Quantcast

Articles

Get all-in-one coverage of Internet security and online privacy issues brought up by the industry’s leading experts at security conferences and seminars.

The State of Web Exploit Toolkits – Turnkey Cybercrime Software

During his Black Hat briefing, Jason Jones, the Team Lead for ASI at HP DVLabs, presents a professional extensive analysis of the present-day web exploit kits. I’m going to be talking about the state of web exploit toolkits, which is a lot of what I’ve been doing on my job. I’m the Lead for Advanced...

From Russia with Love.exe 5: Questions and Answers

This is the final part of the study where The Grugq and Fyodor Yarochkin are explaining more details of the Russian hacking business during the Q&A section. Yarochkin: Alright, do you have any questions? Question: On your point about the ratios: so, this guy was offering the best ratio; do you know any...

From Russia with Love.exe 4: Geeks, Not Gangsters

You can learn here how much it costs to buy a massive DDoS attack service on Russian hacking forums, and what kind of people those sellers are. The Grugq: So, everyone probably knows Twitter went down some time ago. How much do you think that cost per day, on average? It’s 80 bucks! Come on, 80 bucks to...

From Russia with Love.exe 3: Money Laundering and Botnet Services

In this entry the security analysts are focusing on other popular commodities sold on Russian hacking forums, as well as malware distribution services. Yarochkin: One of the most valuable commodities on these forums is actually ICQ numbers. Even now, as of today, ICQ is one of the primary communication means...

From Russia with Love.exe 2: Virtual Currencies and Identity Dumps

The Grugq and Fyodor Yarochkin now move on to outline the prevalent payment methods on Russian hacking forums and touch upon the goods being traded on there. The Grugq: There’s some really cool identity stuff that they do as well. A lot of the money that gets moved around in these illegal economies is...

From Russia with Love.exe – The Russian Underground Hacking Culture

While participating in HITBSecConf Malaysia, security analysts The Grugq and Fyodor Yarochkin present their study of the ins and outs of the Russian hacking community, hacking forums and culture. The Grugq: Hi everyone. This is Fyodor, I’m Grugq by the way. What this talk is on is it’s basically on the...

The Anatomy of Social Engineering 5: The Reality and Defenses

This entry encompasses the summary of how effectively social engineering exploits the quirks, or flaws, of the human brain, and provides some defense advice. So, in reality these are just tricks that statistically increase the odds of compliance (see right-hand image). And they’re obviously not going to...

The Anatomy of Social Engineering 4: Social Proof, Liking, Authority and Scarcity Flaws

The article continues to describe psychological quirks of the human brain, now focusing on four more flaws that tend to spontaneously affect one’s behavior. 3. Social Proof The next flaw that our brains have is that we try to do and think what other people who seem like us do and think (see right-hand...

The Anatomy of Social Engineering 3: Reciprocity and Consistency Quirks

This section covers some of the natural human quirks, namely reciprocity and consistency, and highlights how those can be used for social engineering. There have been other studies to find out quirks of the human brain, other than the magic word “because”. These 6 quirks I’m going to talk about...

The Anatomy of Social Engineering 2: Evolutionary Triggers

The key subject matter here is how exploiting evolutionary aspects naturally affects humans in terms of manipulative influence and social engineering proper. Ties to Evolution So, let’s talk about social engineering and exploiting the human’s mind, because there’re vulnerabilities in a human mind that...