11. 5/1/2013 Tony Perez | @perezbox | @sucuri_security 11
Apache SSH
Email
Server
Going Deeper than the application layer, targeting the
server.
Server Polymorphism – a.k.a changes a lot
12. StickWith Reputable
Sources
Gravity Forms
JetPack Forms
Generating SPAM
emails, resource hogs
IP blacklisting
LeverageCaptchas
5/1/2013 Tony Perez | @perezbox | @sucuri_security 12
26. Explosion in the Malware
as a Service (MaaS) trade
Yes, pay someone to hack
for you
Different tools to break
in and generate payloads
Brute force and
vulnerability exploits
Malware Payloads
Blackhole Exploit Kit –
Today’s market leader
2013 – SophoLabs
5/1/2013 Tony Perez | @perezbox | @sucuri_security 26
36. Brand Reputation
Legal Implications
Impact to Sales
Blacklisted by Search
Engines
Blacklisted by Payment
processors
Worst Day Of your Life
5/1/2013 Tony Perez | @perezbox | @sucuri_security 36
38. Access Control
Vulnerabilities
Hosting
Online Habits
Social Media
Passwords
5/1/2013 Tony Perez | @perezbox | @sucuri_security 38
39. “It’s about risk reduction… risk will never be
zero…”
5/1/2013 Tony Perez | @perezbox | @sucuri_security 39
40. We run on WordPress
CurrentVersion of course
Sucuri properties suffer:
~125,000 web based
attacks a month on
average
~4,000 attacks a day
▪ This spikes on occasion
Doesn’t include server
level attacks
All flavors of attacks
5/1/2013 Tony Perez | @perezbox | @sucuri_security 40
41. Instead of telling you what you need to do, I’ll just
tell you what we do;
Our philosophy and approach is very
simple, complex things break in complex ways;
We focus on the areas that we can immediately
control;
We believe in layered defenses;
5/1/2013 Tony Perez | @perezbox | @sucuri_security 41
42. 5/1/2013 Tony Perez | @perezbox | @sucuri_security 42
Stay Current
IPWhitelisting
Two Factor Authentication
Strong / Unique Password
Web Application Firewall
43. 5/1/2013 Tony Perez | @perezbox | @sucuri_security 43
IPWhitelisting
Server Isolation
Public Key Authentication
Host Intrusion Detection System (HIDS)
Log Everything
44. Category Tool Type
Prevention – SoftwareVulnerabilities Sucuri CloudProxy Service
Prevention – Access Control Sucuri CloudProxy Service
Detection Sucuri Monitoring Service
Remediation Sucuri Service
Password Management 1Password / LastPass Application
Host-based Intrusion Detection System OSSEC Application
Access Control Enforcement Login Secure Solutions Plugin
Two-Factor Authentication Google Authenticator Plugin
Application Auditing Sucuri Premium Plugin
Backups BackupBuddy Plugin
5/1/2013 Tony Perez | @perezbox | @sucuri_security 44