Quantcast

Author: david b.

The Rise of Hacktivism and Insiders 2: Targeted Attacks Breakdown

Symantec’s Andrew Horbury provides detailed website security statistics globally and elaborates on targeted attacks by company size, industry and job function. So, let’s take a quick look at BlackHole which works in the following way: it is an exploit kit used to inject malware when a potential victim is...

The Rise of Hacktivism and Insiders: New Tactics, New Motives

Andrew Horbury, Senior Product Marketing Manager at Symantec, provides a comprehensive overview of hacktivists’ and insiders’ activities and the related risks. Hi and thank you, wherever you may be today. I’d like to welcome you all to this webinar which is part of BrightTALK’s Next Generation...

How to Disclose or Sell an Exploit without Getting in Trouble 4: Selling Tips

At the end of his presentation Jim Denaro highlights the aspects, including the respective legislation, to take into account when selling an exploit. We should now turn to selling very quickly. Right now there is no law in the U.S. that prohibits the selling of an exploit, and that is a situation that is...

How to Disclose or Sell an Exploit without Getting in Trouble 3: Minimizing Disclosure Problems

Providing a deeper insight into risk mitigations, James Denaro lists and explains a few options for staying on the safe side when making exploit disclosure. Another thing you want to do is be aware of pre-existing contractual relationships that you as a security researcher might have with the target of...

How to Disclose or Sell an Exploit without Getting in Trouble 2: CFAA and TRO Risk Mitigations

Elaborating on the Computer Fraud and Abuse Act as well as temporary restraining orders, James Denaro now advises on ways of mitigating the respective risks. We’ve got some examples here (see right-hand image) where CFAA has been applied. I think it’s helpful to look at some examples because that’s...

How to Disclose or Sell an Exploit without Getting in Trouble

James Denaro, patent attorney at CipherLaw, delivers a presentation at Defcon highlighting the legal risks InfoSec researchers might run into in their activity. The topic for today is how to disclose or sell an exploit without getting in trouble. I’m Jim Denaro. I’m an intellectual property attorney...

Prowling Peer-to-Peer Botnets after Dark 4: Methodology for Analysis Accuracy

Dwelling on the ways to ensure accurate botnet evaluation, Tillmann Werner focuses on distinguishing peers and introduces the especially tailored Prowler tool. What you see here is analysis of the convergence for the P2P botnets we crawled (see right-hand image). On the left-hand side, you see a curve...

Prowling Peer-to-Peer Botnets after Dark 3: Crawling Strategies

Entirely focusing on the subject of crawling P2P botnets here, Tillmann Werner explicates the motivations for this process as well as applicable strategies. Let’s talk about crawling. Crawling is nothing else but recursively enumerating peers. You start with one peer, you request its peerlist, you take a...

Prowling Peer-to-Peer Botnets after Dark 2: Architecture and Protocols

Tillmann Werner delves into the details of peer-to-peer botnet architecture and describes protocols used in the Miner and different versions of ZeroAccess. Interestingly, for all botnets that you’ve seen on the previous list the architecture is not purely peer-to-peer. It’s hybrid architecture. That’s...

Prowling Peer-to-Peer Botnets after Dark: Ins and Outs of the P2P Underworld

CrowdStrike’s researcher Tillmann Werner provides an extensive overview of peer-to-peer botnets, covering the essentials and architecture details thereof. Welcome to my presentation! I’m Tillmann Werner; I work for a company called CrowdStrike which is an American startup that deals with targeted...

A Password Is Not Enough 6: Disk Encryption with the Phalanx Toolset

Description of the Phalanx, a disk encryption tool released by Daniel Selifonov, some security assumptions and general conclusions are what this part is about. And so, the tool I’m releasing – it’s, really, a proof-of-concept experimental code; I call it Phalanx (see right-hand image). It is a patched...

A Password Is Not Enough 5: Secure Architecture Design

Daniel Selifonov dissects a blueprint reflecting virtually attack-proof system architecture that prevents disk encryption from being seriously compromised. So, let’s look at a blueprint (see right-hand image), what I think we should have for getting a system from a cold boot up into when we have our...

A Password Is Not Enough 4: Using TPM to Combat Specific Attacks

Based on Daniel Selifonov’s perspective, learn the security measures prior to authenticating to a PC and the way TPM protects from hardware and reset attacks. We want to then develop a protocol that a user can run against the computer so that they can verify that the computer has not been tampered with...

A Password Is Not Enough 3: Trusted Platform Module as a Means for Measured Boot

The subjects being touched upon by Daniel Selifonov here include securing the sensitive data stored in main memory and computer integrity verification issue. Can we do anything about a DMA attack angle? As it turns out, yes we can. Recently, as part of new technologies for enhancing server virtualization,...

A Password Is Not Enough 2: Crypto Attack Vectors

Daniel Selifonov now delves into the prevalent types of attacks one could pull off to compromise encrypted data on a computer. I break attacks into three fundamental tiers (see right-hand image). First off, non-invasive, which is something that you might be able to execute with just a flash drive; you...

A Password Is Not Enough: Why Disk Encryption Is Broken and How We Might Fix It

Software engineer Daniel Selifonov taking the floor at Defcon 21 to touch upon aspects of full disk encryption, including the motivations, methods, and hurdles. Hi! We’re here to talk about full disk encryption; why you’re not really as secure as you might think you are. How many of you encrypt the hard...

That Awesome Time I Was Sued for Two Billion Dollars 5: Inglorious End of the Insane Case

Jason Scott tops his instructive presentation off with narrating on how the weird legal case against him fell apart and what conclusions he drew out of it. By this point, he’s summarized the damages (see right-hand image) such that the summary for reasonable counsel’s fees, that is to say, himself suing...

That Awesome Time I Was Sued for Two Billion Dollars 4: Who Is the Eccentric Plaintiff?

Jason Scott now provides some background details on the guy who attempted suing him for distributing his book online, and moves on with the legal story. So, who the hell is this moonbat? Because at this point, you’re like: “Dude, that’s nuts!” And really, honestly that’s kind of my take on...

That Awesome Time I Was Sued for Two Billion Dollars 3: Weird Legal Threats Through Mail Drops

BBS archivist Jason Scott elaborates on the contents of the insane legal notices he was receiving from the Paul Andrew Mitchell guy for a few years since 1998. At the time that he started to write these letters to me, at one point he indicated that the Lenham Act permits triple damages (see right-hand...

That Awesome Time I Was Sued for Two Billion Dollars 2: Trademark and Intellectual Property Claims

Jason Scott’s presentation continues with highlights of some trademark issues he ran into, and the description of the most unusual intellectual property case. It turns out that the BARDEX, which is a trademark of C.R. Bard, is only to be used as urological catheter. It is not to be used in enemas (see...

That Awesome Time I Was Sued for Two Billion Dollars: Jason Scott’s Extraordinary Experience

Jason Scott, creator of textfiles.com, tells some hilarious stories about ins and outs of the old BBS files archiving activity during a Defcon presentation. Since the beginning part is kind of introducing myself and everything else, I am going to go move forward with that. My name is Jason Scott –...

How My Botnet Defeated the Russian Hackers 3: Beating a Competing Bot

As Michael’s bot started getting less successful, there occurred a need for improvement so that it could outperform a competing one made by Russian hackers. Everything worked great for about six months, and then all of a sudden things weren’t as rosy anymore. The client would call and he would say:...

How My Botnet Defeated the Russian Hackers 2: The Car-Purchasing Bot

Michael Schrenk now dwells on the actual bot design that enabled his client to outperform competitors in terms of buying the best used cars online. So, a car dealer came to me; he had a great opportunity, found a wonderful website that was part of the national franchise. They were getting in used rental...

How My Botnet Defeated the Russian Hackers: Screwing with the System

In a Defcon presentation, professional web bot developer Michael Schrenk tells an absorbing story of creating a specific botnet to gain competitive advantage. I’ve had the opportunity to do a lot of really cool things in my career with bots, but the one thing that gave me more satisfaction than anything...

Common Darknet Weaknesses 7: General Mitigations and Summary

At the end of his AIDE Conference presentation, Adrian Crenshaw describes a few more types of darknet attacks and enumerates a number of general takeaways. Also, things can be done to affect timing (see right-hand image). This is where sybil attacks can help augment traffic correlation attacks. Let’s say...

Common Darknet Weaknesses 6: Sybil and Traffic Analysis Attacks

Adrian Crenshaw now highlights a few more darknet attack vectors based on the use of sockpuppets as well as analyzing traffic and lists mitigations for these. Okay, now we’ll get into some more academic attacks – sybil attacks (see right-hand image). The term comes from the book called Sybil which about...

Common Darknet Weaknesses 5: Clock Based Attacks, Metadata, and Forensics

Getting further into darknet attack strategies, Adrian Crenshaw sheds light on the use of system clock information, metadata, and local attacks deployment. Alright, clock based attacks: this is another place where people can at least reduce the anonymity set of someone using a darknet. Some protocols allow...

Common Darknet Weaknesses 4: Attack Mitigations

Along with countermeasures for attacks against darknets, Adrian Crenshaw also points out popular applications with poor anonymity capacity in this part. Another example of applications that suck at anonymity is BitTorrent (see right-hand image). There’s a paper written a while back, where they found that...

Common Darknet Weaknesses 3: DNS Leaks and Application Level Problems

Adrian Crenshaw describes some common attacks deployable in the darknet usage scenario, such as DNS leaks, content grabbing, and application level issues. Alright, some other common attacks: DNS leaks and various other protocols, and application level problems. An overview: does all the traffic go through...

Common Darknet Weaknesses 2: Tor and I2P

Two most popular darknets, The Onion Router and I2P, are comprehensively described by Adrian Crenshaw here, including their weaknesses and user precautions. Now I’m going to briefly cover two major darknets, Tor and I2P, so that the rest of the slides make some kind of sense. Most people make node...