Command & Control: Understanding, Denying and Detecting - A review of malware C2 techniques, detection and defences

In this survey, we first briefly review the current state of cyber attacks, highlighting significant recent changes in how and why such attacks are performed. We then investigate the mechanics of malware command and control (C2) establishment: we provide a comprehensive review of the techniques used by attackers to set up such a channel and to hide its presence from the attacked parties and the security tools they use. We then switch to the defensive side of the problem, and review approaches that have been proposed for the detection and disruption of C2 channels. We also map such techniques to widely-adopted security controls, emphasizing gaps or limitations (and success stories) in current best practices.Comment: Work commissioned by CPNI, available at c2report.org. 38 pages. Listing abstract compressed from version appearing in repor

Technologie RFID a Blochkchain v dodavatelském řetězci

The paper discusses the possibility of combining RFID and Blockchain technology to more effectively prevent counterfeiting of products or raw materials, and to solve problems related to production, logistics and storage. Linking these technologies can lead to better planning by increasing the transparency and traceability of industrial or logistical processes or such as efficient detection of critical chain sites.Příspěvek se zabývá možností kombinace technologií RFID a Blockchain pro účinnější zabránění padělání výrobků či surovin a řešení problémů spojených s výrobou, logistikou a skladováním. Spojení těchto technologií může vést k lepšímu plánování díky vyšší transparentnosti a sledovatelnosti průmyslových nebo logistických procesů, nebo například k efektivnímu zjišťování kritických míst řetězce