Posts Tagged ‘Internet’

Black Hat DC 2010: Exploiting Lawful Intercept to Wiretap the Internet 6/6

Clip 6/6 Speaker: Tom Cross Many governments require telecommunications companies to provide interfaces that law enforcement can use to monitor their customer’s communications. If these interfaces are poorly designed, implemented, or managed they can provide a backdoor for attackers to perform surveillance without lawful authorization. Most lawful intercept technology is proprietary and difficult to peer review. Fortunately, Cisco has published the core architecture of it’s lawful intercept technology in an Internet Draft and a number of public configuration guides. This talk will review Cisco’s architecture for lawful intercept from a security perspective. The talk will explain how a number of different weaknesses in its design coupled with publicly disclosed security vulnerabilities could enable a malicious person to access the interface and spy on communications without leaving a trace. The talk will explain what steps network operators need to take to protect this interface. The talk will also provide a set of recommendations for the redesign of the interface as well as SNMP authentication in general to better mitigate the security risks. For more information go to the BlackHat 2010 DC archive

Black Hat DC 2010: Internet Explorer turns your personal computer into a public file server 6/7

Clip 6/7 Speakers: Jorge Luis, Alvarez Medina In this presentation we will show how an attacker can read every file of your file system if you are using Internet Explorer. This attack leverages different design features of Internet Explorer entailing security risks that, while low if considered isolated, lead to interesting attack vectors when combined altogether. We will also disclose and demonstrate proof of concept code developed for the scenarios proposed. For more information go to the BlackHat 2010 DC archive

Jim Christy, the Director of Futures Exploration at the Department of Defense Cyber Crime Center, talks about the increasing sophistication of attacks that he is starting to see.

    Diamond Dave is the owner and site coordinator of (BHW). Most webmasters and internet marketing experts know and follow all the latest Search Engine Optimization (SEO) techniques on the internet at BHW. In fact, Blackhat World is not only the #1 website on the internet for cutting edge Search Engine Optimization methods it is the No 1 "authority" site. Some of the topics discussed on BHW include but are not restricted to: Outsourcing, Blogging, email marketing, Social Networking, Google Adsense and Google Ad words, hiring freelancers, webmaster tools and many more categories and subjects of interest. In addition, BHW is a great resource for beginners (newbies) and seasoned veterans.