Popular Articles
Subscribe to Infosec Events
Infosec Events Feed Stay up to date with all of the latest security news by subscribing to our RSS Feed. Alternatively, you can have updates sent directly to your email address.

Recent Articles

Hacker Halted: Day 2 Notes

Published: June 2nd, 2008 | Category: Security Conferences

Here are my notes from the second day of the Hacker Halted conference.

Inside the Storm

Virtual Worlds – A Wild Frontier Or New World Order?

  • NDU IRMC – Information Resources Management College
  • Virtual worlds provide an easy environment for users to get profiled
  • Many new virtual environments are being created
    • Some for adults, some for kids, some for learning, some for therapy, etc
  • Concerns
    • OSINT
    • OPSEC
    • Identity theft
    • Malware
  • Lots of r&d money is being poured into these environments
    • If the company goes under, so does all that money
  • NOAA has a neat weather map in second life
  • World of Warcraft
    • Patch 2.3 – Every 15 seconds the warden program will take a snapshot of programs running (pid, file handle, etc) to ensure no cheating applications are in use.
    • 10 million users online. Can get access to lots of machines if there is a server hack.
  • Griefing
  • Easy to clone environments in virtual worlds
    • Who are you really talking to? The real person or an impersonator?
  • Second Life data breach of 2006
    • Company didn’t care because users signed an agreement that stated they weren’t responsible for securing the data??

Cyber Attacks – Prevention, Detection & Response

  • Always update your security policies
  • Malware exploits are intelligence preparation of the battlefield
  • We must understand the threat and not be complacement
  • Attack platforms are changing
    • Malicious ads were placed on a local radio station, lots of machines got infected
  • The information you put online can end up hurting you
    • A project page was used to identify team members and a targeted attack was performed to this group
  • The bad guys are testing us and our defenses
  • There isn’t enough information sharing
  • Need to get back to the orange book
    • Specify the level of security before you purchase hardware / software
  • Tower of Secrets – Book on Russian espionage

Infect Me Baby One More Time – The Ease of Malware Infection

  • Storm owners getting arrogant – they now have a storm codec
  • 20,000 new malware samples a day
  • One new infected page found every five seconds – Every four out of five are compromised

Tags:

RSS feed | Trackback URI

Comments »

No comments yet.

Name (required)
E-mail (required - never shown publicly)
URI
Your Comment (smaller size | larger size)
You may use <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> in your comment.

Trackback responses to this post

Sponsors
CanSecWest Applied Security Conference       Bloggers' Rights at EFF
Categories
Popular Tags
AppSec blackhat Black Hat Black Hat Europe Black Hat USA Black Hat USA 2008 Black Hat USA 2009 BruCON BSides Calendar CanSecWest CanSecWest 2008 DeepSec DEFCON DEFCON 16 DEFCON 18 DNS Hacker Halted Hack in the Box HITB HOPE IEEE information security ISSA Jeremiah Grossman Microsoft OWASP RECON RSA RSA Conference RSA Conference 2008 RUXCON SANS Security BSides ShmooCon shmoocon 2010 SOUPS SOURCE SOURCE Boston The Last HOPE ToorCon USENIX WASC WhatWorks WhiteHat Security
Recent Commentators
Recent Visitors
Favorite Links
© Godai Group 2012
Home - Calendar - Communities - Training - Archives - Contact