Presented at
AppSec USA 2015,
Sept. 25, 2015, 10:30 a.m.
(55 minutes).
The purpose of this presentation will be to introduce the audience to
new techniques attackers are using to target users of web applications
for exploitation.
The first part of this presentation will be an introduction to the
modern Malware landscape, with a breakdown of the top 5 types of
malware being actively used in campaigns to target end users of web
applications. Of interest, though perhaps unsurprising - the top three
are not what we traditionally think of as "malware" in the sense of
exploitative code or remote backdoors - but aimed at direct
monetization of the user.
The second part of this presentation will be a technical walkthrough a
real-world modern malvertising & malware campaign, and break down each
step of the attack, and each distribution & obfuscation layer. This
walkthrough will be the bulk of the presentation (30 minutes), leaving
time for Q & A at the end.
Time permitting, we may provide more examples of modern campaigns/malware.
Presenters:
-
James Pleger
- Head of Research - RiskIQ
I am currently the Head of Research at RiskIQ, focusing our efforts on improving our customers lives by taking an outside-in approach to security. Part of this effort is ensuring that ad networks and exchanges are able to combat malware and other sources of malicious activities. Additionally, our team focuses on bringing new technologies and detection methodologies to help ensure that we are keeping up with the threat landscape as it evolves.
Links:
Similar Presentations: