Albuquerque, NM (PRWEB) August 15, 2012
I will demonstrate a proof-of-concept Firefox and Chrome extension, which works in a command-and-control architecture, has rootkit capabilities, steals cookies and passwords, executes JavaScript, uploads and downloads files, etc. Zoltan Balazs, IT security specialist at Deloitte, said.
Balazs presentation reveals the elementary precautions to a safer Internet usage, and provides tips on how to detect when a computer is under attack. As malicious browser extensions currently are not detected by antivirus products, they are able to do enormous harm, not only by compromising someones personal online activities, personal data and accounts but even his/her business data. And if that isnt scary enough, malicious browser extensions can also pose a threat to sites with two factor authentication!
According to Balazs, most anti-malware products arent currently offering real protection against these attacks, and even mobile phones might be vulnerable.
To attend Balazs presentation or other ground-breaking hacking topics, please visit
http://www.hackerhalted.com/2012.
About Zoltan Balazs
Zoltan Balazs graduated at the Budapest University of Technology and Economics, finishing the Security of Infocommunication Systems special in 2006. He has worked for Citigroup Threat Assessment Center, Erste Bank Hungary, and he is currently working as an ITSEC consultant at Deloitte. His main expertise is in penetration testing, incident handling, and security monitoring. He is also enjoys solving and creating hacking challenges. He has presented at many ITSEC conferences about malwares, IPv6, pass-the-hash, and browser malwares.
About Deloitte
Deloitte LLP and its subsidiaries have 45,000 professionals with a single focus: serving their clients and helping them solve their toughest problems. They work in four key business areas audit, financial advisory, tax and consulting. They provide audit, consulting, financial advisory, risk management and tax services to selected clients around the world. They have also consistently been ranked one of the best places to work in Fortune and BusinessWeek.
About Hacker Halted
EC-Councils flagship information security conference, Hacker Halted, aims to raise awareness toward increased education and ethics in information security. This information security conference series covers in-depth topics into the development of security issues plaguing the world. Hacker Halted features many world-renowned subject matter experts and high-level speakers, as well as some of the best technology companies showcasing their products and services. Hacker Halted provides the most sought after technical training and certification classes offered through Hacker Halted Academy by top training companies and led by well-respected instructors. Hacker Halted has grown; from a single annual conference in Miami to a global conference series with events held in Malaysia, Dubai, Egypt, Singapore, Mexico, and Japan since its inception in 2009. For more information about Hacker Halted, please visit: http://www.hackerhalted.com/2012.
About EC-Council
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and security skills. EC Council is the owner and developer of the world-famous E-Council Certified Ethical Hacker (CEH), Computer
Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Tester (LPT) programs, and various others offered in over 60 countries around the globe. These certifications are recognized worldwide and have received endorsements from various government agencies including the US Federal Government via the Montgomery GI Bill, and the US Government National Security Agency (NSA) and the Committee on National Security Systems (CNSS) certifying EC-Councils Certified Ethical Hacking (CEH), Network Security
Administrator (ENSA), Computer Hacking Forensics Investigator (CHFI), Disaster Recovery Professional (EDRP), Certified Security Analyst (E|CSA) and Licensed Penetration Tester (LPT) program for meeting the 4011, 4012, 4013A, 4014, 4015 and 4016 training standards for information security professionals and most recently EC-Council has received accreditation from the American National Standards Institute (ANSI).
For more information about EC-Council, please visit http://www.eccouncil.org
Malicious Browser Extensions and how they do Enormous Harm to be explored at Hacker Halted - Hacking Conference, Miami, Florida in October of 2012
No comments:
Post a Comment