Quantcast

Author: david b.

How Terrorists Encrypt 7: Peculiarities of Encryption Using Tadpole

Duncan Campbell dedicates the final part largely to Tadpole software which is used by jihadis to encrypt their communication while making terror plots. Operation CLUTCH (2010) The man named Anwar Al-Awlaki, was the head of al-Qaeda in the Arabian Peninsula until his demise. Based in Yemen, he was at the...

Reveton Trojan: fake FBI ransomware assaults US users

The Federal Bureau of Investigation is warning the Internet users of a dangerous and immensely aggressive virus called Reveton which is known to block computers on behalf of the government organizations, attempting to extort money from confused users. Based on the official report, Reveton is a typical...

How Terrorists Encrypt 6: Traces Cleanup with TrueCrypt Software

Duncan Campbell provides details on several more counter-terrorism operations, outlining the use of TrueCrypt software and other conspiracy tricks by jihadis. Operation PATHWAY (2009) This investigation was blown to the entire world by mistake, when Commander Bob Quick, who was then head of British...

How Terrorists Encrypt 5: International Anti-Terror Operations

Duncan Campbell talks about several major anti-terror operations and the way encryption techniques were used by jihadis to organize their attacks. Operation MAZHAR (2005) An international search tracked down an Islamic Internet activist who for 3 years had been tauntingly calling himself on the Internet...

How Terrorists Encrypt 4: “Mujahideen Secrets” Software

The research moves into cryptographic area proper, explaining the principles of jihadis’ encrypting techniques and providing specific terror investigation cases. Now, finally, we have cryptography from jihadis. This is “Asrar al-Mujahideen” (see image) – “The Secrets of...

How Terrorists Encrypt 3: Communication Tools

Duncan Campbell proceeds with the analysis of several more ideological Jihadist documents out there, and gives a brief insight into communication tools applied. Among the “Encyclopedia of Jihad” PDF files being circulated, there was also the “Mujahideen Poisons Handbook” which I...

How Terrorists Encrypt 2: Encyclopedia of Jihad

This part of Duncan Campbell’s talk is dedicated to the detailed review of known jihadist literature which is intended to facilitate terrorists’ activities. After 9/11, U.S. legislators made a final attempt to bring in key escrow and to clamp down on Internet cryptography, but the new cryptography...

How Terrorists Encrypt: Threatscape Overview

British investigative journalist Duncan Campbell speaks at DeepSec Conference about the use of cryptography by terrorists and outlines the related threatscape. Thanks very much and good morning. I’m gonna talk, or try and talk, about what real terrorists do with modern encryption tools in the 21st...

Searching for Malware 6: Top Search Terms for Spreading Malware

Read previous: Searching for Malware 5: Friends-Followers Delta and Twitter Network Misuse Final part of this Defcon talk exemplifies the issue of top search terms used for spreading malware in the given period, and contains a brief Q&A section. Paul Judge: What we came up with is if you look at the...

Searching for Malware 5: Friends-Followers Delta and Twitter Network Misuse

Read previous: Searching for Malware 4: Exploring Twitter Accounts David Maynor and Paul Judge introduce the concepts of Friends-Followers Delta and the Tweet Number to explain the essence of Twitter network misuse. Paul Judge: We wanted to better understand what are the behaviors and properties of Twitter...

Searching for Malware 4: Exploring Twitter Accounts

Read previous: Searching for Malware 3: Trending Topics Exploiting In this part, David and Paul speak more specifically on Twitter usage patterns they retrieved, and outlined a number of distinct user groups on the network. Paul Judge: We dug into the different networks, and we dug into Twitter – that’s...

Searching for Malware 3: Trending Topics Exploiting

Read previous: Searching for Malware 2: Prevalent Patterns of Malware Distribution Barracuda Labs’ representatives focus here on trending topics exploiting by attackers, and provide preliminary facts about Twitter misuse. Paul Judge: From there, let’s do a transition a little bit over to something more...

Searching for Malware 2: Prevalent Patterns of Malware Distribution

Read previous: Searching for Malware: Essence and Methodology of the Research Moving on with the presentation, David Maynor and Paul Judge analyze prevalent patterns of malware distribution via search results poisoning. Paul Judge: Another question that we looked to answer was whether these were known...

Searching for Malware: Essence and Methodology of the Research

David Maynor and Paul Judge with Barracuda Labs give a Defcon presentation reflecting their research on malware distributed via online search resources. Dr. Paul Q. Judge (Chief Research Officer and VP at Barracuda Networks): Good afternoon, thanks for joining us for this session. I am Paul Judge, this is...

Bruce Schneier’s public lecture: Liars and Outliers 5. Questions and Answers

Ending his lecture at NZITF, Bruce Schneier announces the Q&A section where he answers relevant questions from the audience on the topic. I’m happy to take questions on sort of any of this, and then after that on sort of greater topics, since I know there’s a lot of things I didn’t talk about. Q:...

Bruce Schneier’s public lecture: Liars and Outliers 4. Security Gap Concept

Bruce Schneier explains the causes of security gap between e-crime and law enforcement, and makes some final points before the Q&A part of the presentation. Technology results in the balance changing. We have this balance in cooperation defectors, technology changes it somehow, and society has to...

Bruce Schneier’s public lecture: Liars and Outliers 3. Scaling of Societal Pressures

Bruce Schneier explains the variability of cooperator and defector notions depending on the society group, and outlines the issue of societal pressures scaling. And there are a lot of directions to take this research. One of the problems I had writing this book is that very quickly the topic became...

Bruce Schneier’s public lecture: Liars and Outliers 2. Societal pressures

In this part, Bruce Schneier talks about methods used by society to induce natural cooperation and minimize the number of defectors to a controllable level. Now, most of us realize that it’s our long-term interest not to succumb to our short-term interest and not to steal, or not to pay our taxes, or not...

Bruce Schneier’s public lecture: Liars and Outliers

Prominent security expert Bruce Schneier takes the floor at NZITF to present his book “Liars and Outliers”, providing in-depth analysis of how the concepts of trust and security overlap in the present-day society. Hey there! What I want to talk about today is trust and security. Basically, what...

The Future of Social Engineering 6: a Look into Tomorrow

Read previous: The Future of Social Engineering 5: Technology and Outsourcing Concluding her talk at DeepSec Conference, Sharon Conheady tells the audience about her most interesting real-world cases and depicts her vision of the future of social engineering. Future prospects of social engineering, plus some...

The Future of Social Engineering 5: Technology and Outsourcing

Read previous: The Future of Social Engineering 4: Tactical Research Using Social Networks Sharon Conheady speaks about hi-tech devices and applications that facilitate social engineering attacks and outlines the advantages of outsourcing services. So social networks are great, but there’s loads and loads...

The Future of Social Engineering 4: Tactical Research Using Social Networks

Read previous: The Future of Social Engineering 3: Creativity and Spear Phishing Sharon Conheady explains here how to use social networks to get to know your target, and provides some examples on how to social-engineer people using the retrieved data. Really easy social engineering with the help of social...

The Future of Social Engineering 3: Creativity and Spear Phishing

Read previous: The Future of Social Engineering 2: Nigerian and Friend scams In this part of the talk, Sharon Conheady focuses on spear phishing, outlines some aspects of social networks exploiting, and describes how social engineering attacks keep moving into a creative area. Spear phishing – very...

The Future of Social Engineering 2: Nigerian and Friend scams

Read previous: The Future of Social Engineering Proceeding with her talk, Sharon Conheady creates a historical timeline hundreds of years back to outline the origin of today’s Nigerian scams, and speaks on the prevalent present-day frauds which aim at tricking money from credulous people. So I am just...

The Future of Social Engineering

Sharon Conheady, professional social engineer from First Defense Information Security Ltd., shares her experience at DeepSec Conference, talking about the past, present and future of social engineering. My name is Sharon Conheady. I am based in London where I work as a social engineer, so I trick people, I...

Bruce Schneier: New Threats to the Internet Infrastructure 3. The Cyber War Arms Race

Bruce Schneier speaks here on the concept of cyber warfare, the way it might impact the world, and explains why cyber war rhetoric is destabilizing. Threat 3: The cyber war arms race The third threat I want to talk about is “The cyber war arms race”. And by this I don’t mean the threat of cyber...

Bruce Schneier: New Threats to the Internet Infrastructure 2. Regulations from Law Enforcement

Continuing his presentation on nontrivial threats to the online world, Bruce Schneier talks about regulations pushed by law enforcement and big companies affecting users’ privacy. Threat 2: Ill-conceived regulations from law enforcement The second risk I want to talk about is from government. And I titled...

Bruce Schneier: New Threats to the Internet Infrastructure

The famous computer security specialist, cryptographer, founder and CTO of ‘BT Managed Security Solutions’ Bruce Schneier delivers a talk at RSA Conference 2012 where he expresses his non-standard viewpoint on today’s major risks in the Internet. Hi! Today I would like to talk about risks to...

Human Hacking Exposed 3: Security Updates, Scripts and Company Audits

Read previous: Human Hacking Exposed 2: Identifying Social Engineering Attacks Moving on with his RSA Conference talk on human hacking, Chris Hadnagy provides several more tips pertaining to importance of software and security updates, implementation of scripts for specific situations, and usefulness of...

Human Hacking Exposed 2: Identifying Social Engineering Attacks

Read previous: Human Hacking Exposed: Preventative Tips That Can Save Your Company This part of the presentation encompasses Chris Hadnagy’s first three preventative tips to identify social engineering attacks and be cautious about sensitive company information that employees possess. So these six tips...