0709, 2011

Talk: Insight Into the Russian Black Market

René Pfeiffer/ September 7, 2011/ Conference

You have all heard the term cybercrime, and you have heard about all things cybercrime – stolen credentials, data theft, fraud, blackmail and more. You may have heard the there are markets for goods connected to computer crime. You may have heard that there’s a lot of money in it (enough to pay off the national debts of most states including the USA, if you total all reports on damages by cybercrime). As usual the problems lie in connecting the dots. What are the mechanisms behind these black markets? What are the goods? Who pays for them and by which means? Surely you cannot just walk into a chat room, drop your credit card number and part with the digital loot, or can you? What if you end up being a trade object yourself?

Read More

0605, 2011

Article about White and Black Hats in Wiener Zeitung

René Pfeiffer/ May 6, 2011/ Press

Christoph Rella, a journalist who has been at past DeepSec conferences made telephone interviews with MiKa and me. He explored the difference between White Hats and Black Hats along with the motivations of hackers. He was interested in getting to know the reasons why the stereotype of the nice IT guy turns criminal. We think the motivations are vastly different, money being among them. Mr. Rella published a summary in an article for the Wiener Zeitung (in German).

2804, 2011

Data Leaks Reviewed

René Pfeiffer/ April 28, 2011/ Internet, Security

Often single incidents don’t attract much attention, but the combination does. We’re getting used to lost laptops, USB sticks, CDs/DVDs/HDs and gadgets containing data. There’s even a project trying to keep track of data loss incidents world-wide, it’s called DataLossDB. Compromised web sites are also quite common. Only figures raise eyebrows, so this week’s favourite news item is Sony and the PS3 network. Someone created unauthorised backups of database tables containing (encrypted) credit card information, user names, passwords, birth dates and home addresses of PlayStation Network users. We still don’t know the nature of the security breach, however the impact is substantial both in terms of number of stolen records and very probably financial damage. There’s been not much talk about the passwords and their data format, but we all know that few people

Read More

2011, 2010

DeepSec: Mobile Radio Networks as Targets for Virtual Warfare

René Pfeiffer/ November 20, 2010/ Press

Vienna – The times when a mobile phone was used solely to make calls are long gone, now it’s all about making pictures and surfing the Internet. The groundbreaking success of the iPhone is just one example for the fact that mobile phones have long since outgrown their original use. Youths and adults use them every day  to get information about recent news, the weather or navigation for a future trip with the car. Having the new all-purpose information device by the hand has become a habit. But what happens if criminals or assassins attack the mobile phone network? Cyber War: Public Life in the Crosshairs “The GSM radio network is used by more than 200 countries and holds many spectacular flaws which we want to illustrate.”, explains René Pfeiffer, organiser of the international

Read More