An inconvenient Zeus: The rise of SaaS targeted malware We at Adallom are proposing a 20 minute session where we will showcase a new variant of Zeus which we have found in the wild that specifically targets Salesforce.com users. It remains dormant until the user logs in to SFDC and then discretely piggybacks on the user session, downloads data, and uploads it to a Dropbox account. We will do a live demonstration of an attack as well as show that Salesforce.com shows no record of the attack, meaning it can execute very clandestinely.
Bio:
Ami Luttwak is the co-founder and CTO of Adallom, a complete cloud security solution provider for SaaS applications. Prior to that, he was a senior software architect at Phonaris, where he designed the architecture and led the development of the Phonaris agents for the iPhone and Android platforms. Luttwak is an alumnus of the Israeli Defense Force's 8200 unit.