Articles

Chris Rock – I will kill you

In the course of his DefCon 23 presentation, Australian security expert Chris Rock demonstrates how fake death or birth records can be created these days. DefCon host: When I was going through the schedule trying to see what speakers we’re going to be watching, I saw this description and said “Oh yeah, I...

No Budget Threat Intelligence 6: Defensive Strategies

As this ShmooCon presentation is coming to an end, Andrew Morris dwells on defenses against the attacks and shares his plans regarding the upcoming projects. Defensive Strategies So, a couple of defensive strategies (see right-hand image). It’s, basically, standard threat intelligence stuff, whatever you...

No Budget Threat Intelligence 5: Automation

Andrew Morris presents his automated threat reporting system called the Animus and the interactive Threatbot tool powered by the existing attacker database. Threat Reporting Automation So, now I’m going to talk about automating a lot of the stuff that I have been talking about so far. There’s this thing...

No Budget Threat Intelligence 4: Reversing Malware Samples

Having deliberately exposed a honeypot machine to attackers, Andrew Morris got a lot of incoming malware data, which he then reversed to get a better insight. Reversing these samples (see right-hand image) is a talk in and of itself. Actually, it’s reverse engineering the malware samples that you find....

No Budget Threat Intelligence 3: Discovery and Investigation

Andrew Morris has got some great points on the vulnerabilities prevalently used by remote attackers on the Internet, so read this part to learn what those are. Discovery & Investigation We are now going to talk about discovery and investigation. Bad guys are still using Shellshock to propagate pretty...

No Budget Threat Intelligence 2: Setting up Cheap Honeypots

A brief overview of threat intelligence infrastructure, where Andrew Morris focuses on tools for making honeypots that do not require a bunch of resources. Infrastructure (TL;DR) So, again, the tl;dr of infrastructure – we are going to talk about honeypots briefly. Raise your hand if you know what a...

No Budget Threat Intelligence – Tracking Malware Campaigns on the Cheap

Andrew Morris, formerly an Intrepidus Group employee and currently researcher at Endgame, proves at ShmooCon that threat intel doesn’t have to be expensive. Andrew Morris: So, this is “No Budget Threat Intelligence – Tracking Malware Campaigns on the Cheap”. First of all, thank you guys...

Securing our future 4: Governmental malware

As per Mikko Hyppönen’s contemplations, nation states have been coining the most advanced samples of malicious software, so read this follow-up to learn more. I suppose the biggest surprise, to me personally, over the last 25 years that I have been fighting online attacks is the fact that governments...

Securing our future 3: The Internet of Things

Mikko Hyppönen now shifts the vector of his discourse over to criminal challenges online as well as the dangers of the rapidly progressing Internet of Things. There are criminal things online as well. When we move from privacy problems to security problems, then we end up with practical things like this...

Securing our future 2: Legal infringement of privacy

Judging from targeted ad campaigns on social networks, Mikko Hyppönen argues, these companies know too much about their users, which is a big privacy concern. When you go and look at these services as a customer, you go and buy an ad, you end up in this user interface, for example with Twitter, where you...