At the Kaspersky Lab Security Analyst Summit, one researcher shared how he was able to find corporate emails, confidential business plans and classified FBI flash alerts.
Tag Archives: Security Analyst Summit
Lessons From Top-to-Bottom Compromise of Brazilian Bank
Hackers pulled off a stunning compromise of a Brazilian bank’s operations, gaining control of each of the bank’s 36 domains, corporate email and DNS.
Security Analyst Summit 2017 Day One Recap
Mike Mimoso and Chris Brook recap the first day of this year’s Security Analyst Summit, including Mark Dowd’s memory corruption bug keynote, the digital archeology around Moonlight Maze, ATM hacking, and the Lazarus APT.
Threatpost News Wrap, March 31, 2017
This year’s Security Analyst Summit is previewed and the news of the week is discussed, including a Microsoft IIS zero day, a new Mirai variant, and the broadband privacy ruling.
Threatpost News Wrap, February 5, 2016
Mike Mimoso and Chris Brook discuss the news of the week including internet-connected teddy bears, the latest on the Going Dark debate, and whether or not there’s a backdoor in Socat. They also preview next week’s Security Analyst Summit in Tenerife, Spain.
Equation APT Group Attack Platform A Study in Stealth
The EquationDrug cyberespionage platform is a complicated system that is used selectively against only certain target machines, one that can be extended via a collection of 116 malware plug-ins, researchers at Kaspersky Lab said.
Katie Moussouris on Starting a Bug Bounty Program
In this video from last week’s Security Analyst Summit, HackerOne’s Katie Moussouris explains the main thing companies that want to start a bounty program or vulnerability incentive program need to know: There is no one size fits all.
Trey Ford on Mapping the Internet with Project Sonar
Trey Ford from Project Sonar describes the group’s initiative at Kaspersky’s Security Analyst Summit. The Rapid 7 service scans public-facing networks for apps, software, and hardware, then analyzes that cache of information to gain insight to trends and common vulnerabilities.
Christofer Hoff on Mixed Martial Arts, Active Defense, and Security
In a talk Monday Christofer Hoff stressed that in security and martial arts alike, it’s hard to be a skilled defender if you don’t understand how your adversaries pull off the attacks.
Tracking Malware That Uses DNS for Exfiltration
Attackers have long used distributed denial of service attacks to knock domain-name servers offline but over the last several months malware creators have taken to using DNS requests to tunnel stolen data.