation Systems Pty Ltd (ECS) Australia to advise them of the threats on their site.
Websense ThreatSeeker Network has been tracking how such attacks prevail over such reputed Web
sites, targeting their peers, their own users, and other visitors. For more information view the alert here.
12
14. Websense Security Labs
State of Internet Security, Q3 - Q4, 2008
A Look Forward and Summary
As the stock market continues to falter and the world economy dips, the malware economy continues
to thrive. Websense Security Labs predicts that in 2009 organizations will need to ensure risk mitigation
keeps in step with the threat climate. Global enterprises must rethink their approaches to Web, data and
messaging security. Instead of thinking about technologies, organizations must think of protecting their
essential information, and especially their data, including:
• WHO is authorized to access Web sites, information or applications
• WHAT information is sensitive and must be protected
• HOW information can be exchanged
• WHERE information can be sent
The following are the top six predictions for 2009 that organizations should be planning for to ensure
their essential information remains protected.
1. The “cloud” will increasingly be used for malicious purposes
Cloud-based services, such as Amazon Web Services (AWS), Microsoft Azure, and GoGrid, provide
businesses and users with easy-to-use, rent-as-you go opportunities for storage and large-scale
computing at a low cost. But these services also are an attractive target for cybercriminals and
spammers to exploit. Websense predicts that in 2009 we will see an increase in misuse of the cloud.
The cloud may be used simply to send spam or to launch more sophisticated attacks, including
hosting malicious code for downloads, uploading stats, and testing malicious code.
2. An increased use of Rich Internet Applications (RIAs) like Flash and Google Gears for
malicious purposes
There is growing adoption of browser-based Web applications that are either replacing or being
used alongside traditional desktop applications. Examples include Web-based CRM systems, Google
Docs and other Web-based office tools. Creating a rich Internet experience through a browser-based
application is created with technology called rich Internet applications (RIA). With the explosion
of demand for these applications, for developers who use RIA technologies such as Google Gears,
Air, Flash and Silverlight to build large Web 2.0 Internet applications, security is an afterthought,
opening up the door for cybercriminal abuse. With RIA popularity exploding, we predict that in
2009 we will see large scale attacks using both exploits found within the core RIA components as
well as the user-created services that allow attackers to remotely execute code on user machines.
3. Attackers take advantage of the programmable Web
The Web 2.0 world is one in which open Web APIs, mashups, gadgets etc. allow Web sites to share
and use functionality from other Web sites. Web API’s are being released at a record rate, leaving
little time for testing, and requiring a level of trust between users. Websense believes that in 2009
there will be a rise in the malicious use of some Web service API’s to exploit trust and steal user
credentials and confidential information.
4. A significant rise in Web spam and malicious posting of content into blogs, user-forums
and social networks
The rise in the number and popularity of Web sites that allow user-generated content will lead to
a significant rise in Web spam and malicious posting of content into blogs, user-forums, and social
networks sites for search engine poisoning, spreading malicious lures, and duping users into fraud.
Additionally, this threat will be augmented by several new Web attack toolkits that have emerged
that allow attackers to discover sites that allow posts and/or have vulnerabilities. Additionally more
BOT’s will add HTTP post functionality into their capabilities.
13
15. Websense Security Labs
State of Internet Security, Q3 - Q4, 2008
5. Attackers will move to a distributed model of controlling botnets and hosting malcode
This year we saw two California-based hosting companies McColo and Intercage/Atrivo shut
down by upstream providers for hosting botnet command and control (C&C) servers as well as
malicious code. Shutting down McColo had the effect of a 50 percent drop in all spam on the day
it was shuttered. Shutting down Intercage/Atrivo had a similar effect plus substantially mitigated
the “Storm” botnet from spreading. We predict that because these botnet groups have thus far
depended on only a few providers to host their C&C servers, they will distribute their servers as
well as move to foreign hosting providers, making it harder for upstream providers, the Internet
community, and law enforcement to find and shut them down.
A continued siege against Web sites with good reputations
In 2009 we will see more than 80 percent of all malicious content hosted on sites with good
reputations. We will see more big name Web site compromises and more compromises of Web
sites in the Alexa top 100,000 most visited. This includes regional attacks on popular Web sites in
select properties, popular sporting sites, news sites, and continued placement of IFrames and other
malicious redirection code within them.
The information and predictions contained within this report are based on analysis of current
attack trends, cybercriminal techniques, and threat intelligence gathered by researchers using the
Websense ThreatSeeker Network.
About Websense
Websense, Inc. (NASDAQ: WBSN), a global leader in integrated Web, data and email security solutions,
provides Essential Information Protection™ for more than 43 million employees at more than 50,000
organizations worldwide. Distributed through its global network of channel partners, Websense
software and hosted security solutions help organizations block malicious code, prevent the loss of
confidential information and enforce Internet use and security policies. For more information, visit
http://www.websense.com/.
Websense Security Labs
Websense Security Labs is the security research arm of Websense, Inc. that discovers, investigates
and reports on advanced Internet threats. Unlike other research labs, Websense has an unparalleled
knowledge of malware and where it resides on the Web. This allows Websense to detect and block
new threats that traditional security research methods miss, enabling organizations to protect sensitive
content from theft, compromise, or inappropriate use. Recognized as a world leader in security research,
Websense Security Labs publishes findings to hundreds of security partners, vendors and other
organizations around the world and provides security metrics to the Anti-Phishing Working Group.
Websense Security Labs – a Pioneer in Emerging Threat Protection
• Unparalleled visibility and discovery on a massive scale
• Real-time adaptive ability to respond to trends and threats in a Web 2.0 world
• Powered by a unified world-class research team
• Many first discoveries, including the unpatched, high-risk Microsoft Excel vulnerability (March 2008)
• First to market with phishing protection
• First to market with drive-by and backchannel spyware protection
• First to market with bot network protection
• First to market with crimeware/keylogger protection
14