SlideShare ist ein Scribd-Unternehmen logo
1 von 34
OWASP InfoSec India Conference 2012
August 24th – 25th, 2012                                 The OWASP Foundation
Hotel Crowne Plaza, Gurgaon                                     http://www.owasp.org
http://www.owasp.in




         From AppSec to MalSec
        Malware hooked, criminal
               crooked!
                                                         Alok Gupta
                                                 Founder & Managing Director
                                       Pyramid Cyber Security & Forensic
                                                 (P) Limited
                                            Email:alok.gupta@pyramidcyber.com
                                                      +91-9999189650

               OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
Alok Gupta
                 Experience: 20+ years in the Information and
                    Communications Technology (ICT) industry

                 Serial Entrepreneur , Founder & Managing Director,
                    Pyramid Cyber Security & Forensic, a boutique Digital
                    Forensic and specialised Information Security solution
                    and services provider

                 Past member of the National Committee on Information
                    Technology for Confederation of Indian Industries (CII)

                 Advised several Enterprises and Government agencies
                    leverage use of ICT and Information Security to compete
                    and grow in the global economy.

                 Board of Members of the Amity Institute of Cyber Law &
                    Cyber Crimes

                 Member of IMS Law advisory committee
                 Writes Columns, frequently quoted in IT, Security &
                    Forensic media , regularly speaks at several events,
                    workshops, seminars and forums in India and
                    Internationally
OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
Abstract & Agenda
 “Malware is everywhere “and will continue to spread.
 Over the years, malware has infected every corner of the internet, and
    has branched out to industrial espionage to social networks and mobile
    devices too.

 Given the tremendous success cyber criminals enjoy, they will continue
    to use legitimate websites as a primary delivery mode for malware.
    Malware are becoming more sophisticated and customizable. Emergence
    of anti-malware technologies is constantly attempting to tackle such
    threats.

 After all it is bad guys verses the good guys and the battle is on!
 Today’s talk will address what it is, how it infects and spreads, how
    widespread is the problem and what enterprises, governments and
    individuals should do in order to stay protected.

 The discussion will cover analysis, latest trends, strategies for mitigation
    and recent case studies.
          OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)   3
Disclaimer

Everything, I state here is
my opinion and is based
on my limited knowledge
& reseacrh

I am sure that some of you
will already know most of
it so do not get angry!



      OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)   4
Malware Basics
 Malware, is a malicious
  software used or created to
  disrupt computer
  operation, gather sensitive
  information, or gain access
  to computer network and
  mobile systems.
 Malware can appear in the
  form of code, scripts, active
  content, and other
  software.
      OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)   5
The Malware Museum
 Viruses
 Worms
 Trojans
 Spyware/Adware/Ransomware
 Bots / Robots / Agents
 Backdoor / Trapdoor
 Zombie
 Porn Diallers
 Key loggers
 Exploits
 Bug
 Rootkits
            OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
Type of Cyber Malware & attack mode




   OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
Malware History
 40 years ago Bob Thomas began experimenting with
  the concept of a mobile application and developed the
  Creeper program, which had the ability to move from
  machine to machine. Creeper quickly proliferated
  through ARPANET infecting everything in its path, and
  the emergence of the computer virus
 By 1988, the Morris Worm had taken hold and shown
  the power of relatively simple programs to use
  applications and the Internet to rapidly infect large
  numbers of machines in very short periods of time.



      OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
Malware Evolution
 Throughout the 1990s and early 2000s, malware
  continued to evolve, adding new functions and infection
  rates. The power of the malware was largely
  predetermined at the time it was written and logic of
  threat was largely contained within the malware’s code
  itself
 By 2007 first botnets began to appear, and
  fundamentally changed the world of malware. Infected
  hosts could now be centrally controlled by a remote
  attacker, allowing all the individual machines to
  cooperate as one massive distributed malware
  application

       OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
Malware Synthesis
 The attention shifted to designing a platform that could
  sustain an ongoing and dynamic attack. Stealth became
  a primary objective because intruders could now control
  and take advantage of an infected machine for an
  indefinite period of time
 The attacker could now update the malware program at
  will in order to send spam one day and steal credit card
  numbers the next day and so on.
 The strength of a piece of malware came to rest on the
  quality of its communication, management and ability to
  avoid detection.


       OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
Malware Modernization
 Malware development is big business due to associated
  economics. It is no longer a backyard of computer
  hackers. Modern Malware is used for extorting money,
  collecting confidential and proprietary information,
  industrial espionage, social engineering etc. Fraud and
  scare tactics are a major priority of current malware
  creation.
 Affordable massively parallel computing capabilities
  have further fuelled activities such as spam mail
  transmission, DDoS and advanced persistent threats.



       OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
Malware: Key Questions?
 Infection: How is the malware delivered? Via an
   executable, packed into a file, delivered via an infected
   webpage? How does the malware communicate?
 Persistence: Once on the host, how is the host able to
   persist on the infected host without triggering host-based
   security? Does it use a rootkit? Does it disable antivirus?
   Does it install backdoors?
 Communication: The ability to communicate largely
   represents the power of the malware. Does it communicate
   on non-standard ports, encrypt its traffic, use proxies, or
   tunnel within other approved applications?



        OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
Malware Key Questions?
 Command and Control: How is the command-and-
  control managed? Does it get updated configuration files,
  or send and receive messages from peer-to-peer networks?
  How does the malware cope with the loss of a command-
  and-control server?
 Malicious Functions: How to we keep track of the end
  behaviour of the malware. Some malware will remain very
  focused, targeting a specific type of information within a
  specific organization. Others will vary over time, shifting
  with the needs and desires of bot owner.




       OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
Malware Explosion!

Malware continues to grow in terms of
  infection rate and new targets. Last year,
  there were 25 million new, unique strains of
  malware released and that number is
  projected to grow to 87 million by the end of
  2015.
The shift toward BYOD workplace practices
  contributes to increased risk that corporate
  assets will be lost in addition to traditional
  attacks on e-commerce.
      OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
Malware Trends
 SSL no more safe. Cybercriminals can grab your
  username / password before the encryption technology
  kicks in
 Targeted malware is on the rise; malware that accesses
  your browser history will infect you if you meet certain
  criteria
 New malware is hard to spot and remove
 Ransomware is increasing, would not go away unless
  you pay!
 Old problems resurface
 Mobile malware increasing
       OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
Industrial Espionage
              and
     Weaponized Malware




OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
Stuxnet
Targets industrial control
systems and PLC’s such as
Siemens Simatic

Vast array of components used
Zero-day exploits
Windows rootkit
PLC rootkit (first ever)
Antivirus evasion
Peer-to-Peer updates
Signed driver with a valid
certificate

Code changes are hidden


           OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
Duqu

Duqu is a computer
worm discovered on 1
September 2011,
thought to be related
to the Stuxnet worm.

Duqu gathers
information that is useful
in attacking industrial
control systems.
        OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
Flame

   Flame is a
  sophisticated
  attack toolkit


“Flame’s mission is
 not about stealing
   identities. It is
  about gathering
     intelligence


         OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
Gauss
 Gauss is a new class of threat
   that swarms over systems
   searching for private
   information, mostly on
   banking

 Gauss can steal access
   credentials for various online
   banking systems and
   payment methods and various
   information such as network
   interfaces, computer’s drives
   and BIOS

 Gauss can steal browser
   history, social network and
   instant messaging info
        OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
Latest from the Malware Stable




  OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
DNS Malware




OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
Shamoon malware infects, steals data and wipes




  Overwrites the
master boot record                        Steals data from the
of a computer, and                     'Users', 'Documents and
which they suspect                           Settings', and
 is being used in                       'System32/Drivers' and
 targeted attacks                     'System32/Config' folders
  against specific
                                       on Windows computers..
    companies.
         OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
New Android Malware Steals Your Money Via SMS


 Trojan!SMSZombie.A
 in china affected
 5,00,000 mobiles




      OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
Frankenstein virus creates malware by pilfering code

   Frankenstein Virus Can
      build itself on any
    computer from stolen
       snippets of code

   Potential for hard-to-
   detect viruses that are
   stitched together from
   benign code pilfered
   from ordinary programs
         OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
Crisis




 The recently discovered Crisis financial malware can spread
   using capabilities built into VMware virtual machines
 Also known as Morcut, the malicious rootkit spreads via an
   installer that's disguised as an Adobe Flash Player installer
 First malware that attempts to spread onto a virtual
   machine

       OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
Mobile Users-Watch out!
 6 out of every 10 cyber-security breaches occur as a
  result of a mobile device*
 In 2011, malware targeting smartphones increased
  155%
 In a span of just 10 months, the volume of malware
  targeting Android phones increased 3,325%
 A typical security breach costs a business more than
  a half a million dollars*
 In a world of 7 billion people, there are now 5.9
  billion mobile-phone subscribers.

       OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)   27
Mobile Malware Trends




Mobile                                  Automated
  Pickpocketing                               Repackaging
Mobile botnets                          Browser Attacks
Malvertising                            Vulnerable Smart
                                              Devices
     OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)   28
Top malware email attacks in past 30 days.




      OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
Early Warning!
 Treat fraud prevention and
  malware detection in a single
  context
 Analyse crucial information
  for all targeted systems
 Deploy Cyber Intelligence
  that includes host and
  network forensics, data
  auditing and non signature
  based malware detection.


       OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
Sandboxing
 Sandboxing is a
   popular technique
   for creating confined
   execution
   environments, which
   could be used for
   running un trusted
   programs.

 A sandbox limits, or
   reduces, the level of
   access its
   applications have. It
   is a container.



         OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
Analyze Suspicious Files Online




OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
Thanks for your time and attention!
                     Alok Gupta
alok.gupta@pyramidcyber.com
                 +91-9999189650
   OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
Subscribe mailing list




            www.owasp.be
            Keep up to date!




                                                                           34

OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)

Más contenido relacionado

Was ist angesagt?

INSECURE Magazine - 37
INSECURE Magazine - 37INSECURE Magazine - 37
INSECURE Magazine - 37Felipe Prado
 
Augusta gen v presentation adapture v2
Augusta gen v presentation adapture v2Augusta gen v presentation adapture v2
Augusta gen v presentation adapture v2Greg Wartes, MCP
 
Layer8 exploitation: Lock'n Load Target
Layer8 exploitation: Lock'n Load TargetLayer8 exploitation: Lock'n Load Target
Layer8 exploitation: Lock'n Load TargetPrathan Phongthiproek
 
u10a1 Security Plan-Beji Jacob
u10a1 Security Plan-Beji Jacobu10a1 Security Plan-Beji Jacob
u10a1 Security Plan-Beji JacobBeji Jacob
 
Android Security: A Survey of Security Issues and Defenses
Android Security: A Survey of Security Issues and DefensesAndroid Security: A Survey of Security Issues and Defenses
Android Security: A Survey of Security Issues and DefensesIRJET Journal
 
DeltaGRiC_Consulting_SMAC_Digital Innovation Security Conference_Presentation...
DeltaGRiC_Consulting_SMAC_Digital Innovation Security Conference_Presentation...DeltaGRiC_Consulting_SMAC_Digital Innovation Security Conference_Presentation...
DeltaGRiC_Consulting_SMAC_Digital Innovation Security Conference_Presentation...Tunde Ogunkoya
 
Безопасность данных мобильных приложений. Мифы и реальность.
Безопасность данных мобильных приложений. Мифы и реальность.Безопасность данных мобильных приложений. Мифы и реальность.
Безопасность данных мобильных приложений. Мифы и реальность.Advanced monitoring
 
Looking Forward… and Beyond - Distinctiveness Through Security Excellence
Looking Forward… and Beyond - Distinctiveness Through Security ExcellenceLooking Forward… and Beyond - Distinctiveness Through Security Excellence
Looking Forward… and Beyond - Distinctiveness Through Security ExcellenceLudovic Petit
 
Clear and Present Danger
Clear and Present DangerClear and Present Danger
Clear and Present DangerPing Identity
 
IRJET- Root Security Firewall
IRJET-  	  Root Security FirewallIRJET-  	  Root Security Firewall
IRJET- Root Security FirewallIRJET Journal
 
Cyber Warfare e scenari di mercato
Cyber Warfare e scenari di mercatoCyber Warfare e scenari di mercato
Cyber Warfare e scenari di mercatoHP Enterprise Italia
 
Organization And Management Case Study Report, (IOE, TU)
Organization And Management Case Study Report, (IOE, TU)Organization And Management Case Study Report, (IOE, TU)
Organization And Management Case Study Report, (IOE, TU)SushantGautam10
 
Multi Factor Authentication Whitepaper Arx - Intellect Design
Multi Factor Authentication Whitepaper Arx - Intellect DesignMulti Factor Authentication Whitepaper Arx - Intellect Design
Multi Factor Authentication Whitepaper Arx - Intellect DesignRajat Jain
 
Achieving Deeper Network, Mobile and Email Security
Achieving Deeper Network, Mobile and Email SecurityAchieving Deeper Network, Mobile and Email Security
Achieving Deeper Network, Mobile and Email SecurityDell World
 
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...IBM Security
 

Was ist angesagt? (20)

INSECURE Magazine - 37
INSECURE Magazine - 37INSECURE Magazine - 37
INSECURE Magazine - 37
 
Augusta gen v presentation adapture v2
Augusta gen v presentation adapture v2Augusta gen v presentation adapture v2
Augusta gen v presentation adapture v2
 
Check Point Infinity
Check Point Infinity Check Point Infinity
Check Point Infinity
 
Ethical Hacking Course
Ethical Hacking CourseEthical Hacking Course
Ethical Hacking Course
 
Layer8 exploitation: Lock'n Load Target
Layer8 exploitation: Lock'n Load TargetLayer8 exploitation: Lock'n Load Target
Layer8 exploitation: Lock'n Load Target
 
Ethical Hacking Course
Ethical Hacking CourseEthical Hacking Course
Ethical Hacking Course
 
u10a1 Security Plan-Beji Jacob
u10a1 Security Plan-Beji Jacobu10a1 Security Plan-Beji Jacob
u10a1 Security Plan-Beji Jacob
 
Insecure mag-19
Insecure mag-19Insecure mag-19
Insecure mag-19
 
Android Security: A Survey of Security Issues and Defenses
Android Security: A Survey of Security Issues and DefensesAndroid Security: A Survey of Security Issues and Defenses
Android Security: A Survey of Security Issues and Defenses
 
DeltaGRiC_Consulting_SMAC_Digital Innovation Security Conference_Presentation...
DeltaGRiC_Consulting_SMAC_Digital Innovation Security Conference_Presentation...DeltaGRiC_Consulting_SMAC_Digital Innovation Security Conference_Presentation...
DeltaGRiC_Consulting_SMAC_Digital Innovation Security Conference_Presentation...
 
Безопасность данных мобильных приложений. Мифы и реальность.
Безопасность данных мобильных приложений. Мифы и реальность.Безопасность данных мобильных приложений. Мифы и реальность.
Безопасность данных мобильных приложений. Мифы и реальность.
 
Looking Forward… and Beyond - Distinctiveness Through Security Excellence
Looking Forward… and Beyond - Distinctiveness Through Security ExcellenceLooking Forward… and Beyond - Distinctiveness Through Security Excellence
Looking Forward… and Beyond - Distinctiveness Through Security Excellence
 
Clear and Present Danger
Clear and Present DangerClear and Present Danger
Clear and Present Danger
 
IRJET- Root Security Firewall
IRJET-  	  Root Security FirewallIRJET-  	  Root Security Firewall
IRJET- Root Security Firewall
 
Cyber Warfare e scenari di mercato
Cyber Warfare e scenari di mercatoCyber Warfare e scenari di mercato
Cyber Warfare e scenari di mercato
 
Multi factor authentication issa0415-x9
Multi factor authentication issa0415-x9Multi factor authentication issa0415-x9
Multi factor authentication issa0415-x9
 
Organization And Management Case Study Report, (IOE, TU)
Organization And Management Case Study Report, (IOE, TU)Organization And Management Case Study Report, (IOE, TU)
Organization And Management Case Study Report, (IOE, TU)
 
Multi Factor Authentication Whitepaper Arx - Intellect Design
Multi Factor Authentication Whitepaper Arx - Intellect DesignMulti Factor Authentication Whitepaper Arx - Intellect Design
Multi Factor Authentication Whitepaper Arx - Intellect Design
 
Achieving Deeper Network, Mobile and Email Security
Achieving Deeper Network, Mobile and Email SecurityAchieving Deeper Network, Mobile and Email Security
Achieving Deeper Network, Mobile and Email Security
 
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
 

Ähnlich wie From app sec to malsec malware hooked, criminal crooked alok gupta

Panda Security2008
Panda Security2008Panda Security2008
Panda Security2008tswong
 
What are top 7 cyber security trends for 2020
What are top 7 cyber security trends for 2020What are top 7 cyber security trends for 2020
What are top 7 cyber security trends for 2020TestingXperts
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attackMark Silver
 
OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]
OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]
OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]AngelGomezRomero
 
Information Security Risk Analysis And Management
Information Security Risk Analysis And ManagementInformation Security Risk Analysis And Management
Information Security Risk Analysis And ManagementLela Retzlaff
 
Cybersecurity - Poland.pdf
Cybersecurity - Poland.pdfCybersecurity - Poland.pdf
Cybersecurity - Poland.pdfPavelVtek3
 
Hot Cyber Security Technologies
Hot Cyber Security TechnologiesHot Cyber Security Technologies
Hot Cyber Security TechnologiesRuchikaSachdeva4
 
The Most Trusted Cyber Threat Solution Providers in India 2023.pdf
The Most Trusted Cyber Threat Solution Providers in India  2023.pdfThe Most Trusted Cyber Threat Solution Providers in India  2023.pdf
The Most Trusted Cyber Threat Solution Providers in India 2023.pdfinsightssuccess2
 
10 IT Security Trends to Watch for in 2016
10 IT Security Trends to Watch for in 201610 IT Security Trends to Watch for in 2016
10 IT Security Trends to Watch for in 2016Core Security
 
The 5 most trusted cyber security companies to watch.
The 5 most trusted cyber security companies to watch.The 5 most trusted cyber security companies to watch.
The 5 most trusted cyber security companies to watch.Merry D'souza
 
Network Security Applications
Network Security ApplicationsNetwork Security Applications
Network Security ApplicationsMelissa Grant
 
kaspersky presentation for palette business solution June 2016 v1.0.
kaspersky presentation for palette business solution June 2016 v1.0.kaspersky presentation for palette business solution June 2016 v1.0.
kaspersky presentation for palette business solution June 2016 v1.0.Onwubiko Emmanuel
 
Improve network safety through better visibility – Netmagic
Improve network safety through better visibility – NetmagicImprove network safety through better visibility – Netmagic
Improve network safety through better visibility – NetmagicNetmagic Solutions Pvt. Ltd.
 
Patches Arrren't Just for Pirates
Patches Arrren't Just for PiratesPatches Arrren't Just for Pirates
Patches Arrren't Just for Pirateswebnowires
 

Ähnlich wie From app sec to malsec malware hooked, criminal crooked alok gupta (20)

Panda Security2008
Panda Security2008Panda Security2008
Panda Security2008
 
What are top 7 cyber security trends for 2020
What are top 7 cyber security trends for 2020What are top 7 cyber security trends for 2020
What are top 7 cyber security trends for 2020
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attack
 
OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]
OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]
OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]
 
Information Security Risk Analysis And Management
Information Security Risk Analysis And ManagementInformation Security Risk Analysis And Management
Information Security Risk Analysis And Management
 
Cybersecurity - Poland.pdf
Cybersecurity - Poland.pdfCybersecurity - Poland.pdf
Cybersecurity - Poland.pdf
 
SAHITHI.PPT.pptx
SAHITHI.PPT.pptxSAHITHI.PPT.pptx
SAHITHI.PPT.pptx
 
Hot Cyber Security Technologies
Hot Cyber Security TechnologiesHot Cyber Security Technologies
Hot Cyber Security Technologies
 
The Most Trusted Cyber Threat Solution Providers in India 2023.pdf
The Most Trusted Cyber Threat Solution Providers in India  2023.pdfThe Most Trusted Cyber Threat Solution Providers in India  2023.pdf
The Most Trusted Cyber Threat Solution Providers in India 2023.pdf
 
The 10 most trusted cyber security solution providers 2018
The 10 most trusted cyber security solution providers 2018The 10 most trusted cyber security solution providers 2018
The 10 most trusted cyber security solution providers 2018
 
10 IT Security Trends to Watch for in 2016
10 IT Security Trends to Watch for in 201610 IT Security Trends to Watch for in 2016
10 IT Security Trends to Watch for in 2016
 
10 Things to Watch for in 2016
10 Things to Watch for in 201610 Things to Watch for in 2016
10 Things to Watch for in 2016
 
Security Threats Predictions in 2015 – Netmagic
Security Threats Predictions in 2015 – NetmagicSecurity Threats Predictions in 2015 – Netmagic
Security Threats Predictions in 2015 – Netmagic
 
The 5 most trusted cyber security companies to watch.
The 5 most trusted cyber security companies to watch.The 5 most trusted cyber security companies to watch.
The 5 most trusted cyber security companies to watch.
 
Network Security Applications
Network Security ApplicationsNetwork Security Applications
Network Security Applications
 
Mobile Malware
Mobile MalwareMobile Malware
Mobile Malware
 
kaspersky presentation for palette business solution June 2016 v1.0.
kaspersky presentation for palette business solution June 2016 v1.0.kaspersky presentation for palette business solution June 2016 v1.0.
kaspersky presentation for palette business solution June 2016 v1.0.
 
Improve network safety through better visibility – Netmagic
Improve network safety through better visibility – NetmagicImprove network safety through better visibility – Netmagic
Improve network safety through better visibility – Netmagic
 
Insights success the 10 best performing cyber security solution providers 4th...
Insights success the 10 best performing cyber security solution providers 4th...Insights success the 10 best performing cyber security solution providers 4th...
Insights success the 10 best performing cyber security solution providers 4th...
 
Patches Arrren't Just for Pirates
Patches Arrren't Just for PiratesPatches Arrren't Just for Pirates
Patches Arrren't Just for Pirates
 

Mehr von owaspindia

Real time evaluation of national network exposure to emerging threats - fyodo...
Real time evaluation of national network exposure to emerging threats - fyodo...Real time evaluation of national network exposure to emerging threats - fyodo...
Real time evaluation of national network exposure to emerging threats - fyodo...owaspindia
 
Public exploit held private – penetration testing the researcher’s way tama...
Public exploit held private – penetration testing the researcher’s way   tama...Public exploit held private – penetration testing the researcher’s way   tama...
Public exploit held private – penetration testing the researcher’s way tama...owaspindia
 
New and improved hacking oracle from web apps sumit sidharth
New and improved hacking oracle from web apps   sumit sidharthNew and improved hacking oracle from web apps   sumit sidharth
New and improved hacking oracle from web apps sumit sidharthowaspindia
 
Mobile application security – effective methodology, efficient testing! hem...
Mobile application security – effective methodology, efficient testing!   hem...Mobile application security – effective methodology, efficient testing!   hem...
Mobile application security – effective methodology, efficient testing! hem...owaspindia
 
International approaches to critical information infrastructure protection ...
International approaches to critical information infrastructure protection   ...International approaches to critical information infrastructure protection   ...
International approaches to critical information infrastructure protection ...owaspindia
 
Getting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookheyGetting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookheyowaspindia
 
Find me if you can – smart fuzzing and discovery! shreeraj shah
Find me if you can – smart fuzzing and discovery!   shreeraj shahFind me if you can – smart fuzzing and discovery!   shreeraj shah
Find me if you can – smart fuzzing and discovery! shreeraj shahowaspindia
 
The magic of passive web vulnerability analysis lava kumar
The magic of passive web vulnerability analysis   lava kumarThe magic of passive web vulnerability analysis   lava kumar
The magic of passive web vulnerability analysis lava kumarowaspindia
 

Mehr von owaspindia (8)

Real time evaluation of national network exposure to emerging threats - fyodo...
Real time evaluation of national network exposure to emerging threats - fyodo...Real time evaluation of national network exposure to emerging threats - fyodo...
Real time evaluation of national network exposure to emerging threats - fyodo...
 
Public exploit held private – penetration testing the researcher’s way tama...
Public exploit held private – penetration testing the researcher’s way   tama...Public exploit held private – penetration testing the researcher’s way   tama...
Public exploit held private – penetration testing the researcher’s way tama...
 
New and improved hacking oracle from web apps sumit sidharth
New and improved hacking oracle from web apps   sumit sidharthNew and improved hacking oracle from web apps   sumit sidharth
New and improved hacking oracle from web apps sumit sidharth
 
Mobile application security – effective methodology, efficient testing! hem...
Mobile application security – effective methodology, efficient testing!   hem...Mobile application security – effective methodology, efficient testing!   hem...
Mobile application security – effective methodology, efficient testing! hem...
 
International approaches to critical information infrastructure protection ...
International approaches to critical information infrastructure protection   ...International approaches to critical information infrastructure protection   ...
International approaches to critical information infrastructure protection ...
 
Getting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookheyGetting the end point security right! - k. k. mookhey
Getting the end point security right! - k. k. mookhey
 
Find me if you can – smart fuzzing and discovery! shreeraj shah
Find me if you can – smart fuzzing and discovery!   shreeraj shahFind me if you can – smart fuzzing and discovery!   shreeraj shah
Find me if you can – smart fuzzing and discovery! shreeraj shah
 
The magic of passive web vulnerability analysis lava kumar
The magic of passive web vulnerability analysis   lava kumarThe magic of passive web vulnerability analysis   lava kumar
The magic of passive web vulnerability analysis lava kumar
 

Último

UiPath Studio Web workshop Series - Day 3
UiPath Studio Web workshop Series - Day 3UiPath Studio Web workshop Series - Day 3
UiPath Studio Web workshop Series - Day 3DianaGray10
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightSafe Software
 
Where developers are challenged, what developers want and where DevEx is going
Where developers are challenged, what developers want and where DevEx is goingWhere developers are challenged, what developers want and where DevEx is going
Where developers are challenged, what developers want and where DevEx is goingFrancesco Corti
 
LF Energy Webinar - Unveiling OpenEEMeter 4.0
LF Energy Webinar - Unveiling OpenEEMeter 4.0LF Energy Webinar - Unveiling OpenEEMeter 4.0
LF Energy Webinar - Unveiling OpenEEMeter 4.0DanBrown980551
 
Extra-120324-Visite-Entreprise-icare.pdf
Extra-120324-Visite-Entreprise-icare.pdfExtra-120324-Visite-Entreprise-icare.pdf
Extra-120324-Visite-Entreprise-icare.pdfInfopole1
 
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc
 
How to release an Open Source Dataweave Library
How to release an Open Source Dataweave LibraryHow to release an Open Source Dataweave Library
How to release an Open Source Dataweave Libraryshyamraj55
 
3 Pitfalls Everyone Should Avoid with Cloud Data
3 Pitfalls Everyone Should Avoid with Cloud Data3 Pitfalls Everyone Should Avoid with Cloud Data
3 Pitfalls Everyone Should Avoid with Cloud DataEric D. Schabell
 
Technical SEO for Improved Accessibility WTS FEST
Technical SEO for Improved Accessibility  WTS FESTTechnical SEO for Improved Accessibility  WTS FEST
Technical SEO for Improved Accessibility WTS FESTBillieHyde
 
The New Cloud World Order Is FinOps (Slideshow)
The New Cloud World Order Is FinOps (Slideshow)The New Cloud World Order Is FinOps (Slideshow)
The New Cloud World Order Is FinOps (Slideshow)codyslingerland1
 
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024Alkin Tezuysal
 
Q4 2023 Quarterly Investor Presentation - FINAL - v1.pdf
Q4 2023 Quarterly Investor Presentation - FINAL - v1.pdfQ4 2023 Quarterly Investor Presentation - FINAL - v1.pdf
Q4 2023 Quarterly Investor Presentation - FINAL - v1.pdfTejal81
 
Top 10 Squarespace Development Companies
Top 10 Squarespace Development CompaniesTop 10 Squarespace Development Companies
Top 10 Squarespace Development CompaniesTopCSSGallery
 
Oracle Database 23c Security New Features.pptx
Oracle Database 23c Security New Features.pptxOracle Database 23c Security New Features.pptx
Oracle Database 23c Security New Features.pptxSatishbabu Gunukula
 
Outage Analysis: March 5th/6th 2024 Meta, Comcast, and LinkedIn
Outage Analysis: March 5th/6th 2024 Meta, Comcast, and LinkedInOutage Analysis: March 5th/6th 2024 Meta, Comcast, and LinkedIn
Outage Analysis: March 5th/6th 2024 Meta, Comcast, and LinkedInThousandEyes
 
Explore the UiPath Community and ways you can benefit on your journey to auto...
Explore the UiPath Community and ways you can benefit on your journey to auto...Explore the UiPath Community and ways you can benefit on your journey to auto...
Explore the UiPath Community and ways you can benefit on your journey to auto...DianaGray10
 
UiPath Studio Web workshop series - Day 2
UiPath Studio Web workshop series - Day 2UiPath Studio Web workshop series - Day 2
UiPath Studio Web workshop series - Day 2DianaGray10
 
Graphene Quantum Dots-Based Composites for Biomedical Applications
Graphene Quantum Dots-Based Composites for  Biomedical ApplicationsGraphene Quantum Dots-Based Composites for  Biomedical Applications
Graphene Quantum Dots-Based Composites for Biomedical Applicationsnooralam814309
 
Stobox 4: Revolutionizing Investment in Real-World Assets Through Tokenization
Stobox 4: Revolutionizing Investment in Real-World Assets Through TokenizationStobox 4: Revolutionizing Investment in Real-World Assets Through Tokenization
Stobox 4: Revolutionizing Investment in Real-World Assets Through TokenizationStobox
 
From the origin to the future of Open Source model and business
From the origin to the future of  Open Source model and businessFrom the origin to the future of  Open Source model and business
From the origin to the future of Open Source model and businessFrancesco Corti
 

Último (20)

UiPath Studio Web workshop Series - Day 3
UiPath Studio Web workshop Series - Day 3UiPath Studio Web workshop Series - Day 3
UiPath Studio Web workshop Series - Day 3
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
 
Where developers are challenged, what developers want and where DevEx is going
Where developers are challenged, what developers want and where DevEx is goingWhere developers are challenged, what developers want and where DevEx is going
Where developers are challenged, what developers want and where DevEx is going
 
LF Energy Webinar - Unveiling OpenEEMeter 4.0
LF Energy Webinar - Unveiling OpenEEMeter 4.0LF Energy Webinar - Unveiling OpenEEMeter 4.0
LF Energy Webinar - Unveiling OpenEEMeter 4.0
 
Extra-120324-Visite-Entreprise-icare.pdf
Extra-120324-Visite-Entreprise-icare.pdfExtra-120324-Visite-Entreprise-icare.pdf
Extra-120324-Visite-Entreprise-icare.pdf
 
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
 
How to release an Open Source Dataweave Library
How to release an Open Source Dataweave LibraryHow to release an Open Source Dataweave Library
How to release an Open Source Dataweave Library
 
3 Pitfalls Everyone Should Avoid with Cloud Data
3 Pitfalls Everyone Should Avoid with Cloud Data3 Pitfalls Everyone Should Avoid with Cloud Data
3 Pitfalls Everyone Should Avoid with Cloud Data
 
Technical SEO for Improved Accessibility WTS FEST
Technical SEO for Improved Accessibility  WTS FESTTechnical SEO for Improved Accessibility  WTS FEST
Technical SEO for Improved Accessibility WTS FEST
 
The New Cloud World Order Is FinOps (Slideshow)
The New Cloud World Order Is FinOps (Slideshow)The New Cloud World Order Is FinOps (Slideshow)
The New Cloud World Order Is FinOps (Slideshow)
 
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024
 
Q4 2023 Quarterly Investor Presentation - FINAL - v1.pdf
Q4 2023 Quarterly Investor Presentation - FINAL - v1.pdfQ4 2023 Quarterly Investor Presentation - FINAL - v1.pdf
Q4 2023 Quarterly Investor Presentation - FINAL - v1.pdf
 
Top 10 Squarespace Development Companies
Top 10 Squarespace Development CompaniesTop 10 Squarespace Development Companies
Top 10 Squarespace Development Companies
 
Oracle Database 23c Security New Features.pptx
Oracle Database 23c Security New Features.pptxOracle Database 23c Security New Features.pptx
Oracle Database 23c Security New Features.pptx
 
Outage Analysis: March 5th/6th 2024 Meta, Comcast, and LinkedIn
Outage Analysis: March 5th/6th 2024 Meta, Comcast, and LinkedInOutage Analysis: March 5th/6th 2024 Meta, Comcast, and LinkedIn
Outage Analysis: March 5th/6th 2024 Meta, Comcast, and LinkedIn
 
Explore the UiPath Community and ways you can benefit on your journey to auto...
Explore the UiPath Community and ways you can benefit on your journey to auto...Explore the UiPath Community and ways you can benefit on your journey to auto...
Explore the UiPath Community and ways you can benefit on your journey to auto...
 
UiPath Studio Web workshop series - Day 2
UiPath Studio Web workshop series - Day 2UiPath Studio Web workshop series - Day 2
UiPath Studio Web workshop series - Day 2
 
Graphene Quantum Dots-Based Composites for Biomedical Applications
Graphene Quantum Dots-Based Composites for  Biomedical ApplicationsGraphene Quantum Dots-Based Composites for  Biomedical Applications
Graphene Quantum Dots-Based Composites for Biomedical Applications
 
Stobox 4: Revolutionizing Investment in Real-World Assets Through Tokenization
Stobox 4: Revolutionizing Investment in Real-World Assets Through TokenizationStobox 4: Revolutionizing Investment in Real-World Assets Through Tokenization
Stobox 4: Revolutionizing Investment in Real-World Assets Through Tokenization
 
From the origin to the future of Open Source model and business
From the origin to the future of  Open Source model and businessFrom the origin to the future of  Open Source model and business
From the origin to the future of Open Source model and business
 

From app sec to malsec malware hooked, criminal crooked alok gupta

  • 1. OWASP InfoSec India Conference 2012 August 24th – 25th, 2012 The OWASP Foundation Hotel Crowne Plaza, Gurgaon http://www.owasp.org http://www.owasp.in From AppSec to MalSec Malware hooked, criminal crooked! Alok Gupta Founder & Managing Director Pyramid Cyber Security & Forensic (P) Limited Email:alok.gupta@pyramidcyber.com +91-9999189650 OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 2. Alok Gupta  Experience: 20+ years in the Information and Communications Technology (ICT) industry  Serial Entrepreneur , Founder & Managing Director, Pyramid Cyber Security & Forensic, a boutique Digital Forensic and specialised Information Security solution and services provider  Past member of the National Committee on Information Technology for Confederation of Indian Industries (CII)  Advised several Enterprises and Government agencies leverage use of ICT and Information Security to compete and grow in the global economy.  Board of Members of the Amity Institute of Cyber Law & Cyber Crimes  Member of IMS Law advisory committee  Writes Columns, frequently quoted in IT, Security & Forensic media , regularly speaks at several events, workshops, seminars and forums in India and Internationally OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 3. Abstract & Agenda  “Malware is everywhere “and will continue to spread.  Over the years, malware has infected every corner of the internet, and has branched out to industrial espionage to social networks and mobile devices too.  Given the tremendous success cyber criminals enjoy, they will continue to use legitimate websites as a primary delivery mode for malware. Malware are becoming more sophisticated and customizable. Emergence of anti-malware technologies is constantly attempting to tackle such threats.  After all it is bad guys verses the good guys and the battle is on!  Today’s talk will address what it is, how it infects and spreads, how widespread is the problem and what enterprises, governments and individuals should do in order to stay protected.  The discussion will cover analysis, latest trends, strategies for mitigation and recent case studies. OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India) 3
  • 4. Disclaimer Everything, I state here is my opinion and is based on my limited knowledge & reseacrh I am sure that some of you will already know most of it so do not get angry! OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India) 4
  • 5. Malware Basics  Malware, is a malicious software used or created to disrupt computer operation, gather sensitive information, or gain access to computer network and mobile systems.  Malware can appear in the form of code, scripts, active content, and other software. OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India) 5
  • 6. The Malware Museum  Viruses  Worms  Trojans  Spyware/Adware/Ransomware  Bots / Robots / Agents  Backdoor / Trapdoor  Zombie  Porn Diallers  Key loggers  Exploits  Bug  Rootkits OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 7. Type of Cyber Malware & attack mode OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 8. Malware History  40 years ago Bob Thomas began experimenting with the concept of a mobile application and developed the Creeper program, which had the ability to move from machine to machine. Creeper quickly proliferated through ARPANET infecting everything in its path, and the emergence of the computer virus  By 1988, the Morris Worm had taken hold and shown the power of relatively simple programs to use applications and the Internet to rapidly infect large numbers of machines in very short periods of time. OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 9. Malware Evolution  Throughout the 1990s and early 2000s, malware continued to evolve, adding new functions and infection rates. The power of the malware was largely predetermined at the time it was written and logic of threat was largely contained within the malware’s code itself  By 2007 first botnets began to appear, and fundamentally changed the world of malware. Infected hosts could now be centrally controlled by a remote attacker, allowing all the individual machines to cooperate as one massive distributed malware application OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 10. Malware Synthesis  The attention shifted to designing a platform that could sustain an ongoing and dynamic attack. Stealth became a primary objective because intruders could now control and take advantage of an infected machine for an indefinite period of time  The attacker could now update the malware program at will in order to send spam one day and steal credit card numbers the next day and so on.  The strength of a piece of malware came to rest on the quality of its communication, management and ability to avoid detection. OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 11. Malware Modernization  Malware development is big business due to associated economics. It is no longer a backyard of computer hackers. Modern Malware is used for extorting money, collecting confidential and proprietary information, industrial espionage, social engineering etc. Fraud and scare tactics are a major priority of current malware creation.  Affordable massively parallel computing capabilities have further fuelled activities such as spam mail transmission, DDoS and advanced persistent threats. OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 12. Malware: Key Questions?  Infection: How is the malware delivered? Via an executable, packed into a file, delivered via an infected webpage? How does the malware communicate?  Persistence: Once on the host, how is the host able to persist on the infected host without triggering host-based security? Does it use a rootkit? Does it disable antivirus? Does it install backdoors?  Communication: The ability to communicate largely represents the power of the malware. Does it communicate on non-standard ports, encrypt its traffic, use proxies, or tunnel within other approved applications? OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 13. Malware Key Questions?  Command and Control: How is the command-and- control managed? Does it get updated configuration files, or send and receive messages from peer-to-peer networks? How does the malware cope with the loss of a command- and-control server?  Malicious Functions: How to we keep track of the end behaviour of the malware. Some malware will remain very focused, targeting a specific type of information within a specific organization. Others will vary over time, shifting with the needs and desires of bot owner. OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 14. Malware Explosion! Malware continues to grow in terms of infection rate and new targets. Last year, there were 25 million new, unique strains of malware released and that number is projected to grow to 87 million by the end of 2015. The shift toward BYOD workplace practices contributes to increased risk that corporate assets will be lost in addition to traditional attacks on e-commerce. OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 15. Malware Trends  SSL no more safe. Cybercriminals can grab your username / password before the encryption technology kicks in  Targeted malware is on the rise; malware that accesses your browser history will infect you if you meet certain criteria  New malware is hard to spot and remove  Ransomware is increasing, would not go away unless you pay!  Old problems resurface  Mobile malware increasing OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 16. Industrial Espionage and Weaponized Malware OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 17. Stuxnet Targets industrial control systems and PLC’s such as Siemens Simatic Vast array of components used Zero-day exploits Windows rootkit PLC rootkit (first ever) Antivirus evasion Peer-to-Peer updates Signed driver with a valid certificate Code changes are hidden OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 18. Duqu Duqu is a computer worm discovered on 1 September 2011, thought to be related to the Stuxnet worm. Duqu gathers information that is useful in attacking industrial control systems. OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 19. Flame Flame is a sophisticated attack toolkit “Flame’s mission is not about stealing identities. It is about gathering intelligence OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 20. Gauss  Gauss is a new class of threat that swarms over systems searching for private information, mostly on banking  Gauss can steal access credentials for various online banking systems and payment methods and various information such as network interfaces, computer’s drives and BIOS  Gauss can steal browser history, social network and instant messaging info OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 21. Latest from the Malware Stable OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 22. DNS Malware OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 23. Shamoon malware infects, steals data and wipes Overwrites the master boot record Steals data from the of a computer, and 'Users', 'Documents and which they suspect Settings', and is being used in 'System32/Drivers' and targeted attacks 'System32/Config' folders against specific on Windows computers.. companies. OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 24. New Android Malware Steals Your Money Via SMS Trojan!SMSZombie.A in china affected 5,00,000 mobiles OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 25. Frankenstein virus creates malware by pilfering code Frankenstein Virus Can build itself on any computer from stolen snippets of code Potential for hard-to- detect viruses that are stitched together from benign code pilfered from ordinary programs OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 26. Crisis  The recently discovered Crisis financial malware can spread using capabilities built into VMware virtual machines  Also known as Morcut, the malicious rootkit spreads via an installer that's disguised as an Adobe Flash Player installer  First malware that attempts to spread onto a virtual machine OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 27. Mobile Users-Watch out!  6 out of every 10 cyber-security breaches occur as a result of a mobile device*  In 2011, malware targeting smartphones increased 155%  In a span of just 10 months, the volume of malware targeting Android phones increased 3,325%  A typical security breach costs a business more than a half a million dollars*  In a world of 7 billion people, there are now 5.9 billion mobile-phone subscribers. OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India) 27
  • 28. Mobile Malware Trends Mobile Automated Pickpocketing Repackaging Mobile botnets Browser Attacks Malvertising Vulnerable Smart Devices OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India) 28
  • 29. Top malware email attacks in past 30 days. OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 30. Early Warning!  Treat fraud prevention and malware detection in a single context  Analyse crucial information for all targeted systems  Deploy Cyber Intelligence that includes host and network forensics, data auditing and non signature based malware detection. OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 31. Sandboxing  Sandboxing is a popular technique for creating confined execution environments, which could be used for running un trusted programs.  A sandbox limits, or reduces, the level of access its applications have. It is a container. OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 32. Analyze Suspicious Files Online OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 33. Thanks for your time and attention! Alok Gupta alok.gupta@pyramidcyber.com +91-9999189650 OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)
  • 34. Subscribe mailing list www.owasp.be Keep up to date! 34 OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon (India)