Data Seepage: How to Give Attackers a Roadmap to Your Network
by HNS - Thursday, 14 June 2007.
At Black Hat Europe we met with Robert Graham and David Maynor, the CEO and CTO of Errata Security. In this video they talk about how the days of widespread internet attacks are long gone. What's more popular now are more directed or targeted attacks using a variety of different methods. This is where data seepage comes in. Unbeknownst to a lot of mobile professional's laptops, PDAs, even cell phones can be literally bleeding information about a company's internal network. All this information can be used by an attacker to make attacks more accurate with a higher likelihood of success.
Apart from being a way for dissidents and journalists to do their business without being spotted and identified by "the powers that be", the Dark Web is also a place where criminals sell and buy illegal wares and services and, apparently, where they also get robbed by scammers.
Brian Honan, CEO at BH Consulting, talks about a recent vulnerability disclosure trend – a trend that he believes may ultimately cause more harm than good: security vendors using vulnerability disclosure as a marketing tool with the goal of enhancing their company’s bottom line.
Attacks on the IoT can sound like the stuff of a movie thriller, but they are very real. The highly skilled and organized cybercriminals of today have the potential to tamper with a car’s firmware to kill its brakes.