Dell presentation template Standard 4:3 layout
Transcripción
Dell presentation template Standard 4:3 layout
The Threat of Social Media Daniel Ayoub, CISSP, CISA Manager of Product Marketing Today Agenda • Dangers of Social Media • Tips to Help Protect Yourself • How Dell SonicWALL Can Help 2 Confidential SonicWALL Everyone Loves Social Media 3 Confidential SonicWALL But Social Media is Dangerous… http://techland.time.com/2011/03/23/40-of-social-network-users-attacked-by-malware/ 4 Confidential SonicWALL Why Social Media is a Target http://www.comscore.com/Press_Events/Presentations_Whitepapers/2011/it_is_a_social_world_top_10 _need-to-knows_about_social_networking 5 Confidential SonicWALL Dangers of Social Media • Drive-by-Downloads • Malvertising • Targeted Attacks • Worms • Password Theft 6 Confidential SonicWALL Drive-by-Download Malicious Social Media Site Created Social Networking ‘Friends’ Share Malicious Site Victim Voluntarily Clicks Link Victim System Compromised 7 Confidential SonicWALL Drive-by-Downloads Sometimes crafted around recent events… 8 Confidential SonicWALL Drive-by-Downloads (More Examples) Often crafted around fake ‘juicy’ celebrity gossip… 9 Confidential SonicWALL Malvertising – How It Works Malicious Fake Ad Created Ad Server Compromised (Sometimes) Malicious Ad Placed on Legitimate Website Victim Clicks on Fake Ad Victim System Compromised 10 Confidential SonicWALL Malvertising Often crafted to look like warning messages 11 Confidential SonicWALL Malvertising (More Examples) Sometimes crafted to look like legitimate services 12 Confidential SonicWALL Drive-by-Downloads & Malvertising Get Pwned in Under 30 Seconds! 13 Confidential SonicWALL Drive-by-Downloads & Malvertising • Exploits widely deployed service or application 14 Confidential SonicWALL Drive-by-Downloads & Malvertising • Downloads & Installs malware in the background http://www.scmagazineuk.com/worlds-smallest-banking-trojandetected-at-only-20kb/article/243539/ http://www.zdnet.com/blog/security/over-600000-macs-infected-withflashback-trojan/11345 http://www.pcworld.com/businesscenter/article/255979/banking_malwa re_monitors_victims_by_hijacking_webcams_and_microphones_resear chers_say.html 15 Confidential SonicWALL Malvertising Attacks on the Rise http://www.scmagazineuk.com/malvertising-attacks-already-25-up-on-whole-of-2011/article/244475/ 16 Confidential SonicWALL Warnings in the News http://www.itbusiness.ca/it/client/en/home/news.asp?id=64416 http://www.zdnet.com/blog/security/report-3-million-malvertising-impressions-served-per-day/8319 http://www.infosecisland.com/blogview/14371-Malvertising-The-Use-of-Malicious-Ads-to-Install-Malware.html 17 Confidential SonicWALL Security Acquisitions http://www.eweek.com/c/a/Security/Twitter-Acquires-Dasient-for-AntiMalvertising-Security-Technology-464461/ 18 Confidential SonicWALL The Industry Responds… http://www.pcworld.com/article/257584/facebook_twitter_google_aol_join_new_alliance_to_fight_bad_ads.html 19 Confidential SonicWALL Targeted Attacks 20 Confidential SonicWALL Personal Information http://www.guardian.co.uk/technology/2012/feb/01/social-media-smartphones-stalking 21 Confidential SonicWALL ‘Private’ is not always private… http://www.cbc.ca/news/politics/story/2012/05/29/pol-social-media-privacy.html 22 Confidential SonicWALL Social Media Engineering http://www.securityweek.com/social-media-makes-way-social-engineering 23 Confidential SonicWALL Free FBI Report – Social Networking Risks http://www.fbi.gov/about-us/investigate/counterintelligence/internet-social-networking-risks-1/at_download/file 24 Confidential SonicWALL Worms 25 Confidential SonicWALL Worms – How They Works Victim Receives Link From Their Friend Victim Clicks Friend’s Link Victim’s System Compromised Victim’s Facebook Credentials Stolen Compromised Account Posts Link to Worm on all Friends pages 26 Confidential SonicWALL Ramnit Worm http://www.techspot.com/news/46929-ramnit-worm-targets-facebook-45000-logins-compromised.html 27 Confidential SonicWALL LilyJade Worm http://news.techworld.com/security/3359167/facebook-spreading-cross-browser-lilyjade-worm-security-experts-warn/ 28 Confidential SonicWALL Koobface Worm http://www.computerworld.com/s/article/9128842/Koobface_worm_to_users_Be_my_Facebook_friend 29 Confidential SonicWALL Social Media Worms Faster than a speeding bullet… 30 Confidential SonicWALL Password Theft 31 Confidential SonicWALL Passwords Stolen http://www.infoworld.com/t/hacking/65-million-linkedin-passwords-reportedly-stolen-posted-online-194976 32 Confidential SonicWALL Passwords Stolen http://www.pcworld.com/article/255326/twitter_breached_50k_accounts_posted_to_internet.html 33 Confidential SonicWALL Passwords Stolen http://mashable.com/2012/06/07/eharmony-password-hacking/ 34 Confidential SonicWALL Passwords Stolen http://www.theregister.co.uk/2012/01/05/ramnit_social_networking/ 35 Confidential SonicWALL Passwords Stolen http://www.nytimes.com/2011/06/02/technology/02google.html 36 Confidential SonicWALL Keeping Yourself Safe 37 Confidential SonicWALL Use Strong Passwords & Change Them Often 38 Confidential SonicWALL Be Careful What You Post 39 Confidential SonicWALL Do Not ‘Friend’ Strangers 40 Confidential SonicWALL Use Anti-Virus 41 Confidential SonicWALL Save Files, Scan Them, Then Open 42 Confidential SonicWALL Always Install Software Updates 43 Confidential SonicWALL Free Tools to Protect Yourself 44 Confidential SonicWALL • Showing these products does not indicate an endorsement or recommendation, I’m simply providing you some free tools which you may wish to consider. • Free versions of software often do not provide the same features or level of protection that full version do. • Use at your own risk. 45 Confidential SonicWALL Free Anti-Virus (Full paid versions are best) http://www.malwarebytes.org/products/malwarebytes_free http://free.avg.com/us-en/free-antivirus-download http://windows.microsoft.com/en-US/windows/products/security-essentials 46 Confidential SonicWALL Free Online Virus Scan https://www.virustotal.com/ 47 Confidential SonicWALL Expand URL’s Before Clicking http://knowurl.com/ http://urlex.org/ http://longurl.org/ 48 Confidential SonicWALL Free Patch Management (Full paid versions are best) http://searchenterprisedesktop.techtarget.com/feature/Patch-Management-Toolbox http://secunia.com/products/consumer/psi/ 49 Confidential SonicWALL Free Vulnerability Scanning (For Home Use Only) http://www.tenable.com/products/nessus/ne ssus-product-overview http://www.rapid7.com/vulnerabilityscanner.jsp 50 Confidential SonicWALL No Script + Adblock + HTTPS Everywhere http://noscript.net/ https://www.eff.org/https-everywhere https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/ 51 Confidential SonicWALL Free Security Tools http://sectools.org/ 52 Confidential SonicWALL Free Tools - Dell KACE http://www.kace.com/products/freetools 53 Confidential SonicWALL Free Tools – Dell SecureWorks http://www.secureworks.com/research/tools/ 54 Confidential SonicWALL Dell SonicWALL Solutions 55 Confidential SonicWALL Deep Packet Inspection 56 Confidential SonicWALL Intrusion Prevention + Gateway Anti-Virus 57 Confidential SonicWALL Client Enforced Anti-Virus 58 Confidential SonicWALL Dell SonicWALL Live Demo Site http://livedemo.sonicwall.com/ 59 Confidential SonicWALL Other Free Webinars http://www.brighttalk.com/webcast/1745/42903 http://www.brighttalk.com/webcast/1745/40935 http://www.brighttalk.com/webcast/1745/38475 60 Confidential SonicWALL Daniel Ayoub, CISSP, CISA Product Marketing Manager Follow Me on Twitter @DanielAyoub sonicwall.com/webinar_slides 61 Confidential SonicWALL