Quantcast

Author: david b.

Mikko Hypponen on Cyber Warfare 2: Types of Governmental Attacks

Shifting the focus over to governmental attacks, Mikko Hypponen breaks nation states’ cyber warfare down into several types, depending on the objects targeted. Within attacks coming from governments we have a range of stuff. We have espionage. You might have heard about what is often characterized as APT...

F-Secure’s Mikko Hypponen on Cyber Warfare at Wired 2012

Chief Research Officer at F-Secure and true computer security guru Mikko Hypponen outlines the state and scope of today’s cyber threatscape at Wired 2012 event. My name is Mikko Hypponen, and his name is “Arashi”. He is one of the examples of Russian organized cyber criminals who create...

Offensive Threat Modeling for Attackers 8: Confusing the Adversary

This is the final part of the presentation dedicated to nuances of exploiting various components of an adversary’s defensive posture for a successful attack. So, now we want to directly engage the defenses. A very effective thing is false flag operations. Does everybody knows what a false flag is? False...

Offensive Threat Modeling for Attackers 7: Utilizing Different Infiltration Vectors

Shane MacDougall and Rafal Los explicate herein the issues of offensive modeling from the perspectives of company’s human component and time windows for attack. Shane MacDougall: A big tool in determining your targets within a company is company sentiment. You really want to identify as many users at risk...

Offensive Threat Modeling for Attackers 6: Insight into Points of Attack

Presenting their subject further, Shane MacDougall and Rafal Los stick to the objectives and key constituents of the points of attack modeling process. To model the points of attack, obviously, our key objective is to break everything down into the tiniest pieces possible. If you’re familiar with the...

Offensive Threat Modeling for Attackers 5: Modeling the Defender

It’s now turn for Shane MacDougall to contribute to the presentation and focus on the different aspects of modeling the defender for offensive purposes. Shane MacDougall: Now we’re going to get into the meat of the matter of how we’re actually going to break this down. So, modeling the defender (see...

Offensive Threat Modeling for Attackers 4: Executing the Attack the Right Way

HP Software’s Rafal Los now highlights the finishing touches to perform before the attack can be executed, and summarizes the entire offensive threat scenario. I hope you guys get the irony of hanging a piece of Swiss cheese in the Posture slide (see image). Identifying asset’s defensive posture: how...

Offensive Threat Modeling for Attackers 3: Identifying the Purpose, Target Assets and Points of Attack

In this section of the presentation Rafal Los thoroughly analyzes the offensive routine in the context of its purpose, prioritization, and points of attack. When you’re looking at a system, you have to know what’s behind it, you have to know what the infrastructure is, so if you’ve got an Oracle...

Offensive Threat Modeling for Attackers 2: Exploiting Defenders’ Weaknesses

Moving on with the subject, Rafal Los provides a step-by-step insight into preliminary measures and the right strategy for attacking the adversary’s assets. So, how do we use weaknesses of defenders as a weapon? I found a really cool quote that I like to use a lot: “To lack intelligence is to be in...

Offensive Threat Modeling for Attackers: Turning Threat Modeling on its Head

Rafal M. Los, HP Software’s Chief Security Evangelist, and Shane MacDougall, principal partner at Tactical Intelligence, give a presentation at Black Hat Europe 2012 to show a non-standard perspective of threat modeling as an offensive tool. Rafal M. Los: Hi! I’m Raf, that’s Shane right over here....

Making Attackers’ Lives Miserable 3: How to Spot and Attack the Bad Guys

Paul Asadoorian and John Strand give finishing touches to their research, highlighting methods of attribution and counterattacking, and listing the relevant precautions. Paul Asadoorian: Now along to attribution. So, if we can annoy attackers and draw them into certain places inside of our website or inside...

Making Attackers’ Lives Miserable 2: Setting Traps with Recursive Directories

In this section, Paul Asadoorian and John Strand elaborate on the aspect of annoyance that deals with making an attacker repeatedly go through a loop of directories on the targeted website. John Strand: Infinitely recursive directories are another one of the areas that you can mess with attackers’ lives....

Offensive Countermeasures – Making Attackers’ Lives Miserable

PaulDotCom’s Paul Asadoorian and John Strand present an intriguing research at RSA Conference 2012 about ways to confuse, upset and geolocate cyber intruders. Paul Asadoorian: Hello everyone and welcome to Offensive Countermeasures – Making Attackers’ Lives Miserable. My name is Paul...

The Art of Effectively Communicating with a Cyber Predator 3: Example of a Matching Conversation

To make the presentation more vivid, Janice Niederhofer now provides a demo of the conversation with a cyber predator, demonstrating the art of matching. Let’s move on. Conversely, if you want to decrease rapport, you can deliberately mismatch. We’ve been matching the cyber predator’s communication and...

The Art of Effectively Communicating with a Cyber Predator 2: Building Rapport with the Scammer

Janice Niederhofer now elaborates on establishing rapport with a cyber predator, focusing on language matching techniques and the use of so-called VAK senses. Build Rapport, then Move Forward For rapport to exist between you and a cyber predator, you have to have 3 things: understanding, appreciation, and...

Luring Your Prey – The Art of Effectively Communicating with a Cyber Predator

Janice Niederhofer, founder and CEO of Peerage Consulting, Inc., gives a captivating presentation at RSA Conference, dissecting the subtle yet very significant components of online communication with scammers and other ill-minded individuals seeking preys on the Internet. Welcome to the session:...

VX – The Virus Underground 6: Hoaxes, Social Engineering and Cryptography

At the end of the Q&A part, SkyOut touches upon VXer’s attitude to hoaxes, cryptography, and the blurred line between the legal and illegal in their activity. QUESTIONS? – You mentioned hoaxes. You say you do viruses and you don’t want to harm anybody, but to prove that hoaxes work you need to...

VX – The Virus Underground 5: Discussing Interaction with Antivirus Companies

SkyOut now invites 24C3 conference attendees to participate in a more down-to-earth discussion which starts with insight into relation between AVs and VXers. QUESTIONS? Ok, we have a lot of time, so we can have a little discussion if you want. – So, first question would be: in the beginning and the end...

VX – The Virus Underground 4: Problems of the VX Scene

SkyOut brings attention to the main problems of the virus underground, and summarizes the presentation’s key points with regard to the state of VX scene. Connection between VX and AV So what connection do we have between VX and AV: VX – virus exchangers, and AV – antivirus companies? –...

VX – The Virus Underground 3: VXers’ Communication Channels

The subjects touched upon by Marcell Dietl in this part are types of payloads and malware out there, as well as the way VXers communicate with each other. Types of Payloads So, what types of payloads do we have? First of all, what’s a payload? A payload is everything else but reproduction. Reproduction is...

VX – The Virus Underground 2: Cross-Platform Malware and Virus Spreading Techniques

As part of his insider’s perspective, VXer SkyOut now focuses on the underground’s prevalent programming languages applicable for coding cross-platform malware, and highlights the common techniques used for virus distribution. Cross-Platform Malware So, let’s talk a bit about cross-platform malware,...

VX – The Virus Underground

The German VXer and social engineer Marcell Dietl, aka SkyOut, gives a presentation at 24C3 conference organized by Chaos Computer Club (CCC) to describe the different groups of virus coders and shed light on how they are affecting the VX scene. Ok, what shall this speech be about? Well, it shall be an...

Owning Bad Guys and Mafia with JavaScript Botnets 5: Tips to Maintain Online Privacy

The final part of Chema Alonso’s Defcon talk comprises a demo on infecting users through the rogue proxy server, and some general security tips to follow. I wanted to do a real demo, but first I’d like to show you the control panel and what it looks like. Of course, we turned off the proxy server on...

Owning Bad Guys and Mafia with JavaScript Botnets 4: Bypassing Anonymity

In this entry Chema Alonso continues exposing the weird, perverted, maleficent, and simply naive people whose personal data got retrieved under the research. Of course, we discovered psychotics. This is what the control panel looks like (see image), and as you can see, this guy was searching xnxx.com for...

Owning Bad Guys and Mafia with JavaScript Botnets 3: Scammers Exposed

Chema Alonso demonstrates several hilarious findings retrieved during his research, dissecting the Nigerian, dating, and other popular scams out there. So, the question is: who the hell uses proxy services on the Internet? How many of you are using this kind of services on the Internet? If you read related...

Owning Bad Guys and Mafia with JavaScript Botnets 2: Creating a JavaScript Botnet from Scratch

Having rejected several overly complicated tactics, Chema Alonso and his colleagues came up with a fairly simple, yet effective method for making a botnet to be used in their study, which is being thoroughly described in this part of the presentation. Another idea that we thought might work in our case is...

Owning Bad Guys and Mafia with JavaScript Botnets

Spanish computer security expert Chema Alonso gives a great talk at Defcon 20 about the ways to expose online scammers through the use of JavaScript botnets. The title of this session is “Owning bad guys and mafia with JavaScript botnets”. I hope you will enjoy the topic. But before I start, I...

Getting Ahead of the Security Poverty Line 8: Questions and Answers

Final part of Andy Ellis’ keynote at HITBSecConf 2012 is dedicated to answering questions from the event attendees, relating to the role of CSO in a company. Now I’m happy to take a question or two or five from the crowd, if anybody wants them. – Hi! My question is: often a big mistake that...

Getting Ahead of the Security Poverty Line 7: Increasing Security Value over Time

Andy Ellis elaborates here on the methods to prioritize security tasks within organizations and thus maintain high security value in the long-term perspective. As security professionals, we have a lot on our plates, we have a lot of things to do. How many people here juggle? If you try to learn to juggle,...

Getting Ahead of the Security Poverty Line 6: Third-Party Security Reviews

This section of the keynote sheds light on common mistakes made while evaluating vendor services, and outlines the most judicious approach to this activity. Another area we’ve recently been looking at is third-party security reviews. Everybody probably has this, certainly, in these days of outsourcing;...