• Irongeek Security
• Hacking Illustrated Videos
• InfoSec Articles
• Mobile Pen-testing Tools
• Apps/Scripts
• Reviews
• RSS
• Your IP
• Podcasts
• Hoosier Hackers
• Newscat
• Links
• Contact
• Forums
• Workout
• Nutrition
• Supplements
• Humor
• Irongeek Campuses
• Fed Watch
• Books
• Store
• About
• Follow @irongeek_adc

Blocking the Covert Channels Used for Malicious Data Theft
Alex Lanstein
 

        Browser-based computing, mobility and social networking are giving rise to a new breed of threat: stealthy Web-borne malware. Cyber criminals are using the Web as their prime infection vector to take over enterprise and consumer PCs, and embedding malicious code within user-generated content websites, third party ads, and high-traffic web applications.

        The fact is today’s threats exploit the inability of “traditional” network protection to provide a unified defense against a cyber criminal who attacks on multiple fronts, from OS exploits, browser attacks, and increasingly, plug-in/widget vulnerabilities.

Companies need “modern” tools that offer both accuracy and advanced detection techniques to prevent the calculated, surgical access and theft of their critical information. Tool Talk attendees will learn:

- The extent of today’s sophisticated Web malware and how it works.
- Key differentiators between data leakage and malicious data theft
- Why traditional solutions are powerless to stop today's insidious threats
- How a new network security tool can foil break-ins and detect future infections
- Real-world results from an organization that is using this new solution.

Speaker: Alex Lanstein, Senior Researcher, FireEye - At FireEye, Alex handles a broad set of responsibilities including product engineering, sales engineering, and security research. Most recently, his security research was published by The Washington Post, PC World, The Register, and Cisco Systems, where he uncovered botnet and Web malware sites associated with McColo Corp. His work was key in taking McColo off the Internet as well as significantly reducing worldwide spam. Prior to FireEye, Alex was founder, owner, and network administrator of an Internet hosting company. His areas of expertise include botnets, malware, network security, and functional binary analysis. Alex has a B.S. in Computer Science from Connecticut College.

Download link: http://blip.tv/file/get/Irongeek-2009LMIAlexLanstien241.mp4

Descriptions and details from http://www.louisvilleinfosec.com, with small edits.
Thanks to Lee Pfeiffer and the student volunteers for handling the video the day of the conference, and Brian Blankenship for editing the videos.

Printable version of this article