Quantcast

Articles

Get all-in-one coverage of Internet security and online privacy issues brought up by the industry’s leading experts at security conferences and seminars.

The Next Crypto Wars 5: Government Contractors’ Activity Revealed

ACLU’s Chris Soghoian now delves into how he discovered the activities of contractor company employees supporting the Government’s hacking endeavors. What about the Feds? The feds have the big bucks, federal law enforcement agencies in the United States have enough money to use bespoke custom malware....

The Next Crypto Wars 4: Surveillance Tools by Gamma and Hacking Team

Chris Soghoian’s focus in this entry is on private sector companies providing assistance to the government by developing tools for intercepting communications. Government Hacking Alright, so if they can’t force Google to put a backdoor in Android OS, and if they can’t force Apple to put a backdoor in...

The Next Crypto Wars 3: Government Mandating Backdoors

Chris Soghoian zeroes in on the government’s attempts to circumvent privacy measures by the Silicon Valley companies that all came to employ encryption. Silicon Valley vs. telco surveillance What we have seen in the last few years is a transition. We’ve seen a migration away from telecommunications...

The Next Crypto Wars 2: Going Dark

Delving further into crypto evolution, Chris Soghoian focuses on the relationship between law enforcement and companies that adopted strong privacy algos. Going Dark And so, things were good for a while. It didn’t really matter that your browser could do strong crypto. It didn’t really matter that you...

Backdoors, Government Hacking and the Next Crypto Wars

Christopher Soghoian, ACLU’s Principal Technologist, presents his study at Defcon highlighting the past and the present of the privacy and cryptography realm. Good morning or good afternoon, my name is Chris Soghoian, I am the Principal Technologist for the Speech, Privacy and Technology Project at the...

AV Evasion 6: Best-Performing Tactics

Having overviewed antivirus evasion methods that didn’t turn out too efficient, David Maloney now describes some successful approaches that he came up with. We are not going to use stagers anymore, that is to say, we are not going to use the ones that come as payloads in Metasploit Framework. We are going...

AV Evasion 5: Blending in Instead of Hiding the Bad

Continuing to elaborate on ways to circumvent antivirus detection, David Maloney dissects code generation and Ghost-Writing techniques in this regard. One of my co-workers said to me: “What about doing code generation, what if you never put your payload in the executable at all; instead, you have your...

AV Evasion 4: Encoders and Fuzzy NOPs Fail

What gets scrutinized in the given entry is whether or not the use of encoders and generating fuzzy NOPs can help avoid interception by AV. Alright, what about inlining it? Like a said, typically we have been shoving stuff into a variable, then doing some dereferencing tricks in C, and then executing it as...

AV Evasion 3: EXE Templates and Run-Time Dynamic Linking

Delving further into techniques to keep payloads undetected by antiviruses, David Maloney analyzes the efficiency of several popular obfuscation methods. Alright, so how do we get around the problem of the EXE Template? Well, like I said, the default template with no payload is 42 detections. We have the...

AV Evasion 2: Hurdles for Metasploit Payload Execution

David Maloney now breaks the structure of an arbitrary Metasploit payload down into essential constituents and dwells on some common obfuscation problems. So, real quick we are just going to define some terms (see right-hand image), hopefully everyone is familiar with this. In the antivirus world we are...