Into the Darkness: Dissecting Targeted Attacks presented at TROOPERS 2012

by Rodrigo Rubira Branco,

Tags: Security

Summary : The current threat landscape around cyber attacks is complex and hard to understand even for IT pros. The media coverage on recent events increases the challenge by putting fundamentally different attacks into the same category, often labeled as advanced persistent threats (APTs). The resulting mix of attacks includes everything from broadly used, exploit-kit driven campaigns driven by cyber criminals, to targeted attacks that use 0-day vulnerabilities and are hard to fend off blurring the threat landscape, causing confusion where clarity is most needed.
This presentation analyzes a specific incident last March?s RSA breach, explaining the techniques used by the attackers and detailing the vulnerability used to gain access to the network. It further explores the possible mitigation techniques available in current software on the OS and application level to prevent such attacks from reoccurring.