SlideShare ist ein Scribd-Unternehmen logo

Symantec Website Security Threats: February 2014 Update.

Als PPTX, PDF herunterladen
Symantec Website Security
Symantec Website Security

This document provides a summary of website security threats from February 2014. It discusses the following key points: - Malware tactics are evolving, with the return of the Redkit exploit toolkit and the emergence of fake browser update sites designed to trick users into downloading malware. - Mobile applications are still not as secure as they should be, with many banking apps found to be vulnerable to man-in-the-middle attacks and data leakage issues reported for other popular apps. - Social media continues to be exploited through scams on platforms like Snapchat, WhatsApp, and fake celebrity death notices. - Some good news includes the arrest of a notorious hacker, and more services like Yahoo enabling encryption

Technologie
1 von 11
WEBSITE SECURITY THREATS: FEBRUARY 2014 UPDATE Thursday 13th February 2014 Andrew Horbury Andrew Shepherd Product Marketing Manager EMEA Marketing Manager andy_horbury@symantec.com andrew_shepherd@symantec.com Website Security Threats: February 2014 Update
Agenda 1 Month in Numbers 2 Malware tactics: Redkit, Fake Browsers 3 Mobile Applications 4 Social Media Scams 5 Stranger than fiction 6 Good news Website Security Threats: February 2014 Update
The month in numbers • 82% of enterprise Mac users not getting security updates • 16 million online accounts in Germany compromised • 20 million credit card details stolen in South Korea • UK government: “Half of UK people are not protecting themselves online” • Attackers steal personal details from 800,000 Orange customers • Eleven US high school students expelled for hacking teacher accounts, and augmenting their grades • Around 45 retailers affected by POS malware. Website Security Threats: February 2014 Update
Malware and toolkits – Redkit, Fake Browser, FedEx • After an absence of 18 months Redkit exploit toolkit returns after Blackhole’s author (Paunch’s) arrest • Phony FedEx: malicious email campaign that impersonates FedEx targets unsuspecting home and business users • Chrime or Chrome? Fake browser update sites aims to trick users into download malware posing as a browser update. Website Security Threats: February 2014 Update
Mobile Applications not quite as secure as you would hope • Issues with global banking apps – 4 in 10 banking apps, vulnerable to man in the middle attacks because they don’t validate server SSL certificates – 90 percent of analysed apps contain several unencrypted links which could potentially let an attacker intercept traffic and inject code to display fake login screens to the user. • Its not just the banks… – Starbucks have updated their app after data leakage reported Website Security Threats: February 2014 Update
Social Media Scams – RIP, SnapChat, WhatsApp • RIP Scams continue to work and work – The online list of alive ‘dead’ celebs continues to grow – Linking to malicious, apps, sites and phony surveys • SnapChat Spam – Spam uses sexually suggestive images and compromised short URLs • WhatsApp being used to spread malware – messages claim that WhatsApp for PC is available & that the recipient has 11 pending invitations from friends. Website Security Threats: February 2014 Update
Stranger than fiction • Thanks but no thanks! Teenager reported to the police for finding website vulnerability • Its that time again…. Academics discover the prefect time for cyber attacks • Who’s to blame for security problems? Surveys say….you, me them, us… EVERYONE Website Security Threats: February 2014 Update
Stranger than fiction part two Live from the security HQ at the Superbowl #oops Website Security Threats: February 2014 Update
Good News • The fridge comes back in from the cold…. – Spamming fridge is not quite what it seems • Guccifer the celebrity hating hacker arrested – Leaker of Downton Abbey and Sex and City scripts finally shut down • Yahoo defaults to AOSSL • Yahoo enables https encryption by default and more services being added all the time • Tumblr activated SSL this past week Website Security Threats: February 2014 Update
Link glossary • POS attacks http://bit.ly/1aTXsfe • Fake Browsers: – http://bit.ly/1eThlCQ – http://bit.ly/1iO7YVN • Redkit http://bit.ly/1dHcwYs • SnapChat http://bit.ly/LTYY5q • WhatsApp http://bit.ly/1gsYXze • Yahoo and SSL http://tnw.co/1bo9Ncc • Symantec Intelligence Report December 2013 http://bit.ly/1fYlxzb • Symantec IOT blog http://bit.ly/1hb4aAy • Rest In Peace Scams http://bit.ly/1ntvUOm • Slides available to download on SlideShare http://slidesha.re/1j2jxIi Website Security Threats: February 2014 Update
Next webinar: Thursday 13th March 2014 9.30am UK / 10.30am CET Thank you! Andrew Shepherd andrew_shepherd@symantec.com / +44 7912 552 896 Andrew Horbury andy_horbury@symantec.com / +44 7703 468 966 @andyhorbury Copyright © 2013 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Website Security Threats: February 2014 Update

Empfohlen

Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Jay Nagar
 
Trojan and Virus,Trojan horse,virus,how to make and defend the virus
Trojan and Virus,Trojan horse,virus,how to make and defend the virusTrojan and Virus,Trojan horse,virus,how to make and defend the virus
Trojan and Virus,Trojan horse,virus,how to make and defend the virus
ABHAY PATHAK
 
Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018
imc-isec-comp
 
Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018
imc-isec-comp
 
Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018
imc-isec-comp
 
Building a culture of security
Building a culture of securityBuilding a culture of security
Building a culture of security
Courion Corporation
 
security privacy,security,web,internet,prevention from hackers,the onion rout...
security privacy,security,web,internet,prevention from hackers,the onion rout...security privacy,security,web,internet,prevention from hackers,the onion rout...
security privacy,security,web,internet,prevention from hackers,the onion rout...
ABHAY PATHAK
 
Cake - An Ethereum Powered Social Network Aggregator
Cake - An Ethereum Powered Social Network AggregatorCake - An Ethereum Powered Social Network Aggregator
Cake - An Ethereum Powered Social Network Aggregator
aatkin1971
 

Empfohlen

Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Jay Nagar
 
Trojan and Virus,Trojan horse,virus,how to make and defend the virus
Trojan and Virus,Trojan horse,virus,how to make and defend the virusTrojan and Virus,Trojan horse,virus,how to make and defend the virus
Trojan and Virus,Trojan horse,virus,how to make and defend the virus
ABHAY PATHAK
 
Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018
imc-isec-comp
 
Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018
imc-isec-comp
 
Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018
imc-isec-comp
 
Building a culture of security
Building a culture of securityBuilding a culture of security
Building a culture of security
Courion Corporation
 
security privacy,security,web,internet,prevention from hackers,the onion rout...
security privacy,security,web,internet,prevention from hackers,the onion rout...security privacy,security,web,internet,prevention from hackers,the onion rout...
security privacy,security,web,internet,prevention from hackers,the onion rout...
ABHAY PATHAK
 
Cake - An Ethereum Powered Social Network Aggregator
Cake - An Ethereum Powered Social Network AggregatorCake - An Ethereum Powered Social Network Aggregator
Cake - An Ethereum Powered Social Network Aggregator
aatkin1971
 
Real Business Threats!
Real Business Threats!Real Business Threats!
Real Business Threats!
Rochester Security Summit
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
Dmitriy Scherbina
 
Dos and Don'ts of Internet Security
Dos and Don'ts of Internet SecurityDos and Don'ts of Internet Security
Dos and Don'ts of Internet Security
Quick Heal Technologies Ltd.
 
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
EMBplc.com
 
Cyber security-awareness-for-social-media-users - Devsena Mishra
Cyber security-awareness-for-social-media-users - Devsena MishraCyber security-awareness-for-social-media-users - Devsena Mishra
Cyber security-awareness-for-social-media-users - Devsena Mishra
Devsena Mishra
 
Notes to The Ten Commandments of Online Security and Privacy
Notes to The Ten Commandments of Online Security and PrivacyNotes to The Ten Commandments of Online Security and Privacy
Notes to The Ten Commandments of Online Security and Privacy
Jonathan Bacon
 
Can your company survive a modern day cyber attack?
Can your company survive a modern day cyber attack?Can your company survive a modern day cyber attack?
Can your company survive a modern day cyber attack?
Symptai Consulting Limited
 
Ten Important Rules
Ten Important RulesTen Important Rules
Ten Important Rules
ritz482
 
Computer Security
Computer SecurityComputer Security
Computer Security
secrettub
 
Online Safety -- Securing your space as a Netizen
Online Safety -- Securing your space as a NetizenOnline Safety -- Securing your space as a Netizen
Online Safety -- Securing your space as a Netizen
Kofi Kafui Kornu
 
Viruses
VirusesViruses
Viruses
Redentine Cini
 
14 tips to increase cybersecurity awareness
14 tips to increase cybersecurity awareness14 tips to increase cybersecurity awareness
14 tips to increase cybersecurity awareness
Michel Bitter
 
Security At Home
Security At HomeSecurity At Home
Security At Home
Angela Samuels
 
Safe Computing
Safe ComputingSafe Computing
Safe Computing
Dr. Dheeraj Mehrotra (National Awardee)
 
Computing and ethics
Computing and ethicsComputing and ethics
Computing and ethics
Nikki Shree
 
Internet security
Internet securityInternet security
Internet security
at1211
 
Securitytips
SecuritytipsSecuritytips
Securitytips
Santosh Khadsare
 
Online Netiquette
Online NetiquetteOnline Netiquette
Online Netiquette
Zoro18
 
Cybersecurity Awareness
Cybersecurity AwarenessCybersecurity Awareness
Cybersecurity Awareness
JoshuaWisniewski3
 
Renfrow Internet Safety
Renfrow Internet SafetyRenfrow Internet Safety
Renfrow Internet Safety
mrenfrow
 
Symantec Website Security Threats: March 2014 update.
Symantec Website Security Threats: March 2014 update.Symantec Website Security Threats: March 2014 update.
Symantec Website Security Threats: March 2014 update.
Symantec Website Security
 
Website Security Threats - January 2014 Update
Website Security Threats - January 2014 Update Website Security Threats - January 2014 Update
Website Security Threats - January 2014 Update
Symantec Website Security
 

Weitere ähnliche Inhalte

Was ist angesagt?

Real Business Threats!
Real Business Threats!Real Business Threats!
Real Business Threats!
Rochester Security Summit
 
Internet security
Internet securityInternet security
Internet security
at1211
 
Renfrow Internet Safety
Renfrow Internet SafetyRenfrow Internet Safety
Renfrow Internet Safety
mrenfrow
 

Was ist angesagt? (20)

Real Business Threats!
Real Business Threats!Real Business Threats!
Real Business Threats!
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
 
Dos and Don'ts of Internet Security
Dos and Don'ts of Internet SecurityDos and Don'ts of Internet Security
Dos and Don'ts of Internet Security
 
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
 
Cyber security-awareness-for-social-media-users - Devsena Mishra
Cyber security-awareness-for-social-media-users - Devsena MishraCyber security-awareness-for-social-media-users - Devsena Mishra
Cyber security-awareness-for-social-media-users - Devsena Mishra
 
Notes to The Ten Commandments of Online Security and Privacy
Notes to The Ten Commandments of Online Security and PrivacyNotes to The Ten Commandments of Online Security and Privacy
Notes to The Ten Commandments of Online Security and Privacy
 
Can your company survive a modern day cyber attack?
Can your company survive a modern day cyber attack?Can your company survive a modern day cyber attack?
Can your company survive a modern day cyber attack?
 
Ten Important Rules
Ten Important RulesTen Important Rules
Ten Important Rules
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
Online Safety -- Securing your space as a Netizen
Online Safety -- Securing your space as a NetizenOnline Safety -- Securing your space as a Netizen
Online Safety -- Securing your space as a Netizen
 
Viruses
VirusesViruses
Viruses
 
14 tips to increase cybersecurity awareness
14 tips to increase cybersecurity awareness14 tips to increase cybersecurity awareness
14 tips to increase cybersecurity awareness
 
Security At Home
Security At HomeSecurity At Home
Security At Home
 
Safe Computing
Safe ComputingSafe Computing
Safe Computing
 
Computing and ethics
Computing and ethicsComputing and ethics
Computing and ethics
 
Internet security
Internet securityInternet security
Internet security
 
Securitytips
SecuritytipsSecuritytips
Securitytips
 
Online Netiquette
Online NetiquetteOnline Netiquette
Online Netiquette
 
Cybersecurity Awareness
Cybersecurity AwarenessCybersecurity Awareness
Cybersecurity Awareness
 
Renfrow Internet Safety
Renfrow Internet SafetyRenfrow Internet Safety
Renfrow Internet Safety
 

Ähnlich wie Symantec Website Security Threats: February 2014 Update.

Cyber Security Predictions 2016
Cyber Security Predictions 2016Cyber Security Predictions 2016
Cyber Security Predictions 2016
Quick Heal Technologies Ltd.
 
What You Can Do to Keep Your Email, Bank Accounts and Business Safe from Cybe...
What You Can Do to Keep Your Email, Bank Accounts and Business Safe from Cybe...What You Can Do to Keep Your Email, Bank Accounts and Business Safe from Cybe...
What You Can Do to Keep Your Email, Bank Accounts and Business Safe from Cybe...
nexxtep
 

Ähnlich wie Symantec Website Security Threats: February 2014 Update. (20)

Symantec Website Security Threats: March 2014 update.
Symantec Website Security Threats: March 2014 update.Symantec Website Security Threats: March 2014 update.
Symantec Website Security Threats: March 2014 update.
 
Website Security Threats - January 2014 Update
Website Security Threats - January 2014 Update Website Security Threats - January 2014 Update
Website Security Threats - January 2014 Update
 
Symantec Website Threat Report Part-1 2015
Symantec Website Threat Report Part-1 2015Symantec Website Threat Report Part-1 2015
Symantec Website Threat Report Part-1 2015
 
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat Report
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat ReportTECHNICAL WHITE PAPER▶ Symantec Website Security Threat Report
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat Report
 
Cybersecurity-Awareness-Presentation-17-May-22.pptx
Cybersecurity-Awareness-Presentation-17-May-22.pptxCybersecurity-Awareness-Presentation-17-May-22.pptx
Cybersecurity-Awareness-Presentation-17-May-22.pptx
 
Cybersecurity-Awareness-Presentation-17-May-22 (1).pptx
Cybersecurity-Awareness-Presentation-17-May-22 (1).pptxCybersecurity-Awareness-Presentation-17-May-22 (1).pptx
Cybersecurity-Awareness-Presentation-17-May-22 (1).pptx
 
Most notable apt_ attacks_of_2015_and_2016 predictions
Most notable apt_ attacks_of_2015_and_2016 predictionsMost notable apt_ attacks_of_2015_and_2016 predictions
Most notable apt_ attacks_of_2015_and_2016 predictions
 
Preventing Cybercrime in Libraries
Preventing Cybercrime in LibrariesPreventing Cybercrime in Libraries
Preventing Cybercrime in Libraries
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
2014: The Year of the Data Breach
2014: The Year of the Data Breach2014: The Year of the Data Breach
2014: The Year of the Data Breach
 
Cyber Security Predictions 2016
Cyber Security Predictions 2016Cyber Security Predictions 2016
Cyber Security Predictions 2016
 
Pubcon Vegas Session - WordPress Site Security Audits
Pubcon Vegas Session - WordPress Site Security AuditsPubcon Vegas Session - WordPress Site Security Audits
Pubcon Vegas Session - WordPress Site Security Audits
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
 
Online Safety, Security, Ethics and Netiquette.pptx
Online Safety, Security, Ethics and Netiquette.pptxOnline Safety, Security, Ethics and Netiquette.pptx
Online Safety, Security, Ethics and Netiquette.pptx
 
Ransomware and email security ver - 1.3
Ransomware and email security ver - 1.3Ransomware and email security ver - 1.3
Ransomware and email security ver - 1.3
 
Business under cyberassault
Business under cyberassaultBusiness under cyberassault
Business under cyberassault
 
What You Can Do to Keep Your Email, Bank Accounts and Business Safe from Cybe...
What You Can Do to Keep Your Email, Bank Accounts and Business Safe from Cybe...What You Can Do to Keep Your Email, Bank Accounts and Business Safe from Cybe...
What You Can Do to Keep Your Email, Bank Accounts and Business Safe from Cybe...
 
Passwords are passé. WebAuthn is simpler, stronger and ready to go
Passwords are passé. WebAuthn is simpler, stronger and ready to goPasswords are passé. WebAuthn is simpler, stronger and ready to go
Passwords are passé. WebAuthn is simpler, stronger and ready to go
 
18-mobile-malware.pptx
18-mobile-malware.pptx18-mobile-malware.pptx
18-mobile-malware.pptx
 
A Comedy of Errors in Web Application Security
A Comedy of Errors in Web Application SecurityA Comedy of Errors in Web Application Security
A Comedy of Errors in Web Application Security
 

Mehr von Symantec Website Security

Сертификаты подписания кода Symantec
Сертификаты подписания кода SymantecСертификаты подписания кода Symantec
Сертификаты подписания кода Symantec
Symantec Website Security
 
Symantec Code Signing (FR)
Symantec Code Signing (FR)Symantec Code Signing (FR)
Symantec Code Signing (FR)
Symantec Website Security
 
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Symantec Website Security
 
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarli
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarliGuida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarli
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarli
Symantec Website Security
 
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clientsGuía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Symantec Website Security
 
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clientsGuía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Symantec Website Security
 
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Symantec Website Security
 
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“
Symantec Website Security
 

Mehr von Symantec Website Security (20)

Symantec Code Sign (NAM)
Symantec Code Sign (NAM)Symantec Code Sign (NAM)
Symantec Code Sign (NAM)
 
Symantec Code Signing (SE)
Symantec Code Signing (SE)Symantec Code Signing (SE)
Symantec Code Signing (SE)
 
Сертификаты подписания кода Symantec
Сертификаты подписания кода SymantecСертификаты подписания кода Symantec
Сертификаты подписания кода Symantec
 
Symantec Code Signing (IT)
Symantec Code Signing (IT)Symantec Code Signing (IT)
Symantec Code Signing (IT)
 
Symantec Code Signing (FR)
Symantec Code Signing (FR)Symantec Code Signing (FR)
Symantec Code Signing (FR)
 
Code signing de Symantec (ES)
Code signing de Symantec (ES)Code signing de Symantec (ES)
Code signing de Symantec (ES)
 
Symantec Code Signing (DE)
Symantec Code Signing (DE)Symantec Code Signing (DE)
Symantec Code Signing (DE)
 
Symantec Code Signing (CH)
Symantec Code Signing (CH)Symantec Code Signing (CH)
Symantec Code Signing (CH)
 
Symantec Code Signing (UK)
Symantec Code Signing (UK)Symantec Code Signing (UK)
Symantec Code Signing (UK)
 
Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...
Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...
Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...
 
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
 
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarli
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarliGuida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarli
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarli
 
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clientsGuía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
 
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clientsGuía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
 
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
 
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“
 
Symantec: The rise of hacktivism and insider threats
Symantec: The rise of hacktivism and insider threatsSymantec: The rise of hacktivism and insider threats
Symantec: The rise of hacktivism and insider threats
 
Symantec SSL Explained
Symantec SSL ExplainedSymantec SSL Explained
Symantec SSL Explained
 
Cybercrime - Attack of the Cyber Spies
Cybercrime - Attack of the Cyber SpiesCybercrime - Attack of the Cyber Spies
Cybercrime - Attack of the Cyber Spies
 
Maine, turvallisuus, luotettavuus... verkkokaupan valuutta
Maine, turvallisuus, luotettavuus... verkkokaupan valuuttaMaine, turvallisuus, luotettavuus... verkkokaupan valuutta
Maine, turvallisuus, luotettavuus... verkkokaupan valuutta
 

Kürzlich hochgeladen

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
Overkill Security
 

Kürzlich hochgeladen (20)

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 

Symantec Website Security Threats: February 2014 Update.

  • 1. WEBSITE SECURITY THREATS: FEBRUARY 2014 UPDATE Thursday 13th February 2014 Andrew Horbury Andrew Shepherd Product Marketing Manager EMEA Marketing Manager andy_horbury@symantec.com andrew_shepherd@symantec.com Website Security Threats: February 2014 Update
  • 2. Agenda 1 Month in Numbers 2 Malware tactics: Redkit, Fake Browsers 3 Mobile Applications 4 Social Media Scams 5 Stranger than fiction 6 Good news Website Security Threats: February 2014 Update
  • 3. The month in numbers • 82% of enterprise Mac users not getting security updates • 16 million online accounts in Germany compromised • 20 million credit card details stolen in South Korea • UK government: “Half of UK people are not protecting themselves online” • Attackers steal personal details from 800,000 Orange customers • Eleven US high school students expelled for hacking teacher accounts, and augmenting their grades • Around 45 retailers affected by POS malware. Website Security Threats: February 2014 Update
  • 4. Malware and toolkits – Redkit, Fake Browser, FedEx • After an absence of 18 months Redkit exploit toolkit returns after Blackhole’s author (Paunch’s) arrest • Phony FedEx: malicious email campaign that impersonates FedEx targets unsuspecting home and business users • Chrime or Chrome? Fake browser update sites aims to trick users into download malware posing as a browser update. Website Security Threats: February 2014 Update
  • 5. Mobile Applications not quite as secure as you would hope • Issues with global banking apps – 4 in 10 banking apps, vulnerable to man in the middle attacks because they don’t validate server SSL certificates – 90 percent of analysed apps contain several unencrypted links which could potentially let an attacker intercept traffic and inject code to display fake login screens to the user. • Its not just the banks… – Starbucks have updated their app after data leakage reported Website Security Threats: February 2014 Update
  • 6. Social Media Scams – RIP, SnapChat, WhatsApp • RIP Scams continue to work and work – The online list of alive ‘dead’ celebs continues to grow – Linking to malicious, apps, sites and phony surveys • SnapChat Spam – Spam uses sexually suggestive images and compromised short URLs • WhatsApp being used to spread malware – messages claim that WhatsApp for PC is available & that the recipient has 11 pending invitations from friends. Website Security Threats: February 2014 Update
  • 7. Stranger than fiction • Thanks but no thanks! Teenager reported to the police for finding website vulnerability • Its that time again…. Academics discover the prefect time for cyber attacks • Who’s to blame for security problems? Surveys say….you, me them, us… EVERYONE Website Security Threats: February 2014 Update
  • 8. Stranger than fiction part two Live from the security HQ at the Superbowl #oops Website Security Threats: February 2014 Update
  • 9. Good News • The fridge comes back in from the cold…. – Spamming fridge is not quite what it seems • Guccifer the celebrity hating hacker arrested – Leaker of Downton Abbey and Sex and City scripts finally shut down • Yahoo defaults to AOSSL • Yahoo enables https encryption by default and more services being added all the time • Tumblr activated SSL this past week Website Security Threats: February 2014 Update
  • 10. Link glossary • POS attacks http://bit.ly/1aTXsfe • Fake Browsers: – http://bit.ly/1eThlCQ – http://bit.ly/1iO7YVN • Redkit http://bit.ly/1dHcwYs • SnapChat http://bit.ly/LTYY5q • WhatsApp http://bit.ly/1gsYXze • Yahoo and SSL http://tnw.co/1bo9Ncc • Symantec Intelligence Report December 2013 http://bit.ly/1fYlxzb • Symantec IOT blog http://bit.ly/1hb4aAy • Rest In Peace Scams http://bit.ly/1ntvUOm • Slides available to download on SlideShare http://slidesha.re/1j2jxIi Website Security Threats: February 2014 Update
  • 11. Next webinar: Thursday 13th March 2014 9.30am UK / 10.30am CET Thank you! Andrew Shepherd andrew_shepherd@symantec.com / +44 7912 552 896 Andrew Horbury andy_horbury@symantec.com / +44 7703 468 966 @andyhorbury Copyright © 2013 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Website Security Threats: February 2014 Update