hackers exploit porous defenses 3your trust · traditional measures of trust. trust hacking makes...
TRANSCRIPT
HOW CYBERCRIMINALS ARE EXPLOITING TRADITIONAL MEASURES OF TRUST.
TRUST HACKING MAKES DETECTION INCREASINGLY DIFFICULTMRG Effitas, a U.K.-based security research company, found that traditional detection/reputation-based security solutions are vulnerable when trusted sites deliver state-of-the-art threats, such as:
HTML exploitsdelivered through fonts,
images, and CSS
Document-based exploits, such as MS Office
and Adobe Reader
Browser plug-in-basedexploits, such as Adobe Flash,
Silverlight, and Visual Basic
WAYS CYBERCRIMINALSCAN WEAPONIZEYOUR TRUST3
OF ALEXA’S TOP 100,000 SITES WERE RISKY
42%
Hackers Exploit Porous Defenses of Widely Trusted Websites
PHISHING SITES USED LEGITIMATE HOSTING SERVICES
4,600
Phishing Sites Take Coverin Legitimate Hosting Services
OF CATEGORIZED TYPOSQUATTING SITES WERE IN TRUSTED CATEGORIES
19%
Typosquatters Play the Categorization Game
Get the full Menlo State of the Web 2017 Report at www.menlosecurity.com/sow2017.
www.menlosecurity.com | [email protected]
The Menlo Security Solution completely preserves the user experience, while providing the strongest web security available today.
BEST PRACTICES
WEBSITE OWNERS
Install the latest software updates.
Utilize ContentSecurity Policy (CSP).
CONSUMERS
Download software updates religiously.
Use the Chrome browser.
BUSINESSES
Rethink websecurity policies.
Consider new technologies such as isolation.
HOW CYBERCRIMINALS ARE EXPLOITING TRADITIONAL MEASURES OF TRUST.
TRUST HACKING MAKES DETECTION INCREASINGLY DIFFICULTMRG Effitas, a U.K.-based security research company, found that traditional detection/reputation-based security solutions are vulnerable when trusted sites deliver state-of-the-art threats, such as:
HTML exploitsdelivered through fonts,
images, and CSS
Document-based exploits, such as MS Office
and Adobe Reader
Browser plug-in-basedexploits, such as Adobe Flash,
Silverlight, and Visual Basic
Get the full Menlo State of the Web 2017 Report at www.menlosecurity.com/sow2017.
www.menlosecurity.com | [email protected]
The Menlo Security Solution completely preserves the user experience, while providing the strongest web security available today.
BEST PRACTICES
WEBSITE OWNERS
Install the latest software updates.
Utilize ContentSecurity Policy (CSP).
CONSUMERS
Download software updates religiously.
Use the Chrome browser.
BUSINESSES
Rethink websecurity policies.
Consider new technologies such as isolation.
WAYS CYBERCRIMINALSCAN WEAPONIZEYOUR TRUST3
OF ALEXA’S TOP 100,000 SITES WERE RISKY
42%
Hackers Exploit Porous Defenses of Widely Trusted Websites
PHISHING SITES USED LEGITIMATE HOSTING SERVICES
4,600
Phishing Sites Take Coverin Legitimate Hosting Services
OF CATEGORIZED TYPOSQUATTING SITES WERE IN TRUSTED CATEGORIES
19%
Typosquatters Play the Categorization Game
WEB RISK VARIES ACROSS THE GLOBE
FRANCE
38%
UK
24%
NETHERLANDS
18%
UAE
16%
AUSTRALIA
16%