Massive Attack WannaCry Update and Prevention. Eric Kwok KL.CSE

Similar documents
Getting over Ransomware - Plan your Strategy for more Advanced Threats

KASPERSKY ENDPOINT SECURITY FOR BUSINESS

RANSOMWARE. All Locked Up and No Place to Go. Mark

Kaspersky Cloud Security for Hybrid Cloud. Diego Magni Presales Manager Kaspersky Lab Italia

Symantec Ransomware Protection

ENDPOINT SECURITY FOR BUSINESS: TECHNOLOGY IN ACTION

Synchronized Security

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

Endpoint Protection : Last line of defense?

KASPERSKY ANTI-MALWARE PROTECTION SYSTEM BE READY FOR WHAT S NEXT. Kaspersky Open Space Security

Stop Ransomware In Its Tracks. Chris Chaves Channel Sales Engineer

Seqrite Endpoint Security

LIGHT AGENT OR AGENTLESS

UTM 5000 WannaCry Technote

Kaspersky Security for Windows Server

Kaspersky Security Network

AT&T Endpoint Security

MEMORY AND BEHAVIORAL PROTECTION ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

Kaspersky Open Space Security

RETHINKING SECURITY. Fighting Known, Unknown and Advanced Threats. kaspersky.com/business

FIREWALL BEST PRACTICES TO BLOCK

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

How to Identify Advanced Persistent, Targeted Malware Threats with Multidimensional Analysis

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION

YOUR DATA UNDER SIEGE: GUARD THE GAPS WITH PATCH MANAGEMENT. With Kaspersky, now you can. kaspersky.com/business Be Ready for What s Next

9 Steps to Protect Against Ransomware

The GenCyber Program. By Chris Ralph

Bitdefender GravityZone. Supreme protection against active threats for the SMB market

Web Gateway Security Appliances for the Enterprise: Comparison of Malware Blocking Rates

Securing the SMB Cloud Generation

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY

CYBER SECURITY. formerly Wick Hill DOCUMENT* PRESENTED BY I nuvias.com/cybersecurity I

A MULTILAYERED SECURITY APPROACH TO KEEPING HEALTHCARE DATA SECURE

Kaspersky Security for Windows Server

Securing Your Business Against the Diversifying Targeted Attacks Leonard Sim

Review Kaspersky Internet Security - multi-device 2015 online software downloader ]

Don't 'WannaCry' No More: How to Shield Your IT Infrastructure from Ransomware. Netwrix Corporation Roy Lopez System Engineer

IT & DATA SECURITY BREACH PREVENTION

Next Generation Enduser Protection

Zillya Internet Security User Guide

UTM Firewall Registration & Activation Manual DFL-260/ 860. Ver 1.00 Network Security Solution

KASPERSKY FRAUD PREVENTION FOR ENDPOINTS

Defend what you create. Why Dr.Web

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

IBM Security Network Protection Solutions

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

KnowBe4 is the world s largest integrated platform for awareness training combined with simulated phishing attacks.

Cyber Security. Our part of the journey

Introducing KASPERSKY ENDPOINT SECURITY FOR BUSINESS

Maximum Security with Minimum Impact : Going Beyond Next Gen

Security Aspects Control Rationale Best Practices Self-Assessment (Click all that applicable) 1. Security Policy and Security Management

NetDefend Firewall UTM Services

KASPERSKY SECURITY CENTER 10 & KASPERSKY SECURITY FOR SERVER

CONTEMPORARY CYBER ATTACK TRENDS AND CHALLENGES DR SHASHWAT RAIZADA

Changing face of endpoint security

Kaspersky Managed Service Providers Program

Stopping Advanced Persistent Threats In Cloud and DataCenters

Securing the Modern Data Center with Trend Micro Deep Security

Kaspersky Industrial CyberSecurity. Kaspersky Industrial CyberSecurity: solution overview #truecybersecurity

Synchronized Security

Get Max Internet Security where to buy software for students ]

FILELESSMALW ARE PROTECTION TEST OCTOBER2017

ANTIVIRUS SITE PROTECTION (by SiteGuarding.com)

Internet Security Application Control

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Malware Outbreak

Outsmarting Ransomware: Hints and Tricks. Netwrix Corporation Adam Stetson System Engineer

WHY ANTIVIRUS WILL NEVER DIE ADVANCED DETECTION FOR DUMMIES EDDY WILLEMS SECURITY EVANGELIST

Next Generation Endpoint Security Confused?

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Service Provider View of Cyber Security. July 2017

ANTIVIRUS SITE PROTECTION (by SiteGuarding.com)

ein wichtiger Baustein im Security Ökosystem Dr. Christian Gayda (T-SEC) und Ingo Kruckewitt (Symantec)

Agenda. Why we need a new approach to endpoint security. Introducing Sophos Intercept X. Demonstration / Feature Walk Through. Deployment Options

Too Little Too Late: Top Reasons Why You Got Hacked

Technical Brochure F-SECURE THREAT SHIELD

A Strategic Approach to Industrial CyberSecurity. Kaspersky Industrial CyberSecurity

SPAM Malware s Super Highway. How To Protect Yourself Against Malicious s 1

Seamless Security in the Age of Cloud Services: Securing SaaS Applications & Cloud Workloads

Zero Trust on the Endpoint. Extending the Zero Trust Model from Network to Endpoint with Advanced Endpoint Protection

RANSOMWARE PROTECTION. A Best Practices Approach to Securing Your Enterprise

Kaspersky Security for Small and Medium Business

Audience. Overview. Enterprise Protection Platform for PCI DSS & HIPAA Compliance

Kaspersky PURE 2.0. Mail Anti-Virus: security levels

3 Ways to Prevent and Protect Your Clients from a Cyber-Attack. George Anderson Product Marketing Director Business October 31 st 2017

ANATOMY OF AN ATTACK!

Christopher Covert. Principal Product Manager Enterprise Solutions Group. Copyright 2016 Symantec Endpoint Protection Cloud

CompTIA. SY0-401 EXAM CompTIA Security+ Certification Exam. m/ Product: Demo. For More Information:

Kaspersky Security. The Power to Protect Your Organization

No Stone. and Servers Alike.

FIREWALL BEST PRACTICES TO BLOCK

WatchGuard Total Security Complete network protection in a single, easy-to-deploy solution.

PCI DSS v3.2 Mapping 1.4. Kaspersky Endpoint Security. Kaspersky Enterprise Cybersecurity

Trend Micro Deep Discovery and Custom Defence

Kaspersky Internet Security User Guide

Annexure E Technical Bid Format

WannaCryptor Ransomware Analysis

Hello! we are here to share some stories

Chapter 10: Security. 2. What are the two types of general threats to computer security? Give examples of each.

BREAKTHROUGH CYBER SECURITY FREQUENTLY ASKED QUESTIONS

Transcription:

Massive Attack WannaCry Update and Prevention Eric Kwok KL.CSE

Wannacry Q: After patch ms17-010, your computer A: YES / NO won't be infect wannacry ransomware

Wannacry Q: In order to against Wannacry attack, just A: YES / NO put all file into Recycle Bin.

Ransomware Ransomware target any PC users, whether it s a home computer, endpoints in an enterprise network, or servers used by a government agency or healthcare provider

Kaspersky Security Awareness Training People are not motivated to learn (only 22% believe they can be targeted by criminals); Employees do not see IT Security as partners and always try to bypass them; There is a lack of measurements on awareness, besides how many people got trained.

Kaspersky Security Awareness Training Online training modules Simulated phishing attacks Knowledge assessments Education automation Progress reports

What is Wannacry Ransomware Why this is so massive and different from before It is a worm Kill Switch Use NSA backdoor vulnerability to spread Initiated through an SMBv1 remote code DO NOT request user s interaction Automatic discovery & infect windows OS without MS17-010 patch

Worms + Ransomware Infect other unpatched Windows machines automatically Basically it scans LAN IPS for SMB/445 port open DO NOT request user s interaction (But Wannacry is not the only one) Spora Ransomware (Download or install automatically)

Endpoint Firewall + Network Attack Blocker IDS / IPS Function Blocking C&C Server Isolate Infected machine

Vulnerability MS17-010 : Patched by Microsoft on 14-Mar Vulnerability everywhere

Kaspersky Vulnerability and Patch Management Vulnerability Scan & Patch Management Automated distribution of patches and updates for 150+ applications

Automatic Exploit Prevention Control of potentially vulnerable applications Monitor pre-launch activities Tracking the origin of code

Ransomware is difficult to detect

Signature Based Detection The first layer protection Not only for detection

Known HIPS & Firewall (network traffic) URL Filtering (web traffic) Anti-Spam (email traffic) Anti-Phishing (email traffic) Blacklisting Unknown Heuristics Whitelisting App Control Advanced BSS AEP Systems Watcher The Kaspersky Lab approach Vulnerability Assessment & Patch Management Kaspersky Security Network 70% 29% 1% File Download File Start File Execution Reactive Technologies Proactive Technologies

Known HIPS & Firewall (network traffic) URL Filtering (web traffic) Anti-Spam (email traffic) Anti-Phishing (email traffic) Blacklisting Unknown Heuristics Whitelisting App Control Advanced BSS AEP Systems Watcher The Kaspersky Lab approach Vulnerability Assessment & Patch Management Kaspersky Security Network 29% 1% File Download File Start File Execution Reactive Technologies Proactive Technologies

Known HIPS & Firewall (network traffic) URL Filtering (web traffic) Anti-Spam (email traffic) Anti-Phishing (email traffic) Blacklisting Unknown Heuristics Whitelisting App Control Advanced BSS AEP Systems Watcher The Kaspersky Lab approach Vulnerability Assessment & Patch Management Kaspersky Security Network 29% 1% File Download File Start File Execution Reactive Technologies Proactive Technologies

The Kaspersky Lab approach Kaspersky Kaspersky Security Security Network Network Over 2.1 Billion Whitelisting Object 1 billion black Object A Urgent Detection System

Known HIPS & Firewall (network traffic) URL Filtering (web traffic) Anti-Spam (email traffic) Anti-Phishing (email traffic) Blacklisting Unknown Heuristics Whitelisting App Control Advanced BSS AEP Systems Watcher The Kaspersky Lab approach Vulnerability Assessment & Patch Management Kaspersky Security Network 29% 1% File Download File Start File Execution Reactive Technologies Proactive Technologies

The Kaspersky Lab approach Known Virus Signature Log Application Activity UnKnown Heuristics Terminal Malicious Program RollBack Malware action System Watcher Urgent Detection System KSN Kaspersky Unique Feature System Watcher

The Kaspersky Lab approach File Server Protection - Anti-Cryptor Protecting shared folder from crypto-malware Blocking access from hosts with suspicious activity Application Startup Control

Wannacry Live Demo 表演者曾受專業訓練, 觀眾切勿模仿

Questions? Useful Link : www.securelist.com Local Support - corp.support@lapcom.com.hk Tel : 36934668 Thanks You! New virus analysis : newvirus@kaspersky.com Ransomware : noransom.kaspersky.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback