{"id":3845,"date":"2014-02-21T10:00:48","date_gmt":"2014-02-21T15:00:48","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?p=3845"},"modified":"2020-02-26T10:47:54","modified_gmt":"2020-02-26T15:47:54","slug":"sas-day-two-kaspersky-showcases-company-industry-talent","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/sas-day-two-kaspersky-showcases-company-industry-talent\/3845\/","title":{"rendered":"SAS Day Two: Kaspersky Showcases Company, Industry Talent"},"content":{"rendered":"<p>PUNTA CANA \u2013 <a href=\"https:\/\/us-business.kaspersky.com\/online-banking-malware-sophisticated-numerous-and-customized\/\" target=\"_blank\" rel=\"noopener nofollow\">The second day of Kaspersky Lab\u2019s Security Analysts Summit <\/a>was organized into three tracks, which were great for the conference attendees, but also means this article will necessarily overlook some very important topics and fail to give attention to some very worthy presenters. That said, here are the consumer-oriented highlights:<\/p>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2014\/02\/06044533\/sas2.jpg\"><img decoding=\"async\" class=\"aligncenter size-full wp-image-3846\" alt=\"sas2\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2014\/02\/06044533\/sas2.jpg\" width=\"640\" height=\"480\"><\/a><\/p>\n<p>The day opened with \u201cAfter Zeus Banking Malware,\u201d a briefing on the future of banking malware by Sergey Golovanov, a malware expert on Kaspersky\u2019s Global Research and Analysis Team. For years, the Zeus trojan has been the gold standard among banking malware. In many respects it remains so. For sure, there have been other threats, but each has paled in comparison to Zeus in terms of longevity and distribution and \u2013 ultimately \u2013 effectiveness. This, Golovanov claims, may be about to change. Attackers are developing new ways to steal user banking credentials and trojans like Carberp 2.0, Neverquest, Lurk, and Shiz may emerge to <a href=\"https:\/\/www.kaspersky.com\/blog\/the-big-four-banking-trojans\/\" target=\"_blank\" rel=\"noopener nofollow\">dethrone Zeus<\/a>.<\/p>\n<p>At the very same time in the very next room, Twitter\u2019s Charlie Miller and IOActive\u2019s Chris Valasek presented their well-known car-hacking demonstration. It was \u2013 as always \u2013 a wonderful briefing, but <a href=\"https:\/\/www.kaspersky.com\/blog\/car-hacking\/\" target=\"_blank\" rel=\"noopener nofollow\">we\u2019ve covered it here thoroughly<\/a>. The only really new element to their demo was the suggestion that antivirus-style detection could pick up on anomalies in the network communication between onboard computers. The traffic traveling along these onboard networks is actually very predictable, the researchers said. In fact, in order to make their hacked cars do anything at all, the researchers had to flood them with more data packets than any normal car would send. Thus, picking up on variations from the norm and blocking them could potentially provide a robust defense against car hacking attempts in the future. For more on that you can listen to <a href=\"https:\/\/www.kaspersky.com\/blog\/podcast-protecting-cars-with-av-style-detection\/\" target=\"_blank\" rel=\"noopener nofollow\">this brief podcast with Miller and Valasek<\/a> or <a href=\"https:\/\/threatpost.com\/detecting-car-hacks\/104190\" target=\"_blank\" rel=\"noopener nofollow\">read this more thorough article posted by our friends at Threatpost<\/a>.<\/p>\n<div class=\"pullquote\">Kaspersky Lab\u2019s security experts Fabio Assolini and Santiago Pontiroli briefed their audience on a banking scheme so transcendent that is actually steals money from offline users.<\/div>\n<p>Kaspersky Lab\u2019s security experts Fabio Assolini and Santiago Pontiroli briefed their audience on a banking scheme so transcendent that is actually steals money from offline users. The duo explained that one of the most popular ways for business and individuals to pay bills in Brazil is with \u201c<a href=\"http:\/\/en.wikipedia.org\/wiki\/Boleto\" target=\"_blank\" rel=\"noopener nofollow\">Boletos<\/a>.\u201d These are apparently special invoice documents issued by banks and businesses that are used not only to pay bills but also more broadly to pay for goods and services. With a little hacking and a lot of social engineering, Brazilian cybercriminals are finding ways of mimicking the barcodes and other unique identifiers that tie one Boleto to one individual or bank account. Once they have\u00a0 these Boletos, which they can simply print, they can then transfer money out of their victim\u2019s accounts and into their own. In reality, this sort of attack \u2013 which of course affects on and offline consumers alike \u2013 is as similar to centuries-old forgery attacks as it is to any modern, online bank account theft. It\u2019s also similar to tax return scams that crop up this time of year in the United States.<\/p>\n<p>Billy Rios, the director of vulnerability research and threat intelligence at Qualys, demonstrated that he could inject code into and mimic the information output by some of the most iconic airport security systems, essentially spoofing the systems used by the Transportation Security Agency and other airport protectors to detect prohibited items. He described the exploits as embarrassingly simple. We have a full report on this research coming soon, and we will provide a link here just as soon as it is published.<\/p>\n<p>Golovanov then returned to the stage with Kaspersky Lab virus analyst Kirill Kruglov. They gave a demonstration on just how vulnerable cash machines and point-of-sale terminals are to attack. The central problem with these devices, the pair explained, is that beneath the plastic casing and PIN pads are old, out of date, and often un-patched operating systems. The primary culprit is \u2013 as always \u2013 Windows XP, for which there are an uncountable number of known and exploitable vulnerabilities. Tillman Werner of CrowdStroke took this to the next level in his talk, saying that attackers have turned <a href=\"https:\/\/www.kaspersky.com\/blog\/credit-card-security\/\" target=\"_blank\" rel=\"noopener nofollow\">ATM robbing<\/a> into a multi-million dollar business with a combination of specially crafted malware and insider knowledge.<\/p>\n<p>Rios returned to the stage as well with his colleague Terry McCorkle. The pair\u2019s presentation, \u201cOwning Buildings for Fun and Profit,\u201d was a nearly perfect microcosm for the entire critical infrastructure (in)security track, demonstrating just exactly how digital vulnerabilities can be exploited to cause real-world damage. More specifically, the Qualys researchers showed that physical building security systems and other endpoint machines can be owned and used to manipulate video surveillance and access control systems (read: door locks) and even to cause damage to industrial equipment.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>PUNTA CANA \u2013 The second day of Kaspersky Lab\u2019s Security Analysts Summit was organized into three tracks, which were great for the conference attendees, but also means this article will<\/p>\n","protected":false},"author":42,"featured_media":3846,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[5],"tags":[734,352,391,4208],"class_list":{"0":"post-3845","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"tag-banking-trojans","9":"tag-kaspersky-lab","10":"tag-safe-banking","11":"tag-sas-2014"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/sas-day-two-kaspersky-showcases-company-industry-talent\/3845\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/sas-day-two-kaspersky-showcases-company-industry-talent\/2982\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/sas-day-two-kaspersky-showcases-company-industry-talent\/2876\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/sas-day-two-kaspersky-showcases-company-industry-talent\/3247\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/sas-day-two-kaspersky-showcases-company-industry-talent\/3205\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/sas-day-two-kaspersky-showcases-company-industry-talent\/2757\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/sas-day-two-kaspersky-showcases-company-industry-talent\/3845\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/sas-day-two-kaspersky-showcases-company-industry-talent\/3845\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com\/blog\/tag\/banking-trojans\/","name":"banking trojans"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/3845","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/42"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=3845"}],"version-history":[{"count":1,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/3845\/revisions"}],"predecessor-version":[{"id":33056,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/3845\/revisions\/33056"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/3846"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=3845"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=3845"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=3845"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}