The City Never Sleeps presented at phdays 2016

by Denis Makrushin, Yuri Namestnikov,

Summary : Among other things, security professionals rely on strict security policies of limiting internet access for applications to deter cybercriminals roaming through corporate infrastructure. Corporate protection is mostly based on the use of the whitelisting paradigm: to forbid everything that is not clearly permitted. However, when employees go to sleep, many dangers lurk within corporate networks. We will show you how cybercriminals manipulate Notepad, AutoCAD, Tomcat, and SQL Server. LanguageRussianDenis Makrushin is an expert of the Global Research and Analysis Team at Kaspersky Lab. He specializes in analysis of possible threats and regularly speaks at international conferences on information security. Denis was engaged in penetration testing and security auditing of corporate web applications, stress testing of information and banking systems for resistance to DDoS attacks. He graduated from Moscow Engineering Physics Institute (MEPhI). Continues his research on protection against DDoS attacks as a part of his postgraduate course at MEPhI.