HARDWARE KEYLOGGER A SERIOUS THREAT

Download
File
hakin9_01_2010_EN.pdf
    • SMS Trickery in Public Transport
      TAM HANNA
      My main message for this piece is short and sweet. There is no absolute secure system. Security is nothing more than a measure to increase the price of attacking a system. The more secure a system is, the more time and money must be invested to circumvent it. Past experience teaches us that no system is absolutely secure: large governments have not been able to protect themselves from loosing important information. When designing secure systems, common sense is key. Is an attacker going to be willing to invest the effort needed to circumvent the issue at hand? In a public transport situation, the answer is usually no: a slight amount of non-lethal force is usually less illegal than an attack on the computer system and tends to be significantly cheaper.



    • Behavioral Analysis of Unwise_.exe Malware!
      ADITYA K SOOD
      A widely distributed malware which nowadays stealthily installs itself onto the system and performs backend functionality is known as unwise_.exe. The unwise_.exe executable runs as a system process. There is not enough information present on this malware. Most of the protection measures revolve around the generic downloading of anti viruses and scanning of your system to find the installed malware binaries. For example: – Most of the websites direct the users to download Kaspersky and Malware bytes automated software’s. But this is appropriate for the users who want their systems to run effectively. It is considered absolutely apt for normal functionality. But the prime target is to look inside the unwise_.exe, especially its ingrained functionality which turns a normal system into a zombie or attack driven target.



    • Hardware Keylogger – A Serious Threat
      MICHAEL R. HEINZL
      Keyloggers are a serious threat for both companies and individuals. Their goal is to log all input made by a user and to then make it available for the attacker. Sophisticated software keyloggers offers a variety of functions, which goes way beyond the usual implied function – logging of keystrokes. Often it is possible to create screenshots from the target machine on a regularly basis, log the moment when a program was launched and logging of where the data was typed in. Most keyloggers offers in addition the possibility, to transmit automatically the logfiles to a specified e-mail address or server. Others offer the feature to record voice and webcam recordings, or manipulation of the data entered by the user (although all the latter mentioned functions have nothing to do with the basic function of a keylogger anymore they are often some kind of hybrid application or are included as part of some other programs, such as rootkits).



    • Study of a New Genre of Malwares Called “Scarewares”
      RAJDEEP CHAKRABORTY
      Depending on their characteristic, Malware can be broadly classified into various types. Most of us are probably aware of the common terms like Virus, Trojan, Spyware, Adware etc.However, on the basis of certain behavioral traits, further classification of these broad types is possible. For example, based on the cloaking and stealth mechanism of certain Malwares we can identify them as Rootkits, some are called Rogue Anti-Spywares because they try to fake themselves as Anti-Spyware Applications etc. The purpose of this article is to make people aware about a new genre of Malware called Scareware.



    • Eavesdropping on VoIP
      MARC-ANDRE MELOCHE
      This information could be used in a penetration-testing scenario. This is how I would approach an unsecured VOIP implementation. This has been tested on 30 phones and the laptop was able to handle the load since the voice codec used by the phone system was G711@8hz.



    • Detecting Debuggers
      MAREK ZMYSŁOWSKI
      This article presents how a process can detect if it is actually being debugged. Hiding and obfuscation are different problems and will not be described herein. This article wasn’t written to help malicious software programmers but to show what methods they use. If we know these methods we can better discover these kind of software instances. Methods described herein are categorized in four groups depending on how they work and what mechanisms they use.



    • Windows Timeline Analysis, part 3
      HARLAN CARVEY
      The traditional approach to forensic timeline creation of extracting file modified, last accessed, and creation times is proving to be increasingly insufficient for the analysis task at hand, particularly as additional sources (files on a Windows system, logs from network devices and packet captures, etc.) provide a wealth of information for generating a more complete timeline of activity.



    • File Carving
      CHRISTIAAN BEEK
      News sites are regularly reporting about the fact that confidential or secret information was compromised. The loss of an USB-stick or device from any kind of government agency or financial institute is happening quite frequently. Most of the time, the information was present on the device, but what if the information was deleted or even better, the device was formatted? Even after deletion, formatting and/or repartitioning we can use a technique called Carving.



    • USB Stick Security Issue Exemplarily Show with Verbatim Store n Go
      FLORIAN EICHELBERGER
      Carrying around data is an everyday task for most people in IT or just using acomputer. USB Sticks have been around for quite some time and proved to be a good way of accomplishing that. The advantage of being able to store GB’s of data to a physically small device however is a security problem asthe devices can easily be stolen or lost, leaving the data on the stick in thehands of some potential attacker or criminal. To overcome this kind of problem, USB Stick Manufacturers implemented ways of securing data on those sticks.


Download
File
hakin9_01_2010_EN.pdf

April 19, 2022
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023
What certifications or qualifications do you hold?
Max. file size: 150 MB.
What level of experience should the ideal candidate have?
What certifications or qualifications are preferred?

Download Free eBook

Step 1 of 4

Name(Required)

We’re committed to your privacy. Hakin9 uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.