Tag: vb2019
-
VB2019 presentation: A deep dive into iPhone exploit chains
One of the biggest security stories of 2019 was the use of advanced iOS and Android exploit chains against China’s Uighur minority, first uncovered by Google ’s Project Zero with more details supplied by Volexity . In a last-minute presentation at VB2019 in London, John Bambenek of the University of Illinois at Urbana-Champaign discussed details…
-
VB2019 paper: Catch me if you can: detection of injection exploitation by validating query and API integrity
Any web app that relies on some kind of user input is potentially vulnerable to some kind of command injection, be it MySQL, NoSQL or OS command injection. Indeed, OWASP lists this as one of the topmost security risks. In a paper presented at VB2019 in London, Prismo Systems researchers Abhishek Singh and Ramesh Mani…
-
VB2019 paper: Never before had Stierlitz been so close to failure (or: what is a Soviet super-spy doing in a popular bundleware for Mac?)
Over the years, many ‘potentially unwanted applications’ have plagued macOS in the same way they have plagued other platforms. Though anti-virus isn’t ubiquitous on Macs, detecting such PUAs usually isn’t a difficult problem. However, there are exceptions. One such exception is a popular yet unnamed piece of ‘bundleware’ that was analysed by Sophos researcher Sergei…
-
VB2019 paper: Exploring the Chinese DDoS landscape
China has long been a hotbed of DDoS activities, with several groups operating in this space and attacks being performed that are criminal in nature but also that are in line with the country’s geopolitical interests. In a paper presented a VB2019 in London, Intezer researcher Nacho Sanmillan explored the Chinese DDoS threat landscape. In…
-
VB2019 paper: Absolutely routed!! Why routers are the new bullseye in cyber attacks
Given their prominent position on home and corporate networks and their often poor standard of security, one might be forgiven for being surprised that massive attacks against routers didn’t really take off until a few years ago. The game changer in this space is generally seen to be the Mirai IoT botnet which, together with…
-
VB2019 paper: Operation Soft Cell – a worldwide campaign against telecommunication providers
In June this year, Cybereason published a blog post on Operation Soft Cell, a targeted attack against telecom providers around the world. The actors behind the operation are particularly interested in Call Detail Records (CDR) for specific high-value users, which give them valuable metadata on their communication and location. Prior to publishing their blog post,…
-
VB2019 paper: A study of Machete cyber espionage operations in Latin America
Latin America has long been a hotbed for cybercrime, but the region has also seen the activity of various APT groups. One of these groups makes use of ‘Machete’, a Python-based toolset. Machete dates back at least nine years and was first written about by Kaspersky in 2014. In August of this year, ESET published…
-
VB2019 paper: The push from fiction for increased surveillance, and its impact on privacy
Levels of anxiety over technology and interconnectedness are growing. People are becoming increasingly concerned about privacy, and wary that every gadget or app might be spying on them. But researchers Miriam Cihodariu ( Heimdal Security ) and Andrei Bogdan Brad ( Code4Romania ) wondered how much impact the misrepresentation of surveillance technology in fiction (films…
-
VB2019 paper: Oops! It happened again!
Different forms of malware and cyber threats are constantly making the news headlines, and one could be forgiven for thinking that threats like ransomware, fileless malware, rootkits and phishing are all new phenomena. But are they really? This is the question asked – and answered – by industry veterans Righard Zwienenberg ( ESET ) and Eddy Willems…
-
VB2019 video: Thwarting Emotet email conversation thread hijacking with clustering
Having returned from its summer break, Emotet is once again being used as the first stage of many often prominent and costly malware infections. A detailed analysis of the malware was given in a paper presented at VB2019 by Sophos researcher Luca Nagy. But Emotet isn’t just a very clever piece of malware. It also…