We are waiting for everyone on the bright side of the force!

    On May 30 and 31 at the Digital October technology center in Moscow, the Positive Hack Days international forum on practical safety is being held , which everyone has already heard about. Yesterday at noon the registration for the event opened, and it is probably very difficult to get there now. Therefore, we first draw your attention to useful information in the Positive Technologies post .

    As for our expectations from the forum, as always, it is difficult to hide the enthusiasm for the composition. Friends, this will be a clash of the elements, something cosmic. Perhaps for someone even shock therapy. The main thing is that according to the results, everyone should switch to the bright side of the force, and young talents should send their talents in a peaceful direction, and companies should correctly ensure the information security of their resources. And we’ll provide cookies ...


    Kaspersky Lab at Positive Hack Days traditionally pays attention to highlighting the most pressing topics, which are becoming more and more complicated every year. This year, our experts will cover topics such as:

    Alexander Gostev: Duqu Mystery The
    report is about Duqu, a complex Trojan that seems to have been written by the creators of the infamous Stuxnet worm. Its main goal is to act as a backdoor in the system, simplifying the theft of private information. This is its main difference from Stuxnet, whose main goal was sabotage at industrial facilities.

    An analysis of the activities of the victim organizations and the nature of the information that interested the authors of Duqu leads us to conclude that the main goal of the attackers was any information on industrial production management systems in various industries, as well as on trade relations of a number of Iranian organizations.

    A number of signs indicate that the Duqu Trojan virus could exist in 2007-2008 in the form of earlier versions, as well as the fact that the Stuxnet worm was created on the basis of some platform that was used to create Duqu. Moreover, the development of Duqu and Stuxnet could be conducted in parallel, at the same time.

    Vitaliy Kamlyuk: Three latest stories about malware attacks on DBO systems

    This report presents an analysis of three malicious programs, which are the most active and high-tech at the moment. The malicious program Lurk is one of the most active and hidden during the attack on Russian banks. The malicious program SpyEye, has distinguished itself this month by updating the module for tracking user actions through a webcam. Cridex, seen in several large mass mailings, is the last major competitor for Zeus and SpyEye to attack international banks and banking systems.

    Andrey Dukhvalov: Protection of industrial information systems - a factor in the survival of mankind

    Modern civilization unconditionally depends on information systems. Particularly high degree of dependence in the industry. Nuclear and hydroelectric power stations, oil and gas pipelines, national electricity distribution networks, transport systems of national and world level are objects managed by information systems. Protection of automated control systems of facilities that can affect the sustainability of countries, peoples and continents is a super-task for IT security specialists.

    Now Kaspersky Lab is developing a security system for industrial information systems.

    Maria Garnayeva: Methods of inserting sticks in wheels to botmasters: Kelihos botnet

    Kheli Tech and Microsoft, as part of a project codenamed Operation b79, led to the sinkholing of the first Kelihos botnet. In March 2012, Kaspersky Lab and CrowdStrike disabled the second Kelihos botnet, which its creators began to form immediately after the loss of the first. Both botnets were based on the P2P architecture, which had previously been theoretically considered invulnerable to synchronization.

    The presentation will examine the technical features of the sinkholing method with a description of the Kelihos communication protocol, changes to new botnet versions, and also explain why sinkholing is a useful action from the speaker’s point of view, but only a temporary solution to neutralizing the botnets.

    Sergey Nevstroyev: Practical aspects of mobile security

    How real are mobile threats? Kaspersky Lab experts will show that infection is possible when using completely innocent things, for example, a Google search or a game in Angry Birds. We will also visually consider effective technologies for protecting mobile devices.
    It is noteworthy that most of the threats to mobile platforms come from Russia.

    If you have leading questions that you would like to ask at the event, you can ask them in the comments so that we can prepare well. :) And if you can’t come, then also ask about topics of interest to us - we will try to compensate for your absence a little.

    Also popular now: