Quantcast

Author: david b.

No Budget Threat Intelligence 4: Reversing Malware Samples

Having deliberately exposed a honeypot machine to attackers, Andrew Morris got a lot of incoming malware data, which he then reversed to get a better insight. Reversing these samples (see right-hand image) is a talk in and of itself. Actually, it’s reverse engineering the malware samples that you find....

No Budget Threat Intelligence 3: Discovery and Investigation

Andrew Morris has got some great points on the vulnerabilities prevalently used by remote attackers on the Internet, so read this part to learn what those are. Discovery & Investigation We are now going to talk about discovery and investigation. Bad guys are still using Shellshock to propagate pretty...

No Budget Threat Intelligence 2: Setting up Cheap Honeypots

A brief overview of threat intelligence infrastructure, where Andrew Morris focuses on tools for making honeypots that do not require a bunch of resources. Infrastructure (TL;DR) So, again, the tl;dr of infrastructure – we are going to talk about honeypots briefly. Raise your hand if you know what a...

No Budget Threat Intelligence – Tracking Malware Campaigns on the Cheap

Andrew Morris, formerly an Intrepidus Group employee and currently researcher at Endgame, proves at ShmooCon that threat intel doesn’t have to be expensive. Andrew Morris: So, this is “No Budget Threat Intelligence – Tracking Malware Campaigns on the Cheap”. First of all, thank you guys...

Securing our future 4: Governmental malware

As per Mikko Hyppönen’s contemplations, nation states have been coining the most advanced samples of malicious software, so read this follow-up to learn more. I suppose the biggest surprise, to me personally, over the last 25 years that I have been fighting online attacks is the fact that governments...

Securing our future 3: The Internet of Things

Mikko Hyppönen now shifts the vector of his discourse over to criminal challenges online as well as the dangers of the rapidly progressing Internet of Things. There are criminal things online as well. When we move from privacy problems to security problems, then we end up with practical things like this...

Securing our future 2: Legal infringement of privacy

Judging from targeted ad campaigns on social networks, Mikko Hyppönen argues, these companies know too much about their users, which is a big privacy concern. When you go and look at these services as a customer, you go and buy an ad, you end up in this user interface, for example with Twitter, where you...

Securing our future – Mikko Hyppönen

Mikko Hyppönen, F-Secure’s CRO and security celebrity who needs no introduction, highlights current and emerging concerns caused by ubiquity of the Internet. I am Mikko Hyppönen, and I have spent my life analyzing viruses, tracking hackers, catching online criminals and trying to protect the security...

How not to suck at pen testing 6: Penetration testers code of ethics

Black Hills Information Security’s John Strand lists the essential rules, which are intended to make pen testing more efficient as the industry is moving on. John Strand: The whole gist of this entire presentation is we need to keep moving forward as network pen testers. We need to continue to find new...

How not to suck at pen testing 5: Hunt teaming

This part is about a really interesting, highly effective take on network penetration testing advocated by John Strand and his colleague Joff Thyer. John Strand: So, let’s talk about trying to find new areas, and that’s kind of where we are going to start tying this up (see right-hand image). We need to...

How not to suck at pen testing 4: Bit9 issues and ISR Evilgrade attacks

John Strand dwells on a few nontrivial vectors applicable for compromising target organization’s IT infrastructure and bypassing technologies like Bit9. Also, there’s data loss prevention. As I said, we’re in the midst of a webcast called “Sacred Cash Cow Tipping”. In information security,...

How not to suck at pen testing 3: Mitigating structural weaknesses

The author of the presentation moves on to express his viewpoint on the correct way of handling structural vulnerabilities found during a security assessment. Another kind of offset one was antivirus. I know that this isn’t leet at all, but a couple of weeks ago we did a webcast called “Sacred Cash Cow...

How not to suck at pen testing 2: Thinking beyond the Reds

Some information security engagements described by John Strand demonstrate that the Criticals in pen test reports are not the only things to look at. A number of years ago Ethan Robish, who was with Black Hills Information Security, was doing a pen test for a customer of ours that had multiple pen tests from...

How not to suck at pen testing – John Strand

John Strand, the owner of Black Hills Information Security, shares his perspective upon what the present-day penetration testing should be like. The name of this presentation is “How not to suck at pen testing”. There’s a lot of presentations that you’ll see where people just rip on the pen...

Adaptive Penetration Testing 8: The Social-Engineer Toolkit Works Wonders

In the closing part of the presentation, Dave Kennedy reviews some cool features of the new version of SET, and Kevin Mitnick demonstrates his famous whistle. Dave: Now I want to go into the Social-Engineer Toolkit 2.1, which is getting released today. I’ll upload it, probably, tonight when I maybe...

Adaptive Penetration Testing 7: Rogue AP and the Blackout Jammer

Kevin Mitnick and Dave Kennedy share two more pentest stories: one involving a rogue certificate and the other one based on exploiting powerline communication. Dave: We have a little bit time left, so Kevin do you want to fly through this one? This is the external and wireless penetration test (see...

Adaptive Penetration Testing 6: The Teensy Attack

What’s described here is another somewhat hilarious security assessment story, where a company got compromised through keyboards presented to the IT staff. Dave: The next one is Company 2, which is malicious media. This actually happened this month. It was an engagement that I was working on. It’s a...

Adaptive Penetration Testing 5: Physical Part of the Compromise

The InfoSec celebrities narrate the details of another facet of the assessment, where the company’s premises and IT infrastructure were physically trespassed. Dave Kennedy: Kevin, by far, is one of the most meticulous people I’ve met. I mean, for me it’s kind of a hack job, I’m like “Oh, this...

Adaptive Penetration Testing 4: Windows UAC Bypass

Dave Kennedy and Kevin Mitnick discuss a method to circumvent User Account Control on Windows by means of a Java applet and the Social-Engineer Toolkit. Dave: What I’m going to show you here is a demonstration of that actual bypass using the Social-Engineer Toolkit and the Java applet. What I’m going to...

Adaptive Penetration Testing 3: Prep for a Software Vendor Compromise

Moving on from theory to practice, Kevin Mitnick and Dave Kennedy share some experience on extensive preparation for an actual software company breach. Dave: Our first demo is Company 1, which Kevin was doing assessment on in December 2010. Kevin: It was a company that developed software for the financial...

Adaptive Penetration Testing 2: Real vs Simulated Breach

Dave Kennedy and Kevin Mitnick focus on nuances of real-world company breaches as opposed to simulated ones and explain why the former are more instructive. Dave Kennedy: We are the only industry that I know of who keep increasing their budget, keep increasing their capital expenditures, and continue to get...

Adaptive Penetration Testing by Kevin Mitnick & Dave Kennedy

Computer security gurus Kevin Mitnick and Dave Kennedy taking the floor at DerbyCon to explain the concept of adaptive pentesting and cover its advantages. Dave Kennedy: Thanks everybody for coming for the talk! Obviously, Kevin Mitnick and myself wanted to get together and get a talk around adaptive...

Masquerade 5: Closing Thoughts

Before winding up with the presentation, Ryan Lackey and Marc Rogers provide some final details on the travel routers and answer DEF CON audience’s questions. Ryan Lackey: So, out of this full range of hardware we needed to come up with initial piece of hardware that we wanted to support as a development...

Masquerade 4: Introducing Secure Travel Routers

The experts finally get to the point of integrating different hardware and firmware components into a single device intended for one’s security when traveling. Marc Rogers: There are Tor pluggable transports (see right-hand image), which is a great tool. There are seven of them that are live right now, I...

Masquerade 3: “The Great Firewall of China”

In addition to describing China’s web traffic restriction approaches, the speakers also touch upon the benefits and disadvantages of VPNs and Tor. Ryan Lackey: Then we’ve got examples of when you travel to places like China. China is a great place to visit, but they have a fairly restrictive...

Masquerade 2: The Verbose Metadata

Ryan Lackey and Marc Rogers mostly focus on network forensics here, in particular the types of metadata that can be retrieved as a result of such analysis. Ryan Lackey: So, what are the common mistakes and vulnerabilities here? These are just several examples (see right-hand image), there’s a bunch more....

Masquerade: How a helpful man-in-the-middle can help you evade monitoring

Presenting at DEF CON, Ryan Lackey and Marc Rogers, security researchers at CloudFlare, highlight various methods and helpful tools to avoid OPSEC failures. Ryan Lackey: Hello everyone! I’m Ryan Lackey, and this is Marc Rogers. Unfortunately, our third co-speaker The Grugq is not here, as you can tell. I...

Don’t Fuck It Up 7: Secure Messaging

Staying on the safe side with things like commercial webmail, Skype and online chats is what Zoz talks about in the closing part of his DEF CON presentation. Let’s go to messaging (see right-hand image). After all these years, email still fucking sucks. Fighting spam aids tracking because that’s why...

Don’t Fuck It Up 6: OPSEC with Phones

Zoz underscores the immense amount of personally identifiable data that cell phones can leak and provides recommendations on using burner phones securely. Let’s move to phones. What does that little Benedict Arnold in your pocket do to give you away? So much frickin’ stuff (see right-hand image). The...

Don’t Fuck It Up 5: The Silk Road and Dread Pirate Roberts Story

Zoz contemplates on the potential weak links of using Tor hidden services, making some assumptions about OPSEC fails by the infamous Dread Pirate Roberts. Here’s some more good news: the big list and the small list. These are the recently leaked XKeyscore filter rules (see left-hand image). Basically,...