Social and mobile tisa protalk 2 2554

Advanced Social Network and Mobile Attack

Nipon Nachin, Consulting Manager

ITIL Expert, CISSP, GIAC GFCA, CISA, CISM, CSSLP, AMBCI, IRCA ISMS, ITSMS, BCMS Provisional Auditor, SSCP, Security+

Prathan Phongthiproek, Red-Team Manager

eCPPT, E|CSA, C|EH, CIW Security Analyst, CPTS, CWNP, CWSP, Security+, ITIL-F

ACIS Professional Center

Social Network

Source: 2008 CSI Computer Crime & Security Survey2

RSS feed

http://images.google.co.th/imgres?imgurl=http://www.finaid.org/about/images/MSN_logo.gif&imgrefurl=http://www.finaid.org/about/websites.phtml&usg=__U-kPq8lS8wqUbnyeqRMI7GF60bk=&h=166&w=297&sz=13&hl=th&start=2&um=1&itbs=1&tbnid=awRd89IW1rkzWM:&tbnh=65&tbnw=116&prev=/images?q=msn+logo&um=1&hl=th&sa=G&rlz=1T4ADBF_enTH334TH334&tbs=isch:1

http://images.google.co.th/imgres?imgurl=http://www.libertyabroad.com/private_folder/msn_messenger_logo.jpg&imgrefurl=http://www.libertyabroad.com/&usg=__c2FMqbJ4KZ6ORWfzcxD0JKi9eQ4=&h=254&w=313&sz=14&hl=th&start=17&um=1&itbs=1&tbnid=JJNp4e6BH-q9GM:&tbnh=95&tbnw=117&prev=/images?q=msn+logo&um=1&hl=th&sa=G&rlz=1T4ADBF_enTH334TH334&tbs=isch:1

http://images.google.co.th/imgres?imgurl=http://www.aiesec.ro/uploads/images/linkedin-logo.png&imgrefurl=http://www.aiesec.ro/en/alumni/communities-2/&usg=__IBoCiIt2D0kHRY24w2j9I9nsIIQ=&h=300&w=1062&sz=55&hl=th&start=4&um=1&itbs=1&tbnid=JnzQcG533mdHHM:&tbnh=42&tbnw=150&prev=/images?q=linkedin+logo&um=1&hl=th&sa=N&rlz=1T4ADBF_enTH334TH334&tbs=isch:1

http://images.google.co.th/imgres?imgurl=http://www.devwinner.com/images_post/94_windows-live-logo_350.gif&imgrefurl=http://www.devwinner.com/it-news/newsView.aspx?id=18&usg=__VocW9y0z7kL-yKEkjbk54_Ud-p4=&h=261&w=350&sz=20&hl=th&start=6&um=1&itbs=1&tbnid=BuWGTKKmJNgH1M:&tbnh=89&tbnw=120&prev=/images?q=hotmail+logo&um=1&hl=th&rlz=1T4ADBF_enTH334TH334&tbs=isch:1

Social Network Threats


1) Malware Spam

2) Drive-By-Download

3) Malicious Applications

4) Session Hijacking

Malware Spam


1) Osama execution video scam

2) Enable dislike button

3) Top 10 profile spies

Malware Spam


Drive-By-Download


1) Malicious URL Shorten

2) Internet Explorer / Mozilla Firefox / Safari / Chrome Vulnerabilities

3) Web Browsers Toolbar

4) Adobe products vulnerabilities; **Flash, PDF, Etc

5) ActiveX and Java Applets

Drive-By-Download


Drive-By-Download


Victim

(4) Download exploit

(1) Client visit the landing page

(2) Redirect to get exploit

(3) Redirect to get exploit

Drive-By-Download


Spyware

Viruses

Worms

Trojans

Potentially

unwanted

applications

Adware

Unwanted/

offensive

content

Phishing

Drive-By-Download


0

Malicious Facebook Applications

Source: 2008 CSI Computer Crime & Security Survey

Sessions Hijacking


Sessions Hijacking with Firesheep


1) For now, Unable to attack Facebook **Have to Modify source code

2) Only support over HTTP

- Hotmail, Twitter, Facebook, Etc

3) Sniff on-the-Fly (Wifi Hotspot)

4) Over Network, Have to ARP poisoning

Sessions Hijacking


Sessions Hijacking Over HTTPS


1) Using SSLStrip for kill SSL sessions

2) Rouge Access point or Arp poisoning on the wire

Sessions Hijacking Over HTTPS

Mobile Threats


9

BlackBerry

Mobile Safari Still Vulnerable To Pwn2Own Exploit

Mobile Web Browsers

Common problem: bad security UX

Android Content Provider File Disclosure

Google Latitude Zero Day Attack

Google Latitude Zero Day Attack - Example

https://www.google.com/accounts/[email protected]&password=xxxxxx&s=sss=&xxx=dddddd

Google Latitude Zero Day Attack on iPhone

Google Latitude Zero Day Attack

FlexiSPY BlackBerry Spy Phone

FlexiSPY Apple iPhone Spyphone

Spyphone – ดักฟังการสนทนา

31

28th – 29th June 2011, Grand Millennium Sukhumvit, Bangkok

Social and mobile tisa protalk 2 2554

Technology

Transcript of Social and mobile tisa protalk 2 2554