Blackhat Europe 2011 Recap – Day 1
Its been almost 3 weeks now since Blackhat Europe was held in Barcelona, Spain – and some of Trend Micro’s threat researchers went along to attend the interesting workshops and talks that were scheduled. Rather than give an in-depth run down on each of the talks we attended, I wanted to give an overview of some of the highlights of the event overall – at least from my perspective. By the way if you do want some more detailed information on the talks, Peter Van Eeckhoutte of the Corelan security team has an excellent blog series here and here.
- Roelof Temmingh & Andrew Macpherson gave a very good workshop on how to extend the excellent open source intelligence tool Maltego to include your own custom functions. Most security researchers should be familiar with Maltego already, but may not be aware that it is possible to customize it to your own needs. Want to write a tool to map people on a particular social networking site to their email address, or map a domain to some other information based on some internal company database you control? Well Maltego is definitely worth a look here – and be extended it using their Transform Distribution Server or via Local Transforms is easy. People have even coded APIs to make everything even easier (including this Ruby one from yours truly)
- Nitesh Dhanjani talked about some of the new attacks against Apples iOS – in particular looking at how the browser reacts to protocol handlers such as skype:// or gtalk://. Nitesh gave an example showing how a Skype call could be triggered without any interaction using a simple iframe on a website. He also pointed out something that I was unaware of (I’m a n900 user) – that iOS will hide the URL bar after visiting a site. That makes a lot of sense from a usability perspective (especially on the iPhone where every pixel of screen should be optimized for viewing). This is however a very useful feature for attackers creating phishing sites. If the see a request coming from an iOS device, they can put a fake URL bar at the top of the page with the legitimate banking website in it – hence fooling the user into believing they are on the correct page.
- After lunch Raul Siles gave a very interesting talk on Session Fixation Attacks which are now number 3 on the OWASP Top 10 Web Application Security Risks for 2010, just below their more well know cousins Injection and Cross Site Scripting (XSS). If you are unfamiliar with the attack, click on the link above and familiarize yourself. Its a very straightforward attack, and Raul did an excellent job of explaining it.
- The last talk of the day was a keynote on the topic of Cyberwar by Bruce Schneier. This was exactly what a Keynote should be – very thought provoking and debunking some of the myths of Cyberwar, as well as going over what we do know about so called Cyberwar attacks. The term Cyberwar tends to get thrown around a lot as its a great buzzword for marketing. It seems every day we have a new “War on …” something, whether that is Terror, Cybercrime, or Obesity. The very term War conjures up a lot of feelings and images, that are not necessarily what you would associate with an advanced cyber attack. War online like an of the traditional arenas of war (Ground, Air, Sea, Space?) also brings its own challenges. How do you know you are under attack from another country, and not a DDOS from a criminal gang? When do you know that the war has ended?
Bruce also touched a bit on Cyberterrorism, which is another very interesting concept to wrap your head around. For anyone interested in the idea of Cyberterrorism – I definitely recommend having a look at the slides of Trend Micro’s own Dr. Morton Swimmer from EICAR last year
So thats it for the recap from day 1 – stay tuned for more updates very soon on the highlights from day 2 of the conference – same bat-time, same bat-channel!
Post from: TrendLabs | Malware Blog – by Trend Micro
Blackhat Europe 2011 Recap – Day 1
Spotlight
Cloud Computing
- Cloud security group develops third-party certification program
- US makes large investment in cyber weaponry
- Wall Street has data security concerns over Bloomberg reporting
- Security in backups means more than just encryption
Virtualization
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Internet Safety
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Vulnerabilities & Exploits
CTO Insights
First Line of Defense
Newsletter
Stay up to date with the latest news and information on online threats.
Recent News
- Businesses demand stronger app security
- Twitter now offers two-factor authentication
- DHS needs better sharing plan, experts say
- Cloud security group develops third-party certification program
Tag Cloud
cloud cloud computing cloud computing security Cloud Security Compliance & Regulations Consumerization Current News cybercrime Data Privacy data security Encryption Government Policy Internet Protection Internet Safety Internet Safety - DO NOT USE Internet Security Malware Mobile Security Mobility Policy Policy - DO NOT USE Privacy Privacy & Policy Private Cloud Public Cloud Reports Research Spotlight threat intelligence threat research Trend Labs Underground Economy virtualization Vulnerabilities Vulnerabilities - DO NOT USE web security web threats
Comments
No comments yet