Espionage - Utilizing Web 2.0, SSH Tunneling and a Trusted Insider

by Ahmed Abdel-Aziz
Sept. 1, 2017 0 comments SANS Institute Pen Testing & Audits incident handling

Since the threat trend is moving from large number and unfocused attacks to fewer, highly targeted and financially motivated attacks [Kinghorn 2007], Espionage security incidents are naturally expected to be on the rise. Through the technical report, I hope to demonstrate to the readers an example of how social networking sites that are becoming evermore popular can aid an attacker [Walls 2007], especially in the reconnaissance and exploit stages of the attack. Also highlighting the danger of the improper use of the SSH reverse tunneling technique, and how important it is to have security policy that users are aware of and follow.

https://www.sans.org/reading-room/whitepapers/incident/espionage-utilizing-web-20-ssh-tunneling-t...