Quantcast

Archive: May 2012

What is Anonymous 3: LulzSec vs Anonymous

Read previous: What is Anonymous 2: Are the Anonymous hacktivists really anonymous? The final part of the “What is Anonymous” talk is dedicated to the story of how Anons ended up moving into a strictly illegal area with their activities. Hubris: The reason why I got involved is they f..ked with...

What is Anonymous 2: Are the Anonymous hacktivists really anonymous?

Read previous: What is Anonymous: Anonymous Cyber War a5h3r4h and Hubris proceed with their talk to explain whether the Anonymous hacktivists are really anonymous when it even comes to simple open source research. Hubris (Director of Strategic Operations for Backtrace Security): Everyone, now, this is the...

What is Anonymous: Anonymous Cyber War

This is a revealing Defcon presentation by Backtrace Security representatives a5h3r4h and Hubris on history of the Anonymous, their methods and activities. a5h3r4h: My name is a5h3r4h, I’m Director of Psychological Operations at Backtrace Security. Me and my colleague Hubris are gonna talk a little bit...

AVG Internet Security 2015 review

$54.99 AVG Internet Security 2015 is tough on web threats and user-friendly. Usability:  Features:  Efficiency:  Support:  Overall:  Buy Now AVG Internet Security suite is renowned to be one of today’s leading security utilities, offering rock-solid protection from Internet...

How Our Browsing History Is Leaking into the Cloud 2

Read previous: How Our Browsing History Is Leaking into the Cloud In this section, Brian Kennish provides stats obtained by crawling popular sites to see the scope of ongoing personal data collection by big data aggregates. A reverse-tracking spider Our goals with this crawler were to get a list of the most...

How Our Browsing History Is Leaking into the Cloud

Former Google engineer Brian Kennish delivers a speech at Defcon about the scope of user tracking being conducted by large media companies. My name is Brian Kennish. I am gonna be talking about how our web browser history is leaking into the cloud. I never actually talk about myself much at events like...

How to rob an online bank 4: currency exchange manipulations and getting away with it

Read previous: How to rob an online bank 3: SQL injection Final part of Mitja Kolsek’s DeepSec conference presentation, outlining currency exchange manipulations and the ways to get away with online banking fraud. Currency rounding attack A lot of you probably like vulnerabilities, you would like...

How to rob an online bank 3: SQL injection

Read previous: How to rob an online bank 2 Mitja Kolsek explains limit checks bypassing, HTTP parameter pollution, SQL injection and signature exploiting as e-banking heist methods, based on pen testing. Bypassing limit checks Next thing – bypassing limit checks. Banks like to impose limits on us. They...

How to rob an online bank 2

Read previous: How to rob an online bank In this part of the presentation, Mitja Kolsek speaks on direct resource access and the use of negative numbers to trick e-banking systems. Direct resource access This is one of the top vulnerabilities in all web applications, and online banking is mostly web based....

How to rob an online bank

Captivating talk by Mitja Kolsek at DeepSec 2011 conference, describing the methods and prevalent vectors of online banking attacks. Mitja Kolsek is a computer and network security expert and the CEO of ACROS Security – a Slovenia-based company specializing in digital security research. He has a rich...

SSL and the future of authenticity 4: Perspectives and Convergence models

Final part of Moxie Marlinspike’s Defcon talk outlines the alternatives of current CA system: ‘Perspectives’ and ‘Convergence’ projects. ‘Perspectives’ model So, let’s talk about things that I’m a little bit more inspired by. There’s a project called ‘Perspectives’ which came out of...

SSL and the future of authenticity 3: Trust agility concept

Moxie moves on with his Defcon talk to introduce and explain the notion of trust agility and outline trust requirements under DNSSEC1 authenticity model. I think it’s a good idea to look back at what happened to Comodo. Well… nothing happened to Comodo. But why? Why did nothing happen? What could we...

SSL and the future of authenticity 2: certificate authorities

Second part of Moxie Marlinspike’s presentation dedicated to the authenticity component of a secure protocol and the general perceptions of SSL problems. Authenticity is important of course, because normally, if you establish a secure session with a website, the problem is that if you don’t have...

SSL and the future of authenticity: Comodo hack and secure protocol components

Defcon presentation by computer security researcher Moxie Marlinspike on the past, present and the future of SSL encryption protocol and authenticity as such. Okay, let’s talk about SSL and the future of authenticity. Really, this talk is about trust, and I wanna start this talk out with a story – it’s...

RoboForm Pro review

$19.95 RoboForm Pro helps you stay on the safe side while managing passwords and other sensitive data. Usability:  Features:  Efficiency:  Support:  Overall:  Download Passwords are pieces of you, ‘digitally’ speaking. This isn’t a metaphor – the online and...

Browsing Known Sites is Safe – True or False 2: malware distribution

Read previous: Browsing Known Sites is Safe – True or False: Ill-family malware Having talked about the ‘Ill-family’ infections, Lukas Hasik and Jiri Sejtko get down to explaining the peculiarities and distribution patterns of JS:Kroxxu and JS:Prontexi which are the two other widespread types of...

Browsing Known Sites is Safe – True or False: Ill-family malware

Avast Software officials Lukas Hasik and Jiri Sejtko present their observations and insights into the prevalent web infections in the wild during their talk at RSA Conference. The key points in this part of the discussion are the ‘trust phenomenon’ explanation and the analysis of ‘Ill-family’ malware...

avast! Pro Antivirus 2015 review

$39.99 Customize your security with avast! Pro Antivirus to fit your computing needs. Usability:  Features:  Efficiency:  Support:  Overall:  Buy Now It’s turn for the antivirus brainchild of avast! Software to undergo our scrutiny, so let’s see how good it performs to...

The Ugly Truth About Mobile Security 2: premium-rate numbers affiliate networks

Read previous: The Ugly Truth About Mobile Security: Mobile malware and SMS Trojans What is the core reason for the Russian mobile cybercrime’s flourishing? To address this point, Denis Maslennikov explains in detail how a typical SMS Trojan scheme works, and how little it actually takes to register with...

SafeHouse Personal Edition review

$29.99 SafeHouse Personal Edition features amazing simplicity and a sufficient extent of data encryption power. Usability:  Features:  Efficiency:  Support:  Overall:  Download Whereas data encryption used to be the prerogative of secret services and the people who attempted...

The Ugly Truth About Mobile Security: Mobile malware and SMS Trojans

Kaspersky Lab’s Senior Malware Analyst Denis Maslennikov speaks at RSA Conference about the mobile side of the Russian cybercrime. Maslennikov outlines the prevalent techniques applied for scamming users, describing modifications of SMS Trojans and explaining how they work. Hello, my name is Denis...

Generations of DoS attacks 4: more LulzSec details and applicable defenses

Read previous: Generations of DoS attacks 3: examples of attacks and insider’s view of LulzSec story CloudFlare’s CEO and co-founder Matthew Prince provides some additional details of the kerfuffle around Lulz Security’s activities during June-July 2011: the origins of their website traffic spikes and...

Generations of DoS attacks 3: examples of attacks and insider’s view of LulzSec story

Read previous: Generations of DoS attacks 2: Layer 4, Layer 7 and Link-Local IPv6 attacks In this part, Sam Bowne exemplifies each major type of DoS attacks, showing the actual implementation process and the potential damage that may occur. The CEO of CloudFlare Matthew Prince then takes the floor to talk...

Generations of DoS attacks 2: Layer 4, Layer 7 and Link-Local IPv6 attacks

Read previous: Generations of DoS attacks: some history and links to Jester, Anonymous and LulzSec Sam Bowne’s primary focus in this section of his talk is on the technical part of different types of DoS attacks: the relatively primitive Layer 4 DDoS, variations of the more sophisticated Layer 7 DoS and...