Quantcast

Author: david b.

Human Hacking Exposed: Preventative Tips That Can Save Your Company

‘White Hat Defense’ CEO and popular podcaster Chris Hadnagy speaks at RSA Conference on how the bad side of social engineering may affect your company. Here today I will talk to you about human hacking exposed – 6 preventative tips that can save your company. A little bit about me. My name is...

Using the Internet as an Investigative Tool 6: Conclusion

Read previous: Using the Internet as an Investigative Tool 5: People Search Services The final part of Lance Hawk’s InfoSec World presentation encompasses details on visualizers, IP address tracking, geolocation; and contains a brief summary of the subject matter. Other investigative sites (see image) –...

Using the Internet as an Investigative Tool 5: People Search Services

Read previous: Using the Internet as an Investigative Tool 4: Searching Blogs and Wikis A number of Twitter services and various people search tools are the investigative instruments Lance Hawk tells about in this part of his narration. Searching Tweets Now, searching Tweets. We have Twitter itself,...

Using the Internet as an Investigative Tool 4: Searching Blogs and Wikis

Read previous: Using the Internet as an Investigative Tool 3: Meta Search Engines and Translation Tools Lance’s primary focus in this part is blog searching services that might come in handy while conducting investigative research, as well as using Wiki-type sites to retrieve sensitive...

Using the Internet as an Investigative Tool 3: Meta Search Engines and Translation Tools

Read previous: Using the Internet as an Investigative Tool 2: Google Services In this part of the presentation, Lance Hawk specifies the features of meta search engines, speaks on utilizing Bing within the investigative framework, and outlines peculiarities of online language translation services. Using Bing...

Using the Internet as an Investigative Tool 2: Google Services

Read previous: Using the Internet as an Investigative Tool Lance Hawk speaks here on specific data acquisition and authentication software that helps document the findings, and outlines the role of Google services in facilitating investigative research. Tools to Document Findings Okay, what are the general...

Using the Internet as an Investigative Tool

Lance P. Hawk, Manager of Computer Forensics and Investigations at ‘Air Products and Chemicals, Inc.’, takes the floor at InfoSec World conference to deliver an instructive presentation on how in-depth forensic analysis and tracking can be conducted using a variety of web-based techniques and...

Why Internet users cannot completely trust digital certificates

F-Secure’s representatives Mikko Hypponen and Sean Sullivan discuss the present-day issues with code signing and SSL certificates trustworthiness, and get into details of the notorious Comodogate hack. There are lots security things that we can talk about: well, the RSA hack, a bit earlier the HBGary...

Unlocking a PC infected by Ransom Trojan

The prominent malware researcher Mikko Hypponen and Security Advisor Sean Sullivan talk about evolution of Ransom Trojans, describe the recent GPcode variants and advise on ways to treat those if infected. 25 years ago, when we started analyzing viruses, what was the worse type of damage user could suffer?...

Mikko Hypponen on the concept of cyber war

Chief Research Officer at F-Secure Mikko Hypponen expresses his viewpoint on the definition of cyber war and speaks about recent infamous cyber attacks. There is a lot of talk around cyber war. And that definition is kind of murky, it’s better to make distinctions between cyber attacks, cyber espionage,...

A Forensic Analysis of Android Network Traffic 5: Conclusions

Read previous: A Forensic Analysis of Android Network Traffic 4: Geolocation by Google The presenter draws conclusions on the subject matter, speaking on possible usage areas for collected Android users’ data, and shares his further research plans. All this private information is available, and companies...

A Forensic Analysis of Android Network Traffic 4: Geolocation by Google

Read previous: A Forensic Analysis of Android Network Traffic 3: Data harvesting by Zynga and Words With Friends The issue brought up in this part of Eric Fulton’s presentation is what user data Google is collecting, and how Wi-Fi connection can expose your exact location Continuing on the theme of...

A Forensic Analysis of Android Network Traffic 3: Data harvesting by Zynga and Words With Friends

Read previous: A Forensic Analysis of Android Network Traffic 2: Research methodology Eric Fulton’s focus here is on the types of information Zynga and Words With Friends apps are collecting about their users, based on packet capture files data. So let’s start analyzing. With each packet capture, I first...

A Forensic Analysis of Android Network Traffic 2: Research methodology

Read previous: A Forensic Analysis of Android Network Traffic This part of Eric Fulton’s presentation encompasses the methodology and tools applied for conducting the Android network traffic analysis. So Scientific Method to the rescue: what I wanted to do was create a kind of reproducible project that...

A Forensic Analysis of Android Network Traffic

Lake Missoula Group’s Director of Research Eric Fulton introduces his Defcon 19 talk about Android privacy risks and security vulnerabilities emanating from smartphone apps. Hi there! My name is Eric Fulton, I work for a consulting firm called Lake Missoula Group, in beautiful Missoula, Montana. I know...

Hacking and securing the iPhone, iPad and iPod Touch 6: iOS security precautions

Read previous: Hacking and securing the iPhone, iPad and iPod Touch 5: is the iOS enterprise-ready? Ending her InfoSec World presentation, Diana Kelley talks about securing the iOS, configurable safety restrictions, and draws final conclusions on the topic. If you’re gonna go ahead and jailbreak,...

Hacking and securing the iPhone, iPad and iPod Touch 5: is the iOS enterprise-ready?

Read previous: Hacking and securing the iPhone, iPad and iPod Touch 4: iOS malware and vulnerabilities Diana Kelley outlines the enterprise prospects of the iOS, advises on encryption, authentication, and third-party solutions to enhance security of the device. Okay, so the big question here is: can we bring...

Hacking and securing the iPhone, iPad and iPod Touch 4: iOS malware and vulnerabilities

Read previous: Hacking and securing the iPhone, iPad and iPod Touch 3: jailbreaking tools This part of Diana Kelley’s presentation is introductory to iOS security, analyzing safety of jailbreaking tools and describing known samples of iOS malware and vulnerabilities. Once you’ve jailbroken your phone,...

Hacking and securing the iPhone, iPad and iPod Touch 3: jailbreaking tools

Read previous: Hacking and securing the iPhone, iPad and iPod Touch 2: iOS jailbreaking Diana Kelley shows how to jailbreak using the LimeRa1n and RedSn0w solutions, talks on peculiarities of the Cydia and clarifies some other relevant technical aspects related to iOS jailbreak. These are kind of big, well...

Hacking and securing the iPhone, iPad and iPod Touch 2: iOS jailbreaking

Read previous: Hacking and securing the iPhone, iPad and iPod Touch: iOS features In this part of the talk, Diana Kelley explains whether it’s legal to jailbreak the iOS and clarifies the difference between tethered and untethered jailbreak. So what is jailbreaking? Jailbreaking is essentially breaking...

Hacking and securing the iPhone, iPad and iPod Touch: iOS features

Diana Kelley (Partner, SecurityCurve) gives a presentation at InfoSec World Conference to outline the background of the iOS and speak on security of iOS devices Hello and welcome! I’ll talk a little bit about hacking and securing the iPhone, and iPad, and the iPod Touch. Does anybody know why we can say...

Faces of Facebook 6: the future of face recognition

Read previous: Faces of Facebook 5: real-time personal identification using a smartphone Winding up the presentation, Alessandro Acquisti lists the current face recognition restrictions, concerns, and depicts the probable future of augmented reality. Availability of images I do believe that visual facial...

Faces of Facebook 5: real-time personal identification using a smartphone

Read previous: Faces of Facebook 4: offline-to-online re-identification experiment This part of the presentation outlines the ways to infer personal and sensitive information from a face image in real time, using smartphone applications. Experiment three was obviously asynchronous, in a sense that first we...

Faces of Facebook 4: offline-to-online re-identification experiment

Read previous: Faces of Facebook 3: “Dating site-to-Facebook” re-identification experiment Alessandro Acquisti now describes an offline-to-online re-identification experiment where someone’s anonymous photo helps find the Facebook profile, predict the SSN and figure out the subject’s...

Faces of Facebook 3: “Dating site-to-Facebook” re-identification experiment

Read previous: Faces of Facebook 2: facial taxonomy and statistical re-identification Alessandro Acquisti’s Black Hat USA report on face recognition continues with the detailed description of an online-to-online re-identification experiment conducted with the use of PittPatt application, based on analyzing...

Faces of Facebook 2: facial taxonomy and statistical re-identification

Read previous: Faces of Facebook: face recognition technologies In this part of the presentation, Alessandro Acquisti explains facial taxonomy components, analyzes DB types in statistical re-identification, and introduces the experiments that were held in this domain. The facial taxonomy here I am...

LinkedIn is hacked: Russian hacker steals 6.5 million LinkedIn passwords

Computer security experts and news agencies worldwide are reporting an outrageous hack causing the leak of about 6.5 million LinkedIn passwords today. Below are details of the LinkedIn hack and tips to avoid identity theft due to this jeopardy. Today’s message on one of the Russian forums stirred up the...

Faces of Facebook: face recognition technologies

Professor Alessandro Acquisti from Carnegie Mellon University takes the floor at Black Hat USA to speak on the role of Facebook and social media in face recognition research and advancement. Thanks everybody for being here, it’s always a great pleasure to be at Black Hat, and in this case I would like to...

Attack vectors on mobile devices 3: the future of mobile threats

Read previous: Attack vectors on mobile devices 2: Android and iOS security Final part of Tam Hanna’s presentation outlines his investigation into RenRen phishing, WAP scams, HTC Bluetooth FTP issue, and the future of mobile threats. The next thing we have is a few exploits that are typical to Germany....

What is the Flame virus? Details from Kaspersky Lab

A Russian computer security company detected a new spyware program called Flame. Julia Smirnova from Die Welt, a German national daily newspaper, talks to Kaspersky Lab’s Senior Virus Analyst Alexander Gostev about this new cyber virus. – How did you track down the Flame virus? Alexander Gostev: In...