1 / 14

Web Attacks— Offense… The Whole Story

Web Attacks— Offense… The Whole Story. Yuri & The Cheeseheads Mark Glubisz, Jason Kemble, Yuri Serdyuk, Kandyce Giordano. Introduction. White paper was informative Contained a few weaknesses Cited a study that focused on two areas that Symantec was strongest in combating

ardelle
Download Presentation

Web Attacks— Offense… The Whole Story

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Web Attacks—Offense… The Whole Story Yuri & The Cheeseheads Mark Glubisz, Jason Kemble, Yuri Serdyuk, Kandyce Giordano

  2. Introduction • White paper was informative • Contained a few weaknesses • Cited a study that focused on two areas that Symantec was strongest in combating • Lacked detail regarding legitimate web site threats • Missed risks presented by Social Networking sites

  3. Stated Goals • Educate end users to make them more secure • Explain types of attacks • Drive by Downloads • Clickjacking • Fake CODECS • Malicious peer-to-peer files • Malicious Advertisements • Fake Scanner Web Pages • Blog Spam • Offer solutions to minimize risk

  4. Symantec Funded Study Cascadia Labs • Tested Two Types of Attack • Drive by download • Fake CODECs • What About Other Threats? • Clickjacking • Fake Scanner Web pages • Peer to Peer • Blog Spam

  5. Lasting Perception of Results • Results of Study • Presented at End of Paper • Based on two types of Attacks • Reader is aware of all threats • Reader is left with false sense of confidence

  6. Infection of Legitimate Websites • White paper lacked statistics • Spoke in generalities regarding level of threat by legitimate websites • We found more specific information • 70% of the 100 most popular websites • Malicious content or hidden redirect • 16% increase over the 1st half of 2008 • Legitimate websites compromised • Exceeds the amount of sites created by criminals

  7. Web Site Infection Details cont’d • 45% of the top 100 web sites allow user generated content • Most active distributors of malicious content • Enable criminals to post malicious links, multimedia files, or send malicious e-mails to users • Top 100 web sites in terms of traffic are predominantly two categories • Search Engines • Social Networking Sites

  8. Missed Risk Identification • Social Networking Sites • Treasure trove of personal data • Birthdays, location, and employment history • 66% of phishing attacks in the U.S. were directed towards social-networking sites • Impersonating someone else and building up a network • Creating an on-line profile prior to the real person creating one • Using the network to extract personal information to access financial data

  9. Social Networking Sites’ Risks cont’d • A means for distributing worms • Koobface • Distributed in 2008 through Facebook • Notes to friends of someone whose PC has been infected • “See how great you look in this video” • Directs recipients to a website that asks them to download a version of Flash Player – infects computer • Takes them to contaminated sites when they try to use search engines like Google, Yahoo, MSN and Live.com

  10. Worms through Social Networking • Twitter • Stalkdaily and Mikeyy • Tricked users into clicking on a link to a rival social network • 17 year old created the worm “out of boredom” • Second worm exploited the original flaw • After Twitter claimed to have closed the holes • These sites are vulnerable

  11. Conclusion • Overall white paper is informative • Weaknesses • Limited study presented in article • Lack of details regarding legitimate web site risks • Missed risk • Social Networking Sites

  12. Existing Countermeasure Missed(from T’Bone and Tonic) • Plethora of third party security tools that exist to prevent some of such attacks • the “No Script” extension for the Mozilla browser • Lavasoft Ad-Aware and Spybot S&D

  13. References • Number of compromised websites at all-time high • http://www.securecomputing.net.au/News/135019,websense-number-of-compromised-websites-at-alltime-high.aspx • Phishers Attack Social Networking Generation • http://software.silicon.com/malware/0,3800003100,39185353,00.htm • Destructive Koobface Virus Turns Up On Facebook • http://www.reuters.com/article/newsOne/idUSTRE4B37LV20081204 • Teen Takes Responsibility for Twitter Worms • http://news.cnet.com/8301-1009_3-10217684-83.html • Fake Social Network Profiles: a New Form of Identity Theft • http://www.readwriteweb.com/archives/fake_social_network_profiles_a.php

  14. Questions?

More Related