Scribd Logo
Upload

Welcome to Scribd!

  • Phishing Techniques, Defenses, and Future Trends

    Uploaded by

    Cleilson Pereira
    47 views5 pages

    Original Title

    2018-07-06-PenTest_ Phishing_ Techniques, Defenses, and Future Trends

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    47 views5 pages

    Phishing Techniques, Defenses, and Future Trends

    Uploaded by

    Cleilson Pereira

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 5

    Subject:

    PenTest: Phishing: Techniques, Defenses, and Future Trends


    From: Joanna from pentestmag <joanna@pentestmag.intercom-mail.com>
    To: marcialwushu@gmail.com
    Date Sent: Friday, July 6, 2018 11:09:18 AM GMT-03:00
    Date Received: Friday, July 6, 2018 11:09:19 AM GMT-03:00

    Hi there,

    The time to plan your holidays, new journeys, and new adventures is finally
    here, let's welcome the summer time together! Today we would like to present
    you the newest issue by Hakin9, our sister magazine.

    Get your copy >>

    We hope you will enjoy all of it.

    1/5
    >>TABLE OF CONTENTS<<

    Cloud Services as a Communication Channel between C&C and Malware

    by German Namestnikov

    Today we are going to talk about covert communication channels between an


    attacker and his malware, discuss some common ways to evade network
    protection and leverage cloud services in this direction.

    User Privacy Leakage on the GSM Broadcast Channel

    by Loay Abdelrazek

    In this article, we present an experimental analysis of the subscriber’s privacy


    in cellular networks and in particular of the network initiated IMSI paging
    procedure. Different from active IMSI catchers, where they require to act as a
    rogue mobile tower, our methodology is in the passive mode. The passive
    mode IMSI catching attack, highlights an uncomplicated attack that can be
    performed to compromise subscriber’s privacy. The paper highlights
    deficiencies in the operator’s configuration and design.

    Surfing on your CAN-Bus

    2/5
    Open Source based car-hacking tools and your jump start cable for car
    hacking

    by Thomas Fischer

    Let’s start car-hacking by yourself. In this article, I will give you an introduction
    to this topic and I will provide some jump start cables for you to build your own
    car-hacking lab. This part will give you some context about modern car-
    networks. You will get a condensed introduction into the world of the CAN-Bus
    and its history. Later in this article, we will be focused on some of the available
    devices for car-hacking and for what purpose you should take which device.
    This article is based on the talk and the workshop the author gave at the
    Confidence 2018 in Krakow.

    Make your Cloud with Subutai

    by Maurício Harley

    This article is about Subutai, a distributed, peer-to-peer open source cloud


    computing platform with the purpose to give the power of cloud to anyone,
    without the need to pay a provider. Then, the main idea is to disrupt the
    traditional public cloud model, that dictates a provider holding all computing,
    storage and network resources and billing you for them.

    Malware Analysis

    by Munir Njiru

    Dynamic analysis opens malware in execution state and is usually a more


    efficient approach to analyzing malware that has a bit of sophistication where
    the replicator and bomb are usually hidden behind a concealer that
    deconstructs itself at runtime. A good example of malware that would have this
    as the most applicable method would be metaPHOR or blackbat.

    A Brief History of CSRF

    by Prasenjit Kanti Paul & Soumen Maitra

    On October 4, 2005, the cyber world witnessed its fastest spreading worm of
    all time called the samy virus that was designed to propagate across the
    MySpace social-networking site, written by Samy Kamkar. Within just 20 hours
    of its release, over one million users had run the payload that displayed the
    string “but most of all, samy is my hero” on a victim’s MySpace profile and
    sent Samy a friend request. This worm is well known as one of the first Cross-
    Site Scripting (XSS) worms in history that uses Cross Site Request Forgery
    (CSRF) for its replication. Sounds cool, doesn’t it?

    Reversing Code Injection for Tampering in DOT NET

    by Petter Anderson Lopes

    The present article aims to demonstrate the main steps to perform a reverse
    3/5
    and tampering in DOT NET project. The reverse engineering technique can be
    applied in several areas, not only in software, because its purpose is to present
    to the one who is carrying out the process, the final result in its construction.
    Applied in software, such as malware analysis, reverse engineering is the
    process that involves decompiling the binary code into an assembly language,
    or even the language in which the program was written. This article will deal
    exclusively with reverse engineering and tampering with code developed on
    the .NET platform. Like other globally known languages, .NET is based on a
    virtual machine platform, that is, although it is compiled, the code is interpreted
    based on a framework where it is possible to use several programming
    languages like VB .NET, C # .NET, F # .NET, and so on.

    Anonymity on the web

    by Neel Vishwakarma

    Since the release of Yik Yak in 2013, it has caused chaos among student
    communities, with numerous posts that included threats, slander and racial
    slurs. Now, apps like Snapchat and Voxox are trending among teens. Trolling
    is the single strongest argument against anonymity for public. Most of the
    internet cases that affect people and their day to day lives have some form of
    trolling involved. You can easily see small examples of trolling on the internet.
    Just look at the comments section of any YouTube video and you will find a
    comment that is completely unrelated to the content of the video, posted with
    an intention to pick a fight.

    Phishing: Techniques, Defenses, and Future Trends

    by Jacob Bell

    Phishing attacks have gained increased attention in recent years for their
    success at stealing the information of unsuspecting victims. These invasions
    have impacted both individuals and organizations alike and are becoming
    more severe each year. This paper will focus on the major types of phishing by
    examining how they work and why they succeed. Attention will also be given to
    countermeasures that are effective at blocking/mitigating phishing attacks. The
    paper will conclude with a discussion on the trends surrounding phishing,
    which will center on how attacks are evolving and what new defenses may be
    needed to counteract the consequences of future phishing invasions.

    Blockchain Technology and the Future Transactions

    by Amine Amhoume

    The internet has served the human being for a really long time. It connected
    the whole world and it inspired various geniuses to invent new technologies.
    As for every era, this era has a lot of new inventions to offer, from the Internet
    of Things (IoT) and Artificial Intelligence (AI) to Blockchain technology and so
    on. The latest is what appears to be the revolution of future transactions in the
    forthcoming decades.

    4/5
    Get your copy >>

    Enjoj!

    Joanna,
    CEO at Hakin9 Media

    Joanna from pentestmag Unsubscribe from our emails

    Powered by Intercom

    5/5

    You might also like