NEWS FROM THE LAB - Wednesday, December 2, 2009

FIRST-TC in Kuala Lumpur Posted by Alia @ 05:09 GMT

November 30th is World Computer Security Day. In conjunction with the event, the Forum of Incidence Response and Security Teams (FIRST) held a Technical Colloquium in Kuala Lumpur, which a few Analysts from our KUL Response Lab attended.

There were a number of interesting presentations, mostly dealing with the state of the Internet or the threat landscape today. There were also more technical demonstrations related to use of malware analysis tools.

Numerous speakers touched on the notorious Conficker epidemic, including Richard Perlotto (Shadowserver Foundation) and Ryan Connolly (Team Cymru). The talk by Roland Dobbin (Arbor Networks) meanwhile dwelt mostly on the preparedness of web operators to deal with DDoS attacks, with reference to the recent Republic of Korea and US Independence Day DDoS events.

Presentation at FIRST-TC

Jacomo Piccolini (ESR/RNP) presented a few instances of Brazilian-specific malware, particularly banking Trojans. Even though some were using interesting new tricks, even the simpler malware were disturbingly effective due to good, old fashioned social engineering. To prove his point, he also demonstrated just how easy it was to do social engineering — on the audience. Ouch.

Alex Tilley (image above) from the Australian Federal Police (AFP) gave a very interesting overview of a database hack that involved millions of Australian domains. Also included was an entertaining and illuminating attempt to explain cybercrime by comparing it to drug trafficking.

The first day of the Colloquium was closed with a swanky dinner and the official launch of CyberSecurity Malaysia's promising new Malware Research Center.