Quantcast

Articles

Get all-in-one coverage of Internet security and online privacy issues brought up by the industry’s leading experts at security conferences and seminars.

VX – The Virus Underground 2: Cross-Platform Malware and Virus Spreading Techniques

As part of his insider’s perspective, VXer SkyOut now focuses on the underground’s prevalent programming languages applicable for coding cross-platform malware, and highlights the common techniques used for virus distribution. Cross-Platform Malware So, let’s talk a bit about cross-platform malware,...

VX – The Virus Underground

The German VXer and social engineer Marcell Dietl, aka SkyOut, gives a presentation at 24C3 conference organized by Chaos Computer Club (CCC) to describe the different groups of virus coders and shed light on how they are affecting the VX scene. Ok, what shall this speech be about? Well, it shall be an...

Owning Bad Guys and Mafia with JavaScript Botnets 5: Tips to Maintain Online Privacy

The final part of Chema Alonso’s Defcon talk comprises a demo on infecting users through the rogue proxy server, and some general security tips to follow. I wanted to do a real demo, but first I’d like to show you the control panel and what it looks like. Of course, we turned off the proxy server on...

Owning Bad Guys and Mafia with JavaScript Botnets 4: Bypassing Anonymity

In this entry Chema Alonso continues exposing the weird, perverted, maleficent, and simply naive people whose personal data got retrieved under the research. Of course, we discovered psychotics. This is what the control panel looks like (see image), and as you can see, this guy was searching xnxx.com for...

Owning Bad Guys and Mafia with JavaScript Botnets 3: Scammers Exposed

Chema Alonso demonstrates several hilarious findings retrieved during his research, dissecting the Nigerian, dating, and other popular scams out there. So, the question is: who the hell uses proxy services on the Internet? How many of you are using this kind of services on the Internet? If you read related...

Owning Bad Guys and Mafia with JavaScript Botnets 2: Creating a JavaScript Botnet from Scratch

Having rejected several overly complicated tactics, Chema Alonso and his colleagues came up with a fairly simple, yet effective method for making a botnet to be used in their study, which is being thoroughly described in this part of the presentation. Another idea that we thought might work in our case is...

Owning Bad Guys and Mafia with JavaScript Botnets

Spanish computer security expert Chema Alonso gives a great talk at Defcon 20 about the ways to expose online scammers through the use of JavaScript botnets. The title of this session is “Owning bad guys and mafia with JavaScript botnets”. I hope you will enjoy the topic. But before I start, I...

Getting Ahead of the Security Poverty Line 8: Questions and Answers

Final part of Andy Ellis’ keynote at HITBSecConf 2012 is dedicated to answering questions from the event attendees, relating to the role of CSO in a company. Now I’m happy to take a question or two or five from the crowd, if anybody wants them. – Hi! My question is: often a big mistake that...

Getting Ahead of the Security Poverty Line 7: Increasing Security Value over Time

Andy Ellis elaborates here on the methods to prioritize security tasks within organizations and thus maintain high security value in the long-term perspective. As security professionals, we have a lot on our plates, we have a lot of things to do. How many people here juggle? If you try to learn to juggle,...

Getting Ahead of the Security Poverty Line 6: Third-Party Security Reviews

This section of the keynote sheds light on common mistakes made while evaluating vendor services, and outlines the most judicious approach to this activity. Another area we’ve recently been looking at is third-party security reviews. Everybody probably has this, certainly, in these days of outsourcing;...