The Exploit Intelligence Project





The interactive transcript could not be loaded.



Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on May 12, 2011

The Exploit Intelligence Project
Dan Guido, Security Consultant, iSEC Partners (@dguido)

In 2011, mass malware is still the most common source of compromise on
corporate networks. Bots like Zeus, Gozi, and Clampi successfully infect
devices despite organizations carefully managing disclosed vulnerabilities
and subscribing to detailed analysis of the latest malware families.
Existing efforts at malware prevention focus broadly on vulnerabilities and
their impact yet ignore the means by which they are exploited and the
motivations, opportunities and capabilities of attackers, which has allowed
this problem to become worse year-after-year.

In this talk, I introduce an intelligence-driven approach to malware
defense, focusing on attacker's capabilities and methods, with data
collected from the most popular crimeware packs currently deployed
in-the-wild. This analysis identifies the means by which exploits are
developed and selected for inclusion in crimeware packs, identifies defenses
that are outside the capability of malware exploit writers to bypass, and
helps attendees evaluate not just the exploitability, but the probability of
a vulnerability being exploited. This study shows that, until crimeware
packs substantially advance in sophistication, only a few simple defensive
tactics are required to protect users from such opportunistic threats.

Dan Guido is a Security Consultant at iSEC Partners, where he specializes in
incident response, application security, and penetration testing. Before
joining iSEC, Dan worked for the Federal Reserve System's incident response
team where he developed and ran a threat intelligence program to report on
current trends in cybercrime, threats to payment systems, and nation-state
cyber espionage activities. In addition to his work at iSEC, Dan is an
adjunct faculty member at NYU:Poly where he teaches a graduate computer
science course in penetration testing and vulnerability analysis.


When autoplay is enabled, a suggested video will automatically play next.

Up next

to add this to Watch Later

Add to

Loading playlists...