This presentation is given by Jess Garcia, of SANS.
Hacking activities have changed over the last three years or so.
- Dec-07—Sophiticated Trojan loots business bank accounts.
- Jan-08—Bank Trojan charges for sex, breaks two factor authentication.
Botnets are being used differently now—they are the basis for more than just Denial of service attacks.
Hackers now attacking the security software itself and then obfuscate what has happened.
Another reason why we should patch immediately—85% of the time now, there are exploits released the same day as patches for vulnerabilities. That's up from 18% in 2004. No longer are the attackers teenager computer experts, now they are professional cyber-criminals (hired by criminal gangs—or, if they are teenagers, they have been kidnapped by the gangs and threatened). Rather than being motivated by prestige and curiosity, they are motivated by money.
Top Threats 2008:
- Client side: Browser Plugin Attacks
- Web Apps (51% of all vulnerabilities): SQL Injection and cross-site scripting
- Virtualization—this seems to be a growing area
- Malware
- Trojan Bankers
- Botnets
- Trojan Bankers
Haydan is a tool that can be used to create payload with the desired MD5 hash… so much harder to trust hashes.
No comments:
Post a Comment