null Bangalore meet Feb 2010 - news Bytes

1,153 views

Published on

null Bangalore meet Feb 2010 - news Bytes

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,153
On SlideShare
0
From Embeds
0
Number of Embeds
49
Actions
Shares
0
Downloads
19
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • ling the protected store of a person's PC. The protected store typically captures data entered into online forms such as names, dates of births, addresses and other sensitive information.
  • null Bangalore meet Feb 2010 - news Bytes

    1. 1.
    2. 2. Operation AURORA<br />Damballa released 31 page report titled <br />"The Command Structure of the Aurora Botnet: History, Patterns and Findings," <br />IT is a ‘garden variety’ Command and control botnet<br />First noticed by Google in December 2009, made public on January 12, 2010<br />
    3. 3. Operation AURORA<br />The primary malware Hydraq is a later staging in a series of malwares consisting of <br />At lest three different families<br />Were deployed using fake antivirus infection messages tricking the victim <br />into installing the malicious botnet agents<br />“ Trojan.Hydraq would have been just another piece of dumb malicious software <br />if it did not have the ability to connect to a CnC server and receive new instructions”<br />The Damballa research paper can be downloaded at: http://www.damballa.com/research/aurora. <br />
    4. 4. +<br />=<br />
    5. 5. Help !<br />Attacker entices the victims to press F1 on their website<br />Display a message box that does not go away until F1 is pressed<br />Affects older Windows like XP or 2000<br />
    6. 6. Help !<br />Workaround<br />cacls "%windir%winhlp32.exe" /E /P everyone:N<br />
    7. 7. IE Zero Day<br />Warning about a unpatched flaw in IE 6 and 7<br />IE 6 service pack 1 on Windows 2000 service pack 4 and IE 7<br />contain this bug<br />Invalid pointer reference bug<br />
    8. 8. IE Zero Day<br />Attacker entices the user to click on a Link in an Email or Messenger<br />User visits a website with malicious code<br />
    9. 9. Microsoft Patches up<br />Issued patches that fix vulnerabilities in Windows and Office<br />MS 10-016 patch = addresses flaw in Movie maker that allowed remote <br />command execution<br />MS 10-017 patch = addresses vulnerabilities in Excel<br />
    10. 10. Adobe fix<br />Adobe released a fix which updates the Reader from 9.3 to 9.3.1<br />Subvert the domain sandbox and make Cross Domain Calls<br />Allowed an attacker to crash the program and execute commands<br />
    11. 11. Zeus Trojan<br />Zeus collected extensive data from individuals at commercial and government systems,<br />Around 68,000 corporate login credentials, 2,000 SSL certificate files, and usernames and passwords for online banking sites and social networks.<br />
    12. 12. Zeus Trojan<br />Zeus is capable of stealing data from protected store of a PC<br />Criminals exploited vulnerabilities in Adobe Flash and holes in Adobe reader.<br />Malicious PDF’s were used <br />
    13. 13. Twitter Phishing<br />“This you ???”<br />“somebody wrote something about you in this blog here”<br />You will get a URL, clicking on it would ask you to login into a third party site<br />
    14. 14. Firefox Add-Ons<br /> Master Filer <br />SothinkWeb Video Downloader version 4<br />They were able to sneak through Mozilla’s malware scanner<br />ClamAV <br />Upload all add-on submissions to the free Virustotal.com, which uses about 40 different engines to scan each submission.<br />
    15. 15. Cloud Security<br />Cloud Security Alliance names top 7 threats to Cloud<br />Similar to OWASP Top 10<br /> Abuse and Nefarious Use of Cloud Computing<br /> Insecure Interfaces and API<br /> Malicious Insiders<br />http://www.cloudsecurityalliance.org/topthreats.html<br />
    16. 16. Windows 7<br />Windows 7 has a ‘SoftAP’ which allows a PC to function as Wi-Fi client and <br />an access point simultaneously<br />This masks the entry of unauthorized users onto the corporate network.<br />It also can allow parking-lot hackers to piggyback onto the user's laptop and "ghost ride" into the corporate network unnoticed. <br />
    17. 17. Spy Kids<br />School used student laptop webcams to spy on them at school and home<br />School used student laptop webcams to spy on them at school and home<br />The issue came to light when the Robbins's child was disciplined for <br />"improper behavior in his home" and the Vice Principal used a phototaken<br />by the webcam as evidence.<br />
    18. 18. Twitter users celebrate 10 billion tweets<br />Virgin rolling out 100Mbps broadband this year<br />Now almost 200 million registered domains<br />Google hammered for Buzz privacy issues<br />
    19. 19. Thank You<br />

    ×