SlideShare uma empresa Scribd logo

CSO Breakfast in Partnership with ESET - Juraj Malcho Presentation

Transferir como PPTX, PDF
C
CSO_Presentations

CSO Breakfast in Partnership with ESET - Juraj Malcho Presentation

Tecnologia
1 de 45
Are we doing enough? Juraj Malcho Chief Research Officer ESET
Agenda • Malware scene of today • Anything special about Australia? • Are security solutions dead and ineffective? • How to manage to survive (and sleep at night)? • How dark is the future of ICT security?
Malware prevalence AUS 2013 consumer vs business Threat infection share total share Win32/Toolbar.Conduit.B 7.95% 0.75% Win32/Toolbar.SearchSuite 4.81% 0.45% Win32/Toolbar.Conduit.P 4.48% 0.42% Win32/Toolbar.Widgi 3.58% 0.34% Win32/AdInstaller 3.05% 0.29% Win32/SoftonicDownloader.E 2.95% 0.28% Win32/Toolbar.Babylon.E 2.71% 0.25% Win32/DownloadAdmin.G 2.49% 0.23% Win32/Toolbar.Visicom.A 2.48% 0.23% Win32/Toolbar.MyWebSearch 2.38% 0.22% Win32/Toolbar.Conduit.Q 2.38% 0.22% Win32/Somoto.A 2.33% 0.22% Win32/Toolbar.Babylon.A 2.32% 0.22% Win32/Toolbar.Conduit.O 2.22% 0.21% Win32/Adware.Yontoo.B 2.13% 0.20% Win32/Toolbar.Linkury.A 2.09% 0.20% Win32/Toolbar.Visicom.C 2.03% 0.19% Win32/bProtector.A 2.00% 0.19% Win32/Toolbar.Visicom.B 1.89% 0.18% HTML/Iframe.B.Gen 1.89% 0.18% Threat infection share total share Win32/Toolbar.Widgi 4.89% 0.49% Win32/Toolbar.Conduit.B 4.48% 0.45% Win32/Toolbar.SearchSuite 3.80% 0.38% HTML/Iframe.B.Gen 3.56% 0.36% HTML/ScrInject.B.Gen 3.13% 0.32% Win32/Toolbar.Conduit.P 2.59% 0.26% Win32/DownloadAdmin.G 2.54% 0.26% Win32/AdInstaller 2.49% 0.25% Win32/SoftonicDownloader.E 2.11% 0.21% Win32/InstallIQ 2.11% 0.21% Win32/Toolbar.MyWebSearch 2.10% 0.21% Win32/NetTool.Portscan.C 2.06% 0.21% Win32/Tool.EvID4226 2.03% 0.21% Win32/Keygen.AO 2.02% 0.20% Win32/Keygen.CY 2.02% 0.20% Win32/bProtector.A 1.84% 0.19% Win32/Toolbar.Babylon.E 1.82% 0.18% Win32/Toolbar.Linkury.A 1.80% 0.18% Win32/Spy.Zbot.AAU 1.66% 0.17% Win32/InstallIQ.A 1.64% 0.17%
Malware prevalence AUS 2014 consumer vs business Threat infection share total share Win32/Toolbar.Conduit.Y 8.32% 0.50% Win32/Toolbar.Conduit.B 6.83% 0.41% Win32/Toolbar.Conduit 4.57% 0.28% Win32/Toolbar.Conduit.P 4.16% 0.25% Win32/Conduit.SearchProtect.N 3.69% 0.22% Win32/PriceGong.A 3.66% 0.22% Win32/Systweak 3.37% 0.20% MSIL/MyPCBackup.A 3.07% 0.19% Suspicious 3.07% 0.19% Win32/Toolbar.Conduit.X 2.85% 0.17% Win32/Toolbar.Conduit.Q 2.77% 0.17% Win32/Conduit.SearchProtect.H 2.76% 0.17% Win32/Toolbar.Conduit.H 2.62% 0.16% Win32/Toolbar.Conduit.O 2.49% 0.15% Win32/Toolbar.Conduit.AH 2.33% 0.14% Win32/Toolbar.MyWebSearch.AC 2.04% 0.12% Win32/Toolbar.Visicom.B 2.01% 0.12% Win64/Toolbar.Conduit.B 1.99% 0.12% Win32/ClientConnect.A 1.87% 0.11% JS/Toolbar.Crossrider.B 1.86% 0.11% Win32/TrojanDownloader.Wauchos.AF 1.82% 0.11% Threat infection share total share Win32/Toolbar.Conduit.Y 5.83% 0.39% Win32/Toolbar.Conduit.B 5.22% 0.35% Win32/Conduit.SearchProtect.N 3.82% 0.26% Win32/TrojanDownloader.Wauchos.AF 3.65% 0.25% Win32/TrojanDownloader.Waski.A 3.52% 0.24% Win32/PriceGong.A 2.52% 0.17% Win32/Rovnix.X 2.50% 0.17% Win32/Toolbar.Conduit.P 2.50% 0.17% MSIL/MyPCBackup.A 2.24% 0.15% Win32/Toolbar.Conduit.X 2.23% 0.15% Win32/Toolbar.Conduit.Q 2.20% 0.15% Win32/Toolbar.Conduit.H 2.11% 0.14% Win32/Toolbar.Conduit 2.09% 0.14% Suspicious 2.02% 0.14% Win32/Conduit.SearchProtect.P 1.95% 0.13% Win32/Systweak 1.79% 0.12% Win32/Toolbar.Conduit.AH 1.79% 0.12% Win32/AdInstaller 1.77% 0.12% Win32/Toolbar.Montiera.A 1.74% 0.12% Win32/Toolbar.Conduit.V 1.66% 0.11% Win32/TrojanDownloader.Waski.F 1.61% 0.11%
Malware prevalence AUS 2015 consumer vs business Threat infection share total share Suspicious 8.39% 0.40% Win32/TrojanDownloader.Waski.F 4.19% 0.20% Win32/Toolbar.Conduit.Y 2.76% 0.13% Win32/Systweak 2.03% 0.10% Win32/TrojanDownloader.Waski.A 1.89% 0.09% Win32/Conduit.SearchProtect.N 1.67% 0.08% Win32/ClientConnect.A 1.55% 0.07% Win32/AdkDLLWrapper.A 1.50% 0.07% Win32/Systweak.L 1.50% 0.07% Win32/TrojanDownloader.Waski.Z 1.37% 0.07% Win32/Toolbar.MyWebSearch.AC 1.36% 0.06% JS/Toolbar.Crossrider.B 1.23% 0.06% Win32/Systweak.N 1.21% 0.06% Win32/Toolbar.Conduit.B 1.21% 0.06% Win32/Toolbar.Conduit.O 1.16% 0.06% Win32/Toolbar.Conduit.X 1.15% 0.05% Win32/Toolbar.Conduit.Q 1.13% 0.05% Win32/Toolbar.MyWebSearch.AA 1.12% 0.05% MSIL/MyPCBackup.A 1.08% 0.05% Win32/Conduit.SearchProtect.H 1.04% 0.05% Threat infection share total share Win32/TrojanDownloader.Waski.F 7.56% 0.45% Suspicious 4.98% 0.30% Win32/TrojanDownloader.Waski.A 3.31% 0.20% Win32/Toolbar.Conduit.Y 2.76% 0.16% Win32/TrojanDownloader.Waski.Z 2.30% 0.14% Win32/Conduit.SearchProtect.N 1.81% 0.11% Win32/Toolbar.MyWebSearch.AO 1.46% 0.09% Win32/Filecoder.DI 1.37% 0.08% Win32/TrojanDownloader.Wauchos.AK 1.23% 0.07% Win32/Systweak 1.20% 0.07% Win32/Conduit.SearchProtect.P 0.99% 0.06% MSIL/MyPCBackup.F 0.97% 0.06% Win32/Toolbar.Conduit.B 0.97% 0.06% Win32/Systweak.L 0.97% 0.06% Win32/Toolbar.Conduit.O 0.96% 0.06% Win32/Systweak.N 0.96% 0.06% Win32/Toolbar.Conduit.Q 0.89% 0.05% Win32/TrojanDownloader.Agent.BEL 0.86% 0.05% Win32/Danger.DoubleExtension 0.84% 0.05% Win32/Toolbar.Visicom.B 0.83% 0.05%
Malware prevalence 2015 AUS vs USA business Threat infection share total share Win32/TrojanDownloader.Waski.F 7.56% 0.45% Suspicious 4.98% 0.30% Win32/TrojanDownloader.Waski.A 3.31% 0.20% Win32/Toolbar.Conduit.Y 2.76% 0.16% Win32/TrojanDownloader.Waski.Z 2.30% 0.14% Win32/Conduit.SearchProtect.N 1.81% 0.11% Win32/Toolbar.MyWebSearch.AO 1.46% 0.09% Win32/Filecoder.DI 1.37% 0.08% Win32/TrojanDownloader.Wauchos.AK 1.23% 0.07% Win32/Systweak 1.20% 0.07% Win32/Conduit.SearchProtect.P 0.99% 0.06% MSIL/MyPCBackup.F 0.97% 0.06% Win32/Toolbar.Conduit.B 0.97% 0.06% Win32/Systweak.L 0.97% 0.06% Win32/Toolbar.Conduit.O 0.96% 0.06% Win32/Systweak.N 0.96% 0.06% Win32/Toolbar.Conduit.Q 0.89% 0.05% Win32/TrojanDownloader.Agent.BEL 0.86% 0.05% Win32/Danger.DoubleExtension 0.84% 0.05% Win32/Toolbar.Visicom.B 0.83% 0.05% Threat infection share total share Win32/Toolbar.Conduit.Y 3.59% 0.14% Win32/Toolbar.MyWebSearch.AO 2.73% 0.10% Win32/TrojanDownloader.Waski.F 2.47% 0.09% HTML/ScrInject.B.Gen 2.39% 0.09% Win32/Systweak 2.21% 0.08% Win32/Toolbar.Conduit.X 1.92% 0.07% Suspicious 1.85% 0.07% Win32/Conduit.SearchProtect.N 1.83% 0.07% MSIL/MyPCBackup.F 1.76% 0.07% Win32/AdInstaller 1.54% 0.06% JS/Toolbar.Crossrider.B 1.52% 0.06% Win32/Toolbar.MyWebSearch.AC 1.51% 0.06% Win32/DealPly.S 1.51% 0.06% Win32/Systweak.L 1.49% 0.06% Win32/ClientConnect.A 1.46% 0.06% MSIL/MyPCBackup.A 1.42% 0.05% Win32/Toolbar.Visicom.B 1.38% 0.05% Win32/Systweak.N 1.38% 0.05% Win32/InstallIQ.A 1.29% 0.05% HTML/FakeAlert.AK 1.28% 0.05%
Malware prevalence 2015 AUS vs USA consumer Threat infection share total share Suspicious 8.39% 0.40% Win32/TrojanDownloader.Waski.F 4.19% 0.20% Win32/Toolbar.Conduit.Y 2.76% 0.13% Win32/Systweak 2.03% 0.10% Win32/TrojanDownloader.Waski.A 1.89% 0.09% Win32/Conduit.SearchProtect.N 1.67% 0.08% Win32/ClientConnect.A 1.55% 0.07% Win32/AdkDLLWrapper.A 1.50% 0.07% Win32/Systweak.L 1.50% 0.07% Win32/TrojanDownloader.Waski.Z 1.37% 0.07% Win32/Toolbar.MyWebSearch.AC 1.36% 0.06% JS/Toolbar.Crossrider.B 1.23% 0.06% Win32/Systweak.N 1.21% 0.06% Win32/Toolbar.Conduit.B 1.21% 0.06% Win32/Toolbar.Conduit.O 1.16% 0.06% Win32/Toolbar.Conduit.X 1.15% 0.05% Win32/Toolbar.Conduit.Q 1.13% 0.05% Win32/Toolbar.MyWebSearch.AA 1.12% 0.05% MSIL/MyPCBackup.A 1.08% 0.05% Win32/Conduit.SearchProtect.H 1.04% 0.05% Threat infection share total share Suspicious 4.00% 0.15% Win32/Toolbar.Conduit.Y 3.11% 0.12% Win32/Systweak 2.54% 0.10% HTML/ScrInject.B.Gen 2.18% 0.08% JS/Toolbar.Crossrider.B 2.14% 0.08% Win32/ClientConnect.A 2.13% 0.08% Win32/Conduit.SearchProtect.N 1.96% 0.08% MSIL/MyPCBackup.A 1.86% 0.07% Win32/Systweak.L 1.77% 0.07% Win32/Toolbar.MyWebSearch.AC 1.64% 0.06% MSIL/MyPCBackup.F 1.61% 0.06% Win32/Toolbar.MyWebSearch.AA 1.61% 0.06% JS/Toolbar.Crossrider.G 1.57% 0.06% Win32/TrojanDownloader.Waski.F 1.53% 0.06% REG/Agent.AK 1.50% 0.06% HTML/FakeAlert.AK 1.46% 0.06% Win32/Systweak.N 1.43% 0.06% Win32/Toolbar.Conduit.X 1.39% 0.05% Win32/Toolbar.Conduit.AH 1.36% 0.05% Win32/Toolbar.MyWebSearch.AO 1.35% 0.05%
Malware prevalence 2015 AUS vs IDN business Threat infection share total share Win32/TrojanDownloader.Waski.F 7.56% 0.45% Suspicious 4.98% 0.30% Win32/TrojanDownloader.Waski.A 3.31% 0.20% Win32/Toolbar.Conduit.Y 2.76% 0.16% Win32/TrojanDownloader.Waski.Z 2.30% 0.14% Win32/Conduit.SearchProtect.N 1.81% 0.11% Win32/Toolbar.MyWebSearch.AO 1.46% 0.09% Win32/Filecoder.DI 1.37% 0.08% Win32/TrojanDownloader.Wauchos.AK 1.23% 0.07% Win32/Systweak 1.20% 0.07% Win32/Conduit.SearchProtect.P 0.99% 0.06% MSIL/MyPCBackup.F 0.97% 0.06% Win32/Toolbar.Conduit.B 0.97% 0.06% Win32/Systweak.L 0.97% 0.06% Win32/Toolbar.Conduit.O 0.96% 0.06% Win32/Systweak.N 0.96% 0.06% Win32/Toolbar.Conduit.Q 0.89% 0.05% Win32/TrojanDownloader.Agent.BEL 0.86% 0.05% Win32/Danger.DoubleExtension 0.84% 0.05% Win32/Toolbar.Visicom.B 0.83% 0.05% Threat infection share total share LNK/Agent.AV 7.93% 1.02% Win32/Ramnit.A 4.38% 0.57% LNK/Autostart.A 3.39% 0.44% Win32/Virut.NBP 3.10% 0.40% Win32/Ramnit.F 3.02% 0.39% Defo 2.94% 0.38% Win32/Ramnit.H 2.88% 0.37% JS/Kryptik.I 2.85% 0.37% Win32/Toolbar.MyWebSearch.AO 2.50% 0.32% INF/Autorun.gen 2.43% 0.31% JS/Toolbar.Crossrider.B 2.30% 0.30% Win32/Toolbar.SearchSuite.C 2.15% 0.28% Win32/Conficker.X 2.01% 0.26% Win32/Conficker.AA 2.00% 0.26% Win32/Sality.NBA 1.98% 0.26% Win32/Sality.NBJ 1.85% 0.24% LNK/Exploit.CVE-2010-2568 1.80% 0.23% Win32/SProtector.D 1.78% 0.23% LNK/Agent.AK 1.77% 0.23% Win32/Slugin.A 1.77% 0.23%
Malware prevalence 2015 AUS vs IDN consumer Threat infection share total share Suspicious 8.39% 0.40% Win32/TrojanDownloader.Waski.F 4.19% 0.20% Win32/Toolbar.Conduit.Y 2.76% 0.13% Win32/Systweak 2.03% 0.10% Win32/TrojanDownloader.Waski.A 1.89% 0.09% Win32/Conduit.SearchProtect.N 1.67% 0.08% Win32/ClientConnect.A 1.55% 0.07% Win32/AdkDLLWrapper.A 1.50% 0.07% Win32/Systweak.L 1.50% 0.07% Win32/TrojanDownloader.Waski.Z 1.37% 0.07% Win32/Toolbar.MyWebSearch.AC 1.36% 0.06% JS/Toolbar.Crossrider.B 1.23% 0.06% Win32/Systweak.N 1.21% 0.06% Win32/Toolbar.Conduit.B 1.21% 0.06% Win32/Toolbar.Conduit.O 1.16% 0.06% Win32/Toolbar.Conduit.X 1.15% 0.05% Win32/Toolbar.Conduit.Q 1.13% 0.05% Win32/Toolbar.MyWebSearch.AA 1.12% 0.05% MSIL/MyPCBackup.A 1.08% 0.05% Win32/Conduit.SearchProtect.H 1.04% 0.05% Threat infection share total share LNK/Agent.AV 7.45% 1.12% Win32/Ramnit.A 5.11% 0.76% JS/Toolbar.Crossrider.B 4.45% 0.67% Win32/Virut.NBP 4.33% 0.65% LNK/Autostart.A 4.29% 0.64% Win32/Ramnit.F 3.98% 0.60% INF/Autorun.gen 2.88% 0.43% Win32/Ramnit.H 2.88% 0.43% JS/Toolbar.Crossrider.G 2.63% 0.39% Defo 2.38% 0.36% Win32/Sality.NBA 2.37% 0.36% Win32/AlteredSoftware.C 2.36% 0.35% LNK/Agent.AK 2.22% 0.33% Win32/ELEX.BM 1.90% 0.28% Win32/Toolbar.Visicom.B 1.81% 0.27% Win32/Slugin.A 1.75% 0.26% Win32/AlteredSoftware.A 1.74% 0.26% BAT/BadJoke.AP 1.72% 0.26% Win32/Sality 1.71% 0.26% Win32/Toolbar.CrossRider.CD 1.70% 0.26%
Incident ratio 2013-2015
Filecoders prevalence 2015 consumer vs business Country infection share total share Australia 2.70% 0.16% Spain 2.36% 0.16% Italy 2.44% 0.12% South Africa 1.47% 0.11% United States 2.73% 0.10% Canada 1.81% 0.09% Belgium 1.50% 0.07% Malaysia 0.74% 0.07% United Kingdom 0.98% 0.06% Russia 0.96% 0.06% Bulgaria 0.93% 0.06% Portugal 0.88% 0.06% United Arab Emirates 0.45% 0.05% Netherlands 1.18% 0.04% Country infection share total share South Africa 1.39% 0.10% Spain 1.45% 0.09% United States 1.80% 0.07% Australia 1.50% 0.07% Israel 0.82% 0.06% Canada 1.12% 0.05% United Kingdom 0.87% 0.05% Turkey 0.63% 0.05% Thailand 0.41% 0.05% New Zealand 1.07% 0.04% Netherlands 0.97% 0.04% Italy 0.91% 0.04% Singapore 0.50% 0.04% Belgium 0.83% 0.03%
Targeted campaigns
Massive spreading not en vogue anymore • The most burning issues rarely make it to top20 today: ransomware, banking Trojans, targeted malware • Top ranks are completely taken by Potentially Unwanted Software • Staying under the radar and tailoring malware for specific targets is the main focus today
IoT aka Internet of Threats • The history repeats again: Time to market is the most important thing, not security • Problematic from simple ones to complex ones – smart sensors, bulbs, intelligent home devices, smart TVs, internet routers, cars, mobile phones • Could I get a “non-smart” option, please???
Fixing IoT • Simple ones need strict End of Life policy – They won’t update, they’re extremely cheap • Complex ones must be easy to update – Really? Home routers, cars, mobile phones? • Are legislation and industry standards going to save us? • Endpoint protection is almost impossible – We hear those saying firewalls are dead
Android/Simplocker
Android/Simplocker • Currently around 50 variants • Localization • Ransom amount 15->500$ • Better „self-defense“ • Encrypting archives • „Better” cryptography vs.
Linux/Moose
APT or TPA? • If detected out of the box then the attacker failed • Advanced Persistent Threat is completely wrong – those threats are usually not advanced, not everything is Stuxnet – the malware itself is just a tool to perform an attack – it’s the attacker who’s persistent • Targeted Persistent Attack is much more spot on – Attackers combine different methods when doing reconnaissance – phishing phone call, targeting email borne malware to different people in an organization
Is AV dead? • Yes, for about 20 years if you’re talking about the original technology • However, it followed malware evolution: – Network communication inspection – botnets, exploitation, exfiltration – Emulation/sandboxing of analyzed code – Behavioral monitoring and memory scanning – Exploitation blocking – Cloud-based reputation systems – Stealth detections which can’t be tested by malware writers – Gradual move from automatic to more verbose/interactive solutions
Bold words from the other side • Q: What types of security devices/services/techniques legitimately make your life harder as a blackhat? Any that you think are a complete waste of money? • A: Hmmmm, DDoS protection is a serious knock back, although as many groups have proven before it’s easy to bypass – e.g. cloudflare resolver before they changed the protection method (almost bypassable lol). Things that are a waste of money… Hmm, anti-virus is completely useless — yes it may protect you from skids using non-FUD files but that’s it. Every botnet that gets sold comes FUD as default. People do it for free, it’s that easy.
CurrentAndroid Malware
"HAHAHA THE AVS FELL FOR THE LAST STRING F*****G ICARUS AND ASQUARED I JUST WISH NOD32 WOULD LEAVE ME ALONE FOR A FEW DAT ITS PISSING ME OFF THIS IS HOW I LIVE" "THIS-IS-HOW-I-LIVE-AND-PAY-MY-BILLS-GIVE- ME-A-BREAK" The irritated author of Dorkbot
The Irritated Author of Win32/Dorkbot "HAHAHA THE AVS FELL FOR THE LAST STRING FUCKING ICARUS AND ASQUARED I JUST WISH NOD32 WOULD LEAVE ME ALONE FOR A FEW DAT ITS PISSING ME OFF THIS IS HOW I LIVE" "THIS-IS-HOW-I-LIVE-AND-PAY-MY-BILLS-GIVE- ME-A-BREAK" HOW CAN I PAY BILLS RENT FOOD WEALTH AND EVERYTHING NECESSARY IF NOD IS ALWAYS F******G UP MY CODES
What else is out there? • Endpoint Detection and Response systems provide insight into behavior of your IT systems, however, there’s a reporting challenge • Malware Prevention Systems (automated sandboxing and analysis) • Intelligence Services and Managed Security • Deception techniques • SIEM
How to choose the right solution? • Consulting analysts such as Gartner or public testers may help but doesn’t provide definitive answer and might have bias you’re not aware of • Internal testing is best but very difficult; you will likely be biased, too, but aware of it • Depending also on your needs: not only detection is important, but footprint, reliability, manageability, support quality etc
What’s the right SMB defense? • Unless a very specific vertical it’s unlikely that a true high profile targeted attack would be conducted • Typically not enough expertise in SMBs • Automagic solutions work best, but of course can be bypassed • If unable to manage more complex/interactive solutions, look for MSSP • Cloud-based solutions may help where applicable as large providers can implement better security measures
How about enterprise? • Defense needs have to adequately cover your potential adversaries • Combine different layers and don’t advertise them; SIEM management • Educate your teams • Trust but verify – employ network logging and look for anomaly
Future issues • When IoT truly lifts off • When cloud adoption will be massive (access management, governance, political issues) • Conflicting legislation: strict privacy and encryption laws vs lawful(?) surveillance => leading to governments attacking security SW • Global e-conflicts, cyber armies and attribution
Solving the situation • Active & Adequate Cyber Defense • Training, Education and Awareness • Responsible design and usage • Research & Investigation, cooperation with LE • Hitting criminals’ money flow • Preventing criminals from becoming criminals
CSO Breakfast in Partnership with ESET - Juraj Malcho Presentation

Recomendados

CNDSP Assessment Template
CNDSP Assessment TemplateCNDSP Assessment Template
CNDSP Assessment TemplateJames W. De Rienzo
 
Android anti virus analysis
Android anti virus analysisAndroid anti virus analysis
Android anti virus analysisMuhammad Majid Majid
 
Windows exploitation in_2015
Windows exploitation in_2015Windows exploitation in_2015
Windows exploitation in_2015Andrey Apuhtin
 
Next Generation Endpoint Prtection Buyers Guide
Next Generation Endpoint Prtection Buyers GuideNext Generation Endpoint Prtection Buyers Guide
Next Generation Endpoint Prtection Buyers GuideJeremiah Grossman
 
Vulnerability Malware And Risk
Vulnerability Malware And RiskVulnerability Malware And Risk
Vulnerability Malware And RiskChandrashekhar B
 
VIPRE --Responding to Cyberattacks
VIPRE --Responding to CyberattacksVIPRE --Responding to Cyberattacks
VIPRE --Responding to CyberattacksAbhishek Sood
 
ESET: Delivering Benefits to Enterprises
ESET: Delivering Benefits to EnterprisesESET: Delivering Benefits to Enterprises
ESET: Delivering Benefits to EnterprisesESET
 
Avira endpoint security (former avira net work bundle) 繁體中文安裝及佈署手冊 祺荃企業有限公司
Avira endpoint security (former avira net work bundle) 繁體中文安裝及佈署手冊 祺荃企業有限公司Avira endpoint security (former avira net work bundle) 繁體中文安裝及佈署手冊 祺荃企業有限公司
Avira endpoint security (former avira net work bundle) 繁體中文安裝及佈署手冊 祺荃企業有限公司Cheer Chain Enterprise Co., Ltd.
 

Recomendados

CNDSP Assessment Template
CNDSP Assessment TemplateCNDSP Assessment Template
CNDSP Assessment TemplateJames W. De Rienzo
 
Android anti virus analysis
Android anti virus analysisAndroid anti virus analysis
Android anti virus analysisMuhammad Majid Majid
 
Windows exploitation in_2015
Windows exploitation in_2015Windows exploitation in_2015
Windows exploitation in_2015Andrey Apuhtin
 
Next Generation Endpoint Prtection Buyers Guide
Next Generation Endpoint Prtection Buyers GuideNext Generation Endpoint Prtection Buyers Guide
Next Generation Endpoint Prtection Buyers GuideJeremiah Grossman
 
Vulnerability Malware And Risk
Vulnerability Malware And RiskVulnerability Malware And Risk
Vulnerability Malware And RiskChandrashekhar B
 
VIPRE --Responding to Cyberattacks
VIPRE --Responding to CyberattacksVIPRE --Responding to Cyberattacks
VIPRE --Responding to CyberattacksAbhishek Sood
 
ESET: Delivering Benefits to Enterprises
ESET: Delivering Benefits to EnterprisesESET: Delivering Benefits to Enterprises
ESET: Delivering Benefits to EnterprisesESET
 
Avira endpoint security (former avira net work bundle) 繁體中文安裝及佈署手冊 祺荃企業有限公司
Avira endpoint security (former avira net work bundle) 繁體中文安裝及佈署手冊 祺荃企業有限公司Avira endpoint security (former avira net work bundle) 繁體中文安裝及佈署手冊 祺荃企業有限公司
Avira endpoint security (former avira net work bundle) 繁體中文安裝及佈署手冊 祺荃企業有限公司Cheer Chain Enterprise Co., Ltd.
 
Building & Leveraging White Database for Antivirus Testing
Building & Leveraging White Database for Antivirus TestingBuilding & Leveraging White Database for Antivirus Testing
Building & Leveraging White Database for Antivirus Testingfrisksoftware
 
ESET: Delivering Benefits to Medium and Large Businesses
ESET: Delivering Benefits to Medium and Large BusinessesESET: Delivering Benefits to Medium and Large Businesses
ESET: Delivering Benefits to Medium and Large BusinessesESET
 
Dividend Yield Breakthroughs
Dividend Yield BreakthroughsDividend Yield Breakthroughs
Dividend Yield BreakthroughsDividend Stocks Research
 
Agnitum Technology Licensing
Agnitum Technology LicensingAgnitum Technology Licensing
Agnitum Technology LicensingPavel Fyodorov
 
Bitdefender Corporate July2011 V3
Bitdefender Corporate July2011 V3Bitdefender Corporate July2011 V3
Bitdefender Corporate July2011 V3princescorpio
 
ESET: #DoMore With Our Comprehensive Range of Business Products
ESET: #DoMore With Our Comprehensive Range of Business ProductsESET: #DoMore With Our Comprehensive Range of Business Products
ESET: #DoMore With Our Comprehensive Range of Business ProductsESET
 
US Roadshow - Introduction to Bitdefender
US Roadshow - Introduction to BitdefenderUS Roadshow - Introduction to Bitdefender
US Roadshow - Introduction to BitdefenderBitdefender Enterprise
 
Kaspersky presentation
Kaspersky presentationKaspersky presentation
Kaspersky presentationSam Phal
 
Symantec Cyber Security Solutions | MSS and Advanced Threat Protection
Symantec Cyber Security Solutions | MSS and Advanced Threat ProtectionSymantec Cyber Security Solutions | MSS and Advanced Threat Protection
Symantec Cyber Security Solutions | MSS and Advanced Threat ProtectioninfoLock Technologies
 
Managed Security Services from Symantec
Managed Security Services from SymantecManaged Security Services from Symantec
Managed Security Services from SymantecArrow ECS UK
 
What? Why? Who? How? Of Application Security Testing
What? Why? Who? How? Of Application Security Testing What? Why? Who? How? Of Application Security Testing
What? Why? Who? How? Of Application Security Testing TEST Huddle
 
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...Lumension
 
CyberTechEurope.pptx
CyberTechEurope.pptxCyberTechEurope.pptx
CyberTechEurope.pptxMichael Roytman
 
EndpointSecurityConcerns2014
EndpointSecurityConcerns2014EndpointSecurityConcerns2014
EndpointSecurityConcerns2014Peggy Lawless
 
Bitdefender mobile security for android
Bitdefender mobile security for androidBitdefender mobile security for android
Bitdefender mobile security for androidKazi Sarwar Hossain
 
CNS - Hut3 - Mobile Application (In)Security
CNS - Hut3 - Mobile Application (In)SecurityCNS - Hut3 - Mobile Application (In)Security
CNS - Hut3 - Mobile Application (In)SecurityCNS Group
 
Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...
Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...
Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...DevOps Indonesia
 
Bitdefender mobile security for android
Bitdefender mobile security for androidBitdefender mobile security for android
Bitdefender mobile security for androidKazi Sarwar Hossain
 
edgescan vulnerability stats report (2018)
edgescan vulnerability stats report (2018) edgescan vulnerability stats report (2018)
edgescan vulnerability stats report (2018) Eoin Keary
 
Mbs r35 a
Mbs r35 aMbs r35 a
Mbs r35 aSelectedPresentations
 
Internet threats and issues in korea 120325 eng_slideshare
Internet threats and issues in korea 120325 eng_slideshareInternet threats and issues in korea 120325 eng_slideshare
Internet threats and issues in korea 120325 eng_slideshareYoungjun Chang
 
Everything You Need to Know About BlueKeep
Everything You Need to Know About BlueKeepEverything You Need to Know About BlueKeep
Everything You Need to Know About BlueKeepIvanti
 

Mais conteúdo relacionado

Destaque

Building & Leveraging White Database for Antivirus Testing
Building & Leveraging White Database for Antivirus TestingBuilding & Leveraging White Database for Antivirus Testing
Building & Leveraging White Database for Antivirus Testingfrisksoftware
 
ESET: Delivering Benefits to Medium and Large Businesses
ESET: Delivering Benefits to Medium and Large BusinessesESET: Delivering Benefits to Medium and Large Businesses
ESET: Delivering Benefits to Medium and Large BusinessesESET
 
Agnitum Technology Licensing
Agnitum Technology LicensingAgnitum Technology Licensing
Agnitum Technology LicensingPavel Fyodorov
 
Bitdefender Corporate July2011 V3
Bitdefender Corporate July2011 V3Bitdefender Corporate July2011 V3
Bitdefender Corporate July2011 V3princescorpio
 
ESET: #DoMore With Our Comprehensive Range of Business Products
ESET: #DoMore With Our Comprehensive Range of Business ProductsESET: #DoMore With Our Comprehensive Range of Business Products
ESET: #DoMore With Our Comprehensive Range of Business ProductsESET
 
US Roadshow - Introduction to Bitdefender
US Roadshow - Introduction to BitdefenderUS Roadshow - Introduction to Bitdefender
US Roadshow - Introduction to BitdefenderBitdefender Enterprise
 
Kaspersky presentation
Kaspersky presentationKaspersky presentation
Kaspersky presentationSam Phal
 
Symantec Cyber Security Solutions | MSS and Advanced Threat Protection
Symantec Cyber Security Solutions | MSS and Advanced Threat ProtectionSymantec Cyber Security Solutions | MSS and Advanced Threat Protection
Symantec Cyber Security Solutions | MSS and Advanced Threat ProtectioninfoLock Technologies
 
Managed Security Services from Symantec
Managed Security Services from SymantecManaged Security Services from Symantec
Managed Security Services from SymantecArrow ECS UK
 

Destaque (10)

Building & Leveraging White Database for Antivirus Testing
Building & Leveraging White Database for Antivirus TestingBuilding & Leveraging White Database for Antivirus Testing
Building & Leveraging White Database for Antivirus Testing
 
ESET: Delivering Benefits to Medium and Large Businesses
ESET: Delivering Benefits to Medium and Large BusinessesESET: Delivering Benefits to Medium and Large Businesses
ESET: Delivering Benefits to Medium and Large Businesses
 
Dividend Yield Breakthroughs
Dividend Yield BreakthroughsDividend Yield Breakthroughs
Dividend Yield Breakthroughs
 
Agnitum Technology Licensing
Agnitum Technology LicensingAgnitum Technology Licensing
Agnitum Technology Licensing
 
Bitdefender Corporate July2011 V3
Bitdefender Corporate July2011 V3Bitdefender Corporate July2011 V3
Bitdefender Corporate July2011 V3
 
ESET: #DoMore With Our Comprehensive Range of Business Products
ESET: #DoMore With Our Comprehensive Range of Business ProductsESET: #DoMore With Our Comprehensive Range of Business Products
ESET: #DoMore With Our Comprehensive Range of Business Products
 
US Roadshow - Introduction to Bitdefender
US Roadshow - Introduction to BitdefenderUS Roadshow - Introduction to Bitdefender
US Roadshow - Introduction to Bitdefender
 
Kaspersky presentation
Kaspersky presentationKaspersky presentation
Kaspersky presentation
 
Symantec Cyber Security Solutions | MSS and Advanced Threat Protection
Symantec Cyber Security Solutions | MSS and Advanced Threat ProtectionSymantec Cyber Security Solutions | MSS and Advanced Threat Protection
Symantec Cyber Security Solutions | MSS and Advanced Threat Protection
 
Managed Security Services from Symantec
Managed Security Services from SymantecManaged Security Services from Symantec
Managed Security Services from Symantec
 

Semelhante a CSO Breakfast in Partnership with ESET - Juraj Malcho Presentation

What? Why? Who? How? Of Application Security Testing
What? Why? Who? How? Of Application Security Testing What? Why? Who? How? Of Application Security Testing
What? Why? Who? How? Of Application Security Testing TEST Huddle
 
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...Lumension
 
EndpointSecurityConcerns2014
EndpointSecurityConcerns2014EndpointSecurityConcerns2014
EndpointSecurityConcerns2014Peggy Lawless
 
Bitdefender mobile security for android
Bitdefender mobile security for androidBitdefender mobile security for android
Bitdefender mobile security for androidKazi Sarwar Hossain
 
CNS - Hut3 - Mobile Application (In)Security
CNS - Hut3 - Mobile Application (In)SecurityCNS - Hut3 - Mobile Application (In)Security
CNS - Hut3 - Mobile Application (In)SecurityCNS Group
 
Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...
Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...
Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...DevOps Indonesia
 
Bitdefender mobile security for android
Bitdefender mobile security for androidBitdefender mobile security for android
Bitdefender mobile security for androidKazi Sarwar Hossain
 
edgescan vulnerability stats report (2018)
edgescan vulnerability stats report (2018) edgescan vulnerability stats report (2018)
edgescan vulnerability stats report (2018) Eoin Keary
 
Internet threats and issues in korea 120325 eng_slideshare
Internet threats and issues in korea 120325 eng_slideshareInternet threats and issues in korea 120325 eng_slideshare
Internet threats and issues in korea 120325 eng_slideshareYoungjun Chang
 
Everything You Need to Know About BlueKeep
Everything You Need to Know About BlueKeepEverything You Need to Know About BlueKeep
Everything You Need to Know About BlueKeepIvanti
 
Security by the numbers
Security by the numbersSecurity by the numbers
Security by the numbersEoin Keary
 
The Mobile Device: The New Center of the Fraud Prevention Universe with Aite ...
The Mobile Device: The New Center of the Fraud Prevention Universe with Aite ...The Mobile Device: The New Center of the Fraud Prevention Universe with Aite ...
The Mobile Device: The New Center of the Fraud Prevention Universe with Aite ...TransUnion
 
AppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptx
AppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptxAppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptx
AppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptxEthioTelecom_Getahun Biratu
 
India Threat Lanscape as per Symantec Research
India Threat Lanscape as per Symantec ResearchIndia Threat Lanscape as per Symantec Research
India Threat Lanscape as per Symantec ResearchMehul Doshi
 
How to Audit
How to AuditHow to Audit
How to Auditayousif
 
Cloud activ8 state of ransomware report_2021-dec
Cloud activ8 state of ransomware report_2021-decCloud activ8 state of ransomware report_2021-dec
Cloud activ8 state of ransomware report_2021-decgusbarrett
 
Protect Your Enterprise - Check Point SandBlast Mobile
Protect Your Enterprise - Check Point SandBlast MobileProtect Your Enterprise - Check Point SandBlast Mobile
Protect Your Enterprise - Check Point SandBlast MobileMarketingArrowECS_CZ
 

Semelhante a CSO Breakfast in Partnership with ESET - Juraj Malcho Presentation (20)

What? Why? Who? How? Of Application Security Testing
What? Why? Who? How? Of Application Security Testing What? Why? Who? How? Of Application Security Testing
What? Why? Who? How? Of Application Security Testing
 
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...
 
CyberTechEurope.pptx
CyberTechEurope.pptxCyberTechEurope.pptx
CyberTechEurope.pptx
 
EndpointSecurityConcerns2014
EndpointSecurityConcerns2014EndpointSecurityConcerns2014
EndpointSecurityConcerns2014
 
Bitdefender mobile security for android
Bitdefender mobile security for androidBitdefender mobile security for android
Bitdefender mobile security for android
 
CNS - Hut3 - Mobile Application (In)Security
CNS - Hut3 - Mobile Application (In)SecurityCNS - Hut3 - Mobile Application (In)Security
CNS - Hut3 - Mobile Application (In)Security
 
Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...
Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...
Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...
 
Bitdefender mobile security for android
Bitdefender mobile security for androidBitdefender mobile security for android
Bitdefender mobile security for android
 
edgescan vulnerability stats report (2018)
edgescan vulnerability stats report (2018) edgescan vulnerability stats report (2018)
edgescan vulnerability stats report (2018)
 
Mbs r35 a
Mbs r35 aMbs r35 a
Mbs r35 a
 
Internet threats and issues in korea 120325 eng_slideshare
Internet threats and issues in korea 120325 eng_slideshareInternet threats and issues in korea 120325 eng_slideshare
Internet threats and issues in korea 120325 eng_slideshare
 
Everything You Need to Know About BlueKeep
Everything You Need to Know About BlueKeepEverything You Need to Know About BlueKeep
Everything You Need to Know About BlueKeep
 
AVG Q3 2012 Threat Report
AVG Q3 2012 Threat ReportAVG Q3 2012 Threat Report
AVG Q3 2012 Threat Report
 
Security by the numbers
Security by the numbersSecurity by the numbers
Security by the numbers
 
The Mobile Device: The New Center of the Fraud Prevention Universe with Aite ...
The Mobile Device: The New Center of the Fraud Prevention Universe with Aite ...The Mobile Device: The New Center of the Fraud Prevention Universe with Aite ...
The Mobile Device: The New Center of the Fraud Prevention Universe with Aite ...
 
AppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptx
AppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptxAppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptx
AppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptx
 
India Threat Lanscape as per Symantec Research
India Threat Lanscape as per Symantec ResearchIndia Threat Lanscape as per Symantec Research
India Threat Lanscape as per Symantec Research
 
How to Audit
How to AuditHow to Audit
How to Audit
 
Cloud activ8 state of ransomware report_2021-dec
Cloud activ8 state of ransomware report_2021-decCloud activ8 state of ransomware report_2021-dec
Cloud activ8 state of ransomware report_2021-dec
 
Protect Your Enterprise - Check Point SandBlast Mobile
Protect Your Enterprise - Check Point SandBlast MobileProtect Your Enterprise - Check Point SandBlast Mobile
Protect Your Enterprise - Check Point SandBlast Mobile
 

Mais de CSO_Presentations

Graham Cluley - CSO Perspectives Roadshow 2016
Graham Cluley - CSO Perspectives Roadshow 2016Graham Cluley - CSO Perspectives Roadshow 2016
Graham Cluley - CSO Perspectives Roadshow 2016CSO_Presentations
 
Erica Hardinge - CSO Perspectives Roadshow 2016
Erica Hardinge - CSO Perspectives Roadshow 2016Erica Hardinge - CSO Perspectives Roadshow 2016
Erica Hardinge - CSO Perspectives Roadshow 2016CSO_Presentations
 
Robert Lentz - CSO Perspectives Roadshow 2016
Robert Lentz - CSO Perspectives Roadshow 2016Robert Lentz - CSO Perspectives Roadshow 2016
Robert Lentz - CSO Perspectives Roadshow 2016CSO_Presentations
 
CSO Breakfast in Partnership with ESET 1st Dec - Juraj Malcho Presentation
CSO Breakfast in Partnership with ESET 1st Dec - Juraj Malcho PresentationCSO Breakfast in Partnership with ESET 1st Dec - Juraj Malcho Presentation
CSO Breakfast in Partnership with ESET 1st Dec - Juraj Malcho PresentationCSO_Presentations
 
CSO CXO Series Breakfast in partnership with Kaspersky Lab,, 11th Nov Sydney....
CSO CXO Series Breakfast in partnership with Kaspersky Lab,, 11th Nov Sydney....CSO CXO Series Breakfast in partnership with Kaspersky Lab,, 11th Nov Sydney....
CSO CXO Series Breakfast in partnership with Kaspersky Lab,, 11th Nov Sydney....CSO_Presentations
 
William Cheswick Presentation - CSO Perspectives Roadshow 2015
William Cheswick Presentation - CSO Perspectives Roadshow 2015William Cheswick Presentation - CSO Perspectives Roadshow 2015
William Cheswick Presentation - CSO Perspectives Roadshow 2015CSO_Presentations
 
Peter Gutmann Presentation - CSO Perspectives Roadshow Auckland 9th Mar 2015
Peter Gutmann Presentation - CSO Perspectives Roadshow Auckland 9th Mar 2015Peter Gutmann Presentation - CSO Perspectives Roadshow Auckland 9th Mar 2015
Peter Gutmann Presentation - CSO Perspectives Roadshow Auckland 9th Mar 2015CSO_Presentations
 
Francis Kaitano Presentation - CSO Perspectives Roadshow Auckland 9th Mar 2015
Francis Kaitano Presentation - CSO Perspectives Roadshow Auckland 9th Mar 2015Francis Kaitano Presentation - CSO Perspectives Roadshow Auckland 9th Mar 2015
Francis Kaitano Presentation - CSO Perspectives Roadshow Auckland 9th Mar 2015CSO_Presentations
 

Mais de CSO_Presentations (9)

Graham Cluley - CSO Perspectives Roadshow 2016
Graham Cluley - CSO Perspectives Roadshow 2016Graham Cluley - CSO Perspectives Roadshow 2016
Graham Cluley - CSO Perspectives Roadshow 2016
 
Erica Hardinge - CSO Perspectives Roadshow 2016
Erica Hardinge - CSO Perspectives Roadshow 2016Erica Hardinge - CSO Perspectives Roadshow 2016
Erica Hardinge - CSO Perspectives Roadshow 2016
 
Robert Lentz - CSO Perspectives Roadshow 2016
Robert Lentz - CSO Perspectives Roadshow 2016Robert Lentz - CSO Perspectives Roadshow 2016
Robert Lentz - CSO Perspectives Roadshow 2016
 
CSO Breakfast in Partnership with ESET 1st Dec - Juraj Malcho Presentation
CSO Breakfast in Partnership with ESET 1st Dec - Juraj Malcho PresentationCSO Breakfast in Partnership with ESET 1st Dec - Juraj Malcho Presentation
CSO Breakfast in Partnership with ESET 1st Dec - Juraj Malcho Presentation
 
CSO CXO Series Breakfast in partnership with Kaspersky Lab,, 11th Nov Sydney....
CSO CXO Series Breakfast in partnership with Kaspersky Lab,, 11th Nov Sydney....CSO CXO Series Breakfast in partnership with Kaspersky Lab,, 11th Nov Sydney....
CSO CXO Series Breakfast in partnership with Kaspersky Lab,, 11th Nov Sydney....
 
CSO CXO Series Breakfast
CSO CXO Series BreakfastCSO CXO Series Breakfast
CSO CXO Series Breakfast
 
William Cheswick Presentation - CSO Perspectives Roadshow 2015
William Cheswick Presentation - CSO Perspectives Roadshow 2015William Cheswick Presentation - CSO Perspectives Roadshow 2015
William Cheswick Presentation - CSO Perspectives Roadshow 2015
 
Peter Gutmann Presentation - CSO Perspectives Roadshow Auckland 9th Mar 2015
Peter Gutmann Presentation - CSO Perspectives Roadshow Auckland 9th Mar 2015Peter Gutmann Presentation - CSO Perspectives Roadshow Auckland 9th Mar 2015
Peter Gutmann Presentation - CSO Perspectives Roadshow Auckland 9th Mar 2015
 
Francis Kaitano Presentation - CSO Perspectives Roadshow Auckland 9th Mar 2015
Francis Kaitano Presentation - CSO Perspectives Roadshow Auckland 9th Mar 2015Francis Kaitano Presentation - CSO Perspectives Roadshow Auckland 9th Mar 2015
Francis Kaitano Presentation - CSO Perspectives Roadshow Auckland 9th Mar 2015
 

Último

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 

Último (20)

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 

CSO Breakfast in Partnership with ESET - Juraj Malcho Presentation

  • 1.
  • 2. Are we doing enough? Juraj Malcho Chief Research Officer ESET
  • 3. Agenda • Malware scene of today • Anything special about Australia? • Are security solutions dead and ineffective? • How to manage to survive (and sleep at night)? • How dark is the future of ICT security?
  • 4. Malware prevalence AUS 2013 consumer vs business Threat infection share total share Win32/Toolbar.Conduit.B 7.95% 0.75% Win32/Toolbar.SearchSuite 4.81% 0.45% Win32/Toolbar.Conduit.P 4.48% 0.42% Win32/Toolbar.Widgi 3.58% 0.34% Win32/AdInstaller 3.05% 0.29% Win32/SoftonicDownloader.E 2.95% 0.28% Win32/Toolbar.Babylon.E 2.71% 0.25% Win32/DownloadAdmin.G 2.49% 0.23% Win32/Toolbar.Visicom.A 2.48% 0.23% Win32/Toolbar.MyWebSearch 2.38% 0.22% Win32/Toolbar.Conduit.Q 2.38% 0.22% Win32/Somoto.A 2.33% 0.22% Win32/Toolbar.Babylon.A 2.32% 0.22% Win32/Toolbar.Conduit.O 2.22% 0.21% Win32/Adware.Yontoo.B 2.13% 0.20% Win32/Toolbar.Linkury.A 2.09% 0.20% Win32/Toolbar.Visicom.C 2.03% 0.19% Win32/bProtector.A 2.00% 0.19% Win32/Toolbar.Visicom.B 1.89% 0.18% HTML/Iframe.B.Gen 1.89% 0.18% Threat infection share total share Win32/Toolbar.Widgi 4.89% 0.49% Win32/Toolbar.Conduit.B 4.48% 0.45% Win32/Toolbar.SearchSuite 3.80% 0.38% HTML/Iframe.B.Gen 3.56% 0.36% HTML/ScrInject.B.Gen 3.13% 0.32% Win32/Toolbar.Conduit.P 2.59% 0.26% Win32/DownloadAdmin.G 2.54% 0.26% Win32/AdInstaller 2.49% 0.25% Win32/SoftonicDownloader.E 2.11% 0.21% Win32/InstallIQ 2.11% 0.21% Win32/Toolbar.MyWebSearch 2.10% 0.21% Win32/NetTool.Portscan.C 2.06% 0.21% Win32/Tool.EvID4226 2.03% 0.21% Win32/Keygen.AO 2.02% 0.20% Win32/Keygen.CY 2.02% 0.20% Win32/bProtector.A 1.84% 0.19% Win32/Toolbar.Babylon.E 1.82% 0.18% Win32/Toolbar.Linkury.A 1.80% 0.18% Win32/Spy.Zbot.AAU 1.66% 0.17% Win32/InstallIQ.A 1.64% 0.17%
  • 5. Malware prevalence AUS 2014 consumer vs business Threat infection share total share Win32/Toolbar.Conduit.Y 8.32% 0.50% Win32/Toolbar.Conduit.B 6.83% 0.41% Win32/Toolbar.Conduit 4.57% 0.28% Win32/Toolbar.Conduit.P 4.16% 0.25% Win32/Conduit.SearchProtect.N 3.69% 0.22% Win32/PriceGong.A 3.66% 0.22% Win32/Systweak 3.37% 0.20% MSIL/MyPCBackup.A 3.07% 0.19% Suspicious 3.07% 0.19% Win32/Toolbar.Conduit.X 2.85% 0.17% Win32/Toolbar.Conduit.Q 2.77% 0.17% Win32/Conduit.SearchProtect.H 2.76% 0.17% Win32/Toolbar.Conduit.H 2.62% 0.16% Win32/Toolbar.Conduit.O 2.49% 0.15% Win32/Toolbar.Conduit.AH 2.33% 0.14% Win32/Toolbar.MyWebSearch.AC 2.04% 0.12% Win32/Toolbar.Visicom.B 2.01% 0.12% Win64/Toolbar.Conduit.B 1.99% 0.12% Win32/ClientConnect.A 1.87% 0.11% JS/Toolbar.Crossrider.B 1.86% 0.11% Win32/TrojanDownloader.Wauchos.AF 1.82% 0.11% Threat infection share total share Win32/Toolbar.Conduit.Y 5.83% 0.39% Win32/Toolbar.Conduit.B 5.22% 0.35% Win32/Conduit.SearchProtect.N 3.82% 0.26% Win32/TrojanDownloader.Wauchos.AF 3.65% 0.25% Win32/TrojanDownloader.Waski.A 3.52% 0.24% Win32/PriceGong.A 2.52% 0.17% Win32/Rovnix.X 2.50% 0.17% Win32/Toolbar.Conduit.P 2.50% 0.17% MSIL/MyPCBackup.A 2.24% 0.15% Win32/Toolbar.Conduit.X 2.23% 0.15% Win32/Toolbar.Conduit.Q 2.20% 0.15% Win32/Toolbar.Conduit.H 2.11% 0.14% Win32/Toolbar.Conduit 2.09% 0.14% Suspicious 2.02% 0.14% Win32/Conduit.SearchProtect.P 1.95% 0.13% Win32/Systweak 1.79% 0.12% Win32/Toolbar.Conduit.AH 1.79% 0.12% Win32/AdInstaller 1.77% 0.12% Win32/Toolbar.Montiera.A 1.74% 0.12% Win32/Toolbar.Conduit.V 1.66% 0.11% Win32/TrojanDownloader.Waski.F 1.61% 0.11%
  • 6. Malware prevalence AUS 2015 consumer vs business Threat infection share total share Suspicious 8.39% 0.40% Win32/TrojanDownloader.Waski.F 4.19% 0.20% Win32/Toolbar.Conduit.Y 2.76% 0.13% Win32/Systweak 2.03% 0.10% Win32/TrojanDownloader.Waski.A 1.89% 0.09% Win32/Conduit.SearchProtect.N 1.67% 0.08% Win32/ClientConnect.A 1.55% 0.07% Win32/AdkDLLWrapper.A 1.50% 0.07% Win32/Systweak.L 1.50% 0.07% Win32/TrojanDownloader.Waski.Z 1.37% 0.07% Win32/Toolbar.MyWebSearch.AC 1.36% 0.06% JS/Toolbar.Crossrider.B 1.23% 0.06% Win32/Systweak.N 1.21% 0.06% Win32/Toolbar.Conduit.B 1.21% 0.06% Win32/Toolbar.Conduit.O 1.16% 0.06% Win32/Toolbar.Conduit.X 1.15% 0.05% Win32/Toolbar.Conduit.Q 1.13% 0.05% Win32/Toolbar.MyWebSearch.AA 1.12% 0.05% MSIL/MyPCBackup.A 1.08% 0.05% Win32/Conduit.SearchProtect.H 1.04% 0.05% Threat infection share total share Win32/TrojanDownloader.Waski.F 7.56% 0.45% Suspicious 4.98% 0.30% Win32/TrojanDownloader.Waski.A 3.31% 0.20% Win32/Toolbar.Conduit.Y 2.76% 0.16% Win32/TrojanDownloader.Waski.Z 2.30% 0.14% Win32/Conduit.SearchProtect.N 1.81% 0.11% Win32/Toolbar.MyWebSearch.AO 1.46% 0.09% Win32/Filecoder.DI 1.37% 0.08% Win32/TrojanDownloader.Wauchos.AK 1.23% 0.07% Win32/Systweak 1.20% 0.07% Win32/Conduit.SearchProtect.P 0.99% 0.06% MSIL/MyPCBackup.F 0.97% 0.06% Win32/Toolbar.Conduit.B 0.97% 0.06% Win32/Systweak.L 0.97% 0.06% Win32/Toolbar.Conduit.O 0.96% 0.06% Win32/Systweak.N 0.96% 0.06% Win32/Toolbar.Conduit.Q 0.89% 0.05% Win32/TrojanDownloader.Agent.BEL 0.86% 0.05% Win32/Danger.DoubleExtension 0.84% 0.05% Win32/Toolbar.Visicom.B 0.83% 0.05%
  • 7.
  • 8. Malware prevalence 2015 AUS vs USA business Threat infection share total share Win32/TrojanDownloader.Waski.F 7.56% 0.45% Suspicious 4.98% 0.30% Win32/TrojanDownloader.Waski.A 3.31% 0.20% Win32/Toolbar.Conduit.Y 2.76% 0.16% Win32/TrojanDownloader.Waski.Z 2.30% 0.14% Win32/Conduit.SearchProtect.N 1.81% 0.11% Win32/Toolbar.MyWebSearch.AO 1.46% 0.09% Win32/Filecoder.DI 1.37% 0.08% Win32/TrojanDownloader.Wauchos.AK 1.23% 0.07% Win32/Systweak 1.20% 0.07% Win32/Conduit.SearchProtect.P 0.99% 0.06% MSIL/MyPCBackup.F 0.97% 0.06% Win32/Toolbar.Conduit.B 0.97% 0.06% Win32/Systweak.L 0.97% 0.06% Win32/Toolbar.Conduit.O 0.96% 0.06% Win32/Systweak.N 0.96% 0.06% Win32/Toolbar.Conduit.Q 0.89% 0.05% Win32/TrojanDownloader.Agent.BEL 0.86% 0.05% Win32/Danger.DoubleExtension 0.84% 0.05% Win32/Toolbar.Visicom.B 0.83% 0.05% Threat infection share total share Win32/Toolbar.Conduit.Y 3.59% 0.14% Win32/Toolbar.MyWebSearch.AO 2.73% 0.10% Win32/TrojanDownloader.Waski.F 2.47% 0.09% HTML/ScrInject.B.Gen 2.39% 0.09% Win32/Systweak 2.21% 0.08% Win32/Toolbar.Conduit.X 1.92% 0.07% Suspicious 1.85% 0.07% Win32/Conduit.SearchProtect.N 1.83% 0.07% MSIL/MyPCBackup.F 1.76% 0.07% Win32/AdInstaller 1.54% 0.06% JS/Toolbar.Crossrider.B 1.52% 0.06% Win32/Toolbar.MyWebSearch.AC 1.51% 0.06% Win32/DealPly.S 1.51% 0.06% Win32/Systweak.L 1.49% 0.06% Win32/ClientConnect.A 1.46% 0.06% MSIL/MyPCBackup.A 1.42% 0.05% Win32/Toolbar.Visicom.B 1.38% 0.05% Win32/Systweak.N 1.38% 0.05% Win32/InstallIQ.A 1.29% 0.05% HTML/FakeAlert.AK 1.28% 0.05%
  • 9. Malware prevalence 2015 AUS vs USA consumer Threat infection share total share Suspicious 8.39% 0.40% Win32/TrojanDownloader.Waski.F 4.19% 0.20% Win32/Toolbar.Conduit.Y 2.76% 0.13% Win32/Systweak 2.03% 0.10% Win32/TrojanDownloader.Waski.A 1.89% 0.09% Win32/Conduit.SearchProtect.N 1.67% 0.08% Win32/ClientConnect.A 1.55% 0.07% Win32/AdkDLLWrapper.A 1.50% 0.07% Win32/Systweak.L 1.50% 0.07% Win32/TrojanDownloader.Waski.Z 1.37% 0.07% Win32/Toolbar.MyWebSearch.AC 1.36% 0.06% JS/Toolbar.Crossrider.B 1.23% 0.06% Win32/Systweak.N 1.21% 0.06% Win32/Toolbar.Conduit.B 1.21% 0.06% Win32/Toolbar.Conduit.O 1.16% 0.06% Win32/Toolbar.Conduit.X 1.15% 0.05% Win32/Toolbar.Conduit.Q 1.13% 0.05% Win32/Toolbar.MyWebSearch.AA 1.12% 0.05% MSIL/MyPCBackup.A 1.08% 0.05% Win32/Conduit.SearchProtect.H 1.04% 0.05% Threat infection share total share Suspicious 4.00% 0.15% Win32/Toolbar.Conduit.Y 3.11% 0.12% Win32/Systweak 2.54% 0.10% HTML/ScrInject.B.Gen 2.18% 0.08% JS/Toolbar.Crossrider.B 2.14% 0.08% Win32/ClientConnect.A 2.13% 0.08% Win32/Conduit.SearchProtect.N 1.96% 0.08% MSIL/MyPCBackup.A 1.86% 0.07% Win32/Systweak.L 1.77% 0.07% Win32/Toolbar.MyWebSearch.AC 1.64% 0.06% MSIL/MyPCBackup.F 1.61% 0.06% Win32/Toolbar.MyWebSearch.AA 1.61% 0.06% JS/Toolbar.Crossrider.G 1.57% 0.06% Win32/TrojanDownloader.Waski.F 1.53% 0.06% REG/Agent.AK 1.50% 0.06% HTML/FakeAlert.AK 1.46% 0.06% Win32/Systweak.N 1.43% 0.06% Win32/Toolbar.Conduit.X 1.39% 0.05% Win32/Toolbar.Conduit.AH 1.36% 0.05% Win32/Toolbar.MyWebSearch.AO 1.35% 0.05%
  • 10. Malware prevalence 2015 AUS vs IDN business Threat infection share total share Win32/TrojanDownloader.Waski.F 7.56% 0.45% Suspicious 4.98% 0.30% Win32/TrojanDownloader.Waski.A 3.31% 0.20% Win32/Toolbar.Conduit.Y 2.76% 0.16% Win32/TrojanDownloader.Waski.Z 2.30% 0.14% Win32/Conduit.SearchProtect.N 1.81% 0.11% Win32/Toolbar.MyWebSearch.AO 1.46% 0.09% Win32/Filecoder.DI 1.37% 0.08% Win32/TrojanDownloader.Wauchos.AK 1.23% 0.07% Win32/Systweak 1.20% 0.07% Win32/Conduit.SearchProtect.P 0.99% 0.06% MSIL/MyPCBackup.F 0.97% 0.06% Win32/Toolbar.Conduit.B 0.97% 0.06% Win32/Systweak.L 0.97% 0.06% Win32/Toolbar.Conduit.O 0.96% 0.06% Win32/Systweak.N 0.96% 0.06% Win32/Toolbar.Conduit.Q 0.89% 0.05% Win32/TrojanDownloader.Agent.BEL 0.86% 0.05% Win32/Danger.DoubleExtension 0.84% 0.05% Win32/Toolbar.Visicom.B 0.83% 0.05% Threat infection share total share LNK/Agent.AV 7.93% 1.02% Win32/Ramnit.A 4.38% 0.57% LNK/Autostart.A 3.39% 0.44% Win32/Virut.NBP 3.10% 0.40% Win32/Ramnit.F 3.02% 0.39% Defo 2.94% 0.38% Win32/Ramnit.H 2.88% 0.37% JS/Kryptik.I 2.85% 0.37% Win32/Toolbar.MyWebSearch.AO 2.50% 0.32% INF/Autorun.gen 2.43% 0.31% JS/Toolbar.Crossrider.B 2.30% 0.30% Win32/Toolbar.SearchSuite.C 2.15% 0.28% Win32/Conficker.X 2.01% 0.26% Win32/Conficker.AA 2.00% 0.26% Win32/Sality.NBA 1.98% 0.26% Win32/Sality.NBJ 1.85% 0.24% LNK/Exploit.CVE-2010-2568 1.80% 0.23% Win32/SProtector.D 1.78% 0.23% LNK/Agent.AK 1.77% 0.23% Win32/Slugin.A 1.77% 0.23%
  • 11. Malware prevalence 2015 AUS vs IDN consumer Threat infection share total share Suspicious 8.39% 0.40% Win32/TrojanDownloader.Waski.F 4.19% 0.20% Win32/Toolbar.Conduit.Y 2.76% 0.13% Win32/Systweak 2.03% 0.10% Win32/TrojanDownloader.Waski.A 1.89% 0.09% Win32/Conduit.SearchProtect.N 1.67% 0.08% Win32/ClientConnect.A 1.55% 0.07% Win32/AdkDLLWrapper.A 1.50% 0.07% Win32/Systweak.L 1.50% 0.07% Win32/TrojanDownloader.Waski.Z 1.37% 0.07% Win32/Toolbar.MyWebSearch.AC 1.36% 0.06% JS/Toolbar.Crossrider.B 1.23% 0.06% Win32/Systweak.N 1.21% 0.06% Win32/Toolbar.Conduit.B 1.21% 0.06% Win32/Toolbar.Conduit.O 1.16% 0.06% Win32/Toolbar.Conduit.X 1.15% 0.05% Win32/Toolbar.Conduit.Q 1.13% 0.05% Win32/Toolbar.MyWebSearch.AA 1.12% 0.05% MSIL/MyPCBackup.A 1.08% 0.05% Win32/Conduit.SearchProtect.H 1.04% 0.05% Threat infection share total share LNK/Agent.AV 7.45% 1.12% Win32/Ramnit.A 5.11% 0.76% JS/Toolbar.Crossrider.B 4.45% 0.67% Win32/Virut.NBP 4.33% 0.65% LNK/Autostart.A 4.29% 0.64% Win32/Ramnit.F 3.98% 0.60% INF/Autorun.gen 2.88% 0.43% Win32/Ramnit.H 2.88% 0.43% JS/Toolbar.Crossrider.G 2.63% 0.39% Defo 2.38% 0.36% Win32/Sality.NBA 2.37% 0.36% Win32/AlteredSoftware.C 2.36% 0.35% LNK/Agent.AK 2.22% 0.33% Win32/ELEX.BM 1.90% 0.28% Win32/Toolbar.Visicom.B 1.81% 0.27% Win32/Slugin.A 1.75% 0.26% Win32/AlteredSoftware.A 1.74% 0.26% BAT/BadJoke.AP 1.72% 0.26% Win32/Sality 1.71% 0.26% Win32/Toolbar.CrossRider.CD 1.70% 0.26%
  • 13. Filecoders prevalence 2015 consumer vs business Country infection share total share Australia 2.70% 0.16% Spain 2.36% 0.16% Italy 2.44% 0.12% South Africa 1.47% 0.11% United States 2.73% 0.10% Canada 1.81% 0.09% Belgium 1.50% 0.07% Malaysia 0.74% 0.07% United Kingdom 0.98% 0.06% Russia 0.96% 0.06% Bulgaria 0.93% 0.06% Portugal 0.88% 0.06% United Arab Emirates 0.45% 0.05% Netherlands 1.18% 0.04% Country infection share total share South Africa 1.39% 0.10% Spain 1.45% 0.09% United States 1.80% 0.07% Australia 1.50% 0.07% Israel 0.82% 0.06% Canada 1.12% 0.05% United Kingdom 0.87% 0.05% Turkey 0.63% 0.05% Thailand 0.41% 0.05% New Zealand 1.07% 0.04% Netherlands 0.97% 0.04% Italy 0.91% 0.04% Singapore 0.50% 0.04% Belgium 0.83% 0.03%
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.
  • 26.
  • 27. Massive spreading not en vogue anymore • The most burning issues rarely make it to top20 today: ransomware, banking Trojans, targeted malware • Top ranks are completely taken by Potentially Unwanted Software • Staying under the radar and tailoring malware for specific targets is the main focus today
  • 28. IoT aka Internet of Threats • The history repeats again: Time to market is the most important thing, not security • Problematic from simple ones to complex ones – smart sensors, bulbs, intelligent home devices, smart TVs, internet routers, cars, mobile phones • Could I get a “non-smart” option, please???
  • 29. Fixing IoT • Simple ones need strict End of Life policy – They won’t update, they’re extremely cheap • Complex ones must be easy to update – Really? Home routers, cars, mobile phones? • Are legislation and industry standards going to save us? • Endpoint protection is almost impossible – We hear those saying firewalls are dead
  • 31. Android/Simplocker • Currently around 50 variants • Localization • Ransom amount 15->500$ • Better „self-defense“ • Encrypting archives • „Better” cryptography vs.
  • 33. APT or TPA? • If detected out of the box then the attacker failed • Advanced Persistent Threat is completely wrong – those threats are usually not advanced, not everything is Stuxnet – the malware itself is just a tool to perform an attack – it’s the attacker who’s persistent • Targeted Persistent Attack is much more spot on – Attackers combine different methods when doing reconnaissance – phishing phone call, targeting email borne malware to different people in an organization
  • 34. Is AV dead? • Yes, for about 20 years if you’re talking about the original technology • However, it followed malware evolution: – Network communication inspection – botnets, exploitation, exfiltration – Emulation/sandboxing of analyzed code – Behavioral monitoring and memory scanning – Exploitation blocking – Cloud-based reputation systems – Stealth detections which can’t be tested by malware writers – Gradual move from automatic to more verbose/interactive solutions
  • 35. Bold words from the other side • Q: What types of security devices/services/techniques legitimately make your life harder as a blackhat? Any that you think are a complete waste of money? • A: Hmmmm, DDoS protection is a serious knock back, although as many groups have proven before it’s easy to bypass – e.g. cloudflare resolver before they changed the protection method (almost bypassable lol). Things that are a waste of money… Hmm, anti-virus is completely useless — yes it may protect you from skids using non-FUD files but that’s it. Every botnet that gets sold comes FUD as default. People do it for free, it’s that easy.
  • 37. "HAHAHA THE AVS FELL FOR THE LAST STRING F*****G ICARUS AND ASQUARED I JUST WISH NOD32 WOULD LEAVE ME ALONE FOR A FEW DAT ITS PISSING ME OFF THIS IS HOW I LIVE" "THIS-IS-HOW-I-LIVE-AND-PAY-MY-BILLS-GIVE- ME-A-BREAK" The irritated author of Dorkbot
  • 38. The Irritated Author of Win32/Dorkbot "HAHAHA THE AVS FELL FOR THE LAST STRING FUCKING ICARUS AND ASQUARED I JUST WISH NOD32 WOULD LEAVE ME ALONE FOR A FEW DAT ITS PISSING ME OFF THIS IS HOW I LIVE" "THIS-IS-HOW-I-LIVE-AND-PAY-MY-BILLS-GIVE- ME-A-BREAK" HOW CAN I PAY BILLS RENT FOOD WEALTH AND EVERYTHING NECESSARY IF NOD IS ALWAYS F******G UP MY CODES
  • 39. What else is out there? • Endpoint Detection and Response systems provide insight into behavior of your IT systems, however, there’s a reporting challenge • Malware Prevention Systems (automated sandboxing and analysis) • Intelligence Services and Managed Security • Deception techniques • SIEM
  • 40. How to choose the right solution? • Consulting analysts such as Gartner or public testers may help but doesn’t provide definitive answer and might have bias you’re not aware of • Internal testing is best but very difficult; you will likely be biased, too, but aware of it • Depending also on your needs: not only detection is important, but footprint, reliability, manageability, support quality etc
  • 41. What’s the right SMB defense? • Unless a very specific vertical it’s unlikely that a true high profile targeted attack would be conducted • Typically not enough expertise in SMBs • Automagic solutions work best, but of course can be bypassed • If unable to manage more complex/interactive solutions, look for MSSP • Cloud-based solutions may help where applicable as large providers can implement better security measures
  • 42. How about enterprise? • Defense needs have to adequately cover your potential adversaries • Combine different layers and don’t advertise them; SIEM management • Educate your teams • Trust but verify – employ network logging and look for anomaly
  • 43. Future issues • When IoT truly lifts off • When cloud adoption will be massive (access management, governance, political issues) • Conflicting legislation: strict privacy and encryption laws vs lawful(?) surveillance => leading to governments attacking security SW • Global e-conflicts, cyber armies and attribution
  • 44. Solving the situation • Active & Adequate Cyber Defense • Training, Education and Awareness • Responsible design and usage • Research & Investigation, cooperation with LE • Hitting criminals’ money flow • Preventing criminals from becoming criminals

Notas do Editor

  1. Rovnix here – pretty surprising
  2. Development of incident rates in 2013, 2014, 2015 Consumer 9.4%, 6.0%, 4.7% Business 10.1%, 6.7%, 5.9%
  3. Compared to US the situation is worse, and if we looked at Japan it’s even further away. US incidents under 4%, Japan 2.3% vs 1.6% (B vs C)
  4. IND incident rate 20%
  5. CTB Locker
  6. Torrent Locker Since March 2014, this Bitcoin wallet has transferred over 82 272 BTC. With 1 BTC currently valued at US$480, the total transactions are roughly equal to 40 millions US$. Authors - Hesperbot
  7. VirLock is another one… Parasitic virus - polymorphic
  8. New version of typical police lockscreen…
  9. Some try to scare you…
  10. Some try to scare you…
  11. Some try to scare you…
  12. Some are…mystic
  13. Some are creepy
  14. Not afraid of colors
  15. Something for little kids
  16. Something for older kids
  17. No comment
  18. Overall malware quantity doesn’t seem to rise as it used to, Microsoft is speaking about virtually stopping. We see that in Android malware this year.
  19. Any device that allows user to input sensitive data can be potentially misused – antiphishing protection Google unable to patch all devices, albeit it’s not exactly their hardware
  20. But what if the device talks to the net via GSM, so that you can’t even sit on a single communication point to analyze traffic anomaly? Are legislation and standards going to be the solution?
  21. One thing that should be clear about targeted attack: it’s a human perp trying to learn what you have and then break your system, not some super intelligent code itself; if the attacker doesn’t succeed then he’s lame
  22. Dorkbot globally top3 in 2013, top10 in 2014 Now under CME campaign
  23. Of course, with cloud there’s a catch with data protection and recently legislation pressures
  24. Predicting ICT future is hard because it can be influenced by tiny changes – an example about Ransomware and random successful campaign Cloud adoption – well, if everything is in the cloud then the right solution to attack is physically going after the right people; it is a bit of single point of failure
  25. People work best when they understand each other. Business angle needs to understand and accept security issues, and vice versa. Last but not least – never trust a guy who’s promising to have the silver bullet. I always tell this specifically to students, explore things yourself and don’t trust anyone, but you. Not even me. ;) Learn, understand and build your own customized defense. Security folks are an interesting group of people. Security is implemented by people who care, who deeply understand the problem and feel moral responsibility to help out others. Feels good to be a part of the club.