logo
Dates

Author


Conferences

Tags

Sort by:  

Conference:  Defcon 31
Authors: Vangelis Stykas CTO at Tremau
2023-08-01

C2 servers of mobile and Windows malware are usually left to their own fate after they have been discovered and the malware is no longer effective. We are going to take a deep dive into the rabbit hole of attacking and owning C2 servers, exposing details about their infrastructure, code bases, and the identity of the companies and individuals that operate and profit from them. While understanding and reversing malware is a highly skilled procedure, attacking the C2 itself rarely requires a lot of technical skills. Most of the C2 servers have the same typical HTTP problems that can be detected by off-the-shelf vulnerability scanners. By exploiting low-hanging fruit vulnerabilities, an attacker can obtain unauthorized access to administrative functions, allowing them to command thousands of devices and further explore other attack vectors. This can give them access to administrator panels and malware source code, and result in the identity of threat actors being exposed.
Authors: Isabelle Mauny
2021-09-24

tldr - powered by Generative AI

APIs present new vulnerabilities and require specific security measures to protect data
  • APIs have changed the way we write applications and moved security controls to the client side, leaving data vulnerable
  • APIs create new vulnerabilities and require specific security measures
  • Data protection is a critical issue for APIs, and validation of data inputs is necessary
  • Parlor is an example of a social network that suffered a data breach due to zero authentication, no rate limiting, and sequential IDs