WYSI WYG Peter Stancik Security Evangelist. Infection vectors Blackhat SEO Social engineering...
-
Upload
lia-fielden -
Category
Documents
-
view
214 -
download
2
Transcript of WYSI WYG Peter Stancik Security Evangelist. Infection vectors Blackhat SEO Social engineering...
![Page 1: WYSI WYG Peter Stancik Security Evangelist. Infection vectors Blackhat SEO Social engineering Drive-by download SPAM Social networks.](https://reader037.fdocuments.us/reader037/viewer/2022110304/5519b0e95503466f578b45b2/html5/thumbnails/1.jpg)
WYSI WYG
Peter Stancik Security Evangelist
n
![Page 2: WYSI WYG Peter Stancik Security Evangelist. Infection vectors Blackhat SEO Social engineering Drive-by download SPAM Social networks.](https://reader037.fdocuments.us/reader037/viewer/2022110304/5519b0e95503466f578b45b2/html5/thumbnails/2.jpg)
What you see is not what you get
![Page 3: WYSI WYG Peter Stancik Security Evangelist. Infection vectors Blackhat SEO Social engineering Drive-by download SPAM Social networks.](https://reader037.fdocuments.us/reader037/viewer/2022110304/5519b0e95503466f578b45b2/html5/thumbnails/3.jpg)
What you see is not what you get
![Page 4: WYSI WYG Peter Stancik Security Evangelist. Infection vectors Blackhat SEO Social engineering Drive-by download SPAM Social networks.](https://reader037.fdocuments.us/reader037/viewer/2022110304/5519b0e95503466f578b45b2/html5/thumbnails/4.jpg)
Infection vectors
Blackhat SEO
Social engineering
Drive-by download
SPAM
Social networks
![Page 5: WYSI WYG Peter Stancik Security Evangelist. Infection vectors Blackhat SEO Social engineering Drive-by download SPAM Social networks.](https://reader037.fdocuments.us/reader037/viewer/2022110304/5519b0e95503466f578b45b2/html5/thumbnails/5.jpg)
Blackhat SEO
![Page 6: WYSI WYG Peter Stancik Security Evangelist. Infection vectors Blackhat SEO Social engineering Drive-by download SPAM Social networks.](https://reader037.fdocuments.us/reader037/viewer/2022110304/5519b0e95503466f578b45b2/html5/thumbnails/6.jpg)
Social networks
![Page 7: WYSI WYG Peter Stancik Security Evangelist. Infection vectors Blackhat SEO Social engineering Drive-by download SPAM Social networks.](https://reader037.fdocuments.us/reader037/viewer/2022110304/5519b0e95503466f578b45b2/html5/thumbnails/7.jpg)
What do I get (instead)?
Banking Trojans
Something “special” from the grey zone…
Scareware …Rogue AVs, Registry Cleaners
…with mobile components
…etc…
![Page 8: WYSI WYG Peter Stancik Security Evangelist. Infection vectors Blackhat SEO Social engineering Drive-by download SPAM Social networks.](https://reader037.fdocuments.us/reader037/viewer/2022110304/5519b0e95503466f578b45b2/html5/thumbnails/8.jpg)
Banking Trojans
![Page 9: WYSI WYG Peter Stancik Security Evangelist. Infection vectors Blackhat SEO Social engineering Drive-by download SPAM Social networks.](https://reader037.fdocuments.us/reader037/viewer/2022110304/5519b0e95503466f578b45b2/html5/thumbnails/9.jpg)
• Man-in-the-Browser• Man-in-the-Mobile
Scenario:1. Steal credentials using MitB2. Infect victim’s mobile phone – MitMo3. Log in using stolen credentials; perform transaction4. Mobile malware forwards authentication SMS to attacker5. Fill in authentication code and complete transaction
Zeus and now SpyEye: detected as SymbOS/Spitmo
*pictures from http://securityblog.s21sec.com/2010/09/zeus-mitmo-man-in-mobile-ii.html
Banking Trojans
![Page 10: WYSI WYG Peter Stancik Security Evangelist. Infection vectors Blackhat SEO Social engineering Drive-by download SPAM Social networks.](https://reader037.fdocuments.us/reader037/viewer/2022110304/5519b0e95503466f578b45b2/html5/thumbnails/10.jpg)
Rogue AV
![Page 11: WYSI WYG Peter Stancik Security Evangelist. Infection vectors Blackhat SEO Social engineering Drive-by download SPAM Social networks.](https://reader037.fdocuments.us/reader037/viewer/2022110304/5519b0e95503466f578b45b2/html5/thumbnails/11.jpg)
DNS Changer
![Page 12: WYSI WYG Peter Stancik Security Evangelist. Infection vectors Blackhat SEO Social engineering Drive-by download SPAM Social networks.](https://reader037.fdocuments.us/reader037/viewer/2022110304/5519b0e95503466f578b45b2/html5/thumbnails/12.jpg)
CA Breaches