DC9723 September 2017 Meeting

DC9723 September 2017 Meeting

When: 25 of September, 2017 from 19:00 to 22:00
Where: Checkpoint Offices in Tel-Aviv (HaSolelim 5 St, Tel Aviv.)
Agenda:

“Writing Malware without Writing Code” – Gal Bitensky
“The evolution of credential hijacking” – Tomer Zait

As always, the talks are free and there is no need to register. Come and bring your friends.

*We need more talks, please consider submitting a talk for the next DC9723 meeting. For more details and questions, please contact cfp@dc9723.org

Abstracts:
Writing Malware without Writing Code – Gal Bitensky
What are the motivations and mechanics of code re-use by malware coders?
To understand that the talk will start with few in-the-wild examples of bad guys re-using existing source code.
Afterwards, an experimental “malware” written from scratch almost purely by copy pasting code snippets will be displayed.
A unique glimpse to its development process and how it performed against leading AVs will be discussed in detail.

The evolution of credential hijacking – Tomer Zait
The login interfaces haven’t changed much over the years, at least not on the client side. Many companies have been breached including some well-known ones like myspace, dropbox and linkedin.
Brute-force attacks have improved, both through statistics and by manipulating & bypassing the defense systems implemented. This talk will present the various attacks, the logic behind them, the possible results of these attacks and conclude with some tools and ideas to mitigate them.