Learning from the bad guys is learning from the best
A practical overview on how the bad guys adopt and circumvent any security initiatives and what we can do about it
Furthermore we discuss what Mebroot is doing with its Sizzler CSS engine where we can find scary functions such as "CreateTransactions" that take all transaction details (including transaction one time passwords)
as parameters to automatically execute a wire transfer and how the bad guys get around any device fingerprinting that some service providers use.
Lastly we discuss some ways what we can do to improve the situation and to get back on top of these threats.