From The Sip Trunking Experts

TMCNet:  Cloud Hacking and Malware Analysis - Talk Highlights at EC-Council's Hacker Halted USA

[August 26, 2013]

Cloud Hacking and Malware Analysis - Talk Highlights at EC-Council's Hacker Halted USA

Atlanta, GA, Aug 26, 2013 ( via COMTEX) -- Today's enterprises are increasingly reliant on 'the cloud' to host key business operations and services, reduce costs and improve efficiency - but new cybersecurity and privacy risks threaten to undermine this important technology. Additionally, the growing sophistication of malware also presents unique challenges to these organizations. Hacker Halted USA, a leading information security conference in the US, is presenting research by several leading cybersecurity experts on the latest cloud-based threats and the challenges posed by advanced malware.

Hacker Halted USA runs from September 19-21 in Atlanta.

Here are a few cloud security talks that will take place at the conference: Reverse Socket Cloud Network Hacking - Aditya Kaushal, Decocidio - "Cloud computing as we all know is the leading and emerging technology across IT industries and as I was figuring out the reverse socket hack over TCP/IP protocol method can be used to produce several attacks i.e man in the middle, reply attacks, eavesdropping irrespective of using secure encryption. In order to protect the business infrastructure and network I have tried to create the multiple TCP/IP connections from the same host those will take the single file and that depends upon the mathematical algorithm which is written by me, which uses the some advanced algebra. It will create virtual TCP connection of cloud servers across the world instead of using single cloud servers; so even if the attacker is able to gain the program or the file by using the reverse shell socket (vulnerability I have discovered) he will only be having the half or quarter part of the file (file dividing depends upon the above mentioned mathematical algorithm) still he cannot use it to open the whole file because it's very difficult to open the whole parts of the file which is coming from the different virtual cloud servers at the same time. Let me put in the how the defense mechanism of this attack will work (this is just the brief explanation no mathematical algorithm and code is displayed here): 1) When a client transfers his file or the documents into the cloud server so instead of using the single TCP/IP connections to transfer the file, 2) It is then encrypted before sending it to the cloud servers. 3) When the host request it back each part of the file will be appended on the host system and appending will be done on to the client's system the whole process is controlled scripts which i have written on python." Cloud Ninja: Catch Me If You Can - Rob Ragan, Bishop Fox - "Starting with just a browser, imagine you've signed into a control panel to manage your 100,000 node botnet, where you monitor the rate of DDoS attacks being launched from your automated rental service. Then you set up a few more phishing sites that include payloads from the latest Chinese exploit packs. You then review the latest social security numbers, credit card numbers, and personal information extracted from yesterday's network and application compromises. Your distributed search quickly aggregates all the latest valuable data and validates it before automatically posting it for resale. Now, what if I told you that was all done from a browser while utilizing machines provided from freely available cloud services? What happens when computer criminals start using friendly cloud services such as Dropbox, Google Apps, Heroku, Amazon EC2, and Yahoo Pipes for malicious activities. In this presentation we explore how to (ab)use the free public cloud for the business of computer crime. Oh! Also we violate the hell out of some terms of service. We built a framework to make the above scenarios a reality. What will organizations do when the origin of attack came from popular sites that can't be blocked due to legitimate business purposes? How will the FBI successfully prosecute when the perpetrator doesn't have any evidence of illegal activity in their possession? How will SaaS and cloud providers thwart these activities to maintain a safe reputation? We explore answers to these questions and more." Here are a few malware analysis and forensics talks that will be covered at Hacker Halted USA: Demon's Tricks on Malware Creation - Christopher Elisan, RSA - "Automation is key when it comes to production. The same is true for malware. Malware production has moved on from the traditional manual method to a more efficient automated assembly line. In this talk, I will take the audience on an over-the-shoulder look at how attackers automate malware production. Discussion will focus on the tools and methodologies the attackers use to produce thousands of malware on a daily basis. The talk will then conclude with a live demonstration of how malware is produced in an automated fashion." Live Memory Analysis - Finding Sophisticated Malware Artifacts - Kevin Cardwell, CESI - "This talk focuses on the process and methodology of computer forensics. You will learn how to conduct "live" forensics, and analyze memory as required to find suspect malware, and preserve evidence integrity for possible litigation. During the clinic students will perform advanced level forensics to identify process antecedence and running context. Additionally, the clinic highlights sophisticated attacks, and how to analyze the information from these attacks at the packet and/or memory level. The traditional approach of "pulling" the plug is no longer viable in today's forensics. The amount of data that can be lost is significant, and as such that data has to be captured in a forensically sound manner before the traditional methods of forensics are used. During this clinic the process and methodology of "live" forensics will be developed to include running processes, physical memory, port/process association and running services. The identification of malware, and the techniques that an attacker uses to hide information will also be covered." Computer and Malware Forensics - Chuck Davis, Penn State University/Harrisburg University - "Attendees will attend a presentation that allows them to learn some modern day malware computer forensic techniques while participating in a hands-on, experiential learning exercise to find and remediate a malware infection." Hacker Halted USA is a three-day, three-track information security conference including 43 talks from top security researchers, organizations, independent security firms, the U.S. Army, U.S. Treasury, Facebook, Twitter, Square, RSA, Qualys, McAfee's Foundstone Division, Verizon Terremark, Dell, Deloitte, Salesforce, and Penn State University. Topics covered include mobile security, the cloud, forensics, critical infrastructure attacks, malware analysis, and more. Registrations are still being accepted and anyone interested in attending is encouraged to visit the registration website or call 1-888-330-HACK.

For more information about Hacker Halted USA, visit To view the online agenda, click here.

About EC-Council: The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and security skills. EC Council is the owner and developer of the world-famous E-Council Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Tester (LPT) programs, and various others offered in over 60 countries around the globe. These certifications are recognized worldwide and have received endorsements from various government agencies including the US Federal Government via the Montgomery GI Bill, and the US Government National Security Agency (NSA) and the Committee on National Security Systems (CNSS) certifying EC-Council's Certified Ethical Hacking (CEH), Network Security Administrator (ENSA), Computer Hacking Forensics Investigator (CHFI), Disaster Recovery Professional (EDRP), Certified Security Analyst (E|CSA) and Licensed Penetration Tester (LPT) program for meeting the 4011, 4012, 4013A, 4014, 4015 and 4016 training standards for information security professionals and most recently EC-Council has received accreditation from the American National standards Institute (ANSI).

Read the full story at

[ Back To SIP Trunking Home's Homepage ]

Subscribe here for your FREE
SIP TRUNKING enewslettter.

Featured Partner

Featured Whitepapers

SIP Security for the Enterprise
Voice over IP (VoIP) is incorporated into a variety of computer networks, both public and private, and used for everyday transactions and communications among carriers, businesses, government agencies...

Voice-Optimized Network Delivers Premier Call Experience
Customers equate call quality with business quality. Real-time communication, interpersonal interaction, and the cordial tone of a call center representative can create a positive impression of your business that no email can match.

Featured Datasheets

Ingate SIParator E-SBCs
Adopting SIP is a simple process with the Ingate SIParator, the secure enterprise session border controller (E-SBC). The SIParator makes secure SIP communications - including VoIP,SIP trunking and more - possible while working seamlessly with your existing network firewall.

Ingate Firewalls
Everyone is talking about enterprise usage of VoIP, instant messaging and other types of realtime communications including presence and conferencing.

SIP Trunk Solutions for Service Providers
The award-winning Ingate Firewall and Ingate SIParator deliver a high quality, reliable SIP trunk connection between the customer's IP-PBX and the service provider network, and solve interoperability issues to simplify deployments and support for remote diagnosis of reported issues.

Featured Case Studies

Case Study - Haiti
With this solution our doctors were able to reach anywhere in the world quickly and easily, to get consults from colleagues, facilitate treatment, order supplies 'on the fly' and also help victims report back to families. The solution from Business Mobility Systems and Ingate worked immediately.

Case Study - Turkish Petroleum
"With one Ingate at the customer headquarters, all of their remote workers can enjoy the benefits of Turkish Petroleum's IP-PBX from anywhere in the world.

Case Study - GCM
"The Ingate solution overcomes the NAT traversal hurdle and makes it possible to connect customers to our VoIP service, without the need of costly leased lines or support intensive VPN tunnels.

Case Study - Kool Smiles
"Ingate's solutions provide the advanced level of security necessary for this medical environment and the tools to make the interface to the service provider hassle-free."

Case Study - NMSAS
"This solution really saved the day for us," said Paul Mercier, IT Administrator, NMSAS. "We needed to leverage SIP trunks to reduce costs, and they had to work with our existing Microsoft OCS investment."

Discover Leisure Connects Remote Users to its IP-PBX
Discover Leisure is one of the largest resellers of caravans and motor homes in the UK. With 15 branch of?

Featured eBOOKS

Internet+: The Way Toward Global Unified Communication
Connecting the telephony of the enterprise PBX or Unified Communications (UC) system using SIP trunks instead of conventional telephone lines has been very successful in recent years.

What is SIP Trunking? Edition 2
SIP trunking is becoming more of a focus for service providers. One key issue many service providers face when deploying SIP trunks is NAT, or Network Address Translation, traversal.

What is SIP Trunking? Edition 1
A vast resource for information about all things SIP - including SIP, security, VoIP, SIP trunking and Unified Communications.

Featured Videos

E-SBCs AS The Demarcation Point:
Ingate's Steve Johnson talks to Erik Linask about the role session border controller plays as the demarcation point at...

Demystifying DPI
How can deep packet inspection protect your SIP traffic as well as your entire network?

Featured Resources

What's New

Presenting the New Ingate/Intertex Website:
Internet+ is an extended Internet access allowing high quality SIP (Session Initiation Protocol) based real-time person-to-person communication, everywhere and for any application. It applies to both fixed and mobile networks ...

Featured Blogs

Featured Webinars

Secure SIP Trunking:
What You Need to Know

Successfully Deploying Enterprise SIP Trunking:
Tools and Techniques for Overcoming Common Roadblocks

Featured Podcasts

Getting the Most Out of Your SIP Trunks:
Ingate's Steve Johnson and TMC's Erik Linask discuss how best practices forgetting the most out of SIP Trunking services and common pitfalls to avoid.