wysi wyg

Report

Post on 10-Jan-2016

48 Views

Category:

Documents

0 Downloads

Preview:

Click to see full reader

DESCRIPTION

n. WYSI WYG. Peter Stan cik Security Evangelist. What you see is not what you get. What you see is not what you get. Infection vectors. Drive-by download. Social engineering. Blackhat SEO. SPAM. Social networks. Blackhat SEO. Social networks. What do I get ( instead )?. - PowerPoint PPT Presentation

TRANSCRIPT

WYSI WYG

Peter Stancik Security Evangelist

n

What you see is not what you get

What you see is not what you get

Infection vectors

Blackhat SEO

Social engineering

Drive-by download

SPAM

Social networks

Blackhat SEO

Social networks

What do I get (instead)?

Banking Trojans

Something “special” from the grey zone…

Scareware …Rogue AVs, Registry Cleaners

…with mobile components

…etc…

Banking Trojans

• Man-in-the-Browser• Man-in-the-Mobile

Scenario:1. Steal credentials using MitB2. Infect victim’s mobile phone – MitMo3. Log in using stolen credentials; perform transaction4. Mobile malware forwards authentication SMS to attacker5. Fill in authentication code and complete transaction

Zeus and now SpyEye: detected as SymbOS/Spitmo

*pictures from http://securityblog.s21sec.com/2010/09/zeus-mitmo-man-in-mobile-ii.html

Banking Trojans

http://securityblog.s21sec.com/2010/09/zeus-mitmo-man-in-mobile-ii.html

Rogue AV

DNS Changer

CA Breaches

Thank you!

stancik@eset.sk blog.eset.com

top related

wyg creative minds · wyg group creative minds safe hands...
Documents
wielofunkcyjna maszyna do szycia - intersklep.com.pl · •...
Documents
annual report & accounts 20158 wyg report & accounts 2015...
Documents
overlock instrukcja obs ugi - adamar · 46 3 cz # ci...
Documents
report on public consultation workshop: -trafficking of...
Documents
wyg capital markets day presentation · wyg capital markets...
Documents
wyg transport planning oxfordshire county council ·...
Documents
a429/a433 corridor study - gloucestershire...wyg transport...
Documents
iati implementation schedule for: date - wyg...iati...
Documents
„analiza organizacji i funkcjonowania wĘzŁÓw...
Documents
introduction and overview...presented by gordon lamond &...
Documents
appendix c wyg phase ii designed specification and boq
Documents
› sites › default › files › wysi… · web...
Documents
annual report & accounts 2017 - wyg · 2017-07-18 ·...
Documents
wysi board of directors application form filewysi board of...
Documents
ceramika, armatura i dodatki ∏azienkowe –...
Documents
annual report & accounts 2014 - wyg€¦ · 4 wyg report...
Documents
wyg transport planning · wyg transport planning wyg...
Documents
wyg transport planning · wyg environment planning...
Documents
creative minds safe hands safe, successful and sustainable...
Documents