ISSA - Metro Atlanta Chapter of Information Systems Security Ass    
 
HomeInformation Security Atlanta
EventsInformation Security Atlanta
MembershipInformation Security Atlanta
Career ResourcesInformation Security Atlanta
SponsorshipInformation Security Atlanta
Contact UsInformation Security Atlanta
 
Dhanya Thakkar

Dhanya Thakkar

Inside the Mass Web Hack Third Brigade

Dhanya Thakkar, Vice President Security Center
Third Brigade

Presentation Abstract:
Over the past few months, a sophisticated mass infection has injected attack code into more than a million web pages. Reputable sites and web applications that have been affected include those belonging to the US Department of Homeland Security, the United Nations, the UK Civil Service and the Government of Canada, along with thousands of other businesses and organizations. The attacks which are still ongoing started early in the month of March and by Wednesday March 12, 2008, 10,000 Web pages were affected by the attack. Within three days, the numbers reached 14,000 pages, which means that about 1000 pages a day were being attacked and infected. After many subsequent attack waves, it is estimated that more than 1.5 million pages worldwide have been impacted.

Third Brigade has been investigating, analyzing and providing protection against these and other web attacks. The SQL-based mass web hack follows a pattern of injecting malicious code into the website and then downloading malware onto the machines of unsuspecting visitors to the infected Web Sites. This webinar will equip you with the knowledge you need to help ensure your organization is better able to prevent this type of sophisticated web attack.

In this session you will:

  • Understand the multi-step process followed by hackers and help understand what made this attack so unique and widespread.
  • Get a detailed analysis of the Javascript code and the evolution of code in different waves of attack.
  • Discover the obfuscation and evasion techniques used in the Javascript as well as attack code, and how it bypassed traditional security controls.
  • See a demonstration of how it worked, and how it can be prevented.
  • Learn the four ways that a host intrusion defense system can be used to mitigate the risk of this attack.

Bio:
As the Vice President, Security Center at Third Brigade, Dhanya Thakkar is responsible for overseeing the Vulnerability Research teams in Bangalore, India and Ottawa, Canada. This combined team researches, examines, analyzes and reports on various software vulnerabilities and exploits threatening operating systems and enterprise and web applications in physical and virtual environments. Dhanya’s team provides Third Brigade customers with recommended responses, and develops new filters that protect against these threats. Dhanya has dedicated the past 14 years to development and services in the information security software industry. Prior to joining Third Brigade, Dhanya held various management and technical lead positions with Entrust, including Director of Professional Services. Dhanya Thakkar is co-inventor of two patented technologies and has published internet briefs on software technology. He earned his bachelor's degree in Computer Science from Maharaja Sayajirao University in India. Dhanya is a frequent speaker and representative at industry events and forums around the world.


top | previous page email page | print

Speakers
ISSA Metro Atlanta Chapter Sponsors

Cyber-Ark

Excelovation

Fishnet Security
Infoblox

Kaspersky Lab

PricewaterhouseCoopersMcAfee

Mission Critical Systems

NitroSecurity

Qualys
Sourcefire 

Stonesoft 

TippingPoint 
 
     
ISSA - Information Systems Security Association - Metro Atlanta Chapter
Events · Membership · Career Resources · Sponsorship · Annual Conference
Register ·
User Account · search · Home · Contact Us

Website Strategy and Implementation
provided by Excelovation, Inc.
Computer security and web hosting
provided by Emerald Data Networks