Last semester in grad school - Ethics - was a reading - studying - intensive semester. We blew through the material: copyrights, trade secrets, morals in information security, patents. You name it - we went through it. My research paper - Liability Issues surrounding Cloud Computing - has been edited by Liz and I am in the process of going through and applying the edits.
Still not sure if I will put it out there but you never know.
OWASP has not been meeting lately so no news to report.
I'm getting familiar with Grails - BlazeDS - Flex stack right now.
Monday, June 14, 2010
Monday, January 4, 2010
Phishing stats.
What are Phishing kits?
Phishing kits are usually downloadable from dark sites and underground IRC forums in the form of an archive – tar, zip, etc. and contain all of the files necessary to build a phishing site. The kit users are not technically adept but the kit authors usually are and they drive much of the phishing sites used today.
Nearly 400 different phishing kits were discovered by computer scientists at UC Santa Barbara - http://www.scmagazineus.com/backdoor-scams-emerge-on-phishing-kits/article/113240/
Out of almost 400 kits, 129 had backdoors that phished the phishers.
RockPhish.
MrBrain – although use is diminishing due to MrBrain’s stealing of the stealer’s data which led to distrust in the underground community.
Google Kit - http://securitylabs.websense.com/content/Blogs/3512.aspx
Stolen cards are used for....
Used to purchase nonsensical domains and webhosting services. The hosting service providers that have longer take down times are usually preferred. Over the past few years, the main stream hosting services like Yahoo are declining in use due to the fast takedown times. Other hosting services like by.ru and 100webspace.net
Top webhosters by phishers:
http://toolbar.netcraft.com/stats/hosters
Phishiest countries:
http://toolbar.netcraft.com/stats/countries
Phishing kits are usually downloadable from dark sites and underground IRC forums in the form of an archive – tar, zip, etc. and contain all of the files necessary to build a phishing site. The kit users are not technically adept but the kit authors usually are and they drive much of the phishing sites used today.
Nearly 400 different phishing kits were discovered by computer scientists at UC Santa Barbara - http://www.scmagazineus.com/backdoor-scams-emerge-on-phishing-kits/article/113240/
Out of almost 400 kits, 129 had backdoors that phished the phishers.
RockPhish.
MrBrain – although use is diminishing due to MrBrain’s stealing of the stealer’s data which led to distrust in the underground community.
Google Kit - http://securitylabs.websense.com/content/Blogs/3512.aspx
Stolen cards are used for....
Used to purchase nonsensical domains and webhosting services. The hosting service providers that have longer take down times are usually preferred. Over the past few years, the main stream hosting services like Yahoo are declining in use due to the fast takedown times. Other hosting services like by.ru and 100webspace.net
Top webhosters by phishers:
http://toolbar.netcraft.com/stats/hosters
Phishiest countries:
http://toolbar.netcraft.com/stats/countries
Subscribe to:
Posts (Atom)