Last week we held our first webinar in the Threat Review Series where we focus on new or interesting threats in the security landscape and how to protect against them. It was an interesting session as we featured three very different types of threats - a botnet, a Windows application vulnerability and the always engaging Stuxnet malware and exploit. Given the popularity of the webinar, we created short videos that detail each threat including how it works and how to stop it. See below for a quick summary of each video.
Mariposa Botnet
We begin by taking a look back at recent history and reviewing the key lessons from the Mariposa botnet. Here we dig into the correlation between Mariposa infection rates and the presence of enabling applications. We also cover how Palo Alto Networks was instrumental in finding Mariposa in the wild, even before signatures were available in the industry, and how to use Palo Alto Networks to find similar threats in the future. Watch the video.
Microsoft DLL Vulnerability
Next up, we take a look at the recent Microsoft DLL Vulnerability that affects dozens of Windows based applications, allowing an attacker to remotely take control of a user's system. In this section we take a look at specifically how to control this threat throughout the entire attack lifecycle using the multiple threat prevention disciplines found in the Palo Alto Networks next-generation firewall. Watch the video.
Stuxnet
Lastly we take a brief look at Stuxnet. While Stuxnet is a very big and controversial topic with plenty of spy vs. spy speculation, we have taken a more "just the facts" approach where we detail the various vulnerabilities underlying Stuxnet and they can be addressed today. Secondly, we see why Stuxnet provides a great example of how and why we should reduce the attack surface of our critical systems by using a combination of positive application control and negative threat prevention. Watch the video.
As always, let us know your thoughts and if there are threats that you would like to see profiled. You can also sign up for the Threat Review Series, here to be notified of the next Threat Review updates.