Data Seepage: How to Give Attackers a Roadmap to Your Network
by HNS - Thursday, 14 June 2007.
At Black Hat Europe we met with Robert Graham and David Maynor, the CEO and CTO of Errata Security. In this video they talk about how the days of widespread internet attacks are long gone. What's more popular now are more directed or targeted attacks using a variety of different methods. This is where data seepage comes in. Unbeknownst to a lot of mobile professional's laptops, PDAs, even cell phones can be literally bleeding information about a company's internal network. All this information can be used by an attacker to make attacks more accurate with a higher likelihood of success.
Posted on 19 December 2014. | Security researcher Samy Kamkar has devised a fast and easy way to compromise an unlocked computer and open a backdoor on it: a simple and cheap ($20) pre-programmed Teensy microcontroller.
Posted on 19 December 2014. | A new variant of the infamous Zeus banking and information-stealing Trojan has been created to target the users of over 150 different banks and 20 payment systems in 15 countries, including the UK, the US, Russia, Spain and Japan.
Posted on 17 December 2014. | How to deal with untrustworthy third-party add-ons that could endanger your own users? Prevent them from loading - if you can. That's what Google recently did with Gmail extensions that load code that interferes with the users' Gmail session or malware that can compromise their emailís security.
Posted on 12 December 2014. | Make sure you understand the service level agreements with your cloud service provider. They will often replicate virtual machines in the cloud to ensure availability and make sure they maintain their SLAs. Ask them how they are making sure that your apps and data stay where they belong.