Successfully reported this slideshow.
Your SlideShare is downloading. ×

APT Malware & Media

Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Upcoming SlideShare
Spyware
Spyware
Loading in …3
×

Check these out next

1 of 14 Ad

APT Malware & Media

A short talk on Advanced Persistent Threat and corresponding malware seen in the wild. Also touches upon the role of electronic media in over hyping specific cases.

A short talk on Advanced Persistent Threat and corresponding malware seen in the wild. Also touches upon the role of electronic media in over hyping specific cases.

Advertisement
Advertisement

More Related Content

Slideshows for you (20)

Similar to APT Malware & Media (20)

Advertisement

Recently uploaded (20)

APT Malware & Media

  1. 1. APT .. Malware and Media Entertainment for the Industry http://www.3slabs.com
  2. 2. Advanced Persistent Threat ?? • Target: Organization “XYZ” – Follows Security Best Practices – Regular Penetration Tests done – Empty report with Nessus, AppScan/Acunetix/... on their online assets I am a h4x0r and I have better and easier targets than “XYZ” I am an employee and my employer “demands” that I compromise “XYZ”
  3. 3. http://threatpost.tumblr.com/post/16467594167/whos-spying-on-whom-examples-include-hacks-of
  4. 4. The Popular “APT”s 2013 • • • • • • • • Red October APT1 MiniDuke TeamSpy Flame Duqu StuxNet [ …. Lot more .. ] Top countries with Online Resources seeded with Malware http://www.securelist.com/en/analysis/204792292/IT_Threat_Evolution_Q1_2013
  5. 5. The “supposedly” Father of APT You cannot blame it all on the CHINESE ANY MORE ! http://spectrum.ieee.org/telecom/security/the-real-story-of-stuxnet
  6. 6. Life of an “APT” Exploits R&D AV Evasion Payloads […] 0day Research Profiling Ops Monitoring Phishing Analysis Targeted Attacks […] Admin & Misc
  7. 7. An “APT” without “A”
  8. 8. The Role of Electronic Media
  9. 9. The Front-Line Defenses
  10. 10. The Front-Line Defenses
  11. 11. The Case of APT “proliferation” • The MiniDuke Exploit CVE-2013-0640 – Adobe Reader 0day Found-in-the-Wild – Highly Sophisticated Exploit • ASLR & DEP bypass using – Information Leak – Dynamic Return-Oriented-Programming (ROP) – First ‘public’ example of ROP-only Shellcode • Reliable Sandbox Escape http://www.fireeye.com/blog/technical/cyber-exploits/2013/02/the-number-of-the-beast.html http://www.fireeye.com/blog/technical/cyber-exploits/2013/02/its-a-kind-of-magic-1.html http://www.varanoid.com/security-vendors/mcafee/analyzing-the-first-rop-only-sandbox-escaping-pdfexploit/
  12. 12. The Case of APT “proliferation” This exploit was developed in TAG TEAM effort with
  13. 13. A “sample” APT Tool …..
  14. 14. Thank You For listening (being awake) adatta@3slabs.com @abh1sek

×