Social and mobile tisa protalk 2 2554
-
Upload
tisa -
Category
Technology
-
view
283 -
download
3
Transcript of Social and mobile tisa protalk 2 2554
Advanced Social Network and Mobile Attack
Nipon Nachin, Consulting Manager
ITIL Expert, CISSP, GIAC GFCA, CISA, CISM, CSSLP, AMBCI, IRCA ISMS, ITSMS, BCMS Provisional Auditor, SSCP, Security+
Prathan Phongthiproek, Red-Team Manager
eCPPT, E|CSA, C|EH, CIW Security Analyst, CPTS, CWNP, CWSP, Security+, ITIL-F
ACIS Professional Center
Social Network
Source: 2008 CSI Computer Crime & Security Survey2
RSS feed
Social Network Threats
Source: 2008 CSI Computer Crime & Security Survey3
1) Malware Spam
2) Drive-By-Download
3) Malicious Applications
4) Session Hijacking
Malware Spam
Source: 2008 CSI Computer Crime & Security Survey4
1) Osama execution video scam
2) Enable dislike button
3) Top 10 profile spies
Malware Spam
Source: 2008 CSI Computer Crime & Security Survey5
Drive-By-Download
Source: 2008 CSI Computer Crime & Security Survey6
1) Malicious URL Shorten
2) Internet Explorer / Mozilla Firefox / Safari / Chrome Vulnerabilities
3) Web Browsers Toolbar
4) Adobe products vulnerabilities; **Flash, PDF, Etc
5) ActiveX and Java Applets
Drive-By-Download
Source: 2008 CSI Computer Crime & Security Survey7
Drive-By-Download
Source: 2008 CSI Computer Crime & Security Survey8
Victim
(4) Download exploit
(1) Client visit the landing page
(2) Redirect to get exploit
(3) Redirect to get exploit
Drive-By-Download
Source: 2008 CSI Computer Crime & Security Survey9
Spyware
Viruses
Worms
Trojans
Potentially
unwanted
applications
Adware
Unwanted/
offensive
content
Phishing
Drive-By-Download
Source: 2008 CSI Computer Crime & Security Survey1
0
Malicious Facebook Applications
Source: 2008 CSI Computer Crime & Security Survey
Malicious Facebook Applications
Source: 2008 CSI Computer Crime & Security Survey
Malicious Facebook Applications
Source: 2008 CSI Computer Crime & Security Survey
Sessions Hijacking
Source: 2008 CSI Computer Crime & Security Survey
Sessions Hijacking with Firesheep
Source: 2008 CSI Computer Crime & Security Survey
1) For now, Unable to attack Facebook **Have to Modify source code
2) Only support over HTTP
- Hotmail, Twitter, Facebook, Etc
3) Sniff on-the-Fly (Wifi Hotspot)
4) Over Network, Have to ARP poisoning
Sessions Hijacking
Source: 2008 CSI Computer Crime & Security Survey
Sessions Hijacking Over HTTPS
Source: 2008 CSI Computer Crime & Security Survey
1) Using SSLStrip for kill SSL sessions
2) Rouge Access point or Arp poisoning on the wire
Sessions Hijacking Over HTTPS
Mobile Threats
Source: 2008 CSI Computer Crime & Security Survey1
9
BlackBerry
Mobile Safari Still Vulnerable To Pwn2Own Exploit
Mobile Web Browsers
Common problem: bad security UX
Android Content Provider File Disclosure
Google Latitude Zero Day Attack
Google Latitude Zero Day Attack
Google Latitude Zero Day Attack - Example
https://www.google.com/accounts/[email protected]&password=xxxxxx&s=sss=&xxx=dddddd
Google Latitude Zero Day Attack on iPhone
Google Latitude Zero Day Attack
FlexiSPY BlackBerry Spy Phone
FlexiSPY Apple iPhone Spyphone
Spyphone – ดักฟังการสนทนา
31
28th – 29th June 2011, Grand Millennium Sukhumvit, Bangkok
Copyright © 2009 TISA and its respective author(Thailand Information Security Association)
Please contact : [email protected]
http://www.TISA.or.th