SlideShare une entreprise Scribd logo

APT Malware & Media

3S Labs
3S Labs

A short talk on Advanced Persistent Threat and corresponding malware seen in the wild. Also touches upon the role of electronic media in over hyping specific cases.

Technologie
1  sur  14
APT .. Malware and Media Entertainment for the Industry http://www.3slabs.com
Advanced Persistent Threat ?? • Target: Organization “XYZ” – Follows Security Best Practices – Regular Penetration Tests done – Empty report with Nessus, AppScan/Acunetix/... on their online assets I am a h4x0r and I have better and easier targets than “XYZ” I am an employee and my employer “demands” that I compromise “XYZ”
http://threatpost.tumblr.com/post/16467594167/whos-spying-on-whom-examples-include-hacks-of
The Popular “APT”s 2013 • • • • • • • • Red October APT1 MiniDuke TeamSpy Flame Duqu StuxNet [ …. Lot more .. ] Top countries with Online Resources seeded with Malware http://www.securelist.com/en/analysis/204792292/IT_Threat_Evolution_Q1_2013
The “supposedly” Father of APT You cannot blame it all on the CHINESE ANY MORE ! http://spectrum.ieee.org/telecom/security/the-real-story-of-stuxnet
Life of an “APT” Exploits R&D AV Evasion Payloads […] 0day Research Profiling Ops Monitoring Phishing Analysis Targeted Attacks […] Admin & Misc
An “APT” without “A”
The Role of Electronic Media
The Front-Line Defenses
The Front-Line Defenses
The Case of APT “proliferation” • The MiniDuke Exploit CVE-2013-0640 – Adobe Reader 0day Found-in-the-Wild – Highly Sophisticated Exploit • ASLR & DEP bypass using – Information Leak – Dynamic Return-Oriented-Programming (ROP) – First ‘public’ example of ROP-only Shellcode • Reliable Sandbox Escape http://www.fireeye.com/blog/technical/cyber-exploits/2013/02/the-number-of-the-beast.html http://www.fireeye.com/blog/technical/cyber-exploits/2013/02/its-a-kind-of-magic-1.html http://www.varanoid.com/security-vendors/mcafee/analyzing-the-first-rop-only-sandbox-escaping-pdfexploit/
The Case of APT “proliferation” This exploit was developed in TAG TEAM effort with
A “sample” APT Tool …..
Thank You For listening (being awake) adatta@3slabs.com @abh1sek

Recommandé

Spyware
SpywareSpyware
SpywareFarheen Naaz
 
Owasp osint presentation - by adam nurudini
Owasp osint presentation - by adam nurudiniOwasp osint presentation - by adam nurudini
Owasp osint presentation - by adam nurudiniAdam Nurudini
 
Basics of getting Into Bug Bounty Hunting
Basics of getting Into Bug Bounty HuntingBasics of getting Into Bug Bounty Hunting
Basics of getting Into Bug Bounty HuntingMuhammad Khizer Javed
 
spyware
spywarespyware
spywareAkhil Kumar
 
Osint
OsintOsint
OsintKamal Rathaur
 
Viruses Spyware and Spam, Oh My!
Viruses Spyware and Spam, Oh My!Viruses Spyware and Spam, Oh My!
Viruses Spyware and Spam, Oh My!Joel May
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingManish Mudhliyar
 
Internet Security in Web 2.0
Internet Security in Web 2.0 Internet Security in Web 2.0
Internet Security in Web 2.0 Arjunsinh Sindhav
 

Recommandé

Spyware
SpywareSpyware
SpywareFarheen Naaz
 
Owasp osint presentation - by adam nurudini
Owasp osint presentation - by adam nurudiniOwasp osint presentation - by adam nurudini
Owasp osint presentation - by adam nurudiniAdam Nurudini
 
Basics of getting Into Bug Bounty Hunting
Basics of getting Into Bug Bounty HuntingBasics of getting Into Bug Bounty Hunting
Basics of getting Into Bug Bounty HuntingMuhammad Khizer Javed
 
spyware
spywarespyware
spywareAkhil Kumar
 
Osint
OsintOsint
OsintKamal Rathaur
 
Viruses Spyware and Spam, Oh My!
Viruses Spyware and Spam, Oh My!Viruses Spyware and Spam, Oh My!
Viruses Spyware and Spam, Oh My!Joel May
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingManish Mudhliyar
 
Internet Security in Web 2.0
Internet Security in Web 2.0 Internet Security in Web 2.0
Internet Security in Web 2.0 Arjunsinh Sindhav
 
PACE-IT, Security+3.1: Types of Malware
PACE-IT, Security+3.1: Types of MalwarePACE-IT, Security+3.1: Types of Malware
PACE-IT, Security+3.1: Types of MalwarePace IT at Edmonds Community College
 
Open Source Intelligence (OSINT)
Open Source Intelligence (OSINT)Open Source Intelligence (OSINT)
Open Source Intelligence (OSINT)festival ICT 2016
 
Spyware
SpywareSpyware
SpywareBabur Rahmadi
 
Spyware and key loggers
Spyware and key loggersSpyware and key loggers
Spyware and key loggersGaneshdev Chavhan
 
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)PRISMA CSI
 
Ethical Hacking and Network Security
Ethical Hacking and Network SecurityEthical Hacking and Network Security
Ethical Hacking and Network Securitysumit dimri
 
Spyware
SpywareSpyware
SpywareIshita Bansal
 
Datasploit - An Open Source Intelligence Tool
Datasploit - An Open Source Intelligence ToolDatasploit - An Open Source Intelligence Tool
Datasploit - An Open Source Intelligence ToolShubham Mittal
 
Spyware and Trojan Horses (Computer Security Seminar by Akhil Sharma)
Spyware and Trojan Horses (Computer Security Seminar by Akhil Sharma)Spyware and Trojan Horses (Computer Security Seminar by Akhil Sharma)
Spyware and Trojan Horses (Computer Security Seminar by Akhil Sharma)Akhil Sharma
 
Bug bounty
Bug bountyBug bounty
Bug bountyRamin Farajpour Cami
 
From OSINT to Phishing presentation
From OSINT to Phishing presentationFrom OSINT to Phishing presentation
From OSINT to Phishing presentationJesse Ratcliffe, OSCP
 
Detecting Ransomware/Bot Infections in Elasticsearch
Detecting Ransomware/Bot Infections in ElasticsearchDetecting Ransomware/Bot Infections in Elasticsearch
Detecting Ransomware/Bot Infections in ElasticsearchAditya K Sood
 
DLL Preloading Attack
DLL Preloading AttackDLL Preloading Attack
DLL Preloading Attacksecurityxploded
 
Web app security essentials
Web app security essentialsWeb app security essentials
Web app security essentialsRafał Hryniewski
 
Brucon presentation
Brucon presentationBrucon presentation
Brucon presentationwremes
 
Computer Virus
Computer Virus Computer Virus
Computer Virus bebo
 
Rafeeq Rehman - Breaking the Phishing Attack Chain
Rafeeq Rehman - Breaking the Phishing Attack ChainRafeeq Rehman - Breaking the Phishing Attack Chain
Rafeeq Rehman - Breaking the Phishing Attack Chaincentralohioissa
 
Hacking
HackingHacking
Hackingblues_mfi
 
DataSploit - BlackHat Asia 2017
DataSploit - BlackHat Asia 2017 DataSploit - BlackHat Asia 2017
DataSploit - BlackHat Asia 2017 Shubham Mittal
 
Osint primer
Osint primerOsint primer
Osint primern|u - The Open Security Community
 
Ethical hacking at warp speed
Ethical hacking at warp speedEthical hacking at warp speed
Ethical hacking at warp speedSreejith.D. Menon
 
Hacking and Hackers
Hacking and HackersHacking and Hackers
Hacking and HackersFarwa Ansari
 

Contenu connexe

Tendances

Open Source Intelligence (OSINT)
Open Source Intelligence (OSINT)Open Source Intelligence (OSINT)
Open Source Intelligence (OSINT)festival ICT 2016
 
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)PRISMA CSI
 
Ethical Hacking and Network Security
Ethical Hacking and Network SecurityEthical Hacking and Network Security
Ethical Hacking and Network Securitysumit dimri
 
Datasploit - An Open Source Intelligence Tool
Datasploit - An Open Source Intelligence ToolDatasploit - An Open Source Intelligence Tool
Datasploit - An Open Source Intelligence ToolShubham Mittal
 
Spyware and Trojan Horses (Computer Security Seminar by Akhil Sharma)
Spyware and Trojan Horses (Computer Security Seminar by Akhil Sharma)Spyware and Trojan Horses (Computer Security Seminar by Akhil Sharma)
Spyware and Trojan Horses (Computer Security Seminar by Akhil Sharma)Akhil Sharma
 
Detecting Ransomware/Bot Infections in Elasticsearch
Detecting Ransomware/Bot Infections in ElasticsearchDetecting Ransomware/Bot Infections in Elasticsearch
Detecting Ransomware/Bot Infections in ElasticsearchAditya K Sood
 
Brucon presentation
Brucon presentationBrucon presentation
Brucon presentationwremes
 
Computer Virus
Computer Virus Computer Virus
Computer Virus bebo
 
Rafeeq Rehman - Breaking the Phishing Attack Chain
Rafeeq Rehman - Breaking the Phishing Attack ChainRafeeq Rehman - Breaking the Phishing Attack Chain
Rafeeq Rehman - Breaking the Phishing Attack Chaincentralohioissa
 
DataSploit - BlackHat Asia 2017
DataSploit - BlackHat Asia 2017 DataSploit - BlackHat Asia 2017
DataSploit - BlackHat Asia 2017 Shubham Mittal
 

Tendances (20)

PACE-IT, Security+3.1: Types of Malware
PACE-IT, Security+3.1: Types of MalwarePACE-IT, Security+3.1: Types of Malware
PACE-IT, Security+3.1: Types of Malware
 
Open Source Intelligence (OSINT)
Open Source Intelligence (OSINT)Open Source Intelligence (OSINT)
Open Source Intelligence (OSINT)
 
Spyware
SpywareSpyware
Spyware
 
Spyware and key loggers
Spyware and key loggersSpyware and key loggers
Spyware and key loggers
 
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
 
Ethical Hacking and Network Security
Ethical Hacking and Network SecurityEthical Hacking and Network Security
Ethical Hacking and Network Security
 
Spyware
SpywareSpyware
Spyware
 
Datasploit - An Open Source Intelligence Tool
Datasploit - An Open Source Intelligence ToolDatasploit - An Open Source Intelligence Tool
Datasploit - An Open Source Intelligence Tool
 
Spyware and Trojan Horses (Computer Security Seminar by Akhil Sharma)
Spyware and Trojan Horses (Computer Security Seminar by Akhil Sharma)Spyware and Trojan Horses (Computer Security Seminar by Akhil Sharma)
Spyware and Trojan Horses (Computer Security Seminar by Akhil Sharma)
 
Bug bounty
Bug bountyBug bounty
Bug bounty
 
From OSINT to Phishing presentation
From OSINT to Phishing presentationFrom OSINT to Phishing presentation
From OSINT to Phishing presentation
 
Detecting Ransomware/Bot Infections in Elasticsearch
Detecting Ransomware/Bot Infections in ElasticsearchDetecting Ransomware/Bot Infections in Elasticsearch
Detecting Ransomware/Bot Infections in Elasticsearch
 
DLL Preloading Attack
DLL Preloading AttackDLL Preloading Attack
DLL Preloading Attack
 
Web app security essentials
Web app security essentialsWeb app security essentials
Web app security essentials
 
Brucon presentation
Brucon presentationBrucon presentation
Brucon presentation
 
Computer Virus
Computer Virus Computer Virus
Computer Virus
 
Rafeeq Rehman - Breaking the Phishing Attack Chain
Rafeeq Rehman - Breaking the Phishing Attack ChainRafeeq Rehman - Breaking the Phishing Attack Chain
Rafeeq Rehman - Breaking the Phishing Attack Chain
 
Hacking
HackingHacking
Hacking
 
DataSploit - BlackHat Asia 2017
DataSploit - BlackHat Asia 2017 DataSploit - BlackHat Asia 2017
DataSploit - BlackHat Asia 2017
 
Osint primer
Osint primerOsint primer
Osint primer
 

Similaire à APT Malware & Media

Ethical hacking at warp speed
Ethical hacking at warp speedEthical hacking at warp speed
Ethical hacking at warp speedSreejith.D. Menon
 
Hacking and Hackers
Hacking and HackersHacking and Hackers
Hacking and HackersFarwa Ansari
 
UN Presentation - 10-17-2018 - Maccaglia
UN Presentation - 10-17-2018 - MaccagliaUN Presentation - 10-17-2018 - Maccaglia
UN Presentation - 10-17-2018 - MaccagliaStefano Maccaglia
 
Keith J. Jones, Ph.D. - Crash Course malware analysis
Keith J. Jones, Ph.D. - Crash Course malware analysisKeith J. Jones, Ph.D. - Crash Course malware analysis
Keith J. Jones, Ph.D. - Crash Course malware analysisKeith Jones, PhD
 
How Malware Works
How Malware WorksHow Malware Works
How Malware WorksAlienVault
 
NETWORK SECURITY
NETWORK SECURITYNETWORK SECURITY
NETWORK SECURITYafaque jaya
 
Targeted attacks
Targeted attacksTargeted attacks
Targeted attacksRahul
 
Threat Hunting with Splunk
Threat Hunting with SplunkThreat Hunting with Splunk
Threat Hunting with SplunkSplunk
 
Understanding advanced persistent threats (APT)
Understanding advanced persistent threats (APT)Understanding advanced persistent threats (APT)
Understanding advanced persistent threats (APT)Dan Morrill
 
Ethical Hacking Overview
Ethical Hacking OverviewEthical Hacking Overview
Ethical Hacking OverviewSubhoneel Datta
 
Deep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection systemDeep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection systemAffine Analytics
 
OWASP_OSINT_Presentation.pdf
OWASP_OSINT_Presentation.pdfOWASP_OSINT_Presentation.pdf
OWASP_OSINT_Presentation.pdfnetisBin
 
Target attack (hkust gold edition)(public version)
Target attack (hkust gold edition)(public version)Target attack (hkust gold edition)(public version)
Target attack (hkust gold edition)(public version)Anthony Lai
 
Best Practices for Leveraging Security Threat Intelligence
Best Practices for Leveraging Security Threat IntelligenceBest Practices for Leveraging Security Threat Intelligence
Best Practices for Leveraging Security Threat IntelligenceAlienVault
 
Inside Attacker: An Overview
Inside Attacker: An OverviewInside Attacker: An Overview
Inside Attacker: An OverviewDustin Collins
 
Next Generation Advanced Malware Detection and Defense
Next Generation Advanced Malware Detection and DefenseNext Generation Advanced Malware Detection and Defense
Next Generation Advanced Malware Detection and DefenseLuca Simonelli
 
Invincea fake british airways ticket spear-phish malware 03-21-2014
Invincea fake british airways ticket spear-phish malware 03-21-2014Invincea fake british airways ticket spear-phish malware 03-21-2014
Invincea fake british airways ticket spear-phish malware 03-21-2014Invincea, Inc.
 

Similaire à APT Malware & Media (20)

Ethical hacking at warp speed
Ethical hacking at warp speedEthical hacking at warp speed
Ethical hacking at warp speed
 
Hacking and Hackers
Hacking and HackersHacking and Hackers
Hacking and Hackers
 
UN Presentation - 10-17-2018 - Maccaglia
UN Presentation - 10-17-2018 - MaccagliaUN Presentation - 10-17-2018 - Maccaglia
UN Presentation - 10-17-2018 - Maccaglia
 
Keith J. Jones, Ph.D. - Crash Course malware analysis
Keith J. Jones, Ph.D. - Crash Course malware analysisKeith J. Jones, Ph.D. - Crash Course malware analysis
Keith J. Jones, Ph.D. - Crash Course malware analysis
 
How Malware Works
How Malware WorksHow Malware Works
How Malware Works
 
NETWORK SECURITY
NETWORK SECURITYNETWORK SECURITY
NETWORK SECURITY
 
Honey pots
Honey potsHoney pots
Honey pots
 
Targeted attacks
Targeted attacksTargeted attacks
Targeted attacks
 
Threat Hunting with Splunk
Threat Hunting with SplunkThreat Hunting with Splunk
Threat Hunting with Splunk
 
Understanding advanced persistent threats (APT)
Understanding advanced persistent threats (APT)Understanding advanced persistent threats (APT)
Understanding advanced persistent threats (APT)
 
OpenSourceIntelligence-OSINT.pptx
OpenSourceIntelligence-OSINT.pptxOpenSourceIntelligence-OSINT.pptx
OpenSourceIntelligence-OSINT.pptx
 
Ethical Hacking Overview
Ethical Hacking OverviewEthical Hacking Overview
Ethical Hacking Overview
 
Deep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection systemDeep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection system
 
OWASP_OSINT_Presentation.pdf
OWASP_OSINT_Presentation.pdfOWASP_OSINT_Presentation.pdf
OWASP_OSINT_Presentation.pdf
 
Target attack (hkust gold edition)(public version)
Target attack (hkust gold edition)(public version)Target attack (hkust gold edition)(public version)
Target attack (hkust gold edition)(public version)
 
Best Practices for Leveraging Security Threat Intelligence
Best Practices for Leveraging Security Threat IntelligenceBest Practices for Leveraging Security Threat Intelligence
Best Practices for Leveraging Security Threat Intelligence
 
Inside Attacker: An Overview
Inside Attacker: An OverviewInside Attacker: An Overview
Inside Attacker: An Overview
 
Next Generation Advanced Malware Detection and Defense
Next Generation Advanced Malware Detection and DefenseNext Generation Advanced Malware Detection and Defense
Next Generation Advanced Malware Detection and Defense
 
Think Like a Hacker
Think Like a HackerThink Like a Hacker
Think Like a Hacker
 
Invincea fake british airways ticket spear-phish malware 03-21-2014
Invincea fake british airways ticket spear-phish malware 03-21-2014Invincea fake british airways ticket spear-phish malware 03-21-2014
Invincea fake british airways ticket spear-phish malware 03-21-2014
 

Dernier

WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 

Dernier (20)

WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 

APT Malware & Media

  • 1. APT .. Malware and Media Entertainment for the Industry http://www.3slabs.com
  • 2. Advanced Persistent Threat ?? • Target: Organization “XYZ” – Follows Security Best Practices – Regular Penetration Tests done – Empty report with Nessus, AppScan/Acunetix/... on their online assets I am a h4x0r and I have better and easier targets than “XYZ” I am an employee and my employer “demands” that I compromise “XYZ”
  • 4. The Popular “APT”s 2013 • • • • • • • • Red October APT1 MiniDuke TeamSpy Flame Duqu StuxNet [ …. Lot more .. ] Top countries with Online Resources seeded with Malware http://www.securelist.com/en/analysis/204792292/IT_Threat_Evolution_Q1_2013
  • 5. The “supposedly” Father of APT You cannot blame it all on the CHINESE ANY MORE ! http://spectrum.ieee.org/telecom/security/the-real-story-of-stuxnet
  • 6. Life of an “APT” Exploits R&D AV Evasion Payloads […] 0day Research Profiling Ops Monitoring Phishing Analysis Targeted Attacks […] Admin & Misc
  • 8. The Role of Electronic Media
  • 11. The Case of APT “proliferation” • The MiniDuke Exploit CVE-2013-0640 – Adobe Reader 0day Found-in-the-Wild – Highly Sophisticated Exploit • ASLR & DEP bypass using – Information Leak – Dynamic Return-Oriented-Programming (ROP) – First ‘public’ example of ROP-only Shellcode • Reliable Sandbox Escape http://www.fireeye.com/blog/technical/cyber-exploits/2013/02/the-number-of-the-beast.html http://www.fireeye.com/blog/technical/cyber-exploits/2013/02/its-a-kind-of-magic-1.html http://www.varanoid.com/security-vendors/mcafee/analyzing-the-first-rop-only-sandbox-escaping-pdfexploit/
  • 12. The Case of APT “proliferation” This exploit was developed in TAG TEAM effort with
  • 13. A “sample” APT Tool …..
  • 14. Thank You For listening (being awake) adatta@3slabs.com @abh1sek