Comments
Transcript
Preview of “攻撃の真実_進化する攻撃に打ち勝つ_rev4.pptx”
1 | © 2016, Palo Alto Networks. Confidential and Proprietary. Traps 2 | ©2016, Palo Alto Networks. Confidential and Proprietary. IoT IT / 3 | ©2016, Palo Alto Networks. Confidential and Proprietary. $$$ 4 | ©2016, Palo Alto Networks. Confidential and Proprietary. : • • ( ) = 5 | ©2016, Palo Alto Networks. Confidential and Proprietary. 6 | ©2016, Palo Alto Networks. Confidential and Proprietary. 7 | ©2016, Palo Alto Networks. Confidential and Proprietary. | SLIDESOURCE > ! > ! ! | RSS ( | CIO 12,000 ) IPS 8 | ©2016, Palo Alto Networks. Confidential and Proprietary. Web Google 9 | ©2016, Palo Alto Networks. Confidential and Proprietary. 10 | ©2016, Palo Alto Networks. Confidential and Proprietary. 11 | ©2016, Palo Alto Networks. Confidential and Proprietary. 1 12 | ©2016, Palo Alto Networks. Confidential and Proprietary. 2 2012-0158/2010-3333 13 | ©2016, Palo Alto Networks. Confidential and Proprietary. : ! : ! : ! ! ! 14 | ©2016, Palo Alto Networks. Confidential and Proprietary. 15 | ©2016, Palo Alto Networks. Confidential and Proprietary. Web 16 | ©2016, Palo Alto Networks. Confidential and Proprietary. USB / : : CEO http://... Web 17 | ©2016, Palo Alto Networks. Confidential and Proprietary. 18 | ©2016, Palo Alto Networks. Confidential and Proprietary. (PoisonIvy) OS ! ! ! ! Web 19 | ©2016, Palo Alto Networks. Confidential and Proprietary. (CyberGate) 20 | ©2016, Palo Alto Networks. Confidential and Proprietary. (NetWire) 21 | ©2016, Palo Alto Networks. Confidential and Proprietary. : • • • • Android • • • 22 | ©2016, Palo Alto Networks. Confidential and Proprietary. […] $4,000 […] $15,000 23 | ©2016, Palo Alto Networks. Confidential and Proprietary. : AV URL DNS 24 | ©2016, Palo Alto Networks. Confidential and Proprietary. ! ! ! ! ! ! 25 | ©2016, Palo Alto Networks. Confidential and Proprietary. : 26 | ©2016, Palo Alto Networks. Confidential and Proprietary. ! ! ! ! ! DEP 1. PDF 2. PDF Reader Acrobat OS 3. 4. ! ! ! 28 | ©2016, Palo Alto Networks. Confidential and Proprietary. ... 1. PDF 2. PDF Reader Acrobat 3. 4. 1. 29 | ©2016, Palo Alto Networks. Confidential and Proprietary. DEP 1. PDF 2. PDF Reader Acrobat 3. 4. 1. 2. EPM 1 30 | ©2016, Palo Alto Networks. Confidential and Proprietary. : Carbanak 2013 12 CVE-2012-0158 CVE-2013-3906 CVE-2014-1761 Carbanak 31 | ©2016, Palo Alto Networks. Confidential and Proprietary. 100 + + + 10 Carbanak Traps CVE-2012-1058 Memory Limit Heap Spray Check CVE-2013-3906 Memory Limit Heap Spray Check and Shellcode Preallocation CVE-2014-1761 DEP UASLR 1 32 | ©2016, Palo Alto Networks. Confidential and Proprietary. DEP ROP ROP UASLR ROP/OS ROP Mitigation OS ROP Mitigation DLL Security OS ROP Mitigation/ DLL Security DLL Security DLL Security : LightsOut 2014 2 http://... 39essex[.]com Java IE Adobe Reader 33 | ©2016, Palo Alto Networks. Confidential and Proprietary. CVE-2012-1723 CVE-2013-1347 CVE-2013-1690 CVE-2013-2465 http://... LightsOut Traps Java Java Java CVE-2012-1723 CVE-2013-1465 Java CVE-2014-1761 CVE-2014-1761 CVE-2013-1347 CVE-2013-1347 34 | ©2016, Palo Alto Networks. Confidential and Proprietary. DEP Java UASLR Shellcode Preallocation ROP DEP ROP Mitigation UASLR DLL Security OS ROP/OS DLL Security ROP Mitigation/ DLL Security - GameOverZeus Zeus Temp Zeus explorer.exe Zeus explorer.exe %USERPROFILE%\AppData\Local\Temp .exe 35 | ©2016, Palo Alto Networks. Confidential and Proprietary. : GameOverZeus 1 %USERPROFILE%\AppData\Local\Temp Local\Temp 36 | ©2016, Palo Alto Networks. Confidential and Proprietary. 2 .exe explorer.exe : Traps 10 1 2 3 1 2 WildFire 3 WildFire OS JIT Traps 37 | ©2016, Palo Alto Networks. Confidential and Proprietary. Traps WildFire LAN / / VM ! ! ! ! 38 | ©2016, Palo Alto Networks. Confidential and Proprietary. 1 39 | ©2016, Palo Alto Networks. Confidential and Proprietary. 2 3 4 ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! 44 | © 2016, Palo Alto Networks. Confidential and Proprietary.