The document summarizes trends in network security seen in 2009, including increases in vulnerabilities in document readers/editors like PDFs that were exploited by "spear phishing" attacks. Malware became more sophisticated with user-friendly banking trojans and rootkits distributed on legitimate websites. The "Aurora" attacks targeted Google and other companies in 2009 using zero-day exploits. The takedown of the Mariposa botnet in late 2009 arrested three individuals operating a commercial botnet kit.

2. Introduction

5. Agenda

7. From Mainframes to Today’s Internet

10. ARPANET, circa March 1977

14. Network Security

16. Vulnerability Trends of 2009

18. Vulnerability Metrics for 2H 2009

19. Malware Trends of 2009

27. Source: myNetWatchman

28. Source: myNetWatchman

29. Source: myNetWatchman

30. Information Disclosure: Lessons from Airplanes and ATMs

34. Information Disclosure The NSA specifically states that this will not work in their manual on redacting safely: Google: “Redact Confidence”

35. Information Disclosure [Source: Redacting with Confidence: How to Safely Publish Sanitized Reports Converted From Word to PDF]

40. Aurora

51. Other Trends

55. The new .CN

57. The new .CN

59. The new .CN

60. Mariposa / ButterflyBot

63. Commercial Market for ButterflyBot Source: Panda Security

65. ButterflyBot Console Source: Symantec

66. ButterflyBot Master Client Source: Panda Security

67. ButterflyBot Configuration Tool Source: Panda Security

71. Conclusion

73. Q & A