Way to beat that nasty...whitelisting. I guess that vector would work for a lot of these synchronization clients, so I guess good whitelisting is the only way. Luckily as I've started using AppSense DataNow instead of DropBox for mine, I get AppSense Application Manager along with it, which is probably the best whitelisting product I've seen.
Very interesting read though, just shows that traditional AV can't really fend off a determined hacker. Cheers, JR On 16 April 2013 15:07, Ziots, Edward <ezi...@lifespan.org> wrote: > Here is the slide deck on this:**** > > > https://media.blackhat.com/eu-13/briefings/Williams/bh-eu-13-dropsmack-jwilliams-slides.pdf > **** > > ** ** > > Good reading, scary thought but a lot are using Dropbox and not thinking > about the consequences….**** > > > http://www.techrepublic.com/blog/security/dropsmack-using-dropbox-to-steal-files-and-deliver-malware/9332?tag=nl.e036&s_cid=e036&ttag=e036 > **** > > ** ** > > Food for thought, especially from regulatory compliance standpoint. **** > > ** ** > > Z**** > > ** ** > > ** ** > > Edward E. Ziots, CISSP, CISA, Security +, Network +**** > > Security Engineer**** > > Lifespan Organization**** > > ezi...@lifespan.org**** > > Work:401-444-9081**** > > ** ** > > ** ** > > This electronic message and any attachments may be privileged and > confidential and protected from disclosure. If you are reading this > message, but are not the intended recipient, nor an employee or agent > responsible for delivering this message to the intended recipient, you are > hereby notified that you are strictly prohibited from copying, printing, > forwarding or otherwise disseminating this communication. If you have > received this communication in error, please immediately notify the sender > by replying to the message. Then, delete the message from your computer. > Thank you.**** > > *[image: Description: Description: Lifespan]* > > ** ** > > ** ** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
<<image002.jpg>>
