Category Archives: 2014
Finding Holes in Banking 2FA: Operation Emmental
Like Swiss Emmental cheese, your online banking protections might be full of holes. Banks have been trying to prevent crooks from accessing your online accounts for ages. They have invented all sorts of methods to protect the user’s ability to do online banking safely. This research paper describes an ongoing
Semantic Exploration of Binaries
Attacks with malicious software are an imminent risk. Malware developers not only unveil constantly new artistries in response to current detection schemes but also manifest a tendency to re-code and modify existing malware versions with regard to their behaviour and functionality. These malware variants may have similar functionality but pose
A New Look at Fast Flux Proxy Networks
Botnets that run on proxy service networks are not a new topic. We (and other researchers) have discussed this topic at various talks in years past, and it was also one of the main points in last year’s BotConf 2013 where we discussed the Kelihos network. Generally, a proxy network
Workshop – Feedback on Windbg Usage
The Russian DDoS One: Booters to Botnets
The Russian DDoS One or RD1 is an informal grouping of threat actors that focus on providing DDoS booter services on Russian language underground forums. Besides the advertising, contact information, and the occasional drama, most of the business of Russian DDoS booters is done in private and difficult to attribute.
Bypassing Sandboxes for Fun
Nowadays malware sandboxes are commonly used by malware researchers. Sandboxes have also find they place commercially as a new security device. Not surprisingly, As was firewall in the 90’, IPS in early 2K and Web applications firewall recently, they are presented as a new silver bullet security device in the
Splicing and Dicing 2014: Examining this Year’s Botnet Attack Trends
This presentation will discuss the various types of distributed denial of service attacks launched by botnets in 2014, worldwide. From DNS to Layer7 attacks, attendees will hear expert analysis of botnet breakdowns by-the-numbers including where the majority of botnets came from regionally, what attack trends were most popular, and when