El documento presenta una obra de teatro dividida en 9 actos que describen diferentes escenarios de ciberdelincuencia como el phishing, la descarga de software malicioso, el fraude bancario y la pornografía infantil. Se explica cómo estas actividades ilícitas están interconectadas y cómo el dinero robado es transferido a través de cuentas bancarias controladas por una organización criminal internacional que opera una red de bots.
Presentación en Power Point sobre lo peligroso que es conducir en pésimas condiciones (bajo efectos de drogas, alcohol...) o a una alta velocidad. Claro, objetivo y sencillo.
Presentación en Power Point sobre lo peligroso que es conducir en pésimas condiciones (bajo efectos de drogas, alcohol...) o a una alta velocidad. Claro, objetivo y sencillo.
2024 State of Marketing Report – by HubspotMarius Sescu
https://www.hubspot.com/state-of-marketing
· Scaling relationships and proving ROI
· Social media is the place for search, sales, and service
· Authentic influencer partnerships fuel brand growth
· The strongest connections happen via call, click, chat, and camera.
· Time saved with AI leads to more creative work
· Seeking: A single source of truth
· TLDR; Get on social, try AI, and align your systems.
· More human marketing, powered by robots
ChatGPT is a revolutionary addition to the world since its introduction in 2022. A big shift in the sector of information gathering and processing happened because of this chatbot. What is the story of ChatGPT? How is the bot responding to prompts and generating contents? Swipe through these slides prepared by Expeed Software, a web development company regarding the development and technical intricacies of ChatGPT!
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
The realm of product design is a constantly changing environment where technology and style intersect. Every year introduces fresh challenges and exciting trends that mold the future of this captivating art form. In this piece, we delve into the significant trends set to influence the look and functionality of product design in the year 2024.
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
Mental health has been in the news quite a bit lately. Dozens of U.S. states are currently suing Meta for contributing to the youth mental health crisis by inserting addictive features into their products, while the U.S. Surgeon General is touring the nation to bring awareness to the growing epidemic of loneliness and isolation. The country has endured periods of low national morale, such as in the 1970s when high inflation and the energy crisis worsened public sentiment following the Vietnam War. The current mood, however, feels different. Gallup recently reported that national mental health is at an all-time low, with few bright spots to lift spirits.
To better understand how Americans are feeling and their attitudes towards mental health in general, ThinkNow conducted a nationally representative quantitative survey of 1,500 respondents and found some interesting differences among ethnic, age and gender groups.
Technology
For example, 52% agree that technology and social media have a negative impact on mental health, but when broken out by race, 61% of Whites felt technology had a negative effect, and only 48% of Hispanics thought it did.
While technology has helped us keep in touch with friends and family in faraway places, it appears to have degraded our ability to connect in person. Staying connected online is a double-edged sword since the same news feed that brings us pictures of the grandkids and fluffy kittens also feeds us news about the wars in Israel and Ukraine, the dysfunction in Washington, the latest mass shooting and the climate crisis.
Hispanics may have a built-in defense against the isolation technology breeds, owing to their large, multigenerational households, strong social support systems, and tendency to use social media to stay connected with relatives abroad.
Age and Gender
When asked how individuals rate their mental health, men rate it higher than women by 11 percentage points, and Baby Boomers rank it highest at 83%, saying it’s good or excellent vs. 57% of Gen Z saying the same.
Gen Z spends the most amount of time on social media, so the notion that social media negatively affects mental health appears to be correlated. Unfortunately, Gen Z is also the generation that’s least comfortable discussing mental health concerns with healthcare professionals. Only 40% of them state they’re comfortable discussing their issues with a professional compared to 60% of Millennials and 65% of Boomers.
Race Affects Attitudes
As seen in previous research conducted by ThinkNow, Asian Americans lag other groups when it comes to awareness of mental health issues. Twenty-four percent of Asian Americans believe that having a mental health issue is a sign of weakness compared to the 16% average for all groups. Asians are also considerably less likely to be aware of mental health services in their communities (42% vs. 55%) and most likely to seek out information on social media (51% vs. 35%).
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
This article is all about what AI trends will emerge in the field of creative operations in 2024. All the marketers and brand builders should be aware of these trends for their further use and save themselves some time!
A report by thenetworkone and Kurio.
The contributing experts and agencies are (in an alphabetical order): Sylwia Rytel, Social Media Supervisor, 180heartbeats + JUNG v MATT (PL), Sharlene Jenner, Vice President - Director of Engagement Strategy, Abelson Taylor (USA), Alex Casanovas, Digital Director, Atrevia (ES), Dora Beilin, Senior Social Strategist, Barrett Hoffher (USA), Min Seo, Campaign Director, Brand New Agency (KR), Deshé M. Gully, Associate Strategist, Day One Agency (USA), Francesca Trevisan, Strategist, Different (IT), Trevor Crossman, CX and Digital Transformation Director; Olivia Hussey, Strategic Planner; Simi Srinarula, Social Media Manager, The Hallway (AUS), James Hebbert, Managing Director, Hylink (CN / UK), Mundy Álvarez, Planning Director; Pedro Rojas, Social Media Manager; Pancho González, CCO, Inbrax (CH), Oana Oprea, Head of Digital Planning, Jam Session Agency (RO), Amy Bottrill, Social Account Director, Launch (UK), Gaby Arriaga, Founder, Leonardo1452 (MX), Shantesh S Row, Creative Director, Liwa (UAE), Rajesh Mehta, Chief Strategy Officer; Dhruv Gaur, Digital Planning Lead; Leonie Mergulhao, Account Supervisor - Social Media & PR, Medulla (IN), Aurelija Plioplytė, Head of Digital & Social, Not Perfect (LI), Daiana Khaidargaliyeva, Account Manager, Osaka Labs (UK / USA), Stefanie Söhnchen, Vice President Digital, PIABO Communications (DE), Elisabeth Winiartati, Managing Consultant, Head of Global Integrated Communications; Lydia Aprina, Account Manager, Integrated Marketing and Communications; Nita Prabowo, Account Manager, Integrated Marketing and Communications; Okhi, Web Developer, PNTR Group (ID), Kei Obusan, Insights Director; Daffi Ranandi, Insights Manager, Radarr (SG), Gautam Reghunath, Co-founder & CEO, Talented (IN), Donagh Humphreys, Head of Social and Digital Innovation, THINKHOUSE (IRE), Sarah Yim, Strategy Director, Zulu Alpha Kilo (CA).
Trends In Paid Search: Navigating The Digital Landscape In 2024Search Engine Journal
The search marketing landscape is evolving rapidly with new technologies, and professionals, like you, rely on innovative paid search strategies to meet changing demands.
It’s important that you’re ready to implement new strategies in 2024.
Check this out and learn the top trends in paid search advertising that are expected to gain traction, so you can drive higher ROI more efficiently in 2024.
You’ll learn:
- The latest trends in AI and automation, and what this means for an evolving paid search ecosystem.
- New developments in privacy and data regulation.
- Emerging ad formats that are expected to make an impact next year.
Watch Sreekant Lanka from iQuanti and Irina Klein from OneMain Financial as they dive into the future of paid search and explore the trends, strategies, and technologies that will shape the search marketing landscape.
If you’re looking to assess your paid search strategy and design an industry-aligned plan for 2024, then this webinar is for you.
5 Public speaking tips from TED - Visualized summarySpeakerHub
From their humble beginnings in 1984, TED has grown into the world’s most powerful amplifier for speakers and thought-leaders to share their ideas. They have over 2,400 filmed talks (not including the 30,000+ TEDx videos) freely available online, and have hosted over 17,500 events around the world.
With over one billion views in a year, it’s no wonder that so many speakers are looking to TED for ideas on how to share their message more effectively.
The article “5 Public-Speaking Tips TED Gives Its Speakers”, by Carmine Gallo for Forbes, gives speakers five practical ways to connect with their audience, and effectively share their ideas on stage.
Whether you are gearing up to get on a TED stage yourself, or just want to master the skills that so many of their speakers possess, these tips and quotes from Chris Anderson, the TED Talks Curator, will encourage you to make the most impactful impression on your audience.
See the full article and more summaries like this on SpeakerHub here: https://speakerhub.com/blog/5-presentation-tips-ted-gives-its-speakers
See the original article on Forbes here:
http://www.forbes.com/forbes/welcome/?toURL=http://www.forbes.com/sites/carminegallo/2016/05/06/5-public-speaking-tips-ted-gives-its-speakers/&refURL=&referrer=#5c07a8221d9b
ChatGPT and the Future of Work - Clark Boyd Clark Boyd
Everyone is in agreement that ChatGPT (and other generative AI tools) will shape the future of work. Yet there is little consensus on exactly how, when, and to what extent this technology will change our world.
Businesses that extract maximum value from ChatGPT will use it as a collaborative tool for everything from brainstorming to technical maintenance.
For individuals, now is the time to pinpoint the skills the future professional will need to thrive in the AI age.
Check out this presentation to understand what ChatGPT is, how it will shape the future of work, and how you can prepare to take advantage.
A brief introduction to DataScience with explaining of the concepts, algorithms, machine learning, supervised and unsupervised learning, clustering, statistics, data preprocessing, real-world applications etc.
It's part of a Data Science Corner Campaign where I will be discussing the fundamentals of DataScience, AIML, Statistics etc.
Time Management & Productivity - Best PracticesVit Horky
Here's my presentation on by proven best practices how to manage your work time effectively and how to improve your productivity. It includes practical tips and how to use tools such as Slack, Google Apps, Hubspot, Google Calendar, Gmail and others.
The six step guide to practical project managementMindGenius
The six step guide to practical project management
If you think managing projects is too difficult, think again.
We’ve stripped back project management processes to the
basics – to make it quicker and easier, without sacrificing
the vital ingredients for success.
“If you’re looking for some real-world guidance, then The Six Step Guide to Practical Project Management will help.”
Dr Andrew Makar, Tactical Project Management
2024 State of Marketing Report – by HubspotMarius Sescu
https://www.hubspot.com/state-of-marketing
· Scaling relationships and proving ROI
· Social media is the place for search, sales, and service
· Authentic influencer partnerships fuel brand growth
· The strongest connections happen via call, click, chat, and camera.
· Time saved with AI leads to more creative work
· Seeking: A single source of truth
· TLDR; Get on social, try AI, and align your systems.
· More human marketing, powered by robots
ChatGPT is a revolutionary addition to the world since its introduction in 2022. A big shift in the sector of information gathering and processing happened because of this chatbot. What is the story of ChatGPT? How is the bot responding to prompts and generating contents? Swipe through these slides prepared by Expeed Software, a web development company regarding the development and technical intricacies of ChatGPT!
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
The realm of product design is a constantly changing environment where technology and style intersect. Every year introduces fresh challenges and exciting trends that mold the future of this captivating art form. In this piece, we delve into the significant trends set to influence the look and functionality of product design in the year 2024.
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
Mental health has been in the news quite a bit lately. Dozens of U.S. states are currently suing Meta for contributing to the youth mental health crisis by inserting addictive features into their products, while the U.S. Surgeon General is touring the nation to bring awareness to the growing epidemic of loneliness and isolation. The country has endured periods of low national morale, such as in the 1970s when high inflation and the energy crisis worsened public sentiment following the Vietnam War. The current mood, however, feels different. Gallup recently reported that national mental health is at an all-time low, with few bright spots to lift spirits.
To better understand how Americans are feeling and their attitudes towards mental health in general, ThinkNow conducted a nationally representative quantitative survey of 1,500 respondents and found some interesting differences among ethnic, age and gender groups.
Technology
For example, 52% agree that technology and social media have a negative impact on mental health, but when broken out by race, 61% of Whites felt technology had a negative effect, and only 48% of Hispanics thought it did.
While technology has helped us keep in touch with friends and family in faraway places, it appears to have degraded our ability to connect in person. Staying connected online is a double-edged sword since the same news feed that brings us pictures of the grandkids and fluffy kittens also feeds us news about the wars in Israel and Ukraine, the dysfunction in Washington, the latest mass shooting and the climate crisis.
Hispanics may have a built-in defense against the isolation technology breeds, owing to their large, multigenerational households, strong social support systems, and tendency to use social media to stay connected with relatives abroad.
Age and Gender
When asked how individuals rate their mental health, men rate it higher than women by 11 percentage points, and Baby Boomers rank it highest at 83%, saying it’s good or excellent vs. 57% of Gen Z saying the same.
Gen Z spends the most amount of time on social media, so the notion that social media negatively affects mental health appears to be correlated. Unfortunately, Gen Z is also the generation that’s least comfortable discussing mental health concerns with healthcare professionals. Only 40% of them state they’re comfortable discussing their issues with a professional compared to 60% of Millennials and 65% of Boomers.
Race Affects Attitudes
As seen in previous research conducted by ThinkNow, Asian Americans lag other groups when it comes to awareness of mental health issues. Twenty-four percent of Asian Americans believe that having a mental health issue is a sign of weakness compared to the 16% average for all groups. Asians are also considerably less likely to be aware of mental health services in their communities (42% vs. 55%) and most likely to seek out information on social media (51% vs. 35%).
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
This article is all about what AI trends will emerge in the field of creative operations in 2024. All the marketers and brand builders should be aware of these trends for their further use and save themselves some time!
A report by thenetworkone and Kurio.
The contributing experts and agencies are (in an alphabetical order): Sylwia Rytel, Social Media Supervisor, 180heartbeats + JUNG v MATT (PL), Sharlene Jenner, Vice President - Director of Engagement Strategy, Abelson Taylor (USA), Alex Casanovas, Digital Director, Atrevia (ES), Dora Beilin, Senior Social Strategist, Barrett Hoffher (USA), Min Seo, Campaign Director, Brand New Agency (KR), Deshé M. Gully, Associate Strategist, Day One Agency (USA), Francesca Trevisan, Strategist, Different (IT), Trevor Crossman, CX and Digital Transformation Director; Olivia Hussey, Strategic Planner; Simi Srinarula, Social Media Manager, The Hallway (AUS), James Hebbert, Managing Director, Hylink (CN / UK), Mundy Álvarez, Planning Director; Pedro Rojas, Social Media Manager; Pancho González, CCO, Inbrax (CH), Oana Oprea, Head of Digital Planning, Jam Session Agency (RO), Amy Bottrill, Social Account Director, Launch (UK), Gaby Arriaga, Founder, Leonardo1452 (MX), Shantesh S Row, Creative Director, Liwa (UAE), Rajesh Mehta, Chief Strategy Officer; Dhruv Gaur, Digital Planning Lead; Leonie Mergulhao, Account Supervisor - Social Media & PR, Medulla (IN), Aurelija Plioplytė, Head of Digital & Social, Not Perfect (LI), Daiana Khaidargaliyeva, Account Manager, Osaka Labs (UK / USA), Stefanie Söhnchen, Vice President Digital, PIABO Communications (DE), Elisabeth Winiartati, Managing Consultant, Head of Global Integrated Communications; Lydia Aprina, Account Manager, Integrated Marketing and Communications; Nita Prabowo, Account Manager, Integrated Marketing and Communications; Okhi, Web Developer, PNTR Group (ID), Kei Obusan, Insights Director; Daffi Ranandi, Insights Manager, Radarr (SG), Gautam Reghunath, Co-founder & CEO, Talented (IN), Donagh Humphreys, Head of Social and Digital Innovation, THINKHOUSE (IRE), Sarah Yim, Strategy Director, Zulu Alpha Kilo (CA).
Trends In Paid Search: Navigating The Digital Landscape In 2024Search Engine Journal
The search marketing landscape is evolving rapidly with new technologies, and professionals, like you, rely on innovative paid search strategies to meet changing demands.
It’s important that you’re ready to implement new strategies in 2024.
Check this out and learn the top trends in paid search advertising that are expected to gain traction, so you can drive higher ROI more efficiently in 2024.
You’ll learn:
- The latest trends in AI and automation, and what this means for an evolving paid search ecosystem.
- New developments in privacy and data regulation.
- Emerging ad formats that are expected to make an impact next year.
Watch Sreekant Lanka from iQuanti and Irina Klein from OneMain Financial as they dive into the future of paid search and explore the trends, strategies, and technologies that will shape the search marketing landscape.
If you’re looking to assess your paid search strategy and design an industry-aligned plan for 2024, then this webinar is for you.
5 Public speaking tips from TED - Visualized summarySpeakerHub
From their humble beginnings in 1984, TED has grown into the world’s most powerful amplifier for speakers and thought-leaders to share their ideas. They have over 2,400 filmed talks (not including the 30,000+ TEDx videos) freely available online, and have hosted over 17,500 events around the world.
With over one billion views in a year, it’s no wonder that so many speakers are looking to TED for ideas on how to share their message more effectively.
The article “5 Public-Speaking Tips TED Gives Its Speakers”, by Carmine Gallo for Forbes, gives speakers five practical ways to connect with their audience, and effectively share their ideas on stage.
Whether you are gearing up to get on a TED stage yourself, or just want to master the skills that so many of their speakers possess, these tips and quotes from Chris Anderson, the TED Talks Curator, will encourage you to make the most impactful impression on your audience.
See the full article and more summaries like this on SpeakerHub here: https://speakerhub.com/blog/5-presentation-tips-ted-gives-its-speakers
See the original article on Forbes here:
http://www.forbes.com/forbes/welcome/?toURL=http://www.forbes.com/sites/carminegallo/2016/05/06/5-public-speaking-tips-ted-gives-its-speakers/&refURL=&referrer=#5c07a8221d9b
ChatGPT and the Future of Work - Clark Boyd Clark Boyd
Everyone is in agreement that ChatGPT (and other generative AI tools) will shape the future of work. Yet there is little consensus on exactly how, when, and to what extent this technology will change our world.
Businesses that extract maximum value from ChatGPT will use it as a collaborative tool for everything from brainstorming to technical maintenance.
For individuals, now is the time to pinpoint the skills the future professional will need to thrive in the AI age.
Check out this presentation to understand what ChatGPT is, how it will shape the future of work, and how you can prepare to take advantage.
A brief introduction to DataScience with explaining of the concepts, algorithms, machine learning, supervised and unsupervised learning, clustering, statistics, data preprocessing, real-world applications etc.
It's part of a Data Science Corner Campaign where I will be discussing the fundamentals of DataScience, AIML, Statistics etc.
Time Management & Productivity - Best PracticesVit Horky
Here's my presentation on by proven best practices how to manage your work time effectively and how to improve your productivity. It includes practical tips and how to use tools such as Slack, Google Apps, Hubspot, Google Calendar, Gmail and others.
The six step guide to practical project managementMindGenius
The six step guide to practical project management
If you think managing projects is too difficult, think again.
We’ve stripped back project management processes to the
basics – to make it quicker and easier, without sacrificing
the vital ingredients for success.
“If you’re looking for some real-world guidance, then The Six Step Guide to Practical Project Management will help.”
Dr Andrew Makar, Tactical Project Management
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Undercrime - Abramos la jaula de Faraday
1. UnderCrime: La verdadera visión v 1.5
(abramos la Jaula de Faraday)
Epoch: 1268931600
Localización: 40.4521,-36927
2. Speaker
Ponente: Juan Carlos Ruiloba Castilla
Email: juancrui@metodo3.es
• Veintiocho años en las Fuerzas y Cuerpos de
Seguridad del Estado (CNP), de los que los últimos
veintiséis años ha estado relacionado con las
Nuevas Tecnologías y los últimos siete años como
responsable del Grupo de Cibercrimen de Barcelona.
• Actualmente, en segunda actividad dentro del CNP,
se ha vinculado, para desempeñar su labor de
Investigación Tecnológica, a la empresa Método 3.
18 de marzo de 2010 2
5. Acto 1
Vladimir contacta con Tyagunova través del chat de la Red
Social love.mail.ru. Vladimir le ofrece la posibilidad de trabajar
para una empresa de Soft desde España
18 de marzo de 2010 5
6. Acto 2
Manuel se baja de Internet por P2P la última versión de un paquete de Ofimática
con Keygen/Patch incluido
18 de marzo de 2010 6
7. Acto 2
Y ejecuta el Keygen pese al aviso de seguridad de su Soft de seguridad, si el
malware no fuera 0-day (Zero day) se hubiese infectado del mismo modo.
18 de marzo de 2010 7
8. Acto 3
Fabián, al cuál tiene problemas con el pago de la hipoteca, recibe un email
ofreciéndole una oferta de trabajo
18 de marzo de 2010 8
9. Acto 3
Fabián visita la página de la empresa ofertante y rellena los formularios previos al
contrato.
18 de marzo de 2010 9
10. Acto 3
Fabián visita la página de la empresa ofertante y ve que tiene que cumplimentar
unos formularios con su información
18 de marzo de 2010 10
11. Acto 3
Fabián los cumplimenta y los envía
18 de marzo de 2010 11
12. Acto 4
A Ilva le ofrecen en Moscú unos cuantos rublos por recoger envíos de dinero desde
Europa
18 de marzo de 2010 12
13. Acto 5
Aleksei trabaja de programador en San Petersburgo, desarrolla un multiportal
multibancario, además de varios keygens
18 de marzo de 2010 13
14. Acto 6
Victor recibe un email publicitario sobre “little girls”
18 de marzo de 2010 14
15. Acto 6
El Hiperenlace realmente es inapropiado
18 de marzo de 2010 15
16. Acto 6
… y 30 Gb si te unes
18 de marzo de 2010 16
17. Acto 6
Debes efectuar un pago
18 de marzo de 2010 17
18. Acto 6
Y recibes tus credenciales para acceder, pero observemos un detalle… lugar y
regalo!!!
18 de marzo de 2010 18
19. Acto 7
Vasiliy monta una empresa de servicios por Internet con sede en Lloret de Mar
18 de marzo de 2010 19
20. Acto 7
Los pagos de los accesos a las páginas inapropiadas se blanqueaban como licencias
de software
18 de marzo de 2010 20
21. Acto 7
Otros dominios estaban también preparados
18 de marzo de 2010 21
22. Acto 8
Mariya viaja a Barcelona y con documentación falsa abre varias cuentas bancarias
18 de marzo de 2010 22
23. Acto 9
Juan que tiene un WebSite de su negocio se da cuenta que sus comunicaciones por
eMail no funciona correctamente
18 de marzo de 2010 23
24. Acto 9
Bajo el dominio de Juan están alojadas las páginas iniciales de Pornografía Infantil
18 de marzo de 2010 24
25. Acto 9
Dichas páginas llevan a dominios distintos pero de temática similar
PureLola.CN - Pure Child Porn galleries!:
18 de marzo de 2010 25
26. Acto 9
Donde , a su vez, ofrecen la posibilidad de subscripción para acceder a las imágenes
18 de marzo de 2010 26
27. Y ahora hay que empezar a mirar detrás del
telón
18 de marzo de 2010 27
28. El desenlace
A Tyagunova, la del chat de mail.ru, le comunican por ICQ que tiene una
transferencia en su cuenta y debe empezar a trabajar
18 de marzo de 2010 28
29. El desenlace
El dinero transferido lo envía a Rusia
18 de marzo de 2010 29
30. El desenlace
Tyagunova después de su detención explica el origen
18 de marzo de 2010 30
31. El desenlace
Del mismo modo Fabián, el de la hipoteca, recibe por email la comunicación de un
ingreso
Saca la parte a enviar y el resto lo envía
18 de marzo de 2010 31
32. El desenlace
Mariya, la ucraniana de varias filiaciones, se dirige a varias oficinas a sacar dinero
18 de marzo de 2010 32
33. El desenlace
Ilva, recibe en Rusia unas cuantas transferencias
18 de marzo de 2010 33
34. El desenlace
Víctor, el de las páginas de Porno, se descubre que su cuenta bancaria la han
realizado varias transferencias
18 de marzo de 2010 34
35. El desenlace
Las transferencias han sido realizadas por Internet, y han ido a Tyagunova, Fabian
y a Nataliya.
La dirección IP de las transferencias identifican un domicilio … el
de Manuel, aquél que se descargo el Soft de ofimática
18 de marzo de 2010 35
36. El desenlace
El “digital forensic” de las máquinas de Manuel y Fabián nos demuestran que las
mismas están comprometidas con malware
18 de marzo de 2010 36
37. El desenlace
Las páginas que alojaba el malware, así como los correos electrónicos enviados por
la organización se han realizado a través de Mothership de redes zombies.
18 de marzo de 2010 37
38. Servidor DNS Root
Double Flux
2
12 Home PC Servidor .com
conecta a TLD (Top
www.malware.com Level Domain)
9 1
10
4
3
5
11 PC de la red
RED BOTNET BotNet en
NODO MotherShip (miles de PC’s) funciones de
que en Double Flux servidor DNS
funciona como 8
controlador de los
PC’s de la BotNet MotherShip devuelve IP: A.B.C.D
como de servidor DNS 7
6
18 de marzo de 2010 Interroga al Servidor DNS del MotherShip 38
39. Hydra Flux
Topología Multi-Server
Mothership
MÁQUINAS ZOMBIES
Proxys
Name
Servers
Ordenador Víctima
18 de marzo de 2010
40. Mitigación
1. Establecer políticas para permitir el bloqueo de TCP 80 y UDP 53 si
es posible en redes user-land. (Por los ISPs)
2. Bloquear el acceso al controlador de la infraestructura (mothership,
registro y verificación de disponibilidad), en cuanto sean
descubiertos. (ISPs)
3. Mejorar los procedimientos de registro de dominio, y la auditoría de
nuevos registros para fines fraudulentos. (Registradores)
4. Aumentar la conciencia proveedor de servicios, fomentar el
conocimiento de las amenaza, los procesos compartidos y
conocimientos. (ISPs)
5. BH-DNS (Blackhole DNS) e inyección de rutas BGP para cargarse a
los motherships y el mantenimiento de la infraestructura. (ISPs)
6. Captura y seguimiento pasivo DNS / supervisión para identificar los
registros A y NS para detectar anomalías y cambios continuos,
registrandolos en Historiales públicos (ISPs, registradores,
profesionales de la seguridad, ...)
18 de marzo de 2010 40
41. El desenlace
Como los S.A. y los Register se involucran en el Crimen
18 de marzo de 2010 41
42. El desenlace
Se entre enlaza toda la actividad
18 de marzo de 2010 42
43. El desenlace
Se entre enlaza toda la actividad
18 de marzo de 2010 43
45. Botnets
Top Ten Botnets
ZeuS = Zbot = WSNPOEM = NTOS = PRG: precio aproximado 4000 $ por copia
¿Cómo combatirlo? SpyEye lo desinstala pero … se instala él => cambio de C&C
18 de marzo de 2010 45
46. Botnets
Spy Eye v1.0: Nuevo producto que nace en Rusia
(“magic”) aparece el 2 de enero de 2010.
18 de marzo de 2010 46
47. Capacidades Botnets
• FormGrabbing: Keylogging avanzado que intercepta información en los exploradores, con soporte para
Firefox, IE, Maxthon y Netscape.
* CC Autofill: Módulo que automatiza el proceso de fraudes de tarjeta de crédito reportando los datos a los
botmasters a través de logs.
• Panel de Administración PHP-MYSQL
* C&C a través de protocolo http , con posibilidad de configurar dos alternativas, así si un dominio es dado
de baja puede mantener el control por la ruta alternativa
* Envío de backups diarios de la base de datos por email
* Cifrado de string-sources del ejecutable
* Grabbing para FTP. Total Commander, Notepad++, FileZilla y otros
* Grabbing para POP3
* Invisibilidad en la lista de procesos, archivo invisible, invisible en autorun (registro)
•Zeus killer (a partir de la versión 1.07)
* “Grabbing “Basic-access-authentication”. Mayor apropiación de base de autorización (para aplicaciones
que utilizan criptografía. Bibliotecas para núcleos de cifrado) (a partir de la versión 1.072).
* Alta capacidad de Inyección-WEB con el formato de Zeus. (Soporta IE5-8, Maxthon, etc) Todo-en-uno bot
(En cuanto a la versión anterior, que utiliza un cuentagotas) (a partir de versión 1.08)
18 de marzo de 2010 47
48. Botnets
Precio última versión,
662 euros con gastos
Detección casi nula
del cuerpo del bot
18 de marzo de 2010 48
49. Botnets
Se dice pero suele pasar
18 de marzo de 2010 49
57. Si no nos Zero-Day
adelantamos…
18 de marzo de 2010 57
58. Scareware
Falsos
positivos…
… con el mismo
interes
18 de marzo de 2010 58
59. Blended Threat
Mezcla de amenazas
Múltiple amenaza en un solo vector, un troyano que tiene capaacidades de
Worm
Varios escenarios
Única amenaza y múltiples vectores, un troyano entra vía email y apertura una
puerta futura para infección y destrucción.
18 de marzo de 2010 59
60. Direct Message (DM) y Twiter Bots
Scam en Direct Message en Redes sociales como Twiter
1- Unfollow todos los seguidores. Menuda opción!!!
2. Desactive su DM eMails. Solo reducirá el número.
3- Utilice un administrador de Twiter. Ayudará a
filtrar, como Tweetdeck or Socialite.
4. No lea su DMs. Poner el correo en el fondo del
twitter ya que la mayoría de programas utilizados
por los spammer no tienen reconocedor de OCR.
5- Bloquear al usuario/s. Hará que al final Twitter
le suspenda la cuenta.
6- Bienvenido al hermitaño, haga su Twiter privado
7- Utilice el boton de SPAM, si realmente esta
seguro que es un spammer.
18 de marzo de 2010 60
62. FlashForward
Crecimiento
del Pharming Evolución
atacando las La explosión Ataques a
Web: Geogle
resoluciones de los nuevos Adobe y Flash
Chrome y
DNS dominios TLD
HTML 5
Ataques a
BotNets con
niños,
control peer-to-
adolescentes y
peer
ancianos
Sofisticación
de Troyanos
bancarios Redes
Sociales
La disponibilidad en línea de los
equipos móviles a través de
conexiones WiFi, 3/4G, IPv6
18 de marzo de 2010 62
63. Soluciones
Las soluciones están en crear Grupos de trabajos orientados en un objetivo común
Víctimas Vendedores de
Software y Hardware
Proveedores
Telecomunicaciones
ISP’s
Fuerzas de
seguridad del Estado
INFORMACIÓN Titulares de IP’s
atacadas
Equipos de
respuesta de Medios de
Incidentes - FIRST Comunicación
Organizaciones de
Informes de
Incidentes - CERTs
18 de marzo de 2010 63