Articles

No Budget Threat Intelligence 4: Reversing Malware Samples

Having deliberately exposed a honeypot machine to attackers, Andrew Morris got a lot of incoming malware data, which he then reversed to get a better insight. Reversing these samples (see right-hand image) is a talk in and of itself. Actually, it’s reverse engineering the malware samples that you find....

No Budget Threat Intelligence 3: Discovery and Investigation

Andrew Morris has got some great points on the vulnerabilities prevalently used by remote attackers on the Internet, so read this part to learn what those are. Discovery & Investigation We are now going to talk about discovery and investigation. Bad guys are still using Shellshock to propagate pretty...

No Budget Threat Intelligence 2: Setting up Cheap Honeypots

A brief overview of threat intelligence infrastructure, where Andrew Morris focuses on tools for making honeypots that do not require a bunch of resources. Infrastructure (TL;DR) So, again, the tl;dr of infrastructure – we are going to talk about honeypots briefly. Raise your hand if you know what a...

No Budget Threat Intelligence – Tracking Malware Campaigns on the Cheap

Andrew Morris, formerly an Intrepidus Group employee and currently researcher at Endgame, proves at ShmooCon that threat intel doesn’t have to be expensive. Andrew Morris: So, this is “No Budget Threat Intelligence – Tracking Malware Campaigns on the Cheap”. First of all, thank you guys...

Securing our future 4: Governmental malware

As per Mikko Hyppönen’s contemplations, nation states have been coining the most advanced samples of malicious software, so read this follow-up to learn more. I suppose the biggest surprise, to me personally, over the last 25 years that I have been fighting online attacks is the fact that governments...

Securing our future 3: The Internet of Things

Mikko Hyppönen now shifts the vector of his discourse over to criminal challenges online as well as the dangers of the rapidly progressing Internet of Things. There are criminal things online as well. When we move from privacy problems to security problems, then we end up with practical things like this...

Securing our future 2: Legal infringement of privacy

Judging from targeted ad campaigns on social networks, Mikko Hyppönen argues, these companies know too much about their users, which is a big privacy concern. When you go and look at these services as a customer, you go and buy an ad, you end up in this user interface, for example with Twitter, where you...

Securing our future – Mikko Hyppönen

Mikko Hyppönen, F-Secure’s CRO and security celebrity who needs no introduction, highlights current and emerging concerns caused by ubiquity of the Internet. I am Mikko Hyppönen, and I have spent my life analyzing viruses, tracking hackers, catching online criminals and trying to protect the security...

How not to suck at pen testing 6: Penetration testers code of ethics

Black Hills Information Security’s John Strand lists the essential rules, which are intended to make pen testing more efficient as the industry is moving on. John Strand: The whole gist of this entire presentation is we need to keep moving forward as network pen testers. We need to continue to find new...

How not to suck at pen testing 5: Hunt teaming

This part is about a really interesting, highly effective take on network penetration testing advocated by John Strand and his colleague Joff Thyer. John Strand: So, let’s talk about trying to find new areas, and that’s kind of where we are going to start tying this up (see right-hand image). We need to...