Presentation presented at UC Davis conference June 2011 at a University of California wide Security Conference

1. Current and Emerging Security Threats Doug Nomura [email_address] June 16 2011

3. Confidential information has been removed from this slide.

14. The Takeaway... • Quality of the code • “ Robust Programming” to quote Matt Bishop

18. Confidential information has been removed from this slide.

19. Confidential information has been removed from this slide.

22. Redacted

23. Not Redacted Confidential information has been removed from this slide.

24. Not Redacted Confidential information has been removed from this slide.

25. Malware “ ...the release rate of malicious code and other unwanted programs may be exceeding that of legitmate software applications...’ - Symantec Corp. in 2008 Reference: http://eval.symantec.com/mktginfo/enterprise/white_papers/b-whitepaper_exec_summary_internet_security_threat_report_xiii_04-2008.en-us.pdf

26. Malware “ Malware has just posted its busiest quarter in history” “ McAfee Labs identified more than 6 million unique malware samples!” - McAfee, Inc. on the state of malware Q1 2011 Reference: http://www.mcafee.com/us/resources/reports/rp-quarterly-threat-q1-2011.pdf

31. Recent Gmail Breach

32. SET Clone

33. Complacency Confidential information has been removed from this slide.

34. Web 2.0 Example: Twitter, FaceBook Technical Exploitation of code Passwords Passive enumeration Users careless of information being broadcast

35. Example of Passive Enumeration on Twitter Reminder: Moving sale at my house this Sunday. 123 Unknown Drive Silicon Valley 9:26 AM Feb 10th, 2009 from web is selling her Epson 9600 lg. format printer + lots of ink. 3:00 PM Feb 2nd, 2009 f rom web

42. Advanced Persistent Threat

45. The End [email_address]