social and mobile tisa protalk 2 2554
TRANSCRIPT
![Page 1: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/1.jpg)
Advanced Social Network and Mobile Attack
Nipon Nachin, Consulting Manager
ITIL Expert, CISSP, GIAC GFCA, CISA, CISM, CSSLP, AMBCI, IRCA ISMS, ITSMS, BCMS Provisional Auditor, SSCP, Security+
Prathan Phongthiproek, Red-Team Manager
eCPPT, E|CSA, C|EH, CIW Security Analyst, CPTS, CWNP, CWSP, Security+, ITIL-F
ACIS Professional Center
![Page 2: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/2.jpg)
Social Network
Source: 2008 CSI Computer Crime & Security Survey2
RSS feed
![Page 3: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/3.jpg)
Social Network Threats
Source: 2008 CSI Computer Crime & Security Survey3
1) Malware Spam
2) Drive-By-Download
3) Malicious Applications
4) Session Hijacking
![Page 4: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/4.jpg)
Malware Spam
Source: 2008 CSI Computer Crime & Security Survey4
1) Osama execution video scam
2) Enable dislike button
3) Top 10 profile spies
![Page 5: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/5.jpg)
Malware Spam
Source: 2008 CSI Computer Crime & Security Survey5
![Page 6: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/6.jpg)
Drive-By-Download
Source: 2008 CSI Computer Crime & Security Survey6
1) Malicious URL Shorten
2) Internet Explorer / Mozilla Firefox / Safari / Chrome Vulnerabilities
3) Web Browsers Toolbar
4) Adobe products vulnerabilities; **Flash, PDF, Etc
5) ActiveX and Java Applets
![Page 7: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/7.jpg)
Drive-By-Download
Source: 2008 CSI Computer Crime & Security Survey7
![Page 8: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/8.jpg)
Drive-By-Download
Source: 2008 CSI Computer Crime & Security Survey8
Victim
(4) Download exploit
(1) Client visit the landing page
(2) Redirect to get exploit
(3) Redirect to get exploit
![Page 9: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/9.jpg)
Drive-By-Download
Source: 2008 CSI Computer Crime & Security Survey9
Spyware
Viruses
Worms
Trojans
Potentially
unwanted
applications
Adware
Unwanted/
offensive
content
Phishing
![Page 10: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/10.jpg)
Drive-By-Download
Source: 2008 CSI Computer Crime & Security Survey1
0
![Page 11: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/11.jpg)
Malicious Facebook Applications
Source: 2008 CSI Computer Crime & Security Survey
![Page 12: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/12.jpg)
Malicious Facebook Applications
Source: 2008 CSI Computer Crime & Security Survey
![Page 13: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/13.jpg)
Malicious Facebook Applications
Source: 2008 CSI Computer Crime & Security Survey
![Page 14: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/14.jpg)
Sessions Hijacking
Source: 2008 CSI Computer Crime & Security Survey
![Page 15: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/15.jpg)
Sessions Hijacking with Firesheep
Source: 2008 CSI Computer Crime & Security Survey
1) For now, Unable to attack Facebook **Have to Modify source code
2) Only support over HTTP
- Hotmail, Twitter, Facebook, Etc
3) Sniff on-the-Fly (Wifi Hotspot)
4) Over Network, Have to ARP poisoning
![Page 16: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/16.jpg)
Sessions Hijacking
Source: 2008 CSI Computer Crime & Security Survey
![Page 17: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/17.jpg)
Sessions Hijacking Over HTTPS
Source: 2008 CSI Computer Crime & Security Survey
1) Using SSLStrip for kill SSL sessions
2) Rouge Access point or Arp poisoning on the wire
![Page 18: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/18.jpg)
Sessions Hijacking Over HTTPS
![Page 19: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/19.jpg)
Mobile Threats
Source: 2008 CSI Computer Crime & Security Survey1
9
![Page 20: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/20.jpg)
BlackBerry
![Page 21: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/21.jpg)
Mobile Safari Still Vulnerable To Pwn2Own Exploit
![Page 22: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/22.jpg)
Mobile Web Browsers
Common problem: bad security UX
![Page 23: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/23.jpg)
Android Content Provider File Disclosure
![Page 24: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/24.jpg)
Google Latitude Zero Day Attack
![Page 25: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/25.jpg)
Google Latitude Zero Day Attack
![Page 26: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/26.jpg)
Google Latitude Zero Day Attack - Example
https://www.google.com/accounts/[email protected]&password=xxxxxx&s=sss=&xxx=dddddd
![Page 27: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/27.jpg)
Google Latitude Zero Day Attack on iPhone
![Page 28: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/28.jpg)
Google Latitude Zero Day Attack
![Page 29: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/29.jpg)
FlexiSPY BlackBerry Spy Phone
![Page 30: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/30.jpg)
FlexiSPY Apple iPhone Spyphone
![Page 31: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/31.jpg)
Spyphone – ดักฟังการสนทนา
31
![Page 32: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/32.jpg)
28th – 29th June 2011, Grand Millennium Sukhumvit, Bangkok
![Page 33: Social and mobile tisa protalk 2 2554](https://reader034.vdocuments.us/reader034/viewer/2022052523/5566c0b9d8b42aac288b4af9/html5/thumbnails/33.jpg)
Copyright © 2009 TISA and its respective author(Thailand Information Security Association)
Please contact : [email protected]
http://www.TISA.or.th