• Save
APT Malware & Media
Upcoming SlideShare
Loading in...5
×
 

APT Malware & Media

on

  • 270 views

A short talk on Advanced Persistent Threat and corresponding malware seen in the wild. Also touches upon the role of electronic media in over hyping specific cases.

A short talk on Advanced Persistent Threat and corresponding malware seen in the wild. Also touches upon the role of electronic media in over hyping specific cases.

Statistics

Views

Total Views
270
Views on SlideShare
260
Embed Views
10

Actions

Likes
0
Downloads
0
Comments
0

4 Embeds 10

http://127.0.0.1 6
https://twitter.com 2
http://www.3slabs.com 1
http://www.slideee.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

CC Attribution License

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

APT Malware & Media APT Malware & Media Presentation Transcript

  • APT .. Malware and Media Entertainment for the Industry http://www.3slabs.com
  • Advanced Persistent Threat ?? • Target: Organization “XYZ” – Follows Security Best Practices – Regular Penetration Tests done – Empty report with Nessus, AppScan/Acunetix/... on their online assets I am a h4x0r and I have better and easier targets than “XYZ” I am an employee and my employer “demands” that I compromise “XYZ”
  • http://threatpost.tumblr.com/post/16467594167/whos-spying-on-whom-examples-include-hacks-of
  • The Popular “APT”s 2013 • • • • • • • • Red October APT1 MiniDuke TeamSpy Flame Duqu StuxNet [ …. Lot more .. ] Top countries with Online Resources seeded with Malware http://www.securelist.com/en/analysis/204792292/IT_Threat_Evolution_Q1_2013
  • The “supposedly” Father of APT You cannot blame it all on the CHINESE ANY MORE ! http://spectrum.ieee.org/telecom/security/the-real-story-of-stuxnet
  • Life of an “APT” Exploits R&D AV Evasion Payloads […] 0day Research Profiling Ops Monitoring Phishing Analysis Targeted Attacks […] Admin & Misc
  • An “APT” without “A”
  • The Role of Electronic Media
  • The Front-Line Defenses
  • The Front-Line Defenses
  • The Case of APT “proliferation” • The MiniDuke Exploit CVE-2013-0640 – Adobe Reader 0day Found-in-the-Wild – Highly Sophisticated Exploit • ASLR & DEP bypass using – Information Leak – Dynamic Return-Oriented-Programming (ROP) – First ‘public’ example of ROP-only Shellcode • Reliable Sandbox Escape http://www.fireeye.com/blog/technical/cyber-exploits/2013/02/the-number-of-the-beast.html http://www.fireeye.com/blog/technical/cyber-exploits/2013/02/its-a-kind-of-magic-1.html http://www.varanoid.com/security-vendors/mcafee/analyzing-the-first-rop-only-sandbox-escaping-pdfexploit/
  • The Case of APT “proliferation” This exploit was developed in TAG TEAM effort with
  • A “sample” APT Tool …..
  • Thank You For listening (being awake) adatta@3slabs.com @abh1sek