Blog socialpreso (1)
-
Upload
socialmbam -
Category
Technology
-
view
39 -
download
1
description
Transcript of Blog socialpreso (1)
Blogging and Social MediaSan Francisco, Jan. 9, 2014
Crushes malware. Restores confidence.
Crushes malware. Restores confidence.
Malwarebytes Corporation, 10 Almaden Blvd. Tenth Floor, San Jose, CA 95113
Who We Are: Malware Intelligence
www.malwarebytes.org
In 2012 a crack computer security unit was assembled to work for Malwarebytes. These men promptly began writing about, analyzing and researching security threats all over the internet. If you have a problem - if no one else can help - and if you can find them - maybe you can hire:
The MIA-Team.
Crushes malware. Restores confidence.
Malwarebytes Corporation, 10 Almaden Blvd. Tenth Floor, San Jose, CA 95113
Who We Are: Malware Intelligence
www.malwarebytes.org
Responsibilities
• Threat Research• Blogging• Intelligence Development• In-depth Analysis• Journalist Interviews• Reporting
Crushes malware. Restores confidence.
Malwarebytes Corporation, 10 Almaden Blvd. Tenth Floor, San Jose, CA 95113
Malware Intel: The Team
www.malwarebytes.org
Adam Kujawa A.K.A EdisunSpecialty: Malware Reverse EngineeringLocation: San Antonio, TX
Unique Experience:• Advanced Persistent Threat• Threat Predictions• In-Depth Analysis from User to Code• Writing technical speak for the non-technical• Obsession with Time Travel and bad jokes
Time In Industry = Over 9 Years
Crushes malware. Restores confidence.
Malwarebytes Corporation, 10 Almaden Blvd. Tenth Floor, San Jose, CA 95113
Malware Intel: The Team
www.malwarebytes.org
Jerome Segura A.K.A. G-RoamerSpecialty: Online Scams / Threats HuntingLocation: Victoria, BC
Unique Experience:• Web Threats & Exploits• Phone Scammers• In-depth Network Analysis• Malware and Threat Hunting• An unrivaled love of cheese
Time In Industry = Over 8 Years
Crushes malware. Restores confidence.
Malwarebytes Corporation, 10 Almaden Blvd. Tenth Floor, San Jose, CA 95113
Malware Intel: The Team
www.malwarebytes.org
Josh Cannell A.K.A J-DogSpecialty: Malware Reverse EngineeringLocation: Farmington, MO
Unique Experience:• Advanced Persistent Threat• Detection Development• In-Depth Sample Research• Malware Hunting• Interest in French Culture and Cheese
Time In Industry = Over 7 Years
Crushes malware. Restores confidence.
Malwarebytes Corporation, 10 Almaden Blvd. Tenth Floor, San Jose, CA 95113
Malware Intel: The Team
www.malwarebytes.org
Jean-Phillipe Taggart A.K.A TinFoilHatSpecialty: Network Analysis and DevelopmentLocation: Victoria, BC
Unique Experience:• Web Threats & Server Attacks• Hacking Methodologies• Hardware Hacking and Safeguarding• Network Infrastructure Development and
Analysis• Best Tin Foil Hat builder in the West
Time In Industry = Over 15 Years
Crushes malware. Restores confidence.
Malwarebytes Corporation, 10 Almaden Blvd. Tenth Floor, San Jose, CA 95113
Malware Intel: The Team
www.malwarebytes.org
Armando OrozcoSpecialty: Mobile Malware ResearchLocation: Broomfield, CO
Unique Experience:• Malware Reverse Engineering• Exploit and Shellcode Research• Behavioral, Desktop and Mobile Scanning
Technology• Mobile Malware Hunting• Trained by Shaolin Monks to Fight Malware
Without Ever Making A Sound
Time In Industry = Over 7 Years
Crushes malware. Restores confidence.
Malwarebytes Corporation, 10 Almaden Blvd. Tenth Floor, San Jose, CA 95113
Malware Intel: The Team
www.malwarebytes.org
Chris Boyd A.K.A. PaperghostSpecialty: Online Threat HunterLocation: UNKNOWN
Unique Experience:• Consumer Security Expert• Veteran Conference Speaker• Spyware / Adware / RogueWare Investigator• Found first Rootkit in An IM Hijack• Is the GOD DA**ED BATMAN!
Time In Industry = Over 10 Years
Crushes malware. Restores confidence.
Malwarebytes Corporation, 10 Almaden Blvd. Tenth Floor, San Jose, CA 95113
Malware Intel: The Team
www.malwarebytes.org
Pieter Arntz A.K.A MetallicaSpecialty: Malware Removal ExpertLocation: Rotterdam, Netherlands
Unique Experience:• Malware Analysis and Removal• Technical To Non-Technical Writing• Malware Analysis Teacher on Forums• More British than the Brits
Time in Industry = 15 Years
Crushes malware. Restores confidence.
Malwarebytes Corporation, 10 Almaden Blvd. Tenth Floor, San Jose, CA 95113
Malware Intel: The Team
www.malwarebytes.org
Cecile Nguyen A.K.A CeeloSpecialty: Social MediaLocation: Malwarebytes HQ
Unique Experience:• Facebook Facebooker• Twitter Tweeter• Hunter of unanswered MBAM Forum
questions• Hockey enforcer• Doge lover. Wow. Such Interest
Crushes malware. Restores confidence.
Malwarebytes Corporation, 10 Almaden Blvd. Tenth Floor, San Jose, CA 95113
Malware Intel: The Team
www.malwarebytes.org
Andy Brown A.K.A. Just AndySpecialty: Web Defence ResearchLocation: Dover, UK
Unique Experience:• Hunting malicious sites• Blocking and Defending Users• Liason with law enforcement• Experienced with Taking down malicious
hosts• Only understood by three people in the world
Time in Industry = 5 years
Crushes malware. Restores confidence.
Malwarebytes Corporation, 10 Almaden Blvd. Tenth Floor, San Jose, CA 95113
Malware Intel: The Team
www.malwarebytes.org
Steven Burn A.K.A MysteryFCMSpecialty: Web Defense ResearchLocation: Newcastle, UK
Unique Experience:• Hunting malicious sites• Blocking and Defending Users• Liason with law enforcement• Experienced with Taking down malicious
hosts• Understood by no one
Crushes malware. Restores confidence.
Malwarebytes Corporation, 10 Almaden Blvd. Tenth Floor, San Jose, CA 95113
Blogging Styles
www.malwarebytes.org
Blitz BlogsShort blogs that reference pre-existing posts / stories from other bloggers / authors, not only advertising the news related to in the post but also putting our unique spin on the story.
Purpose: • Blog Post Population• Sharing of non original contentHow We Post:• Each author has an assigned Blitz day• If there is room, and a need, we post• Always link to original source• Keep posts short
Crushes malware. Restores confidence.
Malwarebytes Corporation, 10 Almaden Blvd. Tenth Floor, San Jose, CA 95113
Blogging Styles
www.malwarebytes.org
Traditional (Blah) BlogsLonger blog posts that include original content i.e. Deep Analysis, Research, Opinions, etc.
Purpose: • Share new findings / threats with readers• Encourage conversations on topic• Bring in Media attention / leads to Malwarebytes.orgHow We Post:• Posted when completed depending on topic• Will usually be sent to PR for media inquiry before posting• Much longer and more detailed than Blitz blogs• May include interviews / questions from Media
….and what do we blog about?
Crushes malware. Restores confidence.
Malwarebytes Corporation, 10 Almaden Blvd. Tenth Floor, San Jose, CA 95113
Blogging Styles
www.malwarebytes.org
What do we blog about?
Crushes malware. Restores confidence.
Malwarebytes Corporation, 10 Almaden Blvd. Tenth Floor, San Jose, CA 95113
PR Communication
www.malwarebytes.org
We work closely with our PR firms to try and get our research / news out to the rest of the world via media outlets.
Interaction via Research / Press Yammer• We post docs / links to our blog posts with explanations• If we want media attention, we wait to post• Give PR folks time to reach out to journalists
Interviews / Opinions• Provide feedback on opinion pieces / articles Journalists are writing• Provide “expert” testimony on a variety of topics• Do TV / Radio / Press interviews if topic is hot enough
Crushes malware. Restores confidence.
Malwarebytes Corporation, 10 Almaden Blvd. Tenth Floor, San Jose, CA 95113
Research Methodologies
www.malwarebytes.org
Our methods of finding topics for blog posts / deep analysis comes from a variety of sources, including:
• Research Team• Sales Team• Support Team• Tips from Users via Forums• Twitter Feed / News Sites• Honeypot Feed• Our own reckless search practices
Crushes malware. Restores confidence.
Malwarebytes Corporation, 10 Almaden Blvd. Tenth Floor, San Jose, CA 95113
Achievements
www.malwarebytes.org
The blog has been going strong for over a year and a half and we have accomplished some great things:
• Over 2 Million views since launch• Numerous mentions in the Media including
• Online News Sites • Magazine Articles / Mentions• Radio / Television / Podcasts
• Development of Research Honeypot to track down and discover new malware families / variants and online threats
Crushes malware. Restores confidence.
Malwarebytes Corporation, 10 Almaden Blvd. Tenth Floor, San Jose, CA 95113
Statistics
www.malwarebytes.org
May-12
Jun-12Jul-1
2
Aug-12
Sep-12
Oct-12
Nov-12
Dec-12
Jan-13
Feb-13
Mar-13
Apr-13
May-13
Jun-13Jul-1
3
Aug-13
Sep-13
Oct-13
Nov-13
Dec-13
0
50000
100000
150000
200000
250000
300000
Blog Hits
Month – Year
Hit
Coun
t
Crushes malware. Restores confidence.
Malwarebytes Corporation, 10 Almaden Blvd. Tenth Floor, San Jose, CA 95113
Challenges
www.malwarebytes.org
While we have a great time writing the blog and making advances to Malwarebytes research abilities, it’s not without a fair amount of challenges.
Timing:• Time between when we discover something, when are ready to push it to the world
and when someone else discovers it and does the same are not always ideal.• It’s a tough racket.
Working with Journalists:• Some Journalists will be able to follow us on a technical level, most will not. • Challenges arise when a Journalist misunderstands and/or misattributes something
you are saying• Unfortunately, as to make sure we don’t look bad as a company, we have to
downplay some threats so Journalists won’t publish false information. (i.e. PUPs are bad but they aren’t new nor are they impossible to get rid of)
Understanding our Audience:• Audience ranges from novice to expert, who are we writing for?• Technical Simplicity vs. Community Reputation
Crushes malware. Restores confidence.
Malwarebytes Corporation, 10 Almaden Blvd. Tenth Floor, San Jose, CA 95113
New Systems
www.malwarebytes.org
As our team and our spread has grown, so have our abilities, this is only the start however since there are great new efforts being done in the near future:
Intelligence Database• There is an entire spectrum of blog topics and threat research that can be
discovered with a smart database to collect the massive amount of data we take in• Such a system would allow statistical and threat analysis on a much larger scale as
well as help discover new strains of malware and make MBAM more effective.
Larger Honeypot Deployment:• The current honeypot is deployed via two systems in the “Victoria Office”.• Plans are being fleshed out for larger deployment to allow for more collection and in
turn, user protection.
Blog Interface Development• The blog has recently had a facelift thanks to David Crandall and Sid Bodalia• New features are planned for deployment that will increase user interaction,
simplify navigation and hopefully bring in more readers
Crushes malware. Restores confidence.
Malwarebytes Corporation, 10 Almaden Blvd. Tenth Floor, San Jose, CA 95113www.malwarebytes.org
Any Questions?
Social MediaCecile Nguyen
Crushes malware. Restores confidence.
Malwarebytes Corporation, 10 Almaden Blvd. Tenth Floor, San Jose, CA 95113
Malwarebytes Social Channels
www.malwarebytes.org
Facebook Google+
YouTube
SpiceworksWordpress/Blog
Crushes malware. Restores confidence.
Malwarebytes Corporation, 10 Almaden Blvd. Tenth Floor, San Jose, CA 95113
Social Numbers
www.malwarebytes.org
52%
37%
7%2%1%1%0%
Facebook Spiceworks Twitter G+ YouTube LinkedIn Reddit
Crushes malware. Restores confidence.
Malwarebytes Corporation, 10 Almaden Blvd. Tenth Floor, San Jose, CA 95113
Social Trend
www.malwarebytes.org
Jan Feb March April May June July Aug Sept Oct Nov Dec100,000
101,000
102,000
103,000
104,000
105,000
106,000
107,000
108,000
109,000
110,000
Crushes malware. Restores confidence.
Malwarebytes Corporation, 10 Almaden Blvd. Tenth Floor, San Jose, CA 95113
Social Trend
www.malwarebytes.org
Jan Feb March April May June July Aug Sept Oct Nov Dec100,000
101,000
102,000
103,000
104,000
105,000
106,000
107,000
108,000
109,000
110,000
MBAM Mobile
PUP policy change
MBAE Beta
Happy 5th B-day MBAM!
Techbench
False positive
Crushes malware. Restores confidence.
Malwarebytes Corporation, 10 Almaden Blvd. Tenth Floor, San Jose, CA 95113
Social for 2014
www.malwarebytes.org
Just kidding!
Crushes malware. Restores confidence.
Malwarebytes Corporation, 10 Almaden Blvd. Tenth Floor, San Jose, CA 95113
Social for 2014
www.malwarebytes.org
Instagram PinterestRedditTumblr
Get involved in: Increase activities in:
Thank You
Malwarebytes CorporationCrushes malware. Restores confidence.