1 / 32

The Cyber Defense center and its services portfolio

Explore the threat landscape with McAfee's Cyber Defense Center and its services portfolio, including threat intelligence and CERT services.

snoland
Download Presentation

The Cyber Defense center and its services portfolio

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. The Cyber Defense center and its services portfolio McAfee Professional Services – Foundstone Services

  2. DISCUSSION TOPICS Threat Landscape. Intro Services Threat Intelligence.

  3. The CDC

  4. What is it? CERTComputer Emergency Response Team

  5. DISCUSSION TOPICS Threat Landscape. Threat Intelligence. Services.

  6. Spotlight Qatar [1] Qatar 86.2% internet penetration by June 2012 [2] Highest GDP per capita by 2012 [3] 66% higher malware rate vs. worldwide in Q2 2012 [4] Critical infrastructure directly tied to largest segment of economy [1] McAfee Foundstone EMEA Cyber Defense Centre [2] InternetWorldFacts.com [3] CIA World Factbook [4] Microsoft Security Intelligence Report – Volume 13

  7. Threat Intelligence Cyber Defense Centre – A Threat Intelligence System • Developed in ME. • Focused on E(ME)A. • Open Source Intelligence • Public & Underground • Private data sources & API’s

  8. Cryptolocker Infections Gulf Region

  9. Threat Intelligence

  10. Threat Intelligence Qatari Hackers • Loosely organized • Members of general Arabic hacking discussion groups • Small footprint compared to other Arab hacker communities

  11. Threat Profile - Islamic Security 6,861 members and 55,279+ posts since May, 2012. Administrators include: aBoaLi, Mr.Dm4r, Lov3rDns Topics Include: - Hacking Tutorials and Targets - Tool Development and Distribution - Services and Tools for Sale - “Achievements” of Intrusions

  12. Islamic Security – Posts Per Day

  13. Islamic Security – Attachment Uploads Per Day

  14. Islamic Security – Tool Sharing

  15. Islamic Security – Tool Sharing

  16. Threat Intelligence Profile: Qatar-Attack • 61 reported hackings • Methods:Defacements via SQL,file upload, XSS and DDOSusing open source tools • Attacked domains in 11+ countries on 5 continents • Maintains or contributes videos and blog posts that assist others in hacking

  17. Threat Intelligence Profile: Qatar-Attack Names: Qatar-Attack DB-Attack Qatar-Sniper n1tr0g3n / n1tr0g3n0xid3 MrAboght alOahTaNi AboqhhtQahtani NaefAlqahtani Emails: qatar.attack@gmail.com MrAboqht@gmail.com Q.8L@hotmail.com sad-h4cker@hotmail.com sad@bsdmail.com w7s@windowslive.com Twitter: @MrAboqht YouTube:MrAboqht Domains: secur1ty.org s-war.comdb-attack.comAffiliations: alm3r3fh Group v4-team

  18. Threat Intelligence .QA Domain HackedLocations .QA Hacked Operating Systems

  19. Threat Profile - Islamic Security 6,861 members and 55,279+ posts since May, 2012. Administrators include: aBoaLi, Mr.Dm4r, Lov3rDns Topics Include: - Hacking Tutorials and Targets - Tool Development and Distribution - Services and Tools for Sale - “Achievements” of Intrusions

  20. Islamic Security – Attachment Uploads Per Day

  21. Trends in attacks

  22. The rise of the RAM Scrapers BlackPOS Vskimmer Alina Dexter Dec 2012 Jan 2013 March 2013 Oct 2012

  23. Example: VSKIMMER

  24. Example: VSKIMMER Where is the CCArd data?

  25. Example: VSKIMMER What is the name of the USB stick? Writing the dumpfile to USB-stick

  26. Example: BlackPOS DEMO

  27. Latest in the world of POS You swipe and pay, Meanwhile track-data of your card is send by SMS to criminal…. Shukran!

  28. EMERGENCY? Hacked999@Foundstone.com Hacked911@McAfee.com

More Related