A 10,000 Foot View of Internet Security in Zakir Durumeric
|
|
- Alberta Boone
- 5 years ago
- Views:
Transcription
1 A 10,000 Foot View of Internet Security in 2017 Zakir Durumeric
2 Who am I? I am joining the Stanford CS Department in Fall 2018 My research primarily focuses on empirical security, particularly improving network security through large-scale measurement This includes building systems to perform large-scale data collection, uncovering vulnerabilities in how systems have been deployed in practice, designing more secure protocols and systems
3 Worsening Distributed Denial of Service (DSoS) Attacks
4 Devastating DDoS Attacks In October 2016, DDoS attacks took DNS provider Dyn offline Source: Dyn Largest denial of service attack on public record (>600gbps)
5 Mirai: IoT Devices to Blame Understanding the Mirai Botnet, USENIX Security 17
6 Mirai: IoT Devices to Blame 700, , , , ,000 Steady State: 2-300K Peak: 600K+ Infected Devices Total Mirai Scans TCP/23231 TCP/22 TCP/2222 TCP/37777 TCP/443 TCP/5555 TCP/6789 TCP/8080 TCP/80 TCP/23 TCP/2323 TCP/ , , /01/16 09/01/16 10/01/16 11/01/16 12/01/16 01/01/17 02/01/17 Date Understanding the Mirai Botnet, USENIX Security 17
7 What Happened? It is possible, investigators say, that the attack on Dyn was conducted by a criminal group that wanted to extort the company. Or it could have been done by hacktivists. Or a foreign power that wanted to remind the United States of its vulnerability. Understanding the Mirai Botnet, USENIX Security 17
8 Embarrassingly Bad Security Mirai was possible because hundreds of thousands of devices used default logins and had trivial vulnerabilities Targeted IP rdns Passive DNS ns1.p05.dynect.net ns00.playstation.net ns2.p05.dynect.net ns01.playstation.net ns3.p05.dynect.net ns02.playstation.net ns4.p05.dynect.net ns03.playstation.net Nearly every aspect of Mirai was poorly orchestrated Used no modern malware techniques service.playstation.net ns05.playstation.net service.playstation.net ns06.playstation.net Dyn was taken offline by a handful of miscreants trying to attack a Playstation Game Server Understanding the Mirai Botnet, USENIX Security 17
9 Embarrassingly Bad Security Understanding the Mirai Botnet, USENIX Security 17
10 dmim.ir bklan.ru angoshtarkhatam.ir youporn.wf dibamovie.biz dibamovie.site ip eu xex-pass.com diamondhax.com piratetorrents.net anabolika.bz elektro-engel.de strongconnection.cc moreoverus.com namlimxanh.net.vn kleverfood.vn tamthat.com amgauto.vn ngot.net dacsanthitchua.com herokids.vn santasbigcandycane.cx irisstudio.vn joomlavision.com alexander-block.ru lr-top.ru infonta.ru avtotyn.ru sert-cgb.ru igm-shop.ru osinniki-tatu.ru food-syst.ru taylor-lautner.ru upfarm.ru dardiwaterjet.ru general-city.ru titata.ru video-girle.ru hotelkhiva.ru firstclaz-shop.ru pornopokrovitel.ru sl22.ru childrens-health.ru poliklinikasp.ru videostrannik.ru domisto.ru pavelsigal.ru russianpotatoes.ru wwrf.ru sims-4.ru daf-razbor.ru tomlive.ru stt-spb.ru mp3impulse.ru securityupdates.us kia-moskva.ru kiditema.ru avtoatelie-at.ru dom-italia39.ru shokwave.ru vkladpodprocenti.ru ru hyrokumata.com polycracks.com absentvodka.com mufoscam.org analianus.com rutrax.ru voxility.org voxility.com voxility.ro voxility.net voxility.mobi investor-review.com xf0.pw gramtu.pl q5f2k0evy7go2rax9m4g.ru bebux.net ip eu 69speak.eu apkmarket.mobi steamcoin24.ru keycoins.ru keygolds.ru skincoin.ru walletzone.ru playerstore.ru skinplat.ru skincoin24.ru keyzet.ru muplay.ru tradewallet24.ru gamewallet.ru keydealer.ru steamon.ru gowars.ru boatnetswootnet.xyz tradewallet.ru teamcoin.ru gameshoper.ru gamegolds.ru sillycatmouth.us kernelorg.download disabled.racing lateto.work occurelay.net dopegame.su sipa.be bitcoinstats.com bluematt.me bitnodes.io elyricsworld.com emp3world.com boost-factory.com infoyarsk.ru aodxhb.ru qlrzb.ru zogrm.ru zosjoupf.ru txocxs.ru nrzkobn.ru mehinso.ru fastgg.net alexandramoore.co.uk infobusiness-eto-prosto.ru timeserver.host party-bar66.ru aaliya.ru jealousyworld.ru sony-s.ru agrohim33.ru wapud.ru kinosibay.ru gam-mon.ru svoibuhgalter.ru udalenievmiatin.ru kopernick.ru 5d-xsite-cinema.ru bocciatime.ru kvartplata1.ru receptprigotovlenia.ru kunathemes.com chiviti.com intervideo.top intervideo.online smsall.pk dyndn-web.com checkforupdates.online myfootbalgamestoday.xyz srrys.pw tr069.online novotele.online soplya.com tr069.support kciap.pw kedbuffigfjs.online mziep.pw binpt.pw jgop.org xpknpxmywqsrhe.online zugzwang.me nuvomarine.com gettwrrnty.us rippr.club netwxrk.org servdiscount-customer.com layerjet.com proht.us middlechildink.com zeldalife.com playkenogamesonline.com brendasaviationplans.xyz thcrcz.top stbenedictschoolbx.org hexacooperation.com e3ybt.top grotekleinekerkstraat.nl critical-damage.org zvezdogram.com com ipeb.biz blockquadrat.de my2016mobileapplications.tech nerafashion.com centurystyleantiques.com madlamhockeyleague.com realsaunasuit.com cloudtechaz.net dumpsterrentalwestpalmbeachfl... ok6666.net happy-hack.ru germanfernandez.cl kcgraphics.co.uk thqaf.com addsow.top semazen.com.tr doki.co kentalmanis.info rencontreadopoursitedetours.xyz nextorrent.net 2ws.com.br geroncioribeiro.com gideonneto.com drogamedic.com.br pontobreventos.com.br expertscompany.com woodpallet.com.br pontobreventos.com acessando.com.br 2world.com.br escolavitoria.com.br controluz.com.br sistematitanium.com bigdealsfinder.online megadealsdiscounter.online superpriceshopper.online bestpricecastle.online bestsavingfinder.online starpricediscounted.online greatdealninja.online megadealsfinder.online topdealdiscounted.online superpriceshopping.online eduk-central.net hightechcrime.club cheapkittensspecial.win yellowpuppyspecial.pw cheapestdogspecial.pw 33catspecials.pw finddogdeal.win yellowcatdeal.win cheapestdoggyspecial.pw findcatspecial.win 33puppiesspecials.win yellowpetsspecials.pw greendoggyspecial.pw 33catsdeal.pw cheapestdogspecials.win 33kittensspecials.pw bluepuppiesdeals.pw greenbirdsspecials.win greenkittensdeal.pw bluepuppyspecial.pw findbirdsspecials.pw nfoservers.com icmp.online xn----7sbhguokj.xn--p1ai transfer.club admin-vk.ru favy.club xn--b1acdqjrfck3b7e.xn--p1ai xn--80aac5cct.xn--80aswg ta-bao.com dopegame.ru dolgoprud.top ocalhost.host alcvid.com ousquadrant.com protopal.club tr069.pw 6969max.com serverhost.name as62454.net spevat.net mwcluster.com edhelppro.bid secure-limited-accounts.com mediaforetak.com lottobooker.ru postrader.eu robositer.com postrader.it siterhunter.com postrader.org secure-payment.online secure-support.services ssldomainerrordisp2003.com clearsignal.com ip eu avac.io ip eu Cluster 2 Cluster 6 Cluster 23 Cluster 7 Cluster 1 Cluster 0 Moving Forward Mirai hasn t gone away fractured control could easily return It will return unless there s significant change Understanding the Mirai Botnet, USENIX Security 17
11 IoT Security Beyond Mirai Mirai is one example of poor security in a worrisome trend Second Example: Hundreds of thousands of embedded devices serve user data to the public over anonymous FTP Data ranges from clinical medical records to HR and financial data are publicly available Typically due to poor user interfaces, default credentials, and easy-to-find vulnerabilities FTP: The Forgotten Cloud, DSN 16
12 Malware, Infection, and Ransomware
13 A Thriving Underground Economy Pay Per Install : Compromised machines are a purchasable commodity Allows multi-tenancy of machines for denial of service attacks, malicious hosting, spam, PII theft, ad fraud Fill out web form with the number of machines you need and payment, then upload your malware binary: U.S./Western Europe Installs: $ Less Popular Installs (mostly Asia): $7-8 Large providers see abusive traffic from tens of millions of abusive IPs on a daily basis Source: The Abuse Sharing Economy: Understanding the Limits of Threat Exchanges
14 DDoS For Hire: Booter/Stresser Services DDoS has been commoditized: Enables non-sophisticated subscribers to extort, harass, and censor First major Mirai attack was taking down Brian Kreb s blog Popular services carry out of 100Ks of attacks from 1Ks of subscribers Accept PayPal, Bitcoin. $ based on duration/intensity Primarily amplification attacks that use misconfigured NTP, DNS, SIP Source: Understanding and Undermining the Business of DDoS Services
15 The Rise of Ransomware Ransomware has become extremely popular dwarfs other types of malware attacks Little change in distribution: Phishing s, social media scams Largest 2017 Family (Cerber): ~7M USD - Expansive affiliate program Source: Unmasking the Ransomware Kingpins
16 Data Breaches and Mismanagement
17 Data Breaches Constantly hearing about data breaches Equifax, Anthem, ebay, Home Depot, Target, Adobe, Sony, Adult Friend Finder, OMB, Hard to detect root cause, but a few major problems: - Network mismanagement - Phishing - Out of date software - 20% of Flash installs are vulnerable - 25% of browsers out of date Source: Duo Trusted Access Report
18 Patching Behavior Vulnerable Percentage of HTTPS Hosts Alexa Top 1 Million Sites Public IPv4 Address Space 04/12 04/19 04/26 05/03 05/10 05/17 05/24 Heartbleed OpenSSL vulnerability allowed remote attackers to dump memory Massive publicity likely best case patching scenario Patching plateaued with 30% of IPv4 hosts remaining vulnerable Today, 100K+ hosts remain vulnerable. Most are IoT devices Date The Matter of Heartbleed, IMC 14
19 Increased Data Collection Many of the headlines are about financial data leaks - Primary worry: Identity theft Hospitals, insurance providers are also commonly. Earlier this year, Uber. Worrisome trend of collecting and store all data - IoT devices will continue to have access to more sensitive information
20 Encrypting Data in Transit
21 Increasing HTTPS Deployment For the first time, 50% of Chrome and Firefox page loads use HTTPS Chrome more restrictive on loading HTTP content Firefox only releasing new features for HTTPS connections Percent of page loads over HTTPS in Google Chrome [Source: Google Chrome Team]
22 TLS 1.3 Nearing Completion We ve seen quite a few TLS 1.2 protocol vulnerabilities the last few years: POODLE, FREAK, Logjam + Weak Diffie-Hellman Keys, DROWN, [ ] TLS 1.3: A simpler protocol built on lessons from the last few years: - Simpler construction with formal analysis before finalization - Removes many insecure options - Increased Performance Current Impediment: Poorly constructed middle boxes are holding back deployment
23 Trustworthy PKI <2011: Little visibility into the certificate authorities that support HTTPS : Uncovered rampant abuse through Internet-Wide Scanning : Web browsers taking more proactive role policing CAs 2018: Browsers requiring trusted certificates to be in public logs (CT) 2018: Proactive, programmatic detection of authority mismanagement Analysis of the HTTPS Certificate Ecosystem, IMC 13 Tracking Certificate Misissuance in the Wild, S&P 18
24 Delivery Security Gmail Messages Delivered over TLS Inbound Outbound 90% 68% 45% 23% 0% security has historically lagged behind HTTPS November 2017: ~90% of is encrypted in transit 230% increase in the last four years IETF is finalizing Strict Transport Security to protect against attacks uncovered in 2014 Details: An Empirical Analysis of Delivery Security, IMC 15
25 A 10,000 Foot View of Internet Security in 2017 Zakir Durumeric Stanford University
Understanding the Mirai Botnet
Understanding the Mirai Botnet Manos Antonakakis, Tim April, Michael Bailey, Matthew Bernhard, Elie Bursztein Jaime Cochran, Zakir Durumeric, J. Alex Halderman, Luca Invernizzi Michalis Kallitsis!, Deepak
More informationState of the Internet Security Q Mihnea-Costin Grigore Security Technical Project Manager
State of the Internet Security Q2 2017 Mihnea-Costin Grigore Security Technical Project Manager Topics 1. Introduction 2. DDoS Attack Trends 3. Web Application Attack Trends 4. Spotlights 5. Resources
More informationAKAMAI CLOUD SECURITY SOLUTIONS
AKAMAI CLOUD SECURITY SOLUTIONS Whether you sell to customers over the web, operate data centers around the world or in the cloud, or support employees on the road, you rely on the Internet to keep your
More informationThe Invisible Threat of Modern Malware Lee Gitzes, CISSP Comm Solutions Company
The Invisible Threat of Modern Malware Lee Gitzes, CISSP Comm Solutions Company November 12, 2014 Malware s Evolution Why the change? Hacking is profitable! Breaches and Malware are Projected to Cost $491
More informationProtecting Your Enterprise Databases from Ransomware
Protecting Your Enterprise Databases from Ransomware 1 Protecting Your Enterprise Databases from Ransomware Protecting Your Enterprise Databases from Ransomware Ransomware is no longer the new kid on the
More informationInternet Security Threat Report Volume XIII. Patrick Martin Senior Product Manager Symantec Security Response October, 2008
Internet Security Threat Report Volume XIII Patrick Martin Senior Product Manager Symantec Security Response October, 2008 Agenda 1 ISTR XIII Important Facts 2 ISTR XIII Key Messages 3 ISTR XIII Key Facts
More information10 FOCUS AREAS FOR BREACH PREVENTION
10 FOCUS AREAS FOR BREACH PREVENTION Keith Turpin Chief Information Security Officer Universal Weather and Aviation Why It Matters Loss of Personally Identifiable Information (PII) Loss of Intellectual
More information10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS
10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS WHITE PAPER INTRODUCTION BANKS ARE A COMMON TARGET FOR CYBER CRIMINALS AND OVER THE LAST YEAR, FIREEYE HAS BEEN HELPING CUSTOMERS RESPOND
More informationDHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1
Addressing the Evolving Cybersecurity Tom Tollerton, CISSP, CISA, PCI QSA Manager Cybersecurity Advisory Services DHG presenter Tom Tollerton, Manager DHG IT Advisory 704.367.7061 tom.tollerton@dhgllp.com
More informationIntelligent and Secure Network
Intelligent and Secure Network BIG-IP IP Global Delivery Intelligence v11.2 IP Intelligence Service Brian Boyan - b.boyan@f5.com Tony Ganzer t.ganzer@f5.com 2 Agenda Welcome & Intro Introduce F5 IP Intelligence
More informationMapping traditional AV detection failures. October 2017
Mapping traditional AV detection failures October 2017 TABLE OF CONTENTS Introduction 01 Methodology 02 Findings 03 AV failures common malware 03 Multiple AV failures 04 Four leading AVs failures 05 Conclusion
More informationStop Ransomware In Its Tracks. Chris Chaves Channel Sales Engineer
Stop Ransomware In Its Tracks Chris Chaves Channel Sales Engineer Agenda Ransomware A Brief Introduction Why Are Ransomware Attacks so Successful? How Does a Ransomware Attack Happen? How to Stop Ransomware
More informationAllot IoT Defense Solutions for Enterprises to Ensure IoT Service Continuity. Solution Brief
Allot IoT Defense Solutions for Enterprises to Ensure IoT Service Continuity Solution Brief Contents 1 Allot IoT Defense Solutions for Enterprises to Ensure IoT Service Continuity... 1 2 IoT Service Protection...
More informationArbor WISR XII The Stakes Have Changed. Julio Arruda V1.0
Arbor WISR XII The Stakes Have Changed Julio Arruda V1.0 Overview This presentation provides a quick view of the ATLAS collected information for the year of 2016, then focus in Latin America targeted DDoS,
More informationA custom excerpt from Frost & Sullivan s Global DDoS Mitigation Market Research Report (NDD2-72) July, 2014 NDD2-74
Analysis of the Global Distributed Denial of Service (DDoS) Mitigation Market Abridged Version Rise of the DDoS Attack Spurs Demand for Comprehensive Solutions A custom excerpt from Frost & Sullivan s
More informationMitigating Security Breaches in Retail Applications WHITE PAPER
Mitigating Security Breaches in Retail Applications WHITE PAPER Executive Summary Retail security breaches have always been a concern in the past, present and will continue to be in the future. They have
More informationSHA-1 to SHA-2. Migration Guide
SHA-1 to SHA-2 Migration Guide Web-application attacks represented 40 percent of breaches in 2015. Cryptographic and server-side vulnerabilities provide opportunities for cyber criminals to carry out ransomware
More informationCybersecurity for Service Providers
Cybersecurity for Service Providers Alexandro Fernandez, CISSP, CISA, CISM, CEH, ECSA, ISO 27001LA, ISO 27001 LI, ITILv3, COBIT5 Security Advanced Services February 2018 There are two types of companies:
More informationThanks for attending this session on April 6 th, 2016 If you have any question, please contact Jim at
Thanks! Thanks for attending this session on April 6 th, 2016 If you have any question, please contact Jim at jim@stickleyonsecurity.com Don t forget to checkout Stickley on Security and learn about our
More informationCybersecurity. Anna Chan, Marketing Director, Akamai Technologies
Grow revenue opportunities with fast, personalized web experiences and manage complexity from peak demand, mobile Business devices and Continuity data collection. & Cybersecurity Anna Chan, Marketing Director,
More informationHow Breaches Really Happen
How Breaches Really Happen www.10dsecurity.com About Dedicated Information Security Firm Clients Nationwide, primarily in financial industry Services Penetration Testing Social Engineering Vulnerability
More informationAnalisi degli attacchi DDOS e delle contromisure
Attacchi informatici: Strategie e tecniche per capire, prevenire e proteggersi dagli attacchi della rete Analisi degli attacchi DDOS e delle contromisure Alessandro Tagliarino 0 WHO IS ARBOR NETWORKS?
More informationCLOUD REPORT LITTLE CHANGE IN GDPR-READINESS LEVELS WITH MAY 2018 DEADLINE LOOMING. 24.6% of cloud services rated high on GDPR-readiness
SEPTEMBER 2017 CLOUD REPORT LITTLE CHANGE IN GDPR-READINESS LEVELS WITH MAY 2018 DEADLINE LOOMING 24.6% of cloud services rated high on GDPR-readiness REPORT HIGHLIGHTS 24.6 percent of cloud services are
More informationCybersecurity Today Avoid Becoming a News Headline
Cybersecurity Today 2017 Avoid Becoming a News Headline Topics Making News Notable Incidents Current State of Affairs Common Points of Failure Three Quick Wins How to Prepare for and Respond to Cybersecurity
More informationMost Common Security Threats (cont.)
Most Common Security Threats (cont.) Denial of service (DoS) attack Distributed denial of service (DDoS) attack Insider attacks. Any examples? Poorly designed software What is a zero-day vulnerability?
More informationRANSOMWARE PROTECTION. A Best Practices Approach to Securing Your Enterprise
RANSOMWARE PROTECTION A Best Practices Approach to Securing Your Enterprise TABLE OF CONTENTS Introduction...3 What is Ransomware?...4 Employee Education...5 Vulnerability Patch Management...6 System Backups...7
More informationDéfense In-Depth Security. Samson Oduor - Internet Solutions Kenya Watson Kamanga - Seacom
Défense In-Depth Security Samson Oduor - Internet Solutions Kenya Watson Kamanga - Seacom Siku Njema! Good Day! 2 Defense In-depth Security Approach SECTION 1 Introductions SECTION 4 Case - Study SECTION
More informationAutomating Security Response based on Internet Reputation
Add Your Logo here Do not use master Automating Security Response based on Internet Reputation IP and DNS Reputation for the IPS Platform Anthony Supinski Senior Systems Engineer www.h3cnetworks.com www.3com.com
More informationTrends in IoT DDoSbotnets
Trends in IoT DDoSbotnets Netnod Meeting, 14-15 March2018 Steinthor Bjarnason ASERT Network Security Research Engineer sbjarnason@arbor.net 2018 ARBOR PUBLIC 7,7 MillionDuring this presentation, approx.
More informationTo learn more about Stickley on Security visit You can contact Jim Stickley at
Thanks for attending this session on March 15th. To learn more about Stickley on Security visit www.stickleyonsecurity.com You can contact Jim Stickley at jim@stickleyonsecurity.com Have a great day! Fraud
More informationMulti-Factor Authentication (MFA)
10.10.18 1 Multi-Factor Authentication (MFA) What is it? Why should I use it? CYBERSECURITY Tech Fair 2018 10.10.18 2 Recent Password Hacks PlayStation Network (2011) 77 Million accounts hacked Adobe (2013)
More informationCOPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 1
COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 1 Worldwide Infrastructure Security Report Highlights Volume XIII C F Chui, Principal Security Technologist COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 2 Overview This presentation
More informationCyber Insurance: What is your bank doing to manage risk? presented by
Cyber Insurance: What is your bank doing to manage risk? David Kitchen presented by Lisa Micciche Today s Agenda Claims Statistics Common Types of Cyber Attacks Typical Costs Incurred to Respond to an
More informationIoT - Next Wave of DDoS? IoT Sourced DDoS Attacks A Focus on Mirai Botnet and Best Practices in DDoS Defense
IoT - Next Wave of DDoS? IoT Sourced DDoS Attacks A Focus on Mirai Botnet and Best Practices in DDoS Defense DDoS Attacks Increasing in Size, Frequency & Complexity Arbor Networks WISR XII Largest attack
More informationExposing The Misuse of The Foundation of Online Security
Exposing The Misuse of The Foundation of Online Security HLA ID: 90FZSBZFZSB 56BVCXVBVCK 23YSLUSYSLI 01GATCAGATC Cyber space is very similar to organic realm Keys & certificates are like HLA tags But,
More informationVERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT
VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VOLUME 4, ISSUE 1 1ST QUARTER 2017 Complimentary report supplied by CONTENTS EXECUTIVE SUMMARY 3 VERISIGN-OBSERVED DDoS ATTACK TRENDS: Q1 2017 4 DDoS
More informationHOW TO HANDLE A RANSOM- DRIVEN DDOS ATTACK
From the Security Experts at Corero Network Security HOW TO HANDLE A RANSOM- DRIVEN DDOS ATTACK Be Proactive, Not Reactive STEP-BY-STEP GUIDE The Rise of Ransom-Driven DDoS Attacks Ransom-related Denial
More informationWebroot Phishing Threat Trends
December 2016 Webroot Phishing Threat Trends An update to the 2016 Threat Brief Introduction Who would ever fall for that? That s what many people think when they see a phishing attempt, since less advanced
More information8 Must Have. Features for Risk-Based Vulnerability Management and More
8 Must Have Features for Risk-Based Vulnerability Management and More Introduction Historically, vulnerability management (VM) has been defined as the practice of identifying security vulnerabilities in
More informationInternet2 DDoS Mitigation Update
Internet2 DDoS Mitigation Update Nick Lewis, Program Manager - Security and Identity, Internet2 Karl Newell, Cyberinfrastructure Security Engineer, Internet2 2016 Internet2 Let s start with questions!
More informationCybersecurity The Evolving Landscape
Cybersecurity The Evolving Landscape 1 Presenter Zach Shelton, CISA Principal DHG IT Advisory Zach.Shelton@DHG.com Raleigh, NC 14+ years of experience in IT Consulting 11+ years of experience with DHG
More informationCombating Cyberattacks Through Network Agility and Automation Sagi Chief Technology Officer
Combating Cyberattacks Through Network Agility and Automation Sagi Brody @webairsagi Chief Technology Officer Leverage new technologies to: 1) Improve traditional DDoS monitoring & mitigation 2) Enhance
More informationVERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT
VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VOLUME 4, ISSUE 3 3RD QUARTER 2017 Complimentary report supplied by CONTENTS EXECUTIVE SUMMARY 3 VERISIGN-OBSERVED DDoS ATTACK TRENDS: Q3 2017 4 DDoS
More informationAuthor: Tonny Rabjerg Version: Company Presentation WSF 4.0 WSF 4.0
Author: Tonny Rabjerg Version: 20150730 Company Presentation WSF 4.0 WSF 4.0 Cybercrime is a growth industry. The returns are great, and the risks are low. We estimate that the likely annual cost to the
More informationRSA Web Threat Detection
RSA Web Threat Detection Online Threat Detection in Real Time Alaa Abdulnabi. CISSP, CIRM RSA Pre-Sales Manager, TEAM Region 1 Web Threat Landscape In the Wild Begin Session Login Transaction Logout Web
More informationDNS Security. Ch 1: The Importance of DNS Security. Updated
DNS Security Ch 1: The Importance of DNS Security Updated 8-21-17 DNS is Essential Without DNS, no one can use domain names like ccsf.edu Almost every Internet communication begins with a DNS resolution
More informationCyber Attacks: Evolving Network Architectures to Meet the Challenge
Cyber Attacks: Evolving Network Architectures to Meet the Challenge Robert Crinks OnPoint Consulting, Inc. EIS 2018 discover a dynamic comprehensive technology partner that can help your agency A wholly
More informationThe Interactive Guide to Protecting Your Election Website
The Interactive Guide to Protecting Your Election Website 1 INTRODUCTION Cloudflare is on a mission to help build a better Internet. Cloudflare is one of the world s largest networks. Today, businesses,
More informationMcAfee Network Security Platform 9.2
McAfee Network Security Platform 9.2 (9.2.7.22-9.2.7.20 Manager-Virtual IPS Release Notes) Contents About this release New features Enhancements Resolved issues Installation instructions Known issues Product
More informationComodo cwatch Web Security Software Version 1.6
rat Comodo cwatch Web Security Software Version 1.6 Quick Start Guide Guide Version 1.6.010918 Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013 Comodo cwatch Web Security - Quick Start Guide
More informationSecurity Gap Analysis: Aggregrated Results
Email Security Gap Analysis: Aggregrated Results Average rates at which enterprise email security systems miss spam, phishing and malware attachments November 2017 www.cyren.com 1 Email Security Gap Analysis:
More informationService Provider View of Cyber Security. July 2017
Service Provider View of Cyber Security July 2017 Quick Stats Caribbean and LatAm: 3 rd largest population of Internet Users You Are Here Visualization from the Opte Project of the various routes through
More informationMay the (IBM) X-Force Be With You
Ann Arbor, Michigan July 23-25 May the (IBM) X-Force Be With You A QUICK PEEK INTO ONE OF THE MOST RENOWNED SECURITY TEAMS IN THE WORLD Marlon Machado Worldwide Standardization Leader, Application Security
More informationZimperium Global Threat Data
Zimperium Global Threat Report Q2-2017 700 CVEs per Year for Mobile OS 500 300 100 07 08 09 10 11 12 13 14 15 16 17 Outdated ios Outdated ANDROID 1 of 4 Devices Introduces Unnecessary Risk 1 out of 50
More informationISACA West Florida Chapter - Cybersecurity Event
ISACA West Florida Chapter - Cybersecurity Event Presented by Sri Sridharan Managing Director & Chief Operating Officer Florida Center for Cybersecurity CURRENT TRENDS Top Cybersecurity Trends of 2015
More informationwith Advanced Protection
with Advanced Email Protection OVERVIEW Today s sophisticated threats are changing. They re multiplying. They re morphing into new variants. And they re targeting people, not just technology. As organizations
More informationSOTI SUMMER [state of the internet] / security ATTACK SPOTLIGHT
SOTI SUMMER 2018 [state of the internet] / security ATTACK SPOTLIGHT State of the Internet / Attack Spotlight ATTACK SPOTLIGHT Memcached 1.0 OVERVIEW Earlier this year, Akamai mitigated the largest DDoS
More informationThe S in IoT is for Security Owning all the Things
Raja Mukerji Co-Founder, ExtraHop Networks @rajamukerji The S in IoT is for Security Owning all the Things Why Now? Topics of Discussion Why should you care about the Internet of Things? What challenges
More informationU.S. State of Cybercrime
EXCLUSIVE RESEARCH FROM EXECUTIVE SUMMARY 2017 U.S. State of Cybercrime IDG Communications, Inc. 2017 U.S. State of Cybercrime TODAY S CYBERCRIMES ARE BECOMING MORE TARGETED AND BUILT FOR MAXIMUM IMPACT,
More informationPROTECTION SERVICE FOR BUSINESS. Datasheet
PROTECTION SERVICE FOR BUSINESS Datasheet Protection Service For Business is one of the world s leading multi-endpoint security solutions. It is the only endpoint security solution on the market that combines
More informationThe Cost of Phishing. Understanding the True Cost Dynamics Behind Phishing Attacks A CYVEILLANCE WHITE PAPER MAY 2015
The Cost of Phishing Understanding the True Cost Dynamics Behind Phishing Attacks A CYVEILLANCE WHITE PAPER MAY 2015 Executive Summary.... 3 The Costs... 4 How To Estimate the Cost of an Attack.... 5 Table
More informationDDoS Introduction. We see things others can t. Pablo Grande.
DDoS Introduction We see things others can t Pablo Grande pgrande@arbor.net DoS & DDoS. Unavailability! Interruption! Denial of Service (DoS) attack is an attempt to make a machine or network resource
More informationSOLUTION BRIEF. Enabling and Securing Digital Business in API Economy. Protect APIs Serving Business Critical Applications
Enabling and Securing Digital Business in Economy Protect s Serving Business Critical Applications 40 percent of the world s web applications will use an interface Most enterprises today rely on customers
More informationAKAMAI SOLUTION BROCHURE CLOUD SECURITY SOLUTIONS FAST RELIABLE SECURE.
CLOUD SECURITY SOLUTIONS FAST RELIABLE SECURE. Threat > The number and size of cyberattacks are increasing rapidly Website availability and rapid performance are critical factors in determining the success
More informationDissecting Data Breaches. What Keeps Going Wrong?
Dissecting Data Breaches What Keeps Going Wrong? 02 WHO WE ARE Tom Stewart Uriah Robins Senior Manager IT Consulting Protiviti Senior Consultant IT Consulting Protiviti PRESENTATION AGENDA 3 START BREACH
More informationCABLE MSO AND TELCO USE CASE HANDBOOK
CALE MSO AND TELCO USE CASE HANDOOK ackground Service providers, including cable multiple-system operators, or MSOs, telecom network operators and other broadband providers, manage and secure multiple
More informationMcAfee Labs Threat Report
McAfee Labs Threat Report December 217 THREATS STATISTICS Malware Incidents Web and Network Threats 1 McAfee Labs Threat Report, December 217 The McAfee Labs count of new malware in Q3 reached an all-time
More informationINTRODUCTION: DDOS ATTACKS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC
INTRODUCTION: DDOS ATTACKS 1 DDOS ATTACKS Though Denial of Service (DoS) and Distributed Denial of Service (DDoS) have been common attack techniques used by malicious actors for some time now, organizations
More informationAKAMAI THREAT ADVISORY. Satori Mirai Variant Alert
AKAMAI THREAT ADVISORY Satori Mirai Variant Alert Version: V002 Date: December 6, 2017 1.0 / Summary / Akamai, along with industry peers, has identified an updated variant of Mirai (Satori) that has activated
More informationDMARC Continuing to enable trust between brand owners and receivers
DMARC Continuing to enable trust between brand owners and receivers February 2014 1 DMARC Defined DMARC stands for: Domain-based Message Authentication, Reporting & Conformance (pronounced dee-mark ) 2
More informationHOW WHOIS DATA ENSURES A SAFE AND SECURE INTERNET
HOW WHOIS DATA ENSURES A SAFE AND SECURE INTERNET A DETAILED LOOK AT HOW PUBLIC DOMAIN OWNERSHIP DATA DRIVES THREE ESSENTIAL CYBERSECURITY WORKFLOWS INTRODUCTION Each year, millions of individuals, businesses,
More information( ) 2016 NSFOCUS
NSFOCUS 2016 Q3 Report on DDoS Situation and Trends (2016-10-20) 2016 NSFOCUS Copyright 2016 NSFOCUS Technologies, Inc. All rights reserved. Unless otherwise stated, NSFOCUS Technologies, Inc. holds the
More informationProtecting Smart Buildings
Protecting Smart Buildings The next frontier of critical infrastructure security Suzanne Rijnbergen - MBA visibility detection control Who am I? Global Director Professional Services @SecurityMatters (ForeScout)
More informationPRESENTED BY:
PRESENTED BY: scheff@f5.com APPLICATIONS ARE The reason people use the Internet The business the target The gateway to DATA 765 Average # of Apps in use per enterprise 6 min before its scanned 1/3 If vulnerable,
More informationWar Stories from the Cloud: Rise of the Machines. Matt Mosher Director Security Sales Strategy
War Stories from the Cloud: Rise of the Machines Matt Mosher Director Security Sales Strategy The Akamai Intelligent Platform The Platform 175,000+ Servers 2,300+ Locations 750+ Cities 92 Countries 1,227+
More informationCybersecurity. Overview. Define Cyber Security Importance of Cyber Security 2017 Cyber Trends Top 10 Cyber Security Controls
Cybersecurity Hospitality Finance and Technology Professionals June 27, 2017 Presented by: Harvey Johnson, CPA Partner Overview Define Cyber Security Importance of Cyber Security 2017 Cyber Trends 1 About
More information.NET JAVA C ASE. Certified. Certified. Application Security Engineer.
.NET C ASE Certified Application Security Engineer JAVA C ASE Certified Application Security Engineer Certified Application Security Engineer www.eccouncil.org EC-Council Course Description The Certified
More informationPhishing in the Age of SaaS
Phishing in the Age of SaaS AN ESSENTIAL GUIDE FOR BUSINESSES AND USERS The Cloud Security Platform Q3 2017 intro Phishing attacks have become the primary hacking method used against organizations. In
More informationHow technology changed fraud investigations. Jean-François Legault Senior Manager Analytic & Forensic Technology June 13, 2011
How technology changed fraud investigations Jean-François Legault Senior Manager Analytic & Forensic Technology June 13, 2011 The Changing Cyberfraud Landscape Underground Economy Malware Authors Organized
More informationSecurity Architect Northeast US Enterprise CISSP, GCIA, GCFA Cisco Systems. BRKSEC-2052_c Cisco Systems, Inc. All rights reserved.
Web 2.0 Security Recommendations Ken Kaminski Security Architect Northeast US Enterprise CISSP, GCIA, GCFA Cisco Systems 1 Agenda Reputation Services Web application security Secure Coding and Web Application
More informationddos-guard.net Protecting your business DDoS-GUARD: Distributed protection against distributed attacks
ddos-guard.net Protecting your business DDoS-GUARD: Distributed protection against distributed attacks 2 WHAT IS A DDOS-ATTACK AND WHY ARE THEY DANGEROUS? Today's global network is a dynamically developing
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Data Theft
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationReduce Your Network's Attack Surface
WHITE PAPER Reduce Your Network's Attack Surface Ixia's ThreatARMOR Frees Up Security Resources and Personnel The Threat Landscape When you re dealing with network security, one of the primary measurements
More informationJune 2 nd, 2016 Security Awareness
June 2 nd, 2016 Security Awareness Security is the degree of resistance to, or protection from, harm. if security breaks down, technology breaks down Protecting People, Property and Business Assets Goal
More informationDDoS attack patterns across the APJ cloud market. Samuel Chen CCIE#9607 Enterprise Security Architect, Manager - APJ
DDoS attack patterns across the APJ cloud market Samuel Chen CCIE#9607 Enterprise Security Architect, Manager - APJ www.cloudsec.com/tw DDoS attacks from Q1 2014 to Q1 2016 Each dot represents an individual
More informationInsider Threat Detection Including review of 2017 SolarWinds Federal Cybersecurity Survey
Insider Threat Detection Including review of 2017 SolarWinds Federal Cybersecurity Survey CyberMaryland Conference 2017 Bob Andersen, Sr. Manager Federal Sales Engineering robert.andersen@solarwinds.com
More informationMonthly Cyber Threat Briefing
Monthly Cyber Threat Briefing January 2016 1 Presenters David Link, PM Risk and Vulnerability Assessments, NCATS Ed Cabrera: VP Cybersecurity Strategy, Trend Micro Jason Trost: VP Threat Research, ThreatStream
More informationAre You Avoiding These Top 10 File Transfer Risks?
Are You Avoiding These Top 10 File Transfer Risks? 1. 2. 3. 4. Today s Agenda Introduction 10 Common File Transfer Risks Brief GoAnywhere MFT Overview Question & Answer HelpSystems Corporate Overview.
More informationCyber War Chronicles Stories from the Virtual Trenches
Cyber War Chronicles Stories from the Virtual Trenches Ron Winward Security Evangelist Radware, Inc. March 17, 2016 Background on the Radware Report Key Cyber Attack Trends for 2015-2016 Case Study: Look
More informationCorero & GTT DDoS Trends Report Q2 Q3 2017
Corero & GTT DDoS Trends Report Q2 Q3 2017 Executive Summary KEY TRENDS KEY INSIGHTS RECOMMENDATIONS SUMMARY 3 6 7 9 Organizations around the globe have become increasingly dependent on the Internet as
More informationLessons from the Human Immune System Gavin Hill, Director Threat Intelligence
Lessons from the Human Immune System Gavin Hill, Director Threat Intelligence HLA ID: 90FZSBZFZSB 56BVCXVBVCK 23YSLUSYSLI 01GATCAGATC Cyber space is very similar to organic realm Keys & certificates are
More informationWhat is Zemana AntiLogger?
Zemana AntiLogger You need smarter protection against the bad guys who are trying to steal your financial credentials, gain access to your private online accounts and even your identity. What is Zemana
More informationTrusted Identities. Foundational to Cloud Services LILA KEE CHIEF PRODUCT OFFICER GLOBALSIGN
Trusted Identities Foundational to Cloud Services LILA KEE CHIEF PRODUCT OFFICER GLOBALSIGN WHAT YOU WILL LEARN TODAY Strong identity verification as a security measure and business enabler Authentication
More informationDefending Our Digital Density.
New Jersey Cybersecurity & Communications Integration Cell Defending Our Digital Density. @NJCybersecurity www.cyber.nj.gov NJCCIC@cyber.nj.gov The New Jersey Cybersecurity & Communications Integration
More informationCyber Security and Data Protection: Huge Penalties, Nowhere to Hide
Q3 2016 Security Matters Forum Cyber Security and Data Protection: Huge Penalties, Nowhere to Hide Alan Calder Founder & Executive Chair IT Governance Ltd July 2016 www.itgovernance.co.uk Introduction
More informationA GUIDE TO DDoS PROTECTION
HTTP CACHE BYPASS FLOOD THINK APP SECURITY FIRST CHOOSING THE RIGHT MODEL A GUIDE TO DDoS PROTECTION DNS AMPLIFICATION INTRODUCTION By thinking proactively about DDoS defense, organizations can build a
More informationRouting Security DDoS and Route Hijacks. Merike Kaeo CEO, Double Shot Security
Routing Security DDoS and Route Hijacks Merike Kaeo CEO, Double Shot Security merike@doubleshotsecurity.com DISCUSSION POINTS Understanding The Growing Complexity DDoS Attack Trends Packet Filters and
More informationPROTECTING YOUR BUSINESS ASSETS
PROTECTING YOUR BUSINESS ASSETS How to Spot Danger Before Your Computer Gets Infected, Your Site Hosts Malware, and Your Credit Card Number Gets Stolen A MyNAMS Presentation by Regina Smola @2012 Regina
More informationSecurity by Any Other Name:
Security by Any Other Name: On the Effectiveness of Provider Based Email Security Ian Foster, Jon Larson, Max Masich, Alex C. Snoeren, Stefan Savage, and Kirill Levchenko University of California, San
More informationAGILE AND CONTINUOUS THREAT MODELS
SESSION ID: DEV-R04 AGILE AND CONTINUOUS THREAT MODELS Nancy Davoust Vice President, Security Architecture and Technology Solutions Comcast CONTEXT FOR AGILE AND CONTINUOUS THREAT MODELING The Landscape
More information