Here’s a brief look back at the breakout sessions, speakers, and the biggest takewaways from the ROOTCON 2013 Conference:
My Experiment with Truth: A Different Route to Bug Hunting
By Devesh Bhatt
Bhatt shared his personal approach and experience in bug hunting, including searching for obvious vulnerabilities that are usually found in high-traffic web services. Almost 70% of valid bugs reported were vulnerable to XSS.
Stealth by Legitimacy: Malware’s use of Legitimate Services
By Jeffrey Bernardino and Nikko Tamana
Online attackers have been targeting legitimate websites to “host” their malicious business. There are more compromised websites today than attack sites. Why? It is an effective way to mask communication to target victims. Besides, security vendors are unlikely to block these legitimate services. It also takes time to track malicious content from these legitimate websites. Backdoor shell attacks are commonly used to hide this kind of malicious behavior. Bernardino and Tamana recommended tips to prevent us from getting affected by this kind of threat.
Social Network Analysis as an Internet Security Tool
By Wilson Chua
The use of social network tools has been proven to be very helpful in our society. It can be used to prevent a particular disease from spreading, to identify the mastermind of a crime, or even to effectively spread a rumor. Chua has presented us with a tool that can be used to visualize relationship between entities. And the best part aside from being free, big data is welcome.
Mobile Security Evolution
By Jesmond Chang
Chang presented data that 99% of malware families target Android, where 32% are silent backdoor attacks. There are three kinds of mobile malware: SMS Trojan, targeted malware, and spyware.
Javalicious: Malicious Java in the Wild
By Maersk Menrige
Menrige discussed the subcomponents of Java that are vulnerable to malicious attacks and the types of actual Java vulnerabilities.
Ouroboros
By Chris Boyd and Jovi Umawing
The trends in the past happen to be the trends of today. Boyd and Umawing enumerated malicious attacks such as profile stalkers, adware, bundle programs, and botnets that have been used for years.
The VOHO Campaign
By Christopher Elisan
This was an in-depth talk about “VOHO”, an attack targeting a high-traffic website. This kind of attack may involve fake Symantec or Microsoft updates, depending on the OS or software the target user has. Once the malware is in the system, it functions in modules — there’s a bot agent, attack component, and rootkit component that may work individually or together to achieve its goals. It may capture keystrokes, monitor webcams remotely, upload or download data, or execute arbitrary commands without the user’s knowledge.
Getting to Know SMART TVs
By Joey Costoya
Smart TVs are on the rise. There are open source development kits that can be used to create apps for Smart TVs. Since it functions like a computer, it also shares the risks of being infected by malicious code.
Diving Into Recon-ng
By Jay Turla
Diving Into Recon-ng is an open source framework for web-based reconnaissance and information gathering of a website. It has several modules that a bug-bounty hunter can use to gather information about a certain web domain. The main developers made this available for download and welcome developers to take part on this project.
Unpackers in a World of Signature-less Malware Detection
By Frederick Vila
It is predicted that engineers would opt for automated static analysis and dynamic analysis of malware in the future. While this is a hot topic, Vila concluded that unpackers are needed while packers exist and this should still be incorporated in anti-virus programs to detect malware in the wild.
Package Tampering: Injecting Jack in the Box
By Jolly Mongrel
Mongrel gave us a view of when and how package tampering happens in a global sense. He also provided demonstrations of tampering mail, a milk box, and even a soft drink bottle.
