Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits...
Transcript of Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits...
![Page 1: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/1.jpg)
Latest Cyber Security Threats & TrendsThe Ways To Deal With Them
Summ CHAN | Security Consultant | September 2019
![Page 2: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/2.jpg)
Agenda
• Latest Cyber Security Threats & Trends
• Cyber Attack & Defense
• Security Incidents Handling
• Security Advice Round Up
![Page 3: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/3.jpg)
Website: www.hkcert.org24-hour Hotline: 8105 6060Email: [email protected]
Hong Kong Computer Emergency Response Team Coordination Centre (香港電腦保安事故協調中心)
Mission: As the Centre for coordination of computersecurity incident response for local enterprisesand Internet Users, and the InternationalPoint-of-Contact
• Founded in 2001• Funded by Government• Operated by Hong Kong Productivity Council
3
asd
About Us
![Page 4: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/4.jpg)
Copyright @ 2019 HKPC All rights reservedInnovate for a Smart Future
Security Alert Monitoring
and Early Warning
Report and Response
Publication of Security
Guidelines and Information
HKCERTservices
01
02
03
04 Promotion of Information
Security Awareness
![Page 5: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/5.jpg)
Cyber Security
Threats & Trends
![Page 6: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/6.jpg)
Copyright @ 2019 HKPC All rights reserved
3,443
4,928
6,058 6,506
10,081
2014 2015 2016 2017 2018
YoY 55%
Source 來源: HKCERT
Referred case contributed 95%
Cases
Year
Summary of HKCERT Security Incident Reports
![Page 7: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/7.jpg)
Copyright @ 2019 HKPC All rights reserved
Botnet|殭屍網絡
37%
Malware|惡意軟件
32%
Phishing|網絡釣魚
21%
Defacement|網站塗改
1%
DDoS|分散式阻斷服務攻擊
<1%
Others|其他
9%
Source : HKCERT
Total
55%
Summary of HKCERT Security Incident Reports
![Page 8: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/8.jpg)
Cyber Attack & Defense
![Page 9: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/9.jpg)
Image credit: https://economictimes.indiatimes.com/tech/internet/69-indian-firms-face-serious-cyber-attack-risk-study/articleshow/69305216.cms
![Page 10: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/10.jpg)
![Page 11: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/11.jpg)
What is Phishing?
![Page 12: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/12.jpg)
Cyber Security Incidents of Enterprises in Past 12 Months (2019-03)
釣魚電郵 勒索軟件 其他惡意軟件攻擊 CEO電郵騙案
18%
Source: SSH Hong Kong Enterprise Cyber Security Readiness Index Survey 2019, HKPC
Top 5 External Attacks
350 Large Enterprises and SMEs interviewed
![Page 13: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/13.jpg)
Cyber Security Incidents of Enterprises in Past 12 Months (2019-03)
Finance47%
Healthcare21%
Manufacturing42%
Retail32%
Industries Most affected by Island Hopping
Hop to connected network (enterprise internal) – lateral movement
Reverse Business Email Compromise – take over mail server (enterprise internal)
Website waterhole (trap customers)
Source: Global Incident Response Threat Report, 2019-Q1, Carbon Black
![Page 14: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/14.jpg)
PHISHING . . . . the begin of a cyber attack story
Image credit: https://people.com/celebrity/beauty-and-the-beast-live-action-movie-with-emma-watson-all-about-disney-film/
![Page 15: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/15.jpg)
The information
is then used to
access important
accounts and can result
in identity theft and financial loss.
![Page 16: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/16.jpg)
Phishing Tactics: New Developments (1)
Domain Spoofing
• Fake Domain e.g. “zhongyinhk.com” used to phish BOCHK
• Punycode Domain
Use of HTTPS
2015 Q1 2019 Q1
58% of phishing using HTTPS (APWG 2019 Q1 Report)
![Page 17: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/17.jpg)
Phishing Tactics: New Developments (2)
Multi-level Social Engineering
• Attacker created a post in LinkedIn and built trust on the post with
comments and dialogue with the “friends” for some time.
• Attacker sent email to victim with reference to the post
Evade spam filter by using image
• Ransom email in image
• Payment bitcoin address in QR code
![Page 18: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/18.jpg)
![Page 19: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/19.jpg)
Source: https://www.securitybrigade.com
![Page 20: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/20.jpg)
GREED
CURIOSITY
URGENCY
FEAR
![Page 21: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/21.jpg)
URGENCY
How to distinguish Phishing Scams?Sample 1
Luck
y D
raw
& R
ewa
rds GREED
![Page 22: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/22.jpg)
How to distinguish Phishing Scams?Sample 2
On
line
Serv
ice
URGENCY
FEAR
![Page 23: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/23.jpg)
How to distinguish Phishing Scams?Sample 3
Ba
nki
ng
& F
ina
nce
Ret
ail
GENERAL GREETING
URGENCY
![Page 24: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/24.jpg)
How to distinguish Phishing Scams?Sample 4
Ba
nki
ng
& F
ina
nce
NO HTTPS
FAKE DOMAIN
URGENCY
![Page 25: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/25.jpg)
How to distinguish Phishing Scams?Sample 5
Inte
rnet
Ser
vice
Pro
vid
erHTTPS
FEAR
Enter the URL on your own
![Page 26: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/26.jpg)
How to distinguish Phishing Scams?Sample 6
Elec
tro
nic
Sp
ort
sINVALID DIGITAL CERTIFICATE
CURIOSITY
GREED
![Page 27: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/27.jpg)
Protection against Phishing Attacks
Think before you click
Pick up the phone to verify
Use two-factor authentication (2FA) across all accounts
Use different passwords for different services
Use email filtering technology & make sure the technique is up-to-dated
Conduct phishing drill exercises for all general staff
![Page 28: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/28.jpg)
Image credit: Rawpixel.com
![Page 29: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/29.jpg)
Malware | Propagation Channels
• Fake security
software / mobile app
• Fake video player
codec
Executable
• Embedded malware in
PDF or Office files
• Botnet served PDF
malware
Document Malware
• Legitimate and trusted
websites compromised
• Web admin incapable
to detect and mitigate
the risks
Website
![Page 30: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/30.jpg)
Multi-Stage Malware Infection | Drive-by Download
• Exploits imported from
other servers via iframes,
redirects
• When compromised,
dropper download and
install the actual bot
malware
Image credit: Flaticon.com
Exploit Server
Malware Hosting
Web Server(Injected)
Web request1
Redirected to Exploit Server
2
Serve exploit page3
Redirected to Malware Server4
Download Malware5
![Page 31: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/31.jpg)
Botnet (roBot Network)Infrastructure of Controlled Victim Computers (BOTs)
DDoS AttackSpam, Malware & Phishing victim victim
Up: DataDown: Command/Update
bot bot bot bot bot bot bot
Up: DataDown: Command/Update
C&C C&C C&C
Bot Herder
![Page 32: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/32.jpg)
Image credit: https://www.kratikal.com/blog/ransomware-attacks-shook-world/
![Page 33: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/33.jpg)
Ransomware
![Page 34: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/34.jpg)
Protection against Ransomware
Isolate infected computer immediately
Do NOT pay ransom nor contact attacker
Perform regular backups on important data and keep an offline copy
Ensure that OS, software and anti-virus signatures are kept updated regularly
Do NOT open suspicious email attachments and website links
![Page 35: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/35.jpg)
ANYTHING Can Be Targeted [video]Canon DSLR Camera Infected with Ransomware Over the Air
Source: https://www.bleepingcomputer.com/news/security/canon-dslr-camera-infected-with-ransomware-over-the-air/
![Page 36: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/36.jpg)
• Crime-as-a-Service• Launch of cyber
attacks are much easier than we can think of nowadays!
• Are you ready to face all these challenges?
![Page 37: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/37.jpg)
Security Incidents
Handling
![Page 38: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/38.jpg)
385W
1H
IR
![Page 39: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/39.jpg)
Incident Reporting Basics (1)
• What actually happened?
• What the incident might mean
for the organization?
• What is the impact?
• What system affected?
• What service affected?
• What actions had been taken?
• and etc.
WHAT
• Threat actor / IP address• Attack source • Hacking group• Attack target• Owner of targeted system• Owner of involved business
function• Customers affected• Parties involved➢ Internal➢ External
• and etc.
WHO
![Page 40: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/40.jpg)
Incident Reporting Basics (2)
• When the incident happened?
• When the incident being
detected?
• Incident duration
• Incident timeline
➢ Actions
➢ Decisions
➢ Information collected
• and etc.
WHEN
• Where is the attacks originated from?
• Attack paths• Lateral movement• Logical
• Network zone• Physical
• Cloud• On-premises
• and etc.
WHERE
![Page 41: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/41.jpg)
Incident Reporting Basics (3)
• How does it happened?
• How the systems infected?
• What vulnerabilities exploited?
• Attack method
• Intrusion method
• Command and control
• Evade detection
• Obfuscation
• and etc.
HOW
• Why does it happened?
• Root cause
• and etc.
WHY
![Page 42: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/42.jpg)
Case Study | British Airways Data Breach Incident
![Page 43: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/43.jpg)
Case Study | British Airways Data Breach Incident
❑ What affected?
• Online booking website and the mobile app
❑ What data had been stolen?
• Customer’s personal data (Names, billing address, email address)
• Credit card or debit card details
❑ How was it happened?
• Breaching by hiding JavaScript code known as Magecart
• Customer booking data was sent to malicious site on submission
❑ Why was it happened?
• Vulnerabilities being exploited that cause JavaScript injection on Modernizr module
![Page 44: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/44.jpg)
Case Study | British Airways Data Breach Incident
TimeApr
2018May 2018
Jun 2018
Jul 2018
Aug2018
Sep 2018
185,000 transactions are compromised between April and July 2018
224,000 transactions are compromised between
July and September 2018
6th SeptemberBA discloses the breach
23rd JuneFirst detection
Incident Response Process
![Page 45: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/45.jpg)
Security Advice
Round Up
![Page 46: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/46.jpg)
What to do next???
Being HACKED!?
![Page 47: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/47.jpg)
If you have provided
login credentials
in suspicious
website, please
reset password
and review the
security settings in
the related online
service accounts
![Page 48: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/48.jpg)
If you have
provided financial
information,
such as credit card
number, and incur
financial loss,
please contact
your bank
immediately
![Page 49: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/49.jpg)
You should report to nearby police
station if any financial loss is incurred
![Page 50: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/50.jpg)
If someone spoofs
your identity to send
email to your family,
friends and business
partners, you should
alert them by other
trusted
communication
channels.
![Page 51: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/51.jpg)
Contact your
IT Department immediately!
if you have one…
![Page 52: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/52.jpg)
電腦資訊保安
小錦囊
HKCERT Hotline
81056060www.hkcert.org
![Page 53: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/53.jpg)
Image credit: http://www.damazine.com/fishing-a-good-way-of-relaxing/
![Page 54: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/54.jpg)
54
Collaboration
TrustSharing
Cybersec Infohub
![Page 55: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/55.jpg)
55
Threat information and analysis
Alerts, news, vulnerabilities
Situational awareness
Best practices and tips
Mitigation advisories Strategic analysis
Key participants
Methods of Exchange
Via the
Platform
Industry
EventTele-
conferenceWebinar
Working
Group
1
WWW
Critical InfrastructureISPs IT & Security Vendors
Critical Internet
Infrastructure Researcher Local CERTs
Cybersec Infohub
![Page 56: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/56.jpg)
56
Cybersechub.hk | Public Zone
Alerts Advisories
CERT PublicationsInsights
![Page 57: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/57.jpg)
Cybersechub.hk | Members Zone
57
Traffic Light Protocol
User AnonymityExport IOCs for
OperationSocial Media “Like” Feature
“KOL” of Cybersechub.hk
Trusted Groups Discussion
Private Messaging
Directory for Connections
![Page 58: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/58.jpg)
![Page 59: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/59.jpg)
![Page 60: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/60.jpg)
![Page 61: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/61.jpg)
![Page 62: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/62.jpg)
Cybersec Infohub
cybersechub.hk
![Page 63: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/63.jpg)
Bring these messages back to your school……
1. Everyone can be targeted, even you are just a small potato in your
organization!!!!!!!!!!!!!!!!!
2. Set a strong password & enable 2FA whenever possible
3. Make sure your software / App are up-to-date & only download from
reliable sources
4. Do the SAME to your home PC/laptop/mobile devices
5. Build your own Human Firewall
![Page 64: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/64.jpg)
Question?
![Page 65: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/65.jpg)
Thank You
![Page 66: Latest Cyber Security Threats & TrendsMulti-Stage Malware Infection | Drive-by Download •Exploits imported from other servers via iframes, redirects •When compromised, dropper](https://reader030.fdocuments.in/reader030/viewer/2022040200/5e308351f0b67e798a249393/html5/thumbnails/66.jpg)
Hong Kong Productivity Council香港生產力促進局
HKPC Building, 78 Tat Chee Avenue, Kowloon, Hong Kong
香港九龍達之路78號生產力大樓
+852 2788 6168 www.hkpc.org