AusCert 2013: Global Network Security

AusCert 2013: Global Network Security

Video of this presentation can be found at:

This presentation focused on the results of a 12-month research project that involved scanning the internet at large for a number of common services. The original intent of the project was to identify cases where vendors or ISPs have put large groups of consumers at risk due to negligent practices. These results have been obtained and continue to be collected and analyzed. In addition to the consumer-level issues, quite a few major exposures have been identified during the analysis of the data set. So far, this analysis has helped four other independent research teams quantify their results and resulted in Bloomberg/NYT coverage due to its use in identifying the FinFisher botnet C&C systems (a government-run malware environment). This data is immensely useful for quantifying exposure, identifying new global-scale threats, and creating indicators of future compromise.


HD Moore

May 23, 2013