Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

Cybercrime Threat Landscape: Cyber Criminals Never Sleep

7.634 visualizaciones

Publicado el

A Glimpse into the Cybercrime Underground

In this session, Trusteer’s senior fraud prevention strategist, Etay Maor, will dive into the latest tools, techniques and threats developed and utilized by cybercriminals. The presentation will include a market overview of the latest offerings from the criminal underground, with a deep dive into some of the techniques discussed by cybercriminals, and review how they manifest as real attacks with real examples and case studies. A share of the presentation will also be dedicated to possible mitigation strategies and techniques.

During this webinar you will learn about:

- New malware attack and evasion techniques
- The latest underground offerings on the “fraud as a service” market
- The latest rumors and discussions around malware and malware authors from the underground
- Real-time intelligence and adaptable counter measures

Publicado en: Software, Tecnología
  • Sé el primero en comentar

Cybercrime Threat Landscape: Cyber Criminals Never Sleep

  1. 1. Cybercrime Threat Landscape: Cyber Criminals Never Sleep Etay Maor Senior Fraud Prevention Strategist
  2. 2. © IBM Trusteer, 2014 Security Silos FAIL!
  3. 3. © IBM Trusteer, 2014 3 Holistic Approach for Cybercrime WWW Phishing and Malware Fraud Advanced Threats (Employees) Online/Mobile Banking Money, Intellectual Property, Business Data Account Takeover, New Account Fraud Mobile Fraud Risk
  4. 4. Phishing 4
  5. 5. © IBM Trusteer, 2014 New C&Cs for Phishing 5
  6. 6. © IBM Trusteer, 2014 Targeting Security Solutions:  External and Perimeter  Anti virus  Sandbox  VMs  Login  Credential protection and encryption  OTP SMS  Device ID  Internal  Behavior anomaly detection  Clickstream analysis 6
  7. 7. © IBM Trusteer, 2014 Malware Protection 7
  8. 8. Malware Protection - Outsource
  9. 9. © IBM Trusteer, 2014 Device Forging
  10. 10. © IBM Trusteer, 2014 Bypassing Device ID Notification LoginInjection
  11. 11. © IBM Trusteer, 2014 Bypassing Device ID RDP Transaction
  12. 12. © IBM Trusteer, 2014 Behavior and Device ID Tricks 12  The data source:  Large European bank  3 weeks worth of data  1.5M accounts reviewed  10M login attempts  Fraudsters know behavioral profiling is in action  Fraud does not happen on the first login  30% of the users come from a mobile device  Confirmed fraud coming from the mobile channel. WHY?
  13. 13. New Mobile Threats 13
  14. 14. © IBM Trusteer, 2014 How Times Have Changed…
  15. 15. © IBM Trusteer, 2014 Overlay Mobile Attack
  16. 16. © IBM Trusteer, 2014 Overlay Mobile Attack
  17. 17. © IBM Trusteer, 2014 Mobile Ransomware
  18. 18. Cybercrime Services 18
  19. 19. © IBM Trusteer, 2014 19
  20. 20. © IBM Trusteer, 2014 A Page From a CT Book – Sounds Familiar?
  21. 21. © IBM Trusteer, 2014 Building a Solution Advanced Fraud Prevention Real Time Intelligence • Integrated: fully integrated to leverage threat data across channels • Global: identify threats any time, anywhere for all channels Seamless Experience • Transparent: minimize “action items” to user • Automated: minimize “action items” to staff Accurate Analysis • Focused: root cause • Impactful: prevent, detect, mitigate and remediate Adaptive Controls • Intelligent: build with the “unknowns” • Dynamic: rapidly updatable software
  22. 22. © IBM Trusteer, 2014 And Always Remember – Security is in YOUR Hands
  23. 23. © IBM Trusteer, 2014 And Always Remember – Security is in YOUR Hands 23
  24. 24. © IBM Trusteer, 2014 And Always Remember – Security is in YOUR Hands 24
  25. 25. Thank You

×