Public speaking engagement on malware - help!

Discussion in 'other security issues & news' started by AshG, Dec 10, 2007.

Thread Status:
Not open for further replies.
  1. AshG

    AshG Registered Member

    Joined:
    May 7, 2005
    Posts:
    206
    Location:
    East TN
    Because of the work I've done for several people in my county, I've been asked to speak to the local computer club on several topics. Of these, the one I feel least comfortable talking about is malware.

    Don't get me wrong - I know exactly what I'm talking about, but the stigma of recommending a product or even recommending they pick one from a wide selection leaves me kind of queasy. Worst of all, I am most nervous about talking about social engineering popups and emails with a mostly older crowd that is sensitive about the fact that many of them have fallen for those things. And let's not even begin to think about the "I hate Product X! Product X is scum!" lambasting I could run into with some people.

    I want these guys to have a good experience and go home less afraid of the internet and their computers than they were before they heard me speak. I want them to not be overloaded with trivial knowledge and geekspeak/techspeak, but still get the point of what I have to say. Are there any recommendations out there on how to accomplish this?
     
  2. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,874
    Location:
    New England
    Speak of common sense.

    Use real world examples of what is NOT real in the malware world of spam, bogus links, and really weird emails. :isay:

    Tell them if they have not entered the XYZ Lottery, then they probably have not won it. So, don't answer those messages. Tie it back to the seniors generation of how they handle unwanted door-to-door salesman. Trust, but verify. Be smart. Don't be fooled.

    That really is the best advice we can give anyone.
     
  3. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
  4. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    Hi, I think it's cool that you've been invited to speak. I'm not one of the big experts here, but I have a suggestion. It would be good to point out that it is necessary to keep Windows, security programs and other internet facing programs (IM's, media players, etc.) up to date. Most malware targets exploits in existing programs that are not updated/vunerable. The bad guys go after the easy, vulnerable targets or 'the low hanging fruit'. Tell them if they can't afford to keep there 'preferred' security softwares up to date, there are good free one's available. Maybe a simple handout with some links and simple rules like 1 AV, 1 firewall and 1 AS/AM.

    It may be a little much, but you may stress scanning everything they download with all there scanners before installing the download. Perhaps suggest a few on-demand scanners and let them pick 2 for this job and to update them before scanning the download. In My Documents, I have a folder named downloads that everything gets downloaded to.

    Then, tell them to get a sandbox program and virtualization and imaging programs... o_O Nah... I'm just kiddin'. Just be yourself and you'll be fine. They chose you for a reason to speak. You must be doing something right :thumb: .
     
  5. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    A good example would be exploits on MySpace. From one analysis,

    http://isc.sans.org/diary.html?storyid=3060
    The decoded result of /routine.php is an attempt to exploit vulnerable IE client browsers using the Internet Explorer (MDAC) Remote Code Execution Exploit (MS06-014) for which Microsoft released a patch in May 2006.


    ----
    rich
     
  6. DVD+R

    DVD+R Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    1,979
    Location:
    The Antipodes

    What if they dont understand Russian :blink:
     
Loading...
Thread Status:
Not open for further replies.