Join us each month on https://www.brighttalk.com/channel/6331 for the Symantec Website security threat update webinar a short 25 mins of web threats and security update news.

1. Andrew Horbury
Product Marketing Manager
andy_horbury@symantec.com
Andrew Shepherd
EMEA Marketing Manager
andrew_shepherd@symantec.com
WEBSITE SECURITY THREATS:
APRIL 2014 UPDATE
Thursday 17th April 2014
Website Security Threats: April 2014 Update

2. Agenda
Website Security Threats: April 2014 Update
1
2
3
4
5
6
Heartbleed Update
Month in Numbers
Annoying Malware
Watering Holes and Phishing
Insider Threats
Stranger than Fiction
7 Good news

3. Heartbleed – OpenSSL Vulnerability
• This is not a vulnerability with SSL/TLS
• SSL/TLS is not broken, nor are the SSL certificates issued by Symantec
• Users of Open SSL versions 1.0.1 through (and including) 1.0.1f are affected
Advice for Businesses
Check your version of OpenSSL and either:
• Recompile OpenSSL without the heartbeat extension
• Update to the latest fixed version of the software (1.0.1g) if you are using
OpenSSL versions 1.0.1 through (and including) 1.0.1f
• After moving to a fixed version of OpenSSL, contact the SSL certificate’s
issuing Certification Authority for a replacement
• Finally, businesses should also consider resetting end-user passwords that
potentially may have been visible in compromised server memory.
Website Security Threats: April 2014 Update

4. Heartbleed – OpenSSL Vulnerability 2
Advice for Consumers
• Be aware that your sensitive data such as passwords may
have been seen by a third party if the sites you visit used a
vulnerable version of the OpenSSL library
• Monitor any notices from the vendors or companies you use.
Once a vendor has communicated to you to change your
passwords, please change promptly
• Watch out for potential phishing emails from attackers asking
you to update your password.
• Stick to reputable websites and services. They are most likely
to have immediately addressed the vulnerability.
• Monitor your bank and credit card statements to check for
any unusual transactions.
www.safeweb.com/heartbleed
Website Security Threats: April 2014 Update

5. The month in numbers
• Zero
• 91% the number that targeted attack campaigns
increased over 2012
• 1 in 392 overall Phishing Rate
• 6,787 New Vulnerabilities
• 23 New 0-Day Vulnerabilities
• 78% of Websites scanned found with vulnerabilities
• 1 in 8 Websites have critical vulnerabilities
• 1 in 566 Websites scanned found with malware
• Ransomware attacks grew by 500% in 2013
Website Security Threats: April 2014 Update

6. The month in numbers 2
• Slow to fix vulnerabilities
– 342 days Education
– 276 days Healthcare
– 274 Insurance
• 158,000 Boxee.TV forum accounts leaked
• 18 Months – Miss Teen USA’s extortionist sentenced
Website Security Threats: April 2014 Update

7. New Annoying Malware
Website Security Threats: April 2014 Update
• Browlock ups the ransom price
– Infections have increased
– Uses JavaScript to prevent user from
closing a browser tab
– Poses as local law enforcement
• Trojan.Zbot variant
– Locks desktop by displaying multiple
websites
– Prevents users opening any other
windows or files
– Can be avoided using “show desktop”
command

8. Watering holes and Phishing attacks
• Attackers infect Chinese takeaway
menu to enter company’s
network
• EA Games website hacked,
hosting fake Apple phishing page
• Grand Theft Auto V – PC beta
testers wanted
Website Security Threats: April 2014 Update

9. Insider Threats
Website Security Threats: April 2014 Update
• Angry ex-Microsoft employee
leaked OS code
– Worked at Microsoft for 7 years
– Leaked to blogger as revenge after
poor performance review
– Charged with theft of trade secrets
• UK supermarket Morrisons suffers
data theft
– Data stolen from staff payroll system
and published online
– “initial investigations suggest that this
theft was not the result of an external
penetration of our systems”

10. Stranger than fiction
Website Security Threats: April 2014 Update
• Triathlete wiped out by “hacked” camera
drone
• Man receives threats from his own
printer
• Prince Harry needs some new parquet
floors at Buckingham Palace
– Or does he…?
• US Army Commander causes widespread
confusion in multiple agencies

11. Good News
• Hacked domain and website takeover
of Ramshackleglam.com ends well
– Risky sting pays off for tenacious blogger
who was not helped by her hosting
company or domain name registrar.
• Five years on UK agency fixes XSS
vulnerability in their website
• CyrptoDefense criminals bundle
encryption keys with Ransomware
Website Security Threats: April 2014 Update

12. Link Glossary (Print screen now)
• Heartbleed
– http://www.symantec.com/outbreak
– https://www.staysecureonline.com/heartbleed
– https://ssltools.websecurity.symantec.com/checker/
– www.safeweb.com/heartbleed
• ISTR Resources
– Report http://bit.ly/1ip92jU
– ISTR Blog http://bit.ly/1ip93UQ
• Speed of different verticals to fix vulnerabilities http://bit.ly/1iZMaEi
• Hackers Lurking in Vents and Soda Machines (and menus) http://nyti.ms/1eyxmjM
• Ramshackglam hack http://on.mash.to/1ip9gaC
• ICO XSS Vulnerability http://bit.ly/1mcxJk4
• CryptoDefense Blog http://bit.ly/1hLezT8
Website Security Threats: April 2014 Update

13. Thank you!
Copyright © 2013 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in
the U.S. and other countries. Other names may be trademarks of their respective owners.
This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied,
are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.
Andrew Shepherd
andrew_shepherd@symantec.com / +44 7912 552 896
Andrew Horbury
andy_horbury@symantec.com / +44 7703 468 966
@andyhorbury
Website Security Threats: April 2014 Update
Next webinar: Thursday 22nd May 2014
9.30am UK / 10.30am CET