Talesh Seeparsan - The Hound of the Malwarevilles

0 likes•184 views

The document emphasizes the need for immediate remedial action regarding fraud indicators affecting a site, stressing the importance of managing relationships with merchants and maintaining forensic integrity. It outlines various tools and processes for malware detection and incident response planning, encouraging proactive measures and comprehensive audits. Additionally, it provides resources and a call to action for reporting and addressing malware effectively.

Technology

Talesh Seeparsan - The Hound of the Malwarevilles

“WE STRONGLY ENCOURAGE
YOU TO TAKE REMEDIATIVE
MEASURES NOW…”

“..ALL CURRENT FRAUD
ANALYSIS INDICATORS
IDENTIFY YOUR SITE…”

DATA PROCESSOR?
DATA CONTROLLER?
SUPERVISORY AUTHORITY?

ASSUMPTIONS
• 1. You have an existing relationship with the merchant
• 2. You don’t have an existing Incident Response plan
• (Hint: template at https://github.com/talesh/response)

ROBOT TASKS
• ClamAV
• Magento Malware Scanner (https://magesec.org)
• Magento Security Scanner
• MageReport
• Diff/ Git Diff

THE VAST MAJORITY OF MALWARE
ARE SKIMMING FOR CREDIT CARDS

MALWARE CAN DETECT
• Testing domains
• IP Address of site
• Chrome Dev tools/Firebug open (even undocked!)
• PhantomJS, Selenium etc
• Content Security Policy

MALWARE CAN EXIST IN:
• Filesystem
• Database data
• Triggers in database
• Deeper….

TIME TO START CRAWLING LOGS
• ack / grep
• Graylog
• Internet Archive
• Deeper….

ON THE HUNT FOR
• Initial Vector of Attack
• Timeframe of compromise

REPORT MALWARE
• Signatures to
• Magereport
• Magento Security Scanner
• Magento Malware Scanner
• Malware Domains to
• Google Safe Browsing project
• ClamAV

PROACTIVE MEASURES
• Select your people
• Build your processes
• For more information message me
• @_Talesh on Twitter

SET UP AN INCIDENT RESPONSE PLAN
• https://github.com/talesh/response
• https://tale.sh/mm18it
GRAZIE!

More Related Content

PDF

Feeding the Virtual Patch PipelineDevOps.com

PDF

Hijacking Softwares for fun and profitNipun Jaswal

PDF

Exploring DarkWeb For Threat Intelligence (SACON May 2018)Priyanka Aash

PPTX

Basics of getting Into Bug Bounty HuntingMuhammad Khizer Javed

PPTX

Defending Against 1,000,000 Cyber Attacks by Michael BanksEC-Council

PPTX

Web Application Security - DevFest + GDay George Town 2016Gareth Davies

PDF

Ground Zero Training- Metasploit For WebNipun Jaswal

PPT

Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. LtdNipun Jaswal

Feeding the Virtual Patch PipelineDevOps.com

Hijacking Softwares for fun and profitNipun Jaswal

Exploring DarkWeb For Threat Intelligence (SACON May 2018)Priyanka Aash

Basics of getting Into Bug Bounty HuntingMuhammad Khizer Javed

Defending Against 1,000,000 Cyber Attacks by Michael BanksEC-Council

Web Application Security - DevFest + GDay George Town 2016Gareth Davies

Ground Zero Training- Metasploit For WebNipun Jaswal

Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. LtdNipun Jaswal

What's hot (20)

PPTX

Finding the Sweet Spot: Counter Honeypot Operations (CHOps) by Jonathan Creek...EC-Council

PDF

Owasp Mobile Top 10 - M7 & M85h1vang

PDF

Die Evolution der SicherheitDr. Amir Alsbih

PDF

Web application security & TestingDeepu S Nath

PDF

Hacking Web Apps by Brent WhiteEC-Council

PDF

CMS Hacking Tricks - DerbyCon 4 - 2014Greg Foss

PPTX

Owasp for testing_mobile_apps_opdPawel Rzepa

PPTX

How an Attacker "Audits" Your Software SystemsSecurity Innovation

PPTX

Security is not a featureElizabeth Smith

PPTX

Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin AhmedMazin Ahmed

PPTX

Nmapper theHarvester OSINT Tool explanationWangolo Joel

PPTX

PLNOG23 - Paweł Rzepa - Attacking AWS: the full cyber kill chainPROIDEA

PDF

Security by Weston HeckerEC-Council

PDF

The life of breached data and the attack lifecycleJarrod Overson

PDF

Break IT Down by Josh SmithEC-Council

PDF

Owasp Top 10 (M-10 : Lack of Binary Protection) | Null Meet5h1vang

PDF

Wi-Fi Hotspot AttacksGreg Foss

PDF

Secure development in .NET with EPiServer SolitaJoona Immonen

PDF

Fighting back against constantly Evolving Google play Android MalwareJagadeesh Chandraiah

PDF

Web security and OWASPIsuru Samaraweera

Finding the Sweet Spot: Counter Honeypot Operations (CHOps) by Jonathan Creek...EC-Council

Owasp Mobile Top 10 - M7 & M85h1vang

Die Evolution der SicherheitDr. Amir Alsbih

Web application security & TestingDeepu S Nath

Hacking Web Apps by Brent WhiteEC-Council

CMS Hacking Tricks - DerbyCon 4 - 2014Greg Foss

Owasp for testing_mobile_apps_opdPawel Rzepa

How an Attacker "Audits" Your Software SystemsSecurity Innovation

Security is not a featureElizabeth Smith

Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin AhmedMazin Ahmed

Nmapper theHarvester OSINT Tool explanationWangolo Joel

PLNOG23 - Paweł Rzepa - Attacking AWS: the full cyber kill chainPROIDEA

Security by Weston HeckerEC-Council

The life of breached data and the attack lifecycleJarrod Overson

Break IT Down by Josh SmithEC-Council

Owasp Top 10 (M-10 : Lack of Binary Protection) | Null Meet5h1vang

Wi-Fi Hotspot AttacksGreg Foss

Secure development in .NET with EPiServer SolitaJoona Immonen

Fighting back against constantly Evolving Google play Android MalwareJagadeesh Chandraiah

Web security and OWASPIsuru Samaraweera

Similar to Talesh Seeparsan - The Hound of the Malwarevilles (13)

PDF

Sucuri Webinar: How to Clean a Hacked Magento WebsiteSucuri

PPTX

Merchant’s guide to protecting Magento Storefronts (Meet Magento India 2020)Tarun Sharma

PDF

Compromised e commerce_sites_lead_to_web-based_keyloggersAndrey Apuhtin

PDF

Malware Management - HouSecCon 2014Michael Gough

PDF

Mli 2017 technical first steps to building secure Magento extensionsHanoi MagentoMeetup

PPTX

Anatomy of an Advanced Retail BreachIBM Security

PPTX

Foregenix the eCommerce threatscapeMax Dodson

PDF

Identifying a Compromised WordPress SiteChris Burgess

PPT

How really to prepare for a credit card compromise (PCI) forensics investigat...Security B-Sides

PDF

What Are the Common Types of Malware That Target Business Websites.pdfSafeAeon Inc.

PPTX

Magento security best practices magento's approach to pci complianceRitwik Das

PPTX

Magento security 2015 best practicesNBS System

PPTX

IRCE 2018 Magento Straight Talk: The Ecommerce Fraud Index and How You Compar...Mike Cassidy

Sucuri Webinar: How to Clean a Hacked Magento WebsiteSucuri

Merchant’s guide to protecting Magento Storefronts (Meet Magento India 2020)Tarun Sharma

Compromised e commerce_sites_lead_to_web-based_keyloggersAndrey Apuhtin

Malware Management - HouSecCon 2014Michael Gough

Mli 2017 technical first steps to building secure Magento extensionsHanoi MagentoMeetup

Anatomy of an Advanced Retail BreachIBM Security

Foregenix the eCommerce threatscapeMax Dodson

Identifying a Compromised WordPress SiteChris Burgess

How really to prepare for a credit card compromise (PCI) forensics investigat...Security B-Sides

What Are the Common Types of Malware That Target Business Websites.pdfSafeAeon Inc.

Magento security best practices magento's approach to pci complianceRitwik Das

Magento security 2015 best practicesNBS System

IRCE 2018 Magento Straight Talk: The Ecommerce Fraud Index and How You Compar...Mike Cassidy

More from Meet Magento Italy (20)

PDF

Dirk Pinamonti - Come affrontare la sfida del nuovo mercato multicanale e del...Meet Magento Italy

PDF

Vinai Kopp - How i develop M2 modules Meet Magento Italy

PDF

Eugene Shaksuvarov - Tuning Magento 2 for Maximum PerformanceMeet Magento Italy

PDF

Muliadi jeo - How to sell online in IndonesiaMeet Magento Italy

PDF

Max Pronko - 10 migration mistakes from Magento 1 to Magento 2Meet Magento Italy

PDF

Alessandro La Ciura - Progettare la migliore integrazione tra live chat ed e-...Meet Magento Italy

PDF

Bodin - Hullin & Potencier - Magento Performance Profiling and Best PracticesMeet Magento Italy

PDF

Giulio Gargiullo - Strategie di marketing digitale per avviare l’e-commerce i...Meet Magento Italy

PDF

Vinai Kopp - FPC Hole punching in Magento 2Meet Magento Italy

PDF

Jacopo Nardiello - From CI to Prod: Running Magento at scale with KubernetesMeet Magento Italy

PDF

James Zetlen - PWA Studio Integration…With YouMeet Magento Italy

PDF

Miguel Balparda - A day in supportMeet Magento Italy

PDF

Volodymyr Kublytskyi - Develop Product, Design PlatformMeet Magento Italy

PDF

Rosario Toscano - Processi di ottimizzazione per una crescita continuaMeet Magento Italy

PDF

Henrik Feld Jakobsen - How to sell online ScandinaviaMeet Magento Italy

PDF

Rabia Qureshi - How to sell online in UKMeet Magento Italy

PDF

Matteo Schuerch - How to sell online in SwitzerlandMeet Magento Italy

PDF

Il data-driven nell’e-commerce: il caso studio AlessiMeet Magento Italy

PDF

Philippe Bernou - Seamless omnichannel solutions with Magento order managementMeet Magento Italy

PDF

Giovanni Cappellotto - Navigare nelle acque agitate del marketing su Amazon e...Meet Magento Italy