SlideShare une entreprise Scribd logo

Bleeding Servers – How Hackers are Exploiting Known Vulnerabilities

Imperva
Imperva

The document discusses how hackers are exploiting known vulnerabilities to steal servers and data. It summarizes statistics from a recent report that found hacking for financial gain and by hacktivists is increasingly targeting known vulnerabilities that are years old. The document then examines the Heartbleed vulnerability in depth, demonstrating how easy it is to exploit and retrieve private keys and sensitive data. It concludes with recommendations for mitigating risks from known vulnerabilities like patching servers and conducting network scans and vulnerability assessments.

Technologie
1  sur  39
Télécharger pour lire hors ligne
© 2014 Imperva, Inc. All rights reserved. Bleeding Servers – How Hackers Are Exploiting Known Vulnerabilities Confidential1 Terry Ray, VP of Global Security Engineering, Imperva
© 2014 Imperva, Inc. All rights reserved. Agenda Confidential2 §  Latest Verizon Data Breach Investigation Report (DBIR) Stats §  Examining Vulnerabilities and Exploits §  HeartBleed Deep-Dive §  Understanding Data Theft §  Mitigating HeartBleed and CVEs
© 2014 Imperva, Inc. All rights reserved. Terry Ray, VP of Global Security Engineering Confidential3 §  Speaker at Industry Events •  ISSA, IANS, ISACA, Gartner, RSA §  Designed and deployed data security solutions for hundreds of customers in various verticals including: •  Healthcare •  Oil and gas •  Financial services •  Government •  eCommerce §  Lectured on various network and data security topics and taught numerous security courses in over 35 countries globally
© 2014 Imperva, Inc. All rights reserved. Latest Breach Statistics Confidential4 Yay! A New Verizon DBIR to Talk About
© 2014 Imperva, Inc. All rights reserved. The Big Winners Confidential5
© 2014 Imperva, Inc. All rights reserved. The Big Winners Confidential6
© 2014 Imperva, Inc. All rights reserved. The Big Winners Confidential7
© 2014 Imperva, Inc. All rights reserved. The Big Winners Confidential8
© 2014 Imperva, Inc. All rights reserved. Actual Data Loss – Breach vs Incident Confidential9
© 2014 Imperva, Inc. All rights reserved. Who’s Attacking – Hactivists vs Criminals Confidential10 §  “Greed takes a back seat to ideology when it comes to web app attacks in the 2013 dataset” §  “74% [of ideology motivated attacks] focus on tried and true exploits” •  Adobe PDF with embedded exe – 4 years old •  Microsoft server stack corruption – 6 years old •  Microsoft RPC DCOM bug—or MS03-026 – a staggering 10 years old—you might remember it as Blaster •  All still in the wild
© 2014 Imperva, Inc. All rights reserved. How You Find Out That You’ve Been Hacked Confidential11 §  Financially motivated – discovered by customers §  Hactivists – discovered by external sources •  “uhh, hey guys, did you know that your webserver is attacking us” §  But we’re getting better at detecting breaches ourselves •  9%
© 2014 Imperva, Inc. All rights reserved. CVEs Explored Confidential12
© 2014 Imperva, Inc. All rights reserved. Stay On Top of Vulnerabilities Confidential13 §  The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. §  http://cve.mitre.org/cve/
© 2014 Imperva, Inc. All rights reserved. Classic Web Site Hacking Confidential14 Hacking 1.  Identify Target 2.  Find Vulnerability 3.  Exploit Single Site Attack
© 2014 Imperva, Inc. All rights reserved. Classic Web Site Hacking Confidential15 Hacking 1.  Identify Target 2.  Find Vulnerability 3.  Exploit Hacking 1.  Identify Target 2.  Find Vulnerability 3.  Exploit Hacking 1.  Identify Target 2.  Find Vulnerability 3.  Exploit Hacking 1.  Identify Target 2.  Find Vulnerability 3.  Exploit Hacking 1.  Identify Target 2.  Find Vulnerability 3.  Exploit Multiple Site Attacks
© 2014 Imperva, Inc. All rights reserved. Exploit Hacking Confidential16 Hacking 1.  Identify CVE 2.  Weaponize Vulnerability 3.  Exploit Vulnerability Targeting Attack
© 2014 Imperva, Inc. All rights reserved.17 The Attacker’s Focus Server Takeover Direct Data Theft Confidential Source: http://www.mediabistro.com/fishbowldc/suspended-politico-scribe-hacked_b76882 Source: http://www.connectmidmissouri.com/news/story.aspx?id=600968
© 2014 Imperva, Inc. All rights reserved. HeartBleed Confidential18 Source: http://thequestionconcerningtechnology.blogspot.com/
© 2014 Imperva, Inc. All rights reserved. What Is It and Why Do We Care? Confidential19 §  The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. §  When it is exploited it leads to the leak of memory contents from the server to the client and from the client to the server. §  According to Netcraft's April 2014 Web Server Survey of 958,919,789 websites, the combined market share of Apache and nginx products on the Internet was over 66%.
© 2014 Imperva, Inc. All rights reserved. But There’s a Patch, Right? Confidential20 §  This vulnerability was first included in OpenSSL release 1.0.1 on 14th of March 2012. OpenSSL 1.0.1g released on 7th of April 2014 fixes the issue §  Affected Systems: OpenSSL versions 1.0.1 to 1.0.1f
© 2014 Imperva, Inc. All rights reserved. Isn’t It Hard to Exploit? Confidential21 Metasploit: Easy as pulling a trigger. Source: http://www.smosh.com/smosh-pit/lists/12-monkeys-guns
© 2014 Imperva, Inc. All rights reserved. Here, We Have a Secure Website Confidential22
© 2014 Imperva, Inc. All rights reserved. Fire Up a VM of Kali Linux and Try It Out Confidential23
© 2014 Imperva, Inc. All rights reserved. And We Have Leaked Data Confidential24
© 2014 Imperva, Inc. All rights reserved. So How Bad Is It? Confidential25
© 2014 Imperva, Inc. All rights reserved. How Bad Can It Really Get? Confidential26
© 2014 Imperva, Inc. All rights reserved. Retrieved Private Key Confidential27
© 2014 Imperva, Inc. All rights reserved. What Can We Do With This? Confidential28 §  Steal session details and spoof users §  Steal username and passwords §  Steal cryptographic keys •  Man-in-the-middle attacks •  Spoofed website with valid SSL keys •  Spear Phishing Attack
© 2014 Imperva, Inc. All rights reserved. Data Theft Confidential29
© 2014 Imperva, Inc. All rights reserved. An Overlooked Data Security Risk Confidential30 Databases and file servers, both repositories of so much valuable information, are targeted regularly… Admins unknowingly make unsupported database changes. Malware-compromised insiders access the database. Unpatched vulnerabilities allow exploit vectors. 2014 Verizon Data Breach Investigations Report
© 2014 Imperva, Inc. All rights reserved. Protecting Your Data Confidential31 §  “the high number of incidents still offers some insight … where the victim’s anti-virus (AV) and intrusion prevention system (IPS) shields could not repel firepower of that magnitude”
© 2014 Imperva, Inc. All rights reserved. Enterprise Security Is Evolving Confidential32 1st pillar: Endpoint Security Blocks threats targeting devices 2nd pillar: Network Security Blocks threats trying to access the network 3rd pillar: Data Center Security Protects high-value targets, keeping them both secure and accessible Imperva provides the third pillar of enterprise security
© 2014 Imperva, Inc. All rights reserved. Mitigation Confidential33 Protecting Your Data From Known Vulnerabilities
© 2014 Imperva, Inc. All rights reserved. Heartbleed Specific Confidential34 §  Test all servers for vulnerability §  Patch all affected servers §  Reissue new certificates §  Revoke all old certificates Source: http://www.secnews.gr/archives/78340
© 2014 Imperva, Inc. All rights reserved. Locate and Assess Servers and Apps 3535 §  Scan your network to identify all assets (cloud and local) •  Classify assets by information and brand sensitivity to identify high risk landscapes •  Prioritize efforts based on risk levels §  Secure Database Access •  Scan DBs for vulnerabilities or configuration flaws •  Remove any default or unnecessary user accounts •  Disable unneeded services
© 2014 Imperva, Inc. All rights reserved. Perform Vulnerability Assessments 3636 §  Perform Vulnerability Assessments •  Scan both Network and Application Layers •  Scan all known Web Assets •  Scan Concurrently and Continuously •  Analyze application functionality for DDoS attack potential and Business Logic based exploits •  Implement assessment practice across the entire SDLC Design" Development" QA" Production"
© 2014 Imperva, Inc. All rights reserved. Block Web Attacks and Attack Sources Web attacks like SQL injection, cross-site scripting, directory traversal, and CSRF HTTP protocol violations like extremely long URLs and malformed Apache URI messages Malicious sources that have attacked other sites Known desktop scanners and hacker tools like Nikto and Paros based on user agent or the frequency of security violations 37
© 2014 Imperva, Inc. All rights reserved. Webinar Materials 38 Post-Webinar Discussions Answers to Attendee Questions Webinar Recording Link Join Group Join Imperva LinkedIn Group, Imperva Data Security Direct, for…
© 2014 Imperva, Inc. All rights reserved. Learn more www.imperva.com 39

Recommandé

More Databases. More Hackers. More Audits.
More Databases. More Hackers. More Audits.More Databases. More Hackers. More Audits.
More Databases. More Hackers. More Audits.Imperva
 
The Anatomy of Comment Spam
The Anatomy of Comment SpamThe Anatomy of Comment Spam
The Anatomy of Comment SpamImperva
 
Top Five Security Must-Haves for Office 365
Top Five Security Must-Haves for Office 365Top Five Security Must-Haves for Office 365
Top Five Security Must-Haves for Office 365Imperva
 
SecureSphere ThreatRadar: Improve Security Team Productivity and Focus
SecureSphere ThreatRadar: Improve Security Team Productivity and FocusSecureSphere ThreatRadar: Improve Security Team Productivity and Focus
SecureSphere ThreatRadar: Improve Security Team Productivity and FocusImperva
 
Sophisticated Incident Response Requires Sophisticated Activity Monitoring
Sophisticated Incident Response Requires Sophisticated Activity MonitoringSophisticated Incident Response Requires Sophisticated Activity Monitoring
Sophisticated Incident Response Requires Sophisticated Activity MonitoringImperva
 
Protect Your Data and Apps in the Public Cloud
Protect Your Data and Apps in the Public CloudProtect Your Data and Apps in the Public Cloud
Protect Your Data and Apps in the Public CloudImperva
 
Database monitoring - First and Last Line of Defense
Database monitoring - First and Last Line of Defense Database monitoring - First and Last Line of Defense
Database monitoring - First and Last Line of Defense Imperva
 
Man in the Cloud Attacks
Man in the Cloud AttacksMan in the Cloud Attacks
Man in the Cloud AttacksImperva
 

Recommandé

More Databases. More Hackers. More Audits.
More Databases. More Hackers. More Audits.More Databases. More Hackers. More Audits.
More Databases. More Hackers. More Audits.Imperva
 
The Anatomy of Comment Spam
The Anatomy of Comment SpamThe Anatomy of Comment Spam
The Anatomy of Comment SpamImperva
 
Top Five Security Must-Haves for Office 365
Top Five Security Must-Haves for Office 365Top Five Security Must-Haves for Office 365
Top Five Security Must-Haves for Office 365Imperva
 
SecureSphere ThreatRadar: Improve Security Team Productivity and Focus
SecureSphere ThreatRadar: Improve Security Team Productivity and FocusSecureSphere ThreatRadar: Improve Security Team Productivity and Focus
SecureSphere ThreatRadar: Improve Security Team Productivity and FocusImperva
 
Sophisticated Incident Response Requires Sophisticated Activity Monitoring
Sophisticated Incident Response Requires Sophisticated Activity MonitoringSophisticated Incident Response Requires Sophisticated Activity Monitoring
Sophisticated Incident Response Requires Sophisticated Activity MonitoringImperva
 
Protect Your Data and Apps in the Public Cloud
Protect Your Data and Apps in the Public CloudProtect Your Data and Apps in the Public Cloud
Protect Your Data and Apps in the Public CloudImperva
 
Database monitoring - First and Last Line of Defense
Database monitoring - First and Last Line of Defense Database monitoring - First and Last Line of Defense
Database monitoring - First and Last Line of Defense Imperva
 
Man in the Cloud Attacks
Man in the Cloud AttacksMan in the Cloud Attacks
Man in the Cloud AttacksImperva
 
Stop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their TracksStop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their TracksImperva
 
The Non-Advanced Persistent Threat
The Non-Advanced Persistent ThreatThe Non-Advanced Persistent Threat
The Non-Advanced Persistent ThreatImperva
 
More databases. More hackers.
More databases. More hackers.More databases. More hackers.
More databases. More hackers.Imperva
 
Why Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t EnoughWhy Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t EnoughImperva
 
Extend Enterprise Application-level Security to Your AWS Environment
Extend Enterprise Application-level Security to Your AWS EnvironmentExtend Enterprise Application-level Security to Your AWS Environment
Extend Enterprise Application-level Security to Your AWS EnvironmentImperva
 
An Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated, Multi-vector DDoS AttackAn Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated, Multi-vector DDoS AttackImperva
 
Hacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation FoundationHacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation FoundationImperva
 
Hackers, Cyber Crime and Espionage
Hackers, Cyber Crime and EspionageHackers, Cyber Crime and Espionage
Hackers, Cyber Crime and EspionageImperva
 
The State of Application Security: Hackers On Steroids
The State of Application Security: Hackers On SteroidsThe State of Application Security: Hackers On Steroids
The State of Application Security: Hackers On SteroidsImperva
 
Top 10 Database Threats
Top 10 Database ThreatsTop 10 Database Threats
Top 10 Database ThreatsImperva
 
Database Security, Better Audits, Lower Costs
Database Security, Better Audits, Lower CostsDatabase Security, Better Audits, Lower Costs
Database Security, Better Audits, Lower CostsImperva
 
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...Erin Sweeney
 
Information Security: Advanced SIEM Techniques
Information Security: Advanced SIEM TechniquesInformation Security: Advanced SIEM Techniques
Information Security: Advanced SIEM TechniquesReliaQuest
 
Information Security Whitepaper
Information Security WhitepaperInformation Security Whitepaper
Information Security Whitepaperrun_frictionless
 
Security and Compliance
Security and ComplianceSecurity and Compliance
Security and Compliancerun_frictionless
 
The Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveThe Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveAlgoSec
 
SAP Cloud security overview 2.0
SAP Cloud security overview 2.0SAP Cloud security overview 2.0
SAP Cloud security overview 2.0Rasmi Swain
 
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...SolarWinds
 
Cheatsheet for your cloud project
Cheatsheet for your cloud projectCheatsheet for your cloud project
Cheatsheet for your cloud projectPetteri Heino
 
IBM QRadar Xforce
IBM QRadar XforceIBM QRadar Xforce
IBM QRadar Xforcesreenivas1591
 
Lessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! HackLessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! HackImperva
 
Anatomy of the Compromised Insider
Anatomy of the Compromised InsiderAnatomy of the Compromised Insider
Anatomy of the Compromised InsiderImperva
 

Contenu connexe

Tendances

Stop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their TracksStop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their TracksImperva
 
The Non-Advanced Persistent Threat
The Non-Advanced Persistent ThreatThe Non-Advanced Persistent Threat
The Non-Advanced Persistent ThreatImperva
 
More databases. More hackers.
More databases. More hackers.More databases. More hackers.
More databases. More hackers.Imperva
 
Why Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t EnoughWhy Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t EnoughImperva
 
Extend Enterprise Application-level Security to Your AWS Environment
Extend Enterprise Application-level Security to Your AWS EnvironmentExtend Enterprise Application-level Security to Your AWS Environment
Extend Enterprise Application-level Security to Your AWS EnvironmentImperva
 
An Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated, Multi-vector DDoS AttackAn Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated, Multi-vector DDoS AttackImperva
 
Hacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation FoundationHacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation FoundationImperva
 
Hackers, Cyber Crime and Espionage
Hackers, Cyber Crime and EspionageHackers, Cyber Crime and Espionage
Hackers, Cyber Crime and EspionageImperva
 
The State of Application Security: Hackers On Steroids
The State of Application Security: Hackers On SteroidsThe State of Application Security: Hackers On Steroids
The State of Application Security: Hackers On SteroidsImperva
 
Top 10 Database Threats
Top 10 Database ThreatsTop 10 Database Threats
Top 10 Database ThreatsImperva
 
Database Security, Better Audits, Lower Costs
Database Security, Better Audits, Lower CostsDatabase Security, Better Audits, Lower Costs
Database Security, Better Audits, Lower CostsImperva
 
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...Erin Sweeney
 
Information Security: Advanced SIEM Techniques
Information Security: Advanced SIEM TechniquesInformation Security: Advanced SIEM Techniques
Information Security: Advanced SIEM TechniquesReliaQuest
 
Information Security Whitepaper
Information Security WhitepaperInformation Security Whitepaper
Information Security Whitepaperrun_frictionless
 
The Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveThe Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveAlgoSec
 
SAP Cloud security overview 2.0
SAP Cloud security overview 2.0SAP Cloud security overview 2.0
SAP Cloud security overview 2.0Rasmi Swain
 
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...SolarWinds
 
Cheatsheet for your cloud project
Cheatsheet for your cloud projectCheatsheet for your cloud project
Cheatsheet for your cloud projectPetteri Heino
 

Tendances (20)

Stop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their TracksStop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their Tracks
 
The Non-Advanced Persistent Threat
The Non-Advanced Persistent ThreatThe Non-Advanced Persistent Threat
The Non-Advanced Persistent Threat
 
More databases. More hackers.
More databases. More hackers.More databases. More hackers.
More databases. More hackers.
 
Why Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t EnoughWhy Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t Enough
 
Extend Enterprise Application-level Security to Your AWS Environment
Extend Enterprise Application-level Security to Your AWS EnvironmentExtend Enterprise Application-level Security to Your AWS Environment
Extend Enterprise Application-level Security to Your AWS Environment
 
An Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated, Multi-vector DDoS AttackAn Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated, Multi-vector DDoS Attack
 
Hacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation FoundationHacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
 
Hackers, Cyber Crime and Espionage
Hackers, Cyber Crime and EspionageHackers, Cyber Crime and Espionage
Hackers, Cyber Crime and Espionage
 
The State of Application Security: Hackers On Steroids
The State of Application Security: Hackers On SteroidsThe State of Application Security: Hackers On Steroids
The State of Application Security: Hackers On Steroids
 
Top 10 Database Threats
Top 10 Database ThreatsTop 10 Database Threats
Top 10 Database Threats
 
Database Security, Better Audits, Lower Costs
Database Security, Better Audits, Lower CostsDatabase Security, Better Audits, Lower Costs
Database Security, Better Audits, Lower Costs
 
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
 
Information Security: Advanced SIEM Techniques
Information Security: Advanced SIEM TechniquesInformation Security: Advanced SIEM Techniques
Information Security: Advanced SIEM Techniques
 
Information Security Whitepaper
Information Security WhitepaperInformation Security Whitepaper
Information Security Whitepaper
 
Security and Compliance
Security and ComplianceSecurity and Compliance
Security and Compliance
 
The Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveThe Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the Curve
 
SAP Cloud security overview 2.0
SAP Cloud security overview 2.0SAP Cloud security overview 2.0
SAP Cloud security overview 2.0
 
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
 
Cheatsheet for your cloud project
Cheatsheet for your cloud projectCheatsheet for your cloud project
Cheatsheet for your cloud project
 
IBM QRadar Xforce
IBM QRadar XforceIBM QRadar Xforce
IBM QRadar Xforce
 

En vedette

Lessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! HackLessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! HackImperva
 
Anatomy of the Compromised Insider
Anatomy of the Compromised InsiderAnatomy of the Compromised Insider
Anatomy of the Compromised InsiderImperva
 
Is Your Business Safe From Malware And Targeted Attacks
Is Your Business Safe From Malware And Targeted AttacksIs Your Business Safe From Malware And Targeted Attacks
Is Your Business Safe From Malware And Targeted AttacksImperva
 
The Value of Shared Threat Intelligence
The Value of Shared Threat IntelligenceThe Value of Shared Threat Intelligence
The Value of Shared Threat IntelligenceImperva
 
Web Application Attack Report, Edition #4
Web Application Attack Report, Edition #4Web Application Attack Report, Edition #4
Web Application Attack Report, Edition #4Imperva
 
Top Security Trends for 2014
Top Security Trends for 2014Top Security Trends for 2014
Top Security Trends for 2014Imperva
 
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security RisksImperva
 
Automation of Web Application Attacks
Automation of Web Application AttacksAutomation of Web Application Attacks
Automation of Web Application AttacksImperva
 
Preparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS AttackPreparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS AttackImperva
 
Web Applications Under Attack: Why Network Security Solutions Leave You Exposed
Web Applications Under Attack: Why Network Security Solutions Leave You ExposedWeb Applications Under Attack: Why Network Security Solutions Leave You Exposed
Web Applications Under Attack: Why Network Security Solutions Leave You ExposedImperva
 
Gartner MQ for Web App Firewall Webinar
Gartner MQ for Web App Firewall WebinarGartner MQ for Web App Firewall Webinar
Gartner MQ for Web App Firewall WebinarImperva
 
Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Imperva
 

En vedette (12)

Lessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! HackLessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! Hack
 
Anatomy of the Compromised Insider
Anatomy of the Compromised InsiderAnatomy of the Compromised Insider
Anatomy of the Compromised Insider
 
Is Your Business Safe From Malware And Targeted Attacks
Is Your Business Safe From Malware And Targeted AttacksIs Your Business Safe From Malware And Targeted Attacks
Is Your Business Safe From Malware And Targeted Attacks
 
The Value of Shared Threat Intelligence
The Value of Shared Threat IntelligenceThe Value of Shared Threat Intelligence
The Value of Shared Threat Intelligence
 
Web Application Attack Report, Edition #4
Web Application Attack Report, Edition #4Web Application Attack Report, Edition #4
Web Application Attack Report, Edition #4
 
Top Security Trends for 2014
Top Security Trends for 2014Top Security Trends for 2014
Top Security Trends for 2014
 
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
 
Automation of Web Application Attacks
Automation of Web Application AttacksAutomation of Web Application Attacks
Automation of Web Application Attacks
 
Preparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS AttackPreparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS Attack
 
Web Applications Under Attack: Why Network Security Solutions Leave You Exposed
Web Applications Under Attack: Why Network Security Solutions Leave You ExposedWeb Applications Under Attack: Why Network Security Solutions Leave You Exposed
Web Applications Under Attack: Why Network Security Solutions Leave You Exposed
 
Gartner MQ for Web App Firewall Webinar
Gartner MQ for Web App Firewall WebinarGartner MQ for Web App Firewall Webinar
Gartner MQ for Web App Firewall Webinar
 
Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016
 

Similaire à Bleeding Servers – How Hackers are Exploiting Known Vulnerabilities

Hacking Encounters of the 3rd Kind
Hacking Encounters of the 3rd KindHacking Encounters of the 3rd Kind
Hacking Encounters of the 3rd KindImperva
 
Hiding in Plain Sight: The Danger of Known Vulnerabilities
Hiding in Plain Sight: The Danger of Known VulnerabilitiesHiding in Plain Sight: The Danger of Known Vulnerabilities
Hiding in Plain Sight: The Danger of Known VulnerabilitiesImperva
 
Imperva - Hacking encounters of the 3rd kind
Imperva - Hacking encounters of the 3rd kindImperva - Hacking encounters of the 3rd kind
Imperva - Hacking encounters of the 3rd kindBarry Shteiman
 
A Blueprint for Web Attack Survival
A Blueprint for Web Attack SurvivalA Blueprint for Web Attack Survival
A Blueprint for Web Attack SurvivalImperva
 
Joomla Security Simplified —  Seven Easy Steps For a More Secure Website
Joomla Security Simplified —  Seven Easy Steps For a More Secure WebsiteJoomla Security Simplified —  Seven Easy Steps For a More Secure Website
Joomla Security Simplified —  Seven Easy Steps For a More Secure WebsiteImperva Incapsula
 
Combating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutCombating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutLancope, Inc.
 
Cyber Side-Effects - Cloud Databases and Modern Malware
Cyber Side-Effects - Cloud Databases and Modern MalwareCyber Side-Effects - Cloud Databases and Modern Malware
Cyber Side-Effects - Cloud Databases and Modern MalwareImperva
 
Know Your Attacker - Core Security
Know Your Attacker - Core SecurityKnow Your Attacker - Core Security
Know Your Attacker - Core SecurityCore Security
 
Threat Modeling for the Internet of Things
Threat Modeling for the Internet of ThingsThreat Modeling for the Internet of Things
Threat Modeling for the Internet of ThingsEric Vétillard
 
A Profile of the Backoff PoS Malware that Hit 1000+ Retail Businesses
A Profile of the Backoff PoS Malware that Hit 1000+ Retail BusinessesA Profile of the Backoff PoS Malware that Hit 1000+ Retail Businesses
A Profile of the Backoff PoS Malware that Hit 1000+ Retail BusinessesLastline, Inc.
 
Protecting Against Vulnerabilities in SharePoint Add-ons
Protecting Against Vulnerabilities in SharePoint Add-onsProtecting Against Vulnerabilities in SharePoint Add-ons
Protecting Against Vulnerabilities in SharePoint Add-onsImperva
 
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Reacting to Advanced, Unknown Attacks in Real-Time with LastlineReacting to Advanced, Unknown Attacks in Real-Time with Lastline
Reacting to Advanced, Unknown Attacks in Real-Time with LastlineLastline, Inc.
 
A DevOps Guide to Web Application Security
A DevOps Guide to Web Application SecurityA DevOps Guide to Web Application Security
A DevOps Guide to Web Application SecurityImperva Incapsula
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Securitysudip pudasaini
 
Dual Detection Engines - Using Layered Security to Battle Cybercrime
Dual Detection Engines - Using Layered Security to Battle CybercrimeDual Detection Engines - Using Layered Security to Battle Cybercrime
Dual Detection Engines - Using Layered Security to Battle CybercrimeCyren, Inc
 
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat Report
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat ReportWebinar: Insights from CYREN's 2015-Q3 Cyber Threat Report
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat ReportCyren, Inc
 
Av is dead long live managed endpoint security
Av is dead long live managed endpoint securityAv is dead long live managed endpoint security
Av is dead long live managed endpoint securitySolarwinds N-able
 
The Value of Crowd-Sourced Threat Intelligence
The Value of Crowd-Sourced Threat IntelligenceThe Value of Crowd-Sourced Threat Intelligence
The Value of Crowd-Sourced Threat IntelligenceImperva
 
Detect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted AttacksDetect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted AttacksImperva
 
A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?MenloSecurity
 

Similaire à Bleeding Servers – How Hackers are Exploiting Known Vulnerabilities (20)

Hacking Encounters of the 3rd Kind
Hacking Encounters of the 3rd KindHacking Encounters of the 3rd Kind
Hacking Encounters of the 3rd Kind
 
Hiding in Plain Sight: The Danger of Known Vulnerabilities
Hiding in Plain Sight: The Danger of Known VulnerabilitiesHiding in Plain Sight: The Danger of Known Vulnerabilities
Hiding in Plain Sight: The Danger of Known Vulnerabilities
 
Imperva - Hacking encounters of the 3rd kind
Imperva - Hacking encounters of the 3rd kindImperva - Hacking encounters of the 3rd kind
Imperva - Hacking encounters of the 3rd kind
 
A Blueprint for Web Attack Survival
A Blueprint for Web Attack SurvivalA Blueprint for Web Attack Survival
A Blueprint for Web Attack Survival
 
Joomla Security Simplified —  Seven Easy Steps For a More Secure Website
Joomla Security Simplified —  Seven Easy Steps For a More Secure WebsiteJoomla Security Simplified —  Seven Easy Steps For a More Secure Website
Joomla Security Simplified —  Seven Easy Steps For a More Secure Website
 
Combating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutCombating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside Out
 
Cyber Side-Effects - Cloud Databases and Modern Malware
Cyber Side-Effects - Cloud Databases and Modern MalwareCyber Side-Effects - Cloud Databases and Modern Malware
Cyber Side-Effects - Cloud Databases and Modern Malware
 
Know Your Attacker - Core Security
Know Your Attacker - Core SecurityKnow Your Attacker - Core Security
Know Your Attacker - Core Security
 
Threat Modeling for the Internet of Things
Threat Modeling for the Internet of ThingsThreat Modeling for the Internet of Things
Threat Modeling for the Internet of Things
 
A Profile of the Backoff PoS Malware that Hit 1000+ Retail Businesses
A Profile of the Backoff PoS Malware that Hit 1000+ Retail BusinessesA Profile of the Backoff PoS Malware that Hit 1000+ Retail Businesses
A Profile of the Backoff PoS Malware that Hit 1000+ Retail Businesses
 
Protecting Against Vulnerabilities in SharePoint Add-ons
Protecting Against Vulnerabilities in SharePoint Add-onsProtecting Against Vulnerabilities in SharePoint Add-ons
Protecting Against Vulnerabilities in SharePoint Add-ons
 
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Reacting to Advanced, Unknown Attacks in Real-Time with LastlineReacting to Advanced, Unknown Attacks in Real-Time with Lastline
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
 
A DevOps Guide to Web Application Security
A DevOps Guide to Web Application SecurityA DevOps Guide to Web Application Security
A DevOps Guide to Web Application Security
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
 
Dual Detection Engines - Using Layered Security to Battle Cybercrime
Dual Detection Engines - Using Layered Security to Battle CybercrimeDual Detection Engines - Using Layered Security to Battle Cybercrime
Dual Detection Engines - Using Layered Security to Battle Cybercrime
 
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat Report
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat ReportWebinar: Insights from CYREN's 2015-Q3 Cyber Threat Report
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat Report
 
Av is dead long live managed endpoint security
Av is dead long live managed endpoint securityAv is dead long live managed endpoint security
Av is dead long live managed endpoint security
 
The Value of Crowd-Sourced Threat Intelligence
The Value of Crowd-Sourced Threat IntelligenceThe Value of Crowd-Sourced Threat Intelligence
The Value of Crowd-Sourced Threat Intelligence
 
Detect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted AttacksDetect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted Attacks
 
A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?
 

Plus de Imperva

Cybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 SurveyCybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 SurveyImperva
 
API Security Survey
API Security SurveyAPI Security Survey
API Security SurveyImperva
 
Imperva ppt
Imperva pptImperva ppt
Imperva pptImperva
 
Beyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked accountBeyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked accountImperva
 
Research: From zero to phishing in 60 seconds
Research: From zero to phishing in 60 seconds Research: From zero to phishing in 60 seconds
Research: From zero to phishing in 60 seconds Imperva
 
Making Sense of Web Attacks: From Alerts to Narratives
Making Sense of Web Attacks: From Alerts to NarrativesMaking Sense of Web Attacks: From Alerts to Narratives
Making Sense of Web Attacks: From Alerts to NarrativesImperva
 
How We Blocked a 650Gb DDoS Attack Over Lunch
How We Blocked a 650Gb DDoS Attack Over LunchHow We Blocked a 650Gb DDoS Attack Over Lunch
How We Blocked a 650Gb DDoS Attack Over LunchImperva
 
Survey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecuritySurvey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecurityImperva
 
Companies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPRCompanies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPRImperva
 
Rise of Ransomware
Rise of Ransomware Rise of Ransomware
Rise of Ransomware Imperva
 
7 Tips to Protect Your Data from Contractors and Privileged Vendors
7 Tips to Protect Your Data from Contractors and Privileged Vendors7 Tips to Protect Your Data from Contractors and Privileged Vendors
7 Tips to Protect Your Data from Contractors and Privileged VendorsImperva
 
SEO Botnet Sophistication
SEO Botnet SophisticationSEO Botnet Sophistication
SEO Botnet SophisticationImperva
 
Phishing Made Easy
Phishing Made EasyPhishing Made Easy
Phishing Made EasyImperva
 
Imperva 2017 Cyber Threat Defense Report
Imperva 2017 Cyber Threat Defense ReportImperva 2017 Cyber Threat Defense Report
Imperva 2017 Cyber Threat Defense ReportImperva
 
Combat Payment Card Attacks with WAF and Threat Intelligence
Combat Payment Card Attacks with WAF and Threat IntelligenceCombat Payment Card Attacks with WAF and Threat Intelligence
Combat Payment Card Attacks with WAF and Threat IntelligenceImperva
 
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing ExponentiallyHTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing ExponentiallyImperva
 
Get Going With Your GDPR Plan
Get Going With Your GDPR PlanGet Going With Your GDPR Plan
Get Going With Your GDPR PlanImperva
 
Cyber Criminal's Path To Your Data
Cyber Criminal's Path To Your DataCyber Criminal's Path To Your Data
Cyber Criminal's Path To Your DataImperva
 
Combat Today's Threats With A Single Platform For App and Data Security
Combat Today's Threats With A Single Platform For App and Data SecurityCombat Today's Threats With A Single Platform For App and Data Security
Combat Today's Threats With A Single Platform For App and Data SecurityImperva
 

Plus de Imperva (19)

Cybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 SurveyCybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 Survey
 
API Security Survey
API Security SurveyAPI Security Survey
API Security Survey
 
Imperva ppt
Imperva pptImperva ppt
Imperva ppt
 
Beyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked accountBeyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked account
 
Research: From zero to phishing in 60 seconds
Research: From zero to phishing in 60 seconds Research: From zero to phishing in 60 seconds
Research: From zero to phishing in 60 seconds
 
Making Sense of Web Attacks: From Alerts to Narratives
Making Sense of Web Attacks: From Alerts to NarrativesMaking Sense of Web Attacks: From Alerts to Narratives
Making Sense of Web Attacks: From Alerts to Narratives
 
How We Blocked a 650Gb DDoS Attack Over Lunch
How We Blocked a 650Gb DDoS Attack Over LunchHow We Blocked a 650Gb DDoS Attack Over Lunch
How We Blocked a 650Gb DDoS Attack Over Lunch
 
Survey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecuritySurvey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber Security
 
Companies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPRCompanies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPR
 
Rise of Ransomware
Rise of Ransomware Rise of Ransomware
Rise of Ransomware
 
7 Tips to Protect Your Data from Contractors and Privileged Vendors
7 Tips to Protect Your Data from Contractors and Privileged Vendors7 Tips to Protect Your Data from Contractors and Privileged Vendors
7 Tips to Protect Your Data from Contractors and Privileged Vendors
 
SEO Botnet Sophistication
SEO Botnet SophisticationSEO Botnet Sophistication
SEO Botnet Sophistication
 
Phishing Made Easy
Phishing Made EasyPhishing Made Easy
Phishing Made Easy
 
Imperva 2017 Cyber Threat Defense Report
Imperva 2017 Cyber Threat Defense ReportImperva 2017 Cyber Threat Defense Report
Imperva 2017 Cyber Threat Defense Report
 
Combat Payment Card Attacks with WAF and Threat Intelligence
Combat Payment Card Attacks with WAF and Threat IntelligenceCombat Payment Card Attacks with WAF and Threat Intelligence
Combat Payment Card Attacks with WAF and Threat Intelligence
 
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing ExponentiallyHTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
 
Get Going With Your GDPR Plan
Get Going With Your GDPR PlanGet Going With Your GDPR Plan
Get Going With Your GDPR Plan
 
Cyber Criminal's Path To Your Data
Cyber Criminal's Path To Your DataCyber Criminal's Path To Your Data
Cyber Criminal's Path To Your Data
 
Combat Today's Threats With A Single Platform For App and Data Security
Combat Today's Threats With A Single Platform For App and Data SecurityCombat Today's Threats With A Single Platform For App and Data Security
Combat Today's Threats With A Single Platform For App and Data Security
 

Dernier

Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 

Dernier (20)

Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 

Bleeding Servers – How Hackers are Exploiting Known Vulnerabilities

  • 1. © 2014 Imperva, Inc. All rights reserved. Bleeding Servers – How Hackers Are Exploiting Known Vulnerabilities Confidential1 Terry Ray, VP of Global Security Engineering, Imperva
  • 2. © 2014 Imperva, Inc. All rights reserved. Agenda Confidential2 §  Latest Verizon Data Breach Investigation Report (DBIR) Stats §  Examining Vulnerabilities and Exploits §  HeartBleed Deep-Dive §  Understanding Data Theft §  Mitigating HeartBleed and CVEs
  • 3. © 2014 Imperva, Inc. All rights reserved. Terry Ray, VP of Global Security Engineering Confidential3 §  Speaker at Industry Events •  ISSA, IANS, ISACA, Gartner, RSA §  Designed and deployed data security solutions for hundreds of customers in various verticals including: •  Healthcare •  Oil and gas •  Financial services •  Government •  eCommerce §  Lectured on various network and data security topics and taught numerous security courses in over 35 countries globally
  • 4. © 2014 Imperva, Inc. All rights reserved. Latest Breach Statistics Confidential4 Yay! A New Verizon DBIR to Talk About
  • 5. © 2014 Imperva, Inc. All rights reserved. The Big Winners Confidential5
  • 6. © 2014 Imperva, Inc. All rights reserved. The Big Winners Confidential6
  • 7. © 2014 Imperva, Inc. All rights reserved. The Big Winners Confidential7
  • 8. © 2014 Imperva, Inc. All rights reserved. The Big Winners Confidential8
  • 9. © 2014 Imperva, Inc. All rights reserved. Actual Data Loss – Breach vs Incident Confidential9
  • 10. © 2014 Imperva, Inc. All rights reserved. Who’s Attacking – Hactivists vs Criminals Confidential10 §  “Greed takes a back seat to ideology when it comes to web app attacks in the 2013 dataset” §  “74% [of ideology motivated attacks] focus on tried and true exploits” •  Adobe PDF with embedded exe – 4 years old •  Microsoft server stack corruption – 6 years old •  Microsoft RPC DCOM bug—or MS03-026 – a staggering 10 years old—you might remember it as Blaster •  All still in the wild
  • 11. © 2014 Imperva, Inc. All rights reserved. How You Find Out That You’ve Been Hacked Confidential11 §  Financially motivated – discovered by customers §  Hactivists – discovered by external sources •  “uhh, hey guys, did you know that your webserver is attacking us” §  But we’re getting better at detecting breaches ourselves •  9%
  • 12. © 2014 Imperva, Inc. All rights reserved. CVEs Explored Confidential12
  • 13. © 2014 Imperva, Inc. All rights reserved. Stay On Top of Vulnerabilities Confidential13 §  The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. §  http://cve.mitre.org/cve/
  • 14. © 2014 Imperva, Inc. All rights reserved. Classic Web Site Hacking Confidential14 Hacking 1.  Identify Target 2.  Find Vulnerability 3.  Exploit Single Site Attack
  • 15. © 2014 Imperva, Inc. All rights reserved. Classic Web Site Hacking Confidential15 Hacking 1.  Identify Target 2.  Find Vulnerability 3.  Exploit Hacking 1.  Identify Target 2.  Find Vulnerability 3.  Exploit Hacking 1.  Identify Target 2.  Find Vulnerability 3.  Exploit Hacking 1.  Identify Target 2.  Find Vulnerability 3.  Exploit Hacking 1.  Identify Target 2.  Find Vulnerability 3.  Exploit Multiple Site Attacks
  • 16. © 2014 Imperva, Inc. All rights reserved. Exploit Hacking Confidential16 Hacking 1.  Identify CVE 2.  Weaponize Vulnerability 3.  Exploit Vulnerability Targeting Attack
  • 17. © 2014 Imperva, Inc. All rights reserved.17 The Attacker’s Focus Server Takeover Direct Data Theft Confidential Source: http://www.mediabistro.com/fishbowldc/suspended-politico-scribe-hacked_b76882 Source: http://www.connectmidmissouri.com/news/story.aspx?id=600968
  • 18. © 2014 Imperva, Inc. All rights reserved. HeartBleed Confidential18 Source: http://thequestionconcerningtechnology.blogspot.com/
  • 19. © 2014 Imperva, Inc. All rights reserved. What Is It and Why Do We Care? Confidential19 §  The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. §  When it is exploited it leads to the leak of memory contents from the server to the client and from the client to the server. §  According to Netcraft's April 2014 Web Server Survey of 958,919,789 websites, the combined market share of Apache and nginx products on the Internet was over 66%.
  • 20. © 2014 Imperva, Inc. All rights reserved. But There’s a Patch, Right? Confidential20 §  This vulnerability was first included in OpenSSL release 1.0.1 on 14th of March 2012. OpenSSL 1.0.1g released on 7th of April 2014 fixes the issue §  Affected Systems: OpenSSL versions 1.0.1 to 1.0.1f
  • 21. © 2014 Imperva, Inc. All rights reserved. Isn’t It Hard to Exploit? Confidential21 Metasploit: Easy as pulling a trigger. Source: http://www.smosh.com/smosh-pit/lists/12-monkeys-guns
  • 22. © 2014 Imperva, Inc. All rights reserved. Here, We Have a Secure Website Confidential22
  • 23. © 2014 Imperva, Inc. All rights reserved. Fire Up a VM of Kali Linux and Try It Out Confidential23
  • 24. © 2014 Imperva, Inc. All rights reserved. And We Have Leaked Data Confidential24
  • 25. © 2014 Imperva, Inc. All rights reserved. So How Bad Is It? Confidential25
  • 26. © 2014 Imperva, Inc. All rights reserved. How Bad Can It Really Get? Confidential26
  • 27. © 2014 Imperva, Inc. All rights reserved. Retrieved Private Key Confidential27
  • 28. © 2014 Imperva, Inc. All rights reserved. What Can We Do With This? Confidential28 §  Steal session details and spoof users §  Steal username and passwords §  Steal cryptographic keys •  Man-in-the-middle attacks •  Spoofed website with valid SSL keys •  Spear Phishing Attack
  • 29. © 2014 Imperva, Inc. All rights reserved. Data Theft Confidential29
  • 30. © 2014 Imperva, Inc. All rights reserved. An Overlooked Data Security Risk Confidential30 Databases and file servers, both repositories of so much valuable information, are targeted regularly… Admins unknowingly make unsupported database changes. Malware-compromised insiders access the database. Unpatched vulnerabilities allow exploit vectors. 2014 Verizon Data Breach Investigations Report
  • 31. © 2014 Imperva, Inc. All rights reserved. Protecting Your Data Confidential31 §  “the high number of incidents still offers some insight … where the victim’s anti-virus (AV) and intrusion prevention system (IPS) shields could not repel firepower of that magnitude”
  • 32. © 2014 Imperva, Inc. All rights reserved. Enterprise Security Is Evolving Confidential32 1st pillar: Endpoint Security Blocks threats targeting devices 2nd pillar: Network Security Blocks threats trying to access the network 3rd pillar: Data Center Security Protects high-value targets, keeping them both secure and accessible Imperva provides the third pillar of enterprise security
  • 33. © 2014 Imperva, Inc. All rights reserved. Mitigation Confidential33 Protecting Your Data From Known Vulnerabilities
  • 34. © 2014 Imperva, Inc. All rights reserved. Heartbleed Specific Confidential34 §  Test all servers for vulnerability §  Patch all affected servers §  Reissue new certificates §  Revoke all old certificates Source: http://www.secnews.gr/archives/78340
  • 35. © 2014 Imperva, Inc. All rights reserved. Locate and Assess Servers and Apps 3535 §  Scan your network to identify all assets (cloud and local) •  Classify assets by information and brand sensitivity to identify high risk landscapes •  Prioritize efforts based on risk levels §  Secure Database Access •  Scan DBs for vulnerabilities or configuration flaws •  Remove any default or unnecessary user accounts •  Disable unneeded services
  • 36. © 2014 Imperva, Inc. All rights reserved. Perform Vulnerability Assessments 3636 §  Perform Vulnerability Assessments •  Scan both Network and Application Layers •  Scan all known Web Assets •  Scan Concurrently and Continuously •  Analyze application functionality for DDoS attack potential and Business Logic based exploits •  Implement assessment practice across the entire SDLC Design" Development" QA" Production"
  • 37. © 2014 Imperva, Inc. All rights reserved. Block Web Attacks and Attack Sources Web attacks like SQL injection, cross-site scripting, directory traversal, and CSRF HTTP protocol violations like extremely long URLs and malformed Apache URI messages Malicious sources that have attacked other sites Known desktop scanners and hacker tools like Nikto and Paros based on user agent or the frequency of security violations 37
  • 38. © 2014 Imperva, Inc. All rights reserved. Webinar Materials 38 Post-Webinar Discussions Answers to Attendee Questions Webinar Recording Link Join Group Join Imperva LinkedIn Group, Imperva Data Security Direct, for…
  • 39. © 2014 Imperva, Inc. All rights reserved. Learn more www.imperva.com 39