SlideShare una empresa de Scribd logo

Insights from CYREN's Q2 2014 Internet Threats Trend Report

Descargar como PPTX, PDF
Cyren, Inc
Cyren, Inc

Insights from CYREN's Q2 2014 Internet Threats Trend Report

Tecnología
1 de 31
21 August 2014 © 2014 CYREN Confidential and Proprietary INSIGHTS FROM CYREN'S NEW Q2 TREND REPORT
© 2014 CYREN Confidential and Proprietary 2 IN TODAY’S WEBINAR  Android ransomware and banking malware  The rise and fall (and rise) of Zbot  PDFs and Docs – real and unreal  Worldwide, World Cup phishing  Stock scams with Oakmont Stratton
© 2014 CYREN Confidential and Proprietary 3 © 2014 CYREN Confidential and Proprietary ANDROID MALWARE TRENDS
© 2014 CYREN Confidential and Proprietary 4 PC RANSOMWARE
© 2014 CYREN Confidential and Proprietary 5 POLL – RANSOMWARE HONESTY  Do you know someone who paid the ransom? Did they get their files back?  They paid and got their files back  They paid and lost their files  They refused to pay and lost their files  They refused to pay and managed to regain access to their PC  Happily I don’t know anyone who has been infected
© 2014 CYREN Confidential and Proprietary 6 ANDROID RANSOMWARE ARRIVES  May – “ransomware” – but no encryption  June – ransomware with encryption AndroidOS/Simplocker. A.gen!Eldorado.
© 2014 CYREN Confidential and Proprietary 7 ANDROID RANSOMWARE ARRIVES  Before and after encryption  Scans SD card and encrypts files like .jpg, .png, .doc amongst others
© 2014 CYREN Confidential and Proprietary 8 ANDROID IBANKING MALWARE  SMS/spyware – collects  Text messages,  Phone calls  Recorded audio  Works in tandem with PC- based malware  Intercepts SMS codes sent by banks  Android OS/Agent.HJ
© 2014 CYREN Confidential and Proprietary 9 UNKNOWN SOURCES?
© 2014 CYREN Confidential and Proprietary 10 NO MALWARE DETECTED  ''Virus Shield'', priced at $3.99 in the Google Play store  30,000 copies in April  Does nothing
© 2014 CYREN Confidential and Proprietary 11 POLL: YOUR MOBILE APPS  Where do you download apps  Android: The Google Play Store  Android: Anywhere I can find apps  iOS: Only the iTunes Store  iOS: Jailbroken device – anywhere I can find apps
© 2014 CYREN Confidential and Proprietary MALWARE TRENDS
© 2014 CYREN Confidential and Proprietary 13 A QUICK ZBOT HISTORY  Zeus Trojan (PC) discovered ~2007  Generally steals credentials - Banks, email, social media  Keyloggers, screenshots  Sold as botnet creation kit  Zeus botnet, other botnets  Distributed command and control  Millions of victims  2012 – Microsoft takedown of SpyEye  Gameover Zbot  Peer to peer encrypted botnet  June 2014- Operation Tovar disrupted botnet  July – new variants emerging…
© 2014 CYREN Confidential and Proprietary 14 ONE OF THE LAST ZBOT EMAILS  Attachment: Eonenergy-Bill-29052014.scr displays a PDF icon  W32/Zbot.BXN
© 2014 CYREN Confidential and Proprietary 15 ANOTHER ZBOT SENT USING DROPBOX
© 2014 CYREN Confidential and Proprietary 16 ACTUAL PDFS CAN ALSO BE PROBLEMATIC  Securedoc.pdf from BoA  Versions of reader attacked: 9.3x – 9.5x, 10.1x, 11, 11.001  (The current version is 11.0.07)
© 2014 CYREN Confidential and Proprietary 17 WORD DOCS TO AVOID  traking_doc_MW42133077 1CA.doc  aircanada_eticket_[random _number].doc  efax__[random_number].d oc  file- _[random_number]_doc  President Obama’s Speech.doc
© 2014 CYREN Confidential and Proprietary 18 SECURITY EDUCATION POLL  Do you think people are aware that a PDF or Doc file could be harmful?  Yes  No
© 2014 CYREN Confidential and Proprietary PHISHING TRENDS
© 2014 CYREN Confidential and Proprietary 20 WORLD CUP PHISHING  Chance to win “World-Cup” related prizes  Cielo – biggest credit card provider in Brazil
© 2014 CYREN Confidential and Proprietary 21 GLOBAL BANK PHISHING  Global brands  American Express, Bank of America, or Barclays  Country-specific  Natwest (Britain)  Danske Bank (Denmark)  Swedbank and SEB (Sweden)  Bank of India (India)  Credem (Italy)  Hypovereinsbank (Germany)
© 2014 CYREN Confidential and Proprietary SPAM TRENDS
© 2014 CYREN Confidential and Proprietary 23 SPAM LEVELS  Spam levels continue to drop  June average is lowest in 5 years! Q2 Average 55 Billion June Average 49 Billion
© 2014 CYREN Confidential and Proprietary 24 Q2 SPAM TOPICS Pharmacy Products 43% Job Offer 22% Stock 17% Diet 8% Other 4% Online Casino 3% Phishing 2% Malware 1% Pharmacy Products Job Offer Stock Diet Other Online Casino Phishing Malware
© 2014 CYREN Confidential and Proprietary 25 PUMP AND DUMP - RCHA  Buy: 417,000 @ 0.19  Sell: Many more @ 0.36  Profit ~$63,000
© 2014 CYREN Confidential and Proprietary 26 Q2 SPAM COUNTRIES, SPAM ZOMBIES Argentina 8% Spain 8% Vietnam 7% United States 6% Germany 5% Italy 5% Iran 4%Brazil 4% Colombia 4% Mexico 3% Others 46%
© 2014 CYREN Confidential and Proprietary 27 SAVING HOSTING COSTS…  Google Docs phishing email  Google logo at the top stored on legitimate Internet security blog called http://www.onlinethreatalerts.com/
© 2014 CYREN Confidential and Proprietary GLOBALVIEW
© 2014 CYREN Confidential and Proprietary 29 GLOBALVIEW CLOUD AND PRODUCT FAMILIES WEB EMAILANTIMALWARE CYREN WebSecurity URL-Filtering MobileSecurity AntiVirus CYREN EmailSecurity Email Messaging Suite AntiSpam Outbound AntiSpam IP Reputation AntiVirus for Email GlobalViewTM Cloud
© 2014 CYREN Confidential and Proprietary 30 We focus on our core competencies so our partners can focus on theirs.  Technical Account Managers  Partner Success Program COMMITTED TO PARTNER SUCCESS WHAT MAKES US DIFFERENT © 2014 CYREN Confidential and Proprietary
© 2014 CYREN Confidential and Proprietary ANY QUESTIONS?

Recomendados

HP WebInspect
HP WebInspectHP WebInspect
HP WebInspectrohit_ta
 
CISSP Week 13
CISSP Week 13CISSP Week 13
CISSP Week 13jemtallon
 
Information Security - is it everyone's job?
Information Security - is it everyone's job? Information Security - is it everyone's job?
Information Security - is it everyone's job? Brian A. Johnson
 
Webinar: Is There A Blind Spot In Your Cyberthreat Vision?
Webinar: Is There A Blind Spot In Your Cyberthreat Vision?Webinar: Is There A Blind Spot In Your Cyberthreat Vision?
Webinar: Is There A Blind Spot In Your Cyberthreat Vision?Cyren, Inc
 
Webinar: Insights from CYREN's Q3 trend report
Webinar: Insights from CYREN's Q3 trend reportWebinar: Insights from CYREN's Q3 trend report
Webinar: Insights from CYREN's Q3 trend reportCyren, Inc
 
dotProjects visie op mobiele websites en apps
dotProjects visie op mobiele websites en appsdotProjects visie op mobiele websites en apps
dotProjects visie op mobiele websites en appsCrossLang / CrossCheck / CrossCast
 
Top mobile security threats
Top mobile security threatsTop mobile security threats
Top mobile security threatsRingtoIndia
 
Law Firms in a BYOD World
Law Firms in a BYOD WorldLaw Firms in a BYOD World
Law Firms in a BYOD WorldBrian Focht
 

Recomendados

HP WebInspect
HP WebInspectHP WebInspect
HP WebInspectrohit_ta
 
CISSP Week 13
CISSP Week 13CISSP Week 13
CISSP Week 13jemtallon
 
Information Security - is it everyone's job?
Information Security - is it everyone's job? Information Security - is it everyone's job?
Information Security - is it everyone's job? Brian A. Johnson
 
Webinar: Is There A Blind Spot In Your Cyberthreat Vision?
Webinar: Is There A Blind Spot In Your Cyberthreat Vision?Webinar: Is There A Blind Spot In Your Cyberthreat Vision?
Webinar: Is There A Blind Spot In Your Cyberthreat Vision?Cyren, Inc
 
Webinar: Insights from CYREN's Q3 trend report
Webinar: Insights from CYREN's Q3 trend reportWebinar: Insights from CYREN's Q3 trend report
Webinar: Insights from CYREN's Q3 trend reportCyren, Inc
 
dotProjects visie op mobiele websites en apps
dotProjects visie op mobiele websites en appsdotProjects visie op mobiele websites en apps
dotProjects visie op mobiele websites en appsCrossLang / CrossCheck / CrossCast
 
Top mobile security threats
Top mobile security threatsTop mobile security threats
Top mobile security threatsRingtoIndia
 
Law Firms in a BYOD World
Law Firms in a BYOD WorldLaw Firms in a BYOD World
Law Firms in a BYOD WorldBrian Focht
 
Webinar: Insights from CYREN's 2015 Cyber Threats Yearbook
Webinar: Insights from CYREN's 2015 Cyber Threats YearbookWebinar: Insights from CYREN's 2015 Cyber Threats Yearbook
Webinar: Insights from CYREN's 2015 Cyber Threats YearbookCyren, Inc
 
Emerging Threats and Trends in Online Security
Emerging Threats and Trends in Online SecurityEmerging Threats and Trends in Online Security
Emerging Threats and Trends in Online SecurityAVG Technologies AU
 
F-Secure Security Threat Report, H1 2012
F-Secure Security Threat Report, H1 2012F-Secure Security Threat Report, H1 2012
F-Secure Security Threat Report, H1 2012F-Secure Corporation
 
Webinar: Is your web security broken? - 10 things you need to know
Webinar: Is your web security broken? - 10 things you need to knowWebinar: Is your web security broken? - 10 things you need to know
Webinar: Is your web security broken? - 10 things you need to knowCyren, Inc
 
Webinar: A deep dive on ransomware
Webinar: A deep dive on ransomwareWebinar: A deep dive on ransomware
Webinar: A deep dive on ransomwareCyren, Inc
 
Copy of Managing Your Digital Footprint
Copy of Managing Your Digital FootprintCopy of Managing Your Digital Footprint
Copy of Managing Your Digital FootprintJames Webb
 
Current Threat Landscape, Global Trends and Best Practices within Financial F...
Current Threat Landscape, Global Trends and Best Practices within Financial F...Current Threat Landscape, Global Trends and Best Practices within Financial F...
Current Threat Landscape, Global Trends and Best Practices within Financial F...IBM Sverige
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber CrimeShreyash Patel
 
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...Cyren, Inc
 
Black Duck Software’s 2014 Review
Black Duck Software’s 2014 ReviewBlack Duck Software’s 2014 Review
Black Duck Software’s 2014 ReviewBlack Duck by Synopsys
 
Webinar: Dispelling the Myths about Cloud Security
Webinar: Dispelling the Myths about Cloud SecurityWebinar: Dispelling the Myths about Cloud Security
Webinar: Dispelling the Myths about Cloud SecurityCyren, Inc
 
Webinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxingWebinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxingCyren, Inc
 
Mobiele sites en applicatie op Drupal
Mobiele sites en applicatie op DrupalMobiele sites en applicatie op Drupal
Mobiele sites en applicatie op DrupalCrossLang / CrossCheck / CrossCast
 
WHITE PAPER▶ The Evolution of Ransomware
WHITE PAPER▶ The Evolution of RansomwareWHITE PAPER▶ The Evolution of Ransomware
WHITE PAPER▶ The Evolution of RansomwareSymantec
 
Rpt repeating-history
Rpt repeating-historyRpt repeating-history
Rpt repeating-historyAnatoliy Tkachev
 
Stop Watering Holes, Spear-Phishing and Drive-by Downloads
Stop Watering Holes, Spear-Phishing and Drive-by DownloadsStop Watering Holes, Spear-Phishing and Drive-by Downloads
Stop Watering Holes, Spear-Phishing and Drive-by DownloadsInvincea, Inc.
 
Malware's Most Wanted: CryptoLocker—The Ransomware Trojan
Malware's Most Wanted: CryptoLocker—The Ransomware TrojanMalware's Most Wanted: CryptoLocker—The Ransomware Trojan
Malware's Most Wanted: CryptoLocker—The Ransomware TrojanCyphort
 
CYREN 2013년 인터넷 위협 보고서_영문
CYREN 2013년 인터넷 위협 보고서_영문CYREN 2013년 인터넷 위협 보고서_영문
CYREN 2013년 인터넷 위협 보고서_영문Jiransoft Korea
 
Ransomware-as-a-Service: The business of distributing cyber attacks
Ransomware-as-a-Service: The business of distributing cyber attacksRansomware-as-a-Service: The business of distributing cyber attacks
Ransomware-as-a-Service: The business of distributing cyber attacksΔρ. Γιώργος K. Κασάπης
 
Security And Privacy Cagliari 2012
Security And Privacy Cagliari 2012Security And Privacy Cagliari 2012
Security And Privacy Cagliari 2012Marco Morana
 
Webinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat reportWebinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat reportCyren, Inc
 
Webinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array worksWebinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array worksCyren, Inc
 

Más contenido relacionado

Similar a Insights from CYREN's Q2 2014 Internet Threats Trend Report

Webinar: Insights from CYREN's 2015 Cyber Threats Yearbook
Webinar: Insights from CYREN's 2015 Cyber Threats YearbookWebinar: Insights from CYREN's 2015 Cyber Threats Yearbook
Webinar: Insights from CYREN's 2015 Cyber Threats YearbookCyren, Inc
 
Emerging Threats and Trends in Online Security
Emerging Threats and Trends in Online SecurityEmerging Threats and Trends in Online Security
Emerging Threats and Trends in Online SecurityAVG Technologies AU
 
F-Secure Security Threat Report, H1 2012
F-Secure Security Threat Report, H1 2012F-Secure Security Threat Report, H1 2012
F-Secure Security Threat Report, H1 2012F-Secure Corporation
 
Webinar: Is your web security broken? - 10 things you need to know
Webinar: Is your web security broken? - 10 things you need to knowWebinar: Is your web security broken? - 10 things you need to know
Webinar: Is your web security broken? - 10 things you need to knowCyren, Inc
 
Webinar: A deep dive on ransomware
Webinar: A deep dive on ransomwareWebinar: A deep dive on ransomware
Webinar: A deep dive on ransomwareCyren, Inc
 
Copy of Managing Your Digital Footprint
Copy of Managing Your Digital FootprintCopy of Managing Your Digital Footprint
Copy of Managing Your Digital FootprintJames Webb
 
Current Threat Landscape, Global Trends and Best Practices within Financial F...
Current Threat Landscape, Global Trends and Best Practices within Financial F...Current Threat Landscape, Global Trends and Best Practices within Financial F...
Current Threat Landscape, Global Trends and Best Practices within Financial F...IBM Sverige
 
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...Cyren, Inc
 
Webinar: Dispelling the Myths about Cloud Security
Webinar: Dispelling the Myths about Cloud SecurityWebinar: Dispelling the Myths about Cloud Security
Webinar: Dispelling the Myths about Cloud SecurityCyren, Inc
 
Webinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxingWebinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxingCyren, Inc
 
WHITE PAPER▶ The Evolution of Ransomware
WHITE PAPER▶ The Evolution of RansomwareWHITE PAPER▶ The Evolution of Ransomware
WHITE PAPER▶ The Evolution of RansomwareSymantec
 
Stop Watering Holes, Spear-Phishing and Drive-by Downloads
Stop Watering Holes, Spear-Phishing and Drive-by DownloadsStop Watering Holes, Spear-Phishing and Drive-by Downloads
Stop Watering Holes, Spear-Phishing and Drive-by DownloadsInvincea, Inc.
 
Malware's Most Wanted: CryptoLocker—The Ransomware Trojan
Malware's Most Wanted: CryptoLocker—The Ransomware TrojanMalware's Most Wanted: CryptoLocker—The Ransomware Trojan
Malware's Most Wanted: CryptoLocker—The Ransomware TrojanCyphort
 
CYREN 2013년 인터넷 위협 보고서_영문
CYREN 2013년 인터넷 위협 보고서_영문CYREN 2013년 인터넷 위협 보고서_영문
CYREN 2013년 인터넷 위협 보고서_영문Jiransoft Korea
 
Security And Privacy Cagliari 2012
Security And Privacy Cagliari 2012Security And Privacy Cagliari 2012
Security And Privacy Cagliari 2012Marco Morana
 

Similar a Insights from CYREN's Q2 2014 Internet Threats Trend Report (20)

Webinar: Insights from CYREN's 2015 Cyber Threats Yearbook
Webinar: Insights from CYREN's 2015 Cyber Threats YearbookWebinar: Insights from CYREN's 2015 Cyber Threats Yearbook
Webinar: Insights from CYREN's 2015 Cyber Threats Yearbook
 
Emerging Threats and Trends in Online Security
Emerging Threats and Trends in Online SecurityEmerging Threats and Trends in Online Security
Emerging Threats and Trends in Online Security
 
F-Secure Security Threat Report, H1 2012
F-Secure Security Threat Report, H1 2012F-Secure Security Threat Report, H1 2012
F-Secure Security Threat Report, H1 2012
 
Webinar: Is your web security broken? - 10 things you need to know
Webinar: Is your web security broken? - 10 things you need to knowWebinar: Is your web security broken? - 10 things you need to know
Webinar: Is your web security broken? - 10 things you need to know
 
Webinar: A deep dive on ransomware
Webinar: A deep dive on ransomwareWebinar: A deep dive on ransomware
Webinar: A deep dive on ransomware
 
Copy of Managing Your Digital Footprint
Copy of Managing Your Digital FootprintCopy of Managing Your Digital Footprint
Copy of Managing Your Digital Footprint
 
Current Threat Landscape, Global Trends and Best Practices within Financial F...
Current Threat Landscape, Global Trends and Best Practices within Financial F...Current Threat Landscape, Global Trends and Best Practices within Financial F...
Current Threat Landscape, Global Trends and Best Practices within Financial F...
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
 
Black Duck Software’s 2014 Review
Black Duck Software’s 2014 ReviewBlack Duck Software’s 2014 Review
Black Duck Software’s 2014 Review
 
Webinar: Dispelling the Myths about Cloud Security
Webinar: Dispelling the Myths about Cloud SecurityWebinar: Dispelling the Myths about Cloud Security
Webinar: Dispelling the Myths about Cloud Security
 
Webinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxingWebinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxing
 
Mobiele sites en applicatie op Drupal
Mobiele sites en applicatie op DrupalMobiele sites en applicatie op Drupal
Mobiele sites en applicatie op Drupal
 
WHITE PAPER▶ The Evolution of Ransomware
WHITE PAPER▶ The Evolution of RansomwareWHITE PAPER▶ The Evolution of Ransomware
WHITE PAPER▶ The Evolution of Ransomware
 
Rpt repeating-history
Rpt repeating-historyRpt repeating-history
Rpt repeating-history
 
Stop Watering Holes, Spear-Phishing and Drive-by Downloads
Stop Watering Holes, Spear-Phishing and Drive-by DownloadsStop Watering Holes, Spear-Phishing and Drive-by Downloads
Stop Watering Holes, Spear-Phishing and Drive-by Downloads
 
Malware's Most Wanted: CryptoLocker—The Ransomware Trojan
Malware's Most Wanted: CryptoLocker—The Ransomware TrojanMalware's Most Wanted: CryptoLocker—The Ransomware Trojan
Malware's Most Wanted: CryptoLocker—The Ransomware Trojan
 
CYREN 2013년 인터넷 위협 보고서_영문
CYREN 2013년 인터넷 위협 보고서_영문CYREN 2013년 인터넷 위협 보고서_영문
CYREN 2013년 인터넷 위협 보고서_영문
 
Ransomware-as-a-Service: The business of distributing cyber attacks
Ransomware-as-a-Service: The business of distributing cyber attacksRansomware-as-a-Service: The business of distributing cyber attacks
Ransomware-as-a-Service: The business of distributing cyber attacks
 
Security And Privacy Cagliari 2012
Security And Privacy Cagliari 2012Security And Privacy Cagliari 2012
Security And Privacy Cagliari 2012
 

Más de Cyren, Inc

Webinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat reportWebinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat reportCyren, Inc
 
Webinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array worksWebinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array worksCyren, Inc
 
Webinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking surveyWebinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking surveyCyren, Inc
 
Webinar: A deep dive on phishing, today's #1 business threat
Webinar: A deep dive on phishing, today's #1 business threatWebinar: A deep dive on phishing, today's #1 business threat
Webinar: A deep dive on phishing, today's #1 business threatCyren, Inc
 
Webinar: Botnets - The clone army of cybercrime
Webinar: Botnets - The clone army of cybercrimeWebinar: Botnets - The clone army of cybercrime
Webinar: Botnets - The clone army of cybercrimeCyren, Inc
 
Webinar: How hackers are making your security obsolete
Webinar: How hackers are making your security obsoleteWebinar: How hackers are making your security obsolete
Webinar: How hackers are making your security obsoleteCyren, Inc
 
Webinar: 10 steps you can take to protect your business from phishing attacks
Webinar: 10 steps you can take to protect your business from phishing attacksWebinar: 10 steps you can take to protect your business from phishing attacks
Webinar: 10 steps you can take to protect your business from phishing attacksCyren, Inc
 
Webinar: Cloud-Based Web Security as First/Last Line of Defense
Webinar: Cloud-Based Web Security as First/Last Line of DefenseWebinar: Cloud-Based Web Security as First/Last Line of Defense
Webinar: Cloud-Based Web Security as First/Last Line of DefenseCyren, Inc
 
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat Report
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat ReportWebinar: Insights from CYREN's 2015-Q3 Cyber Threat Report
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat ReportCyren, Inc
 
Webinar: Insights from CYREN's 2015 Q2 Cyber Threats Report
Webinar: Insights from CYREN's 2015 Q2 Cyber Threats ReportWebinar: Insights from CYREN's 2015 Q2 Cyber Threats Report
Webinar: Insights from CYREN's 2015 Q2 Cyber Threats ReportCyren, Inc
 
Webinar: CYREN WebSecurity for Healthcare
Webinar: CYREN WebSecurity for HealthcareWebinar: CYREN WebSecurity for Healthcare
Webinar: CYREN WebSecurity for HealthcareCyren, Inc
 
Webinar: CYREN WebSecurity for Enterprise
Webinar: CYREN WebSecurity for EnterpriseWebinar: CYREN WebSecurity for Enterprise
Webinar: CYREN WebSecurity for EnterpriseCyren, Inc
 
Webinar: Insights from CYREN's Q1 2015 Cyber Threats Trend Report
Webinar: Insights from CYREN's Q1 2015 Cyber Threats Trend ReportWebinar: Insights from CYREN's Q1 2015 Cyber Threats Trend Report
Webinar: Insights from CYREN's Q1 2015 Cyber Threats Trend ReportCyren, Inc
 
CeBIT 2015 Presentation
CeBIT 2015 PresentationCeBIT 2015 Presentation
CeBIT 2015 PresentationCyren, Inc
 
Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...
Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...
Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...Cyren, Inc
 
CYREN Investor Presentation - January, 2015
CYREN Investor Presentation - January, 2015CYREN Investor Presentation - January, 2015
CYREN Investor Presentation - January, 2015Cyren, Inc
 
Dual Detection Engines - Using Layered Security to Battle Cybercrime
Dual Detection Engines - Using Layered Security to Battle CybercrimeDual Detection Engines - Using Layered Security to Battle Cybercrime
Dual Detection Engines - Using Layered Security to Battle CybercrimeCyren, Inc
 
How to Launch a Web Security Service in an Hour
How to Launch a Web Security Service in an HourHow to Launch a Web Security Service in an Hour
How to Launch a Web Security Service in an HourCyren, Inc
 
Don't Risk the Blacklist - Stop Outbound Spam
Don't Risk the Blacklist - Stop Outbound SpamDon't Risk the Blacklist - Stop Outbound Spam
Don't Risk the Blacklist - Stop Outbound SpamCyren, Inc
 
HOW TO LAUNCH WEB SECURITY IN THE CLOUD - IN AN HOUR
HOW TO LAUNCH WEB SECURITY IN THE CLOUD - IN AN HOURHOW TO LAUNCH WEB SECURITY IN THE CLOUD - IN AN HOUR
HOW TO LAUNCH WEB SECURITY IN THE CLOUD - IN AN HOURCyren, Inc
 

Más de Cyren, Inc (20)

Webinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat reportWebinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat report
 
Webinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array worksWebinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array works
 
Webinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking surveyWebinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking survey
 
Webinar: A deep dive on phishing, today's #1 business threat
Webinar: A deep dive on phishing, today's #1 business threatWebinar: A deep dive on phishing, today's #1 business threat
Webinar: A deep dive on phishing, today's #1 business threat
 
Webinar: Botnets - The clone army of cybercrime
Webinar: Botnets - The clone army of cybercrimeWebinar: Botnets - The clone army of cybercrime
Webinar: Botnets - The clone army of cybercrime
 
Webinar: How hackers are making your security obsolete
Webinar: How hackers are making your security obsoleteWebinar: How hackers are making your security obsolete
Webinar: How hackers are making your security obsolete
 
Webinar: 10 steps you can take to protect your business from phishing attacks
Webinar: 10 steps you can take to protect your business from phishing attacksWebinar: 10 steps you can take to protect your business from phishing attacks
Webinar: 10 steps you can take to protect your business from phishing attacks
 
Webinar: Cloud-Based Web Security as First/Last Line of Defense
Webinar: Cloud-Based Web Security as First/Last Line of DefenseWebinar: Cloud-Based Web Security as First/Last Line of Defense
Webinar: Cloud-Based Web Security as First/Last Line of Defense
 
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat Report
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat ReportWebinar: Insights from CYREN's 2015-Q3 Cyber Threat Report
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat Report
 
Webinar: Insights from CYREN's 2015 Q2 Cyber Threats Report
Webinar: Insights from CYREN's 2015 Q2 Cyber Threats ReportWebinar: Insights from CYREN's 2015 Q2 Cyber Threats Report
Webinar: Insights from CYREN's 2015 Q2 Cyber Threats Report
 
Webinar: CYREN WebSecurity for Healthcare
Webinar: CYREN WebSecurity for HealthcareWebinar: CYREN WebSecurity for Healthcare
Webinar: CYREN WebSecurity for Healthcare
 
Webinar: CYREN WebSecurity for Enterprise
Webinar: CYREN WebSecurity for EnterpriseWebinar: CYREN WebSecurity for Enterprise
Webinar: CYREN WebSecurity for Enterprise
 
Webinar: Insights from CYREN's Q1 2015 Cyber Threats Trend Report
Webinar: Insights from CYREN's Q1 2015 Cyber Threats Trend ReportWebinar: Insights from CYREN's Q1 2015 Cyber Threats Trend Report
Webinar: Insights from CYREN's Q1 2015 Cyber Threats Trend Report
 
CeBIT 2015 Presentation
CeBIT 2015 PresentationCeBIT 2015 Presentation
CeBIT 2015 Presentation
 
Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...
Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...
Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...
 
CYREN Investor Presentation - January, 2015
CYREN Investor Presentation - January, 2015CYREN Investor Presentation - January, 2015
CYREN Investor Presentation - January, 2015
 
Dual Detection Engines - Using Layered Security to Battle Cybercrime
Dual Detection Engines - Using Layered Security to Battle CybercrimeDual Detection Engines - Using Layered Security to Battle Cybercrime
Dual Detection Engines - Using Layered Security to Battle Cybercrime
 
How to Launch a Web Security Service in an Hour
How to Launch a Web Security Service in an HourHow to Launch a Web Security Service in an Hour
How to Launch a Web Security Service in an Hour
 
Don't Risk the Blacklist - Stop Outbound Spam
Don't Risk the Blacklist - Stop Outbound SpamDon't Risk the Blacklist - Stop Outbound Spam
Don't Risk the Blacklist - Stop Outbound Spam
 
HOW TO LAUNCH WEB SECURITY IN THE CLOUD - IN AN HOUR
HOW TO LAUNCH WEB SECURITY IN THE CLOUD - IN AN HOURHOW TO LAUNCH WEB SECURITY IN THE CLOUD - IN AN HOUR
HOW TO LAUNCH WEB SECURITY IN THE CLOUD - IN AN HOUR
 

Último

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 

Último (20)

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 

Insights from CYREN's Q2 2014 Internet Threats Trend Report

  • 1. 21 August 2014 © 2014 CYREN Confidential and Proprietary INSIGHTS FROM CYREN'S NEW Q2 TREND REPORT
  • 2. © 2014 CYREN Confidential and Proprietary 2 IN TODAY’S WEBINAR  Android ransomware and banking malware  The rise and fall (and rise) of Zbot  PDFs and Docs – real and unreal  Worldwide, World Cup phishing  Stock scams with Oakmont Stratton
  • 3. © 2014 CYREN Confidential and Proprietary 3 © 2014 CYREN Confidential and Proprietary ANDROID MALWARE TRENDS
  • 4. © 2014 CYREN Confidential and Proprietary 4 PC RANSOMWARE
  • 5. © 2014 CYREN Confidential and Proprietary 5 POLL – RANSOMWARE HONESTY  Do you know someone who paid the ransom? Did they get their files back?  They paid and got their files back  They paid and lost their files  They refused to pay and lost their files  They refused to pay and managed to regain access to their PC  Happily I don’t know anyone who has been infected
  • 6. © 2014 CYREN Confidential and Proprietary 6 ANDROID RANSOMWARE ARRIVES  May – “ransomware” – but no encryption  June – ransomware with encryption AndroidOS/Simplocker. A.gen!Eldorado.
  • 7. © 2014 CYREN Confidential and Proprietary 7 ANDROID RANSOMWARE ARRIVES  Before and after encryption  Scans SD card and encrypts files like .jpg, .png, .doc amongst others
  • 8. © 2014 CYREN Confidential and Proprietary 8 ANDROID IBANKING MALWARE  SMS/spyware – collects  Text messages,  Phone calls  Recorded audio  Works in tandem with PC- based malware  Intercepts SMS codes sent by banks  Android OS/Agent.HJ
  • 9. © 2014 CYREN Confidential and Proprietary 9 UNKNOWN SOURCES?
  • 10. © 2014 CYREN Confidential and Proprietary 10 NO MALWARE DETECTED  ''Virus Shield'', priced at $3.99 in the Google Play store  30,000 copies in April  Does nothing
  • 11. © 2014 CYREN Confidential and Proprietary 11 POLL: YOUR MOBILE APPS  Where do you download apps  Android: The Google Play Store  Android: Anywhere I can find apps  iOS: Only the iTunes Store  iOS: Jailbroken device – anywhere I can find apps
  • 12. © 2014 CYREN Confidential and Proprietary MALWARE TRENDS
  • 13. © 2014 CYREN Confidential and Proprietary 13 A QUICK ZBOT HISTORY  Zeus Trojan (PC) discovered ~2007  Generally steals credentials - Banks, email, social media  Keyloggers, screenshots  Sold as botnet creation kit  Zeus botnet, other botnets  Distributed command and control  Millions of victims  2012 – Microsoft takedown of SpyEye  Gameover Zbot  Peer to peer encrypted botnet  June 2014- Operation Tovar disrupted botnet  July – new variants emerging…
  • 14. © 2014 CYREN Confidential and Proprietary 14 ONE OF THE LAST ZBOT EMAILS  Attachment: Eonenergy-Bill-29052014.scr displays a PDF icon  W32/Zbot.BXN
  • 15. © 2014 CYREN Confidential and Proprietary 15 ANOTHER ZBOT SENT USING DROPBOX
  • 16. © 2014 CYREN Confidential and Proprietary 16 ACTUAL PDFS CAN ALSO BE PROBLEMATIC  Securedoc.pdf from BoA  Versions of reader attacked: 9.3x – 9.5x, 10.1x, 11, 11.001  (The current version is 11.0.07)
  • 17. © 2014 CYREN Confidential and Proprietary 17 WORD DOCS TO AVOID  traking_doc_MW42133077 1CA.doc  aircanada_eticket_[random _number].doc  efax__[random_number].d oc  file- _[random_number]_doc  President Obama’s Speech.doc
  • 18. © 2014 CYREN Confidential and Proprietary 18 SECURITY EDUCATION POLL  Do you think people are aware that a PDF or Doc file could be harmful?  Yes  No
  • 19. © 2014 CYREN Confidential and Proprietary PHISHING TRENDS
  • 20. © 2014 CYREN Confidential and Proprietary 20 WORLD CUP PHISHING  Chance to win “World-Cup” related prizes  Cielo – biggest credit card provider in Brazil
  • 21. © 2014 CYREN Confidential and Proprietary 21 GLOBAL BANK PHISHING  Global brands  American Express, Bank of America, or Barclays  Country-specific  Natwest (Britain)  Danske Bank (Denmark)  Swedbank and SEB (Sweden)  Bank of India (India)  Credem (Italy)  Hypovereinsbank (Germany)
  • 22. © 2014 CYREN Confidential and Proprietary SPAM TRENDS
  • 23. © 2014 CYREN Confidential and Proprietary 23 SPAM LEVELS  Spam levels continue to drop  June average is lowest in 5 years! Q2 Average 55 Billion June Average 49 Billion
  • 24. © 2014 CYREN Confidential and Proprietary 24 Q2 SPAM TOPICS Pharmacy Products 43% Job Offer 22% Stock 17% Diet 8% Other 4% Online Casino 3% Phishing 2% Malware 1% Pharmacy Products Job Offer Stock Diet Other Online Casino Phishing Malware
  • 25. © 2014 CYREN Confidential and Proprietary 25 PUMP AND DUMP - RCHA  Buy: 417,000 @ 0.19  Sell: Many more @ 0.36  Profit ~$63,000
  • 26. © 2014 CYREN Confidential and Proprietary 26 Q2 SPAM COUNTRIES, SPAM ZOMBIES Argentina 8% Spain 8% Vietnam 7% United States 6% Germany 5% Italy 5% Iran 4%Brazil 4% Colombia 4% Mexico 3% Others 46%
  • 27. © 2014 CYREN Confidential and Proprietary 27 SAVING HOSTING COSTS…  Google Docs phishing email  Google logo at the top stored on legitimate Internet security blog called http://www.onlinethreatalerts.com/
  • 28. © 2014 CYREN Confidential and Proprietary GLOBALVIEW
  • 29. © 2014 CYREN Confidential and Proprietary 29 GLOBALVIEW CLOUD AND PRODUCT FAMILIES WEB EMAILANTIMALWARE CYREN WebSecurity URL-Filtering MobileSecurity AntiVirus CYREN EmailSecurity Email Messaging Suite AntiSpam Outbound AntiSpam IP Reputation AntiVirus for Email GlobalViewTM Cloud
  • 30. © 2014 CYREN Confidential and Proprietary 30 We focus on our core competencies so our partners can focus on theirs.  Technical Account Managers  Partner Success Program COMMITTED TO PARTNER SUCCESS WHAT MAKES US DIFFERENT © 2014 CYREN Confidential and Proprietary
  • 31. © 2014 CYREN Confidential and Proprietary ANY QUESTIONS?

Notas del editor

  1. The Simplocker ransomware is hidden in an app that presents itself as a pornography player under the name “Sex Xonix”.  After launching the app, a message appears on the screen accusing the user of watching and distributing child pornography (among “other perversions”) and demands payment to decrypt the user’s now encrypted Android files. The user is asked to pay 260 UAH (Ukraine Hryvnia), around $22, via MoneXy, a money transferring service used mostly in Russia and Ukraine.
  2. Users are tricked into downloading the file commbank.apk which disguises itself as a mobile authentication application. We’ve also seen other versions that look like Facebook or Gmail authentication apps and even a “malware scanner”. When downloaded, the app looks surprisingly legitimate, in this case, similar to an app that might be issued by a well-known bank: Australia and New Zealand Banking Group Limited, commonly called ANZ.  This app would normally provide mobile transaction authorization numbers (mTAN) or mTokens enabling login to the online banks using two-factor authentication. The stolen data is stored in a SQLite database directly on the victim’s phone
  3. So can Play Store downloads be malicious? News reports later quoted the app’s developer as claiming that the app had been mistakenly released and was an early placeholder. This situation illustrates the struggles associated with scanning and evaluating the sheer number of Android apps appearing on the market.
  4. Before we get started we though it would be interesting to get your opinion on which of these will grow in 2014.
  5. All of the above pseudo-random domain names are now redirected to the IP address 142.0.36.234 which is a DNS Reply Sinkhole hosted by the FBI. Kudos to the US Department of Justice, the FBI, Europol and the UK’s National Crime Agency, who have managed to disrupt the GameOver Zeus botnet. They have built a sinkhole that redirects the infected computers to the substitute servers under the control of the government as opposed to the Zbot servers.
  6. All of the above pseudo-random domain names are now redirected to the IP address 142.0.36.234 which is a DNS Reply Sinkhole hosted by the FBI. Kudos to the US Department of Justice, the FBI, Europol and the UK’s National Crime Agency, who have managed to disrupt the GameOver Zeus botnet. They have built a sinkhole that redirects the infected computers to the substitute servers under the control of the government as opposed to the Zbot servers.
  7. Many users dismiss suggestions that these can be dangerous since they are “just text and images”.  It is true that PDF files are not blocked by most email programs.  But of course they can be malicious - as shown in this example.  9.303, 9.304, 9.4, 9.401, 9.402, 9.403, 9.404, 9.405, 9.406, 9.407, 9.5, 9.501, 9.502, 9.503, 9.504,10.101, 10.102, 10.103, 10.104, 10.105, 10.106, 11, 11.001 (The current version is 11.0.07) If successfully exploited the malicious PDF then executes an embedded shellcode that downloads another malicious executable Backdoor from the following link which CYREN detects as W32/Androm.AQ: Lastly, keep your software up-to-date especially for Adobe Reader to protect you from possible vulnerability attacks.
  8.  CVE-2010-3333 vulnerability even though it’s over a year old.  Why do attackers still use this exploit? Mainly because it’s very simple to exploit and many users have still not applied the MS10-087 update (or maybe they are using cracked versions of MS Office).
  9. Since winxp is EOL from an update point of view and potentially exposed as soon as the next vuln is made public we were curious…
  10. Reasons for decrease Pharma companies shutting down factories Big spam affiliates shut down In short – less monay in spam - more money elsewhere
  11. “bioceutical” penny stock he Wolf of Wall Street, you’ll be amused at this pump and  dump schemers choice of pseudonym’s “Oakmont Stratton”. (Prosecuted in the 1990s for stock and investment fraud, the real owners of the firm Stratton Oakmont eventually pleaded guilty to 10 counts of securities fraud and money laundering.)
  12. Countries – Spain 1st time number 1 Zombies – top 5 is generally the same
  13. More hacked gmail accounts
  14. Our data is sourced from our GlobalView security lab and based on huge volume of traffic seen in GlobalView cloud – 12 billion trans per day. We have seen the big increase in web malware/explouit kits and PHISHING! So a cloud based solution is needed WebSecurity – in the cloud web securiyt and web filtering , with CYREN protection, the simplest user interface, and muti-tier partner management – and all with white label options so that you can make it look like your own.
  15. Our partners can co- brand our yearbook or the Q1 trend report