Paul Judge

Paul Judge, chief research officer at Barracuda Networks shared results from a five month study the company conducted in which they analyzed over 3,000 fake Facebook profiles.

Boldizar Bencsath

Boldizar Bencsath discussed several recent targeted attacks, including Duqu, an attack he experienced firsthand. Bencsath led a small group of researchers in September 2011 in the Laboratory of Cryptography and System Security (CrSyS) of Budapest University of Technology and Economics, to identify the first strains of Duqu malware.

Brad Arkin

In a keynote on Thursday, Brad Arkin, Adobe’s Senior Director of Product Security and Privacy spoke on driving up the cost of exploits in products like Reader and Flash Player in an attempt to thwart would-be attackers. Fixing every security bug is often impossible, so instead of writing flawless code, Adobe and other vendors have begun actively seeking ways to make it hard on those trying to break their software.

Cancun, Mexico

At Kaspersky Lab’s Security Analyst Summit last week, over 100 researchers and law enforcement officials converged in Cancun, Mexico over the course of five days to network and discuss a veritable cornucopia of security topics. Topics such as privacy, SCADA and PLC security, tracking cybercriminals and the evolution of malware were discussed in depth. Flip through the following slides to see a collection of speaker highlights from SAS 2012.

In the 15 months since Google began offering rewards to researchers who report vulnerabilities in its Web applications, the company has paid out more than $400,000 in bug bounties. That’s a lot of money, even for Google, and the company is counting the program as a huge success.

The Russian software company, ElcomSoft, has developed a tool capable of recovering iWork passwords from Apple Numbers, Pages, and Keynote applications. According to ElcomSoft, ‘Distributed Password Recovery’ is the first commercially available tool with this capacity.

CANCUN–The offensive security research community has evolved in the last decade or so from a relatively small and insular group inwardly focused, to a large and rather vocal group with a wide variety of motives, opinions and skill levels. But, to hear Brad Arkin of Adobe tell it, the huge amount of talent in that community could be put to better use trying to develop new defensive technologies and techniques rather than searching for the next bug in an infinite sea of bugs.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.