[Noisebridge-discuss] Feb BAHA - Pwning Botmasters

Sai noisebridge at saizai.com
Mon Jan 17 20:03:29 UTC 2011

Please get this on video online. I'd quite like to see it.

- Sai

On Mon, Jan 17, 2011 at 12:34 PM,
<travis+ml-noisebridge at subspacefield.org> wrote:
> On 13 Feb 2011, 1400 (that's 2pm for the subtraction-impaired),
> The Bay Area Hackers Association will host the following talk:
> Counter-Exploitation: Pwning Botmasters
> We'll have Billy Rios talking about exploiting the ZeuS botnets and
> the people who control them.
> Zeus is a Trojan horse that steals banking information by keystroke
> logging. Zeus is spread mainly through drive-by downloads and phishing
> schemes. First identified in July 2007 when it was used to steal
> information from the United States Department of Transportation, it
> became more widespread in March 2009. In June 2009, security company
> Prevx discovered that Zeus had compromised over 74,000 FTP accounts on
> websites of such companies as the Bank of America, NASA, Monster, ABC,
> Oracle, Cisco, Amazon, and BusinessWeek.
> Zeus' current botnet is estimated to include millions of compromised
> computers (around 3.6 million in the United States).  As of October
> 28, 2009 Zeus has sent out over 1.5 million phishing messages on
> Facebook. On November 3, 2009 a British couple were arrested for
> allegedly using Zeus to steal personal data.
> His blog is here:
> http://xs-sniper.com/blog/
> About the Speaker:
> Billy Rios is currently a security researcher for Google where he
> studies emerging security threats and technologies.  Before Google,
> Billy was a Security Program Manager at Microsoft where he helped
> secure several high profile software projects including Internet
> Explorer.  Prior to his roles at Google and Microsoft, Billy was a
> penetration tester, making his living by outsmarting security teams,
> bypassing security measures, and demonstrating the business risk of
> security exposures to executives and organizational decision makers.
> Before his life as a penetration tester, Billy worked as an
> Information Assurance Analyst for the Defense Information Systems
> Agency (DISA). While at DISA, Billy helped protect Department of
> Defense (DoD) information systems by performing network intrusion
> detection, vulnerability analysis, incident handling, and formal
> incident reporting on security related events involving DoD
> information systems.  Before attacking and defending information
> systems, Billy was an active duty Officer in the United States Marine
> Corps.
> As usual, BAHA's website is here:
> http://baha.bitrot.info/
> And we do have a Google calendar for the monthly meetings; it is
> linked to from that page.
> --
> Effing the ineffable since 1997. | http://www.subspacefield.org/~travis/
> My emails do not usually have attachments; it's a digital signature
> that your mail program doesn't understand.
> If you are a spammer, please email john at subspacefield.org to get blacklisted.
> _______________________________________________
> Noisebridge-discuss mailing list
> Noisebridge-discuss at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss

More information about the Noisebridge-discuss mailing list