Andrew Horbury Product Marketing Manager

andy_horbury@symantec.com

Andrew ShepherdEMEA Marketing Manager

andrew_shepherd@symantec.com

WEBSITE SECURITY THREATS:FEBRUARY 2014 UPDATE

Thursday 13th February 2014

Website Security Threats: February 2014 Update

Agenda

Website Security Threats: February 2014 Update

1

2

3

4

5

6

Month in Numbers

Malware tactics: Redkit, Fake Browsers

Mobile Applications

Social Media Scams

Stranger than fiction

Good news

The month in numbers• 82% of enterprise Mac users not getting security

updates

• 16 million online accounts in Germany compromised

• 20 million credit card details stolen in South Korea

• UK government: “Half of UK people are not protecting themselves online”

• Attackers steal personal details from 800,000 Orange customers

• Eleven US high school students expelled for hacking teacher accounts, and augmenting their grades

• Around 45 retailers affected by POS malware.

Website Security Threats: February 2014 Update

Malware and toolkits – Redkit, Fake Browser, FedEx• After an absence of 18 months

Redkit exploit toolkit returns after Blackhole’s author (Paunch’s) arrest

• Phony FedEx: malicious email campaign that impersonates FedEx targets unsuspecting home and business users

• Chrime or Chrome? Fake browser update sites aims to trick users into download malware posing as a browser update.

Website Security Threats: February 2014 Update

Mobile Applications not quite as secure as you would hope• Issues with global banking

apps– 4 in 10 banking apps,

vulnerable to man in the middle attacks because they don’t validate server SSL certificates

– 90 percent of analysed apps contain several unencrypted links which could potentially let an attacker intercept traffic and inject code to display fake login screens to the user.

Website Security Threats: February 2014 Update

• Its not just the banks…– Starbucks have updated their app

after data leakage reported

Social Media Scams – RIP, SnapChat, WhatsApp• RIP Scams continue to work and work

– The online list of alive ‘dead’ celebs continues to grow

– Linking to malicious, apps, sites and phony surveys

• SnapChat Spam– Spam uses sexually suggestive images and

compromised short URLs

• WhatsApp being used to spread malware – messages claim that

WhatsApp for PC isavailable & that the recipient has 11 pendinginvitations from friends.

Website Security Threats: February 2014 Update

Stranger than fiction• Thanks but no thanks! Teenager reported

to the police for finding website vulnerability

• Its that time again…. Academics discover the prefect time for cyber attacks

• Who’s to blame for security problems? Surveys say….you, me them, us… EVERYONE

Website Security Threats: February 2014 Update

Stranger than fiction part two

Website Security Threats: February 2014 Update

#oopsLive from the security HQ at the Superbowl

Good News• The fridge comes back in from the

cold….– Spamming fridge is not quite what it seems

• Guccifer the celebrity hating hacker arrested– Leaker of Downton Abbey and Sex and City

scripts finally shut down

• Yahoo defaults to AOSSL• Yahoo enables https encryption by default

and more services being added all the time

• Tumblr activated SSL this past week

Website Security Threats: February 2014 Update

Link glossary• POS attacks http://bit.ly/1aTXsfe • Fake Browsers:

– http://bit.ly/1eThlCQ

– http://bit.ly/1iO7YVN

• Redkit http://bit.ly/1dHcwYs• SnapChat http://bit.ly/LTYY5q • WhatsApp http://bit.ly/1gsYXze• Yahoo and SSL http://tnw.co/1bo9Ncc• Symantec Intelligence Report December 2013 http://bit.ly/1fYlxzb• Symantec IOT blog http://bit.ly/1hb4aAy • Rest In Peace Scams http://bit.ly/1ntvUOm • Slides available to download on SlideShare http://slidesha.re/1j2jxIi

Website Security Threats: February 2014 Update

Thank you!

Copyright © 2013 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.

Andrew Shepherdandrew_shepherd@symantec.com / +44 7912 552 896Andrew Horburyandy_horbury@symantec.com / +44 7703 468 966@andyhorbury

Website Security Threats: February 2014 Update

Next webinar: Thursday 13th March 2014 9.30am UK / 10.30am CET