Cequence Security Presentation: Bulletproof Proxies: Enabling Large Scale Attacks to Hide in Plain Sight presented at CybersecuritySummitBoston 2019

by Will Glazier,

Summary : Bad actors are using sophisticated attack management tools, a constantly refreshed trove of stolen credentials and a rapidly growing class of infrastructure providers called Bulletproof Proxies to mask their identity and location while launching automated attacks on public facing applications. These new tools have taken the concepts of anonymity and availability found in Bulletproof Hosting and extended them to the delivery infrastructure by using large networks of Residential Proxies, designed to help attackers automate the attack.With the ultimate goal of committing fraud or stealing the account contents through account take overs, credential stuffing and fake account creation, Bulletproof Proxies enable the attacks that appear to be legitimate transactions to appear as if they are coming from real user locations, making prevention even more difficult. In this session, Will Glazier, Head of the CQ PrimeThreat Research team will cover the following topics:The rise of Bulletproof Proxies – how they came to existThe balancing act between legitimate and malicious useTechniques used to mask their identity and locationDetails on large scale attacks targeting financial services and retail sector