Presentation Material
Abstract
The number of reported security incidents has always been proportional to the number of vendor-issued vulnerabilities. However, recently this trend seems to have broken. This can be attributed to an increase in attacks against custom applications, attacks targeting end-users, zero-day exploits, and self-propagating worms. This presentation will discuss such trend-breaking real world attacks ranging from the installation of keystroke-logging Trojans on end-user machines through an IE buffer overflow to attacks against wireless clients. Each case study will discuss the motivation of the attack, an overview of the underlying technical details and its impact on business.
AI Generated Summarymay contain errors
Here is a summarized version of the content:
The speaker discusses how an attacker, who had enumerated accounts via NetBIOS, went on to attempt thousands of passwords, unknowingly locking out 172 trader accounts due to a misconfigured account lockout policy. The speaker emphasizes that user awareness and education are crucial in preventing such attacks. They suggest that organizations should bear the responsibility of educating their employees on security best practices, such as patching systems and being cautious of phishing attempts.
The speaker also shares an anecdote about a woman who lost $50,000 due to a lack of procedural controls by her bank. Despite the bank being notified of the initial loss, they failed to freeze her account, allowing further losses.
Additionally, the speaker touches on the importance of blocking outbound traffic and highlights Richard Bejtlich’s upcoming book on extrusion detection. They also mention Tony Shore’s talk about implementing privilege restriction in Windows 7, which can help mitigate security risks.
Finally, the speaker answers a question about a rogue access point, explaining that the attacker had used a laptop with an inbuilt Wi-Fi card to connect to the bank’s network.