The most popular presentation at Black Hat 2008 was on the Internetwide DNS vulnerability discovered by Dan Kaminsky, director of penetration testing for IOActive. Over 2,000 attendees packed into an 800-person capacity room to hear Mr. Kaminsky tell the intriguing story of how he had been working on a nonsecurity related, Web-caching project for a friend at Wikipedia.
DNS cache poisoning is a technique that allows a hacker to introduce forged DNS information into other DNS servers. The result of a DNS cache poisoning attack allows the hacker to take control of portions of the Internet or redirect all users of a search engine to malicious content.
Everyone knows that e-mail spam is a huge problem that all of us are subjected to on almost a daily basis. What you may not know is how e-mail spam is directly linked to phishing and botnets. Phishing e-mails attempt to steal personally identifiable information from unsuspecting computers by getting them to open a "Trojaned" attachment or follow a link to a malicious Web site. Botnets are a collection of hacked computers remotely controlled by individuals for nefarious purposes.
Typically the hacker or "bot herder" will use the computer under their control for denial-of-service attacks often associated with extortion or massive spamming as part of a phishing effort. There were a number of different presentations addressing how phishing and botnets, in conjunction with e-mail spam, are used by hackers.
Black Hat also covered the latest trends and security implications of server virtualization and introduced visual forensic analysis in a session entitled: "Visual Computer Forensic Analysis," by Greg Conti and Erik Dean. In upcoming articles we will look more at this cutting-edge technique and the tools being developed around, it as well as delve into the dangers of social networking sites, phishing and botnet schemes, and SSL VPN security.
No comments:
Post a Comment