Tag Archive for: Speak

Gravwell CEO Corey Thuen to Speak at Black Hat USA 2022

/in


Security Researcher to Discuss the How to Go Beyond the Limits of the SIEM with a Security Data Lake

 IDAHO FALLS, Idaho, July 27, 2022 /PRNewswire/ — Black Hat USA 2022, one of the leading computer security conferences in the world, provides security consulting, training, and briefings to hackers, corporations, and government agencies.

Gravwell (PRNewsfoto/Gravwell)

Gravwell (PRNewsfoto/Gravwell)

Crunch massive amounts of security data, gain observability at light speed, and improve threat hunting.

Security practitioners and leaders who want to learn why data lakes are becoming critical to improving security operations (i.e., SecOps) and how to use them to crunch massive amounts of security data, gain observability at light speed, and improve threat hunting should attend the session, “Go Beyond the Limits of the SIEM with a Security Data Lake.”

The session, led by Gravwell CEO and Cofounder Corey Thuen, will explore the fundamentals of time-series data lakes, how they differ from other ways of centralizing logs, and deep dives into some outlandish examples. The session will take place on Thursday, August 11 12:40pm-1:30pm PT at Mandalay Bay Resort & Casino in Las Vegas, NV.

Gravwell is also a sponsor at the Black Hat USA 2022 Conference. The company will demonstrate the latest innovations and technical enhancements to their enterprise data fusion platform that enables security teams to investigate, collaborate, and analyze data from any source, on-demand, all with unlimited data collection and retention. The company will discuss how the Gravwell platform is helping organizations prevent, detect and respond to the latest cyber attacks. The Gravwell booth is Booth #2817 and located in the Business Hall near Innovation City.

Interested parties can schedule a meeting with a Gravwell team member to discuss the latest in data analytics, get a platform demo and discover how Gravwell is transforming the way organizations interact and manage enterprise data. https://www.gravwell.io/blackhat

Who:
Corey Thuen, CEO and Cofounder, Gravwell

When:
Thursday, August 11th, 2022
12:40pm-1:30pm Pacific Time

Where:
Mandalay Bay K

Interview Opportunities:           
Corey Thuen is available to discuss the security…

Source…

With cyber crime on the rise, we speak to experts to share tips on dealing with fraudulent activities

/in


Digital advancement has given fraudsters new ammunition to target the vulnerable. In the WhatsApp fraud, the target receives a message saying the sender has found his number on contact. Scamsters gain information slowly for misuse. The Facebook fraud has a link from a friend – Is this you in the video? The account gets hacked after clicking on the link. It’s time to know ways to deal with them.

Online frauds 

Shedding light on the situation, Niranjan Upadhye, General Manager, Fraud Risk Management Division, Worldline India, says, “Most frauds are Social Engineering frauds. After gaining your trust, fear or greed, fraudsters typically coax you for a ‘call to action’, something they’d like you to do. Once they manage to get you to do the same, they would exploit your weakness further by cajoling or coercing you.” Thus, despite a generally sorted infrastructural security, India faces peril in IT-related frauds thanks to user conduct.

There are talks about the hijacking, which has the attacker taking over communication between two entities. The attacker then mimics one of the entities. It is all done to gather information or become one of the users to conduct things that he or she normally does online. This is what Shibu Paul, Vice President, International Sales at Array Networks, has observed.

“Thieves use email to try to trick you into visiting a false website where you get told to reveal confidential information,” he reveals about Phishing. “There’s ‘Vishing’. Scammers utilise a phone number in phishing emails. A person or an automated response system will ask for your personal or account details if you call. One most prevalent attack is infecting a user’s computer with malicious software, or ‘Malware’. ‘Botnet’ refers to a network of robot computers. The use of malware disseminated via Botnet allows criminals to acquire sensitive data and possibly commit fraud.”

Many might have seen newer frauds on the horizon hitting millennials and Gen Z. Like dating site frauds, fun games around celebrity crushes, credit card renewal fee waivers, credit card blocked, Buy Now Pay Later (BNPL), Cryptocurrency, AnyDesk fraud, Covid related and fuel card frauds and…

Source…

Computer Memory Can Be Made to Speak in Wifi, Researcher Discovers

/in


Illustration for article titled Computer Memory Can Be Made to Speak in Wifi, Researcher Discovers

Photo: KIRILL KUDRYAVTSEV / Staff (Getty Images)

A new theoretical exploit called Air-Fi can turn a secure, air-gapped computer into a wifi transmitter that can help a hacker exfiltrate secure data.

An air-gapped computer is a computer that is completely disconnected from any network. Many air-gapped machines have every possible network feature removed, from wifi to Bluetooth, but this exploit shows that hackers can use DDR SDRAM buses “to generate electromagnetic emissions in the 2.4 GHz Wi-Fi bands and encode binary data on top of it,” according to the researcher Mordechai Guri of the Ben-Gurion University of the Negev, Israel.

“This technique required high levels of skills from the attacker, in both design and implementation,” said Guri in an email. “However, there are simpler covert exfiltration channels for conventional IT environments in the wild. This one is focusing on leaking data from air-gapped computers where the traditional network-based covert channels fail.”

“Using the Wi-Fi medium in such a non-conventional way is something that I’ve been examining during the last year,” he said.

The transmissions are invisible to other devices and only the hacker can only pick them up with specially-prepared software and hardware.

G/O Media may get a commission

He writes:

As a part of the exfiltration phase, the attacker might collect data from the compromised computers. The data can be documents, key logging, credentials, encryption keys, etc. Once the data is collected, the malware initiates the AIR-FI covert channel. It encodes the data and transmits it to the air (in the Wi-Fi band at 2.4 GHz) using the electromagnetic emissions generated from the DDR SDRAM buses.

Guri is well-known in security circles for figuring out how to attack air-gapped machines. In 2019 he used screen brightness and power lines to transmit data from secure computers and in 2018 he was also able to transmit data via ultrasonic audio files using a simple computer speaker.

In this exploit, Guri was able to force the DDR SDRAM busses to transmit to compromised wifi-capable devices like laptops and smartphones. He hacked four workstations with the exploit, each outfitted with similar 4GB DIMM DDR4…

Source…

Jason Biggs on His Son’s Sex Pistols Name & The Real Reason His Kids Speak German

/in

We talked shop — parenting shop, that is — from Octonauts to kid travel to Dictator Lunches to his Heluva Good dip mac ‘n’ cheese hack. It was also perhaps the most reverse-interviewed I’ve ever been …
mac hacker – read more