Tag Archives: malware analysis

[ISN] FBI wants you to become a cyber agent

http://www.networkworld.com/article/2863395/security0/fbi-wants-you-to-become-a-cyber-agent.html By Michael Cooney LAYER 8 Network World Jan 5, 2015 With its increased emphasis on Internet crime it might come as small surprise the FBI is now looking to bulk –up its cyber agent workforce. The agency in a job posting that is open until Jan. 20 said it has “many vacancies” for cyber special agents to investigate all manner of cyber crimes from website hacks and data theft to botnets and denial of service attacks. To keep pace with the evolving threat, the Bureau is appealing to experienced and certified cyber experts to consider joining the FBI to apply their well-honed tradecraft as cyber special agents, the agency stated. Key requirements to be a special agent include passing a rigorous background check and fitness test. Agents must be at least 23 and no older than 37. Prospective cyber special agents are expected to meet the same threshold as special agents, but also have a wealth of experience in computers and technology. Preferred backgrounds include computer programming and security, database administration, malware analysis, digital forensics, and even ethical hacking. An extensive list of sought-after backgrounds and certifications can be seen on the job posting, the FBI noted. […]




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Hackers strike defense companies through real-time ad bidding

http://www.csoonline.com/article/2835215/data-protection/hackers-strike-defense-companies-through-realtime-ad-bidding.html By Jeremy Kirk IDG News Service Oct 17, 2014 A major change this year in how online advertisements are sold has been embraced by hackers, who are using advanced ad-targeting capabilities to precisely deliver malware. Security vendor Invincea said it has detected many instances of people within defense and aerospace companies stumbling across malicious advertisements that are shown only to them, a scheme it calls “Operation DeathClick.” A white paper on the scheme will be released Friday. The cybercriminals are taking advantage of a sea change in the online advertising industry, which has mostly stopped selling “bulk” user impressions and moved to real-time bidding for advertisements that are highly targeted, said Patrick Belcher, director of malware analysis at Invincea, in a webinar presentation Thursday. Web advertisements are sold to the highest bidder on online exchanges by buyers who can specify who the ad is shown to by IP address range, region, industry vertical or even just by specific corporations. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] How to optimize your security budget

http://www.csoonline.com/article/2153713/security-leadership/how-to-optimize-your-security-budget.html By George V. Hulme CSO Online May 12, 2014 The good news is that security budgets are rising broadly. The bad news? So are successful attacks. Perhaps that’s why security budgets averaging $4.3 million this year represent a gain of 51% over the previous year – and that figure is nearly double the $2.2 million spent in 2010 – all according to our most recent Global Information Security Survey, conducted by PricewaterhouseCoopers. The question is, why? Why are security budgets rising but enterprises still are not getting the results hoped? “Many organizations are infatuated with buying the latest trendy thing, whether or not it makes the most sense for their specific security posture,” says Jay Leek, chief information security officer at The Blackstone Group. The 11th annual Global Information Security Survey of 9,600 executives also found that the number of organizations reporting losses of greater than $10 million per incident is up 75 percent from just two years ago. The costs of these breaches also are rising, with data breaches up 9 percent in 2013 from 2012. One thing is certain – the organizations are not spending on the technologies and capabilities best suited to help spot advanced attackers, such as malware analysis with only 51% doing so, inspection of traffic leaving the network (41%), rogue device scaling (34%), deep packet inspection (27%), or threat modeling (21%). […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Ruxcon 2014 Call For Papers

Forwarded from: cfp@ruxcon.org.au Ruxcon 2014 Call For Presentations Melbourne, Australia, October 11th-12th http://www.ruxcon.org.au The Ruxcon team is pleased to announce the Call For Presentations for Ruxcon 2014. This year the conference will take place over the weekend of the 11th and 12th of October at the CQ Function Centre, Melbourne, Australia. .[x]. About Ruxcon .[x]. Ruxcon brings together the individual talents of the best and brightest security folk in the region, through live presentations, activities, and demonstrations. The con is held over two days in a relaxed atmosphere, allowing delegates to enjoy themselves whilst networking within the community and expanding their knowledge. Live presentations and activities will cover a full range of defensive and offensive security topics, varying from previously unpublished research to required reading for the security community. .[x]. Important Dates .[x]. May 1st – Call For Presentations Open September 30th – Call For Presentations Close October 6-7 – Ruxcon/Breakpoint Training October 8-9 – Breakpoint Conference October 11-12 – Ruxcon Conference .[x]. Topic Scope .[x]. o Topics of interest include, but are not limited to: o Mobile Device Security o Virtualization, Hypervisor, and Cloud Security o Malware Analysis o Reverse Engineering o Exploitation Techniques o Rootkit Development o Code Analysis o Forensics and Anti-Forensics o Embedded Device Security o Web Application Security o Network Traffic Analysis o Wireless Network Security o Cryptography and Cryptanalysis o Social Engineering o Law Enforcement Activities o Telecommunications Security (SS7, 3G/4G, GSM, VOIP, etc) .[x]. Submission Guidelines .[x]. In order for us to process your submission we require the following information: 1. Presentation title 2. Detailed summary of your presentation material 3. Name/Nickname 4. Mobile phone number 5. Brief personal biography 6. Description of any demonstrations involved in the presentation 7. Information on where the presentation material has or will be presented before Ruxcon * As a general guideline, Ruxcon presentations are between 45 and 60 minutes, including question time. If you have any enquiries about submissions, or would like to make a submission, please send an email to presentations@ruxcon.org.au .[x]. Contact .[x]. o Email: submissions@ruxcon.org.au o Twitter: @ruxcon


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Attend nullcon V – 12-15th Feb 2014 – Bogmallo Beach Resort, Bogmalo, Goa

Dear Hackers and Hackeranis, Tool tip: Did u know nullcon goa V is on V day? Show a friendly gesture this V day, spread love not malware 🙂 Loads of action packed events happening at nullcon Goa (www.nullcon.net) as we turn five but first things first, the first speaker list (in no specific order): 1. Keynote: Jeff Moss, VP & CSO – ICANN, Founder – Defcon/Blackhat 2. Brad Barker, President – The Halo Corp 3. Chris Evans, Chrome Security, Google 4. Andy Davis, Research Director NCC Group 5. Amol Sarwate, Director Vulnerability Labs – Qualys 6. Anamika Singh, Developer – Cognizant 7. Ankur Tyagi, Software Engineer Juniper 8. Gregory Pickett, Hellfire security 9. Federico Pacheco, National Technical Univ. Buenos Aires 10. Achin Kulshrestha, Security Researcher Interesting events and happenings: 1. Hardware badge contest 2. Jailbeak 3.0 content 3. nullcon Blackshield Awards 4. Exhibition 5. Night talks on 13th Feb 2014 6. Free Workshops for attendees 7. Hi-tech Security training – Pentesting SCADA & Smart Grid,                                              Reverse Egg & Malware Analysis,                                              Xtreme Software Exploitation,                                              Xtreme Fuzzing                                              Xtreme Web hacking and more… 8. Hacking villages 9. nullcon Parties 10. Beach! Other details: http://nullcon.net Venue: Bogmallo Beach Resort, Bogmalo, Goa Dates:   Training      – 12-13th Feb 2014   Conference – 14-15th Feb 2014 Contact: register (at) nullcon.net Interested in Exhibiting/sponsoring: sponsor (at) nullcon.net So, Get ready to Goa!


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Ruxcon 2013 Final Call For Papers

Forwarded from: cfp (at) ruxcon.org.au Ruxcon 2013 Final Call For Papers Melbourne, Australia, October 26th-27th CQ Function Centre http://www.ruxcon.org.au/call-for-papers/ The Ruxcon team is pleased to announce the final call for papers for Ruxcon. This year the conference will take place over the weekend of the 26th and 27th of October at the CQ Function Centre, Melbourne, Australia. The deadline for submissions is the 31st of August. .[x]. About Ruxcon .[x]. Ruxcon is ia premier technical computer security conference in the Australia. The conference aims to bring together the individual talents of the best and brightest security folk in the region, through live presentations, activities and demonstrations. The conference is held over two days in a relaxed atmosphere, allowing attendees to enjoy themselves whilst networking within the community and expanding their knowledge of security. For more information, please visit the http://www.ruxcon.org.au .[x]. Important Dates .[x]. August 31 – Call For Presentations Close October 26-27 – Ruxcon Conference .[x]. Topic Scope .[x]. o Topics of interest include, but are not limited to: o Mobile Device Security o Virtualization, Hypervisor, and Cloud Security o Malware Analysis o Reverse Engineering o Exploitation Techniques o Rootkit Development o Code Analysis o Forensics and Anti-Forensics o Embedded Device Security o Web Application Security o Network Traffic Analysis o Wireless Network Security o Cryptography and Cryptanalysis o Social Engineering o Law Enforcement Activities o Telecommunications Security (SS7, 3G/4G, GSM, VOIP, etc) .[x]. Submission Guidelines .[x]. In order for us to process your submission we require the following information: 1. Presentation title 2. Detailed summary of your presentation material 3. Name/Nickname 4. Mobile phone number 5. Brief personal biography 6. Description of any demonstrations involved in the presentation 7. Information on where the presentation material has or will be presented before Ruxcon * As a general guideline, Ruxcon presentations are between 45 and 60 minutes, including question time. If you have any enquiries about submissions, or would like to make a submission, please send an email to presentations@ruxcon.org.au The deadline for submissions is the 31st of August. .[x]. Contact .[x]. o Email: presentations (at) ruxcon.org.au o Twitter: @ruxcon


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Ruxcon 2013 Call For Papers

Forwarded from: cfp (at) ruxcon.org.au Ruxcon 2013 Call For Presentations Melbourne, Australia, October 26th-27th CQ Function Centre http://www.ruxcon.org.au/call-for-papers/ The Ruxcon team is pleased to announce the Call For Presentations for Ruxcon 2013. This year the conference will take place over the weekend of the 26th and 27th of October at the CQ Function Centre, Melbourne, Australia. .[x]. About Ruxcon .[x]. Ruxcon is ia premier technical computer security conference in the Australia. The conference aims to bring together the individual talents of the best and brightest security folk in the region, through live presentations, activities and demonstrations. The conference is held over two days in a relaxed atmosphere, allowing attendees to enjoy themselves whilst networking within the community and expanding their knowledge of security. Live presentations and activities will cover a full range of defensive and offensive security topics, varying from previously unpublished research to required reading for the security community. For more information, please visit the http://www.ruxcon.org.au .[x]. Important Dates .[x]. May 7th – Call For Presentations Open September 7th – Call For Presentations Close October 22-23 – Ruxcon/Breakpoint Training October 24-25 – Breakpoint Conference October 26-27 – Ruxcon Conference .[x]. Topic Scope .[x]. o Topics of interest include, but are not limited to: o Mobile Device Security o Virtualization, Hypervisor, and Cloud Security o Malware Analysis o Reverse Engineering o Exploitation Techniques o Rootkit Development o Code Analysis o Forensics and Anti-Forensics o Embedded Device Security o Web Application Security o Network Traffic Analysis o Wireless Network Security o Cryptography and Cryptanalysis o Social Engineering o Law Enforcement Activities o Telecommunications Security (SS7, 3G/4G, GSM, VOIP, etc) .[x]. Submission Guidelines .[x]. In order for us to process your submission we require the following information: 1. Presentation title 2. Detailed summary of your presentation material 3. Name/Nickname 4. Mobile phone number 5. Brief personal biography 6. Description of any demonstrations involved in the presentation 7. Information on where the presentation material has or will be presented before Ruxcon * As a general guideline, Ruxcon presentations are between 45 and 60 minutes, including question time. If you have any enquiries about submissions, or would like to make a submission, please send an email to presentations@ruxcon.org.au .[x]. Contact .[x]. o Email: presentations (at) ruxcon.org.au o Twitter: @ruxcon ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Breakpoint 2013 Call For Papers

Forwarded from: cfp (at) ruxcon.org.au Breakpoint 2013 Call For Papers Melbourne, Australia, October 24th-25th Intercontinental Rialto http://www.ruxconbreakpoint.com .[x]. Introduction .[x]. The Ruxcon team is pleased to announce Call For Papers for Breakpoint 2013. Breakpoint showcases the work of expert security researchers from around the world on a wide range of topics. This conference is organised by the Ruxcon team and offers a specialised security conference to complement and lead into the larger and more casual Ruxcon weekend conference. Breakpoint caters towards security researchers and industry professionals alike, with a focus on cutting edge security research. Breakpoint presents a great opportunity for our selected speakers to receive a complimentary trip to Australia and experience both the Breakpoint and Ruxcon conferences, not to mention the great weather, awesome parties, and friendly people. Melbourne is a city of many subcultures, personalities and styles. Melbourne has a vibrant arts and music scene, eccentric cafes, intimate bars and restaurants, and is known as Australia’s cultural capital. .[x]. Important Dates .[x]. May 1 – Call For Presentations Open August 23 – Call For Presentations Close October 22-23 – Breakpoint Training October 24-25 – Breakpoint Conference October 26-27 – Ruxcon Conference .[x]. Topic Scope .[x]. Topics of interest include, but are not limited to: o Mobile Device Security o Exploitation Techniques o Reverse Engineering o Vulnerability Discovery o Rootkit Development o Malware Analysis o Code Analysis o Virtualisation, Hypervisor Security o Cloud Security o Embedded Device Security o Hardware Security o Telecommunications Security o Wireless Network Security o Web Application Security o Law Enforcement Activities o Forensics o Threat Intelligence o You get the idea .[x]. Submission Guidelines .[x]. In order for us to process your submission we will require the following information: 1. Presentation title 2. Detailed summary of your presentation material 3. Name/Nickname 4. Mobile phone number 5. Brief personal biography 6. Description of any demonstrations involved in presentation 7. Information on where the presentation material has or will be presented before Breakpoint * Preference will be given to presentations that contain original research that will be first presented at Breakpoint. * As a general guideline, Breakpoint presentations are between 45 and 60 minutes, including question time. If you have any questions about submissions, or would like to make a submission, please send an email to bpx@ruxconbreakpoint.com .[x]. Speaker Benefits .[x]. Speakers at Breakpoint will be entitled to the following benefits: – A return economy airfare to Melbourne (total cost limit applies) – Three nights accommodation at the Intercontinental Rialto – Complimentary registration for Breakpoint and Ruxcon conferences – Invitation to all Breakpoint and Ruxcon parties – Unlock ‘Presented on world’s smallest continent’ achievement * All speaker benefits apply to a single speaker per submission. .[x]. Contact .[x]. If you have any questions or inqueries, contact us at: * Email: bpx (at) ruxconbreakpoint.com * Twitter: @ruxconbpx ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org


Facebooktwittergoogle_plusredditpinterestlinkedinmail