Bulletproof Proxies—How Large-Scale Attacks Hide in Plain Sight

Date: Monday, 23 September 2019

Time: 12:00 PM (EDT) / 11:00 AM (CDT) / 09:00 AM (PDT) / 16:00 (UTC)

Duration: 1H

Will Glazier

Head of CQ Prime Threat Research Team at Cequence

Bulletproof Proxies have taken the concepts of anonymity and availability found in Bulletproof Hosting and extended them to the automated bot attack delivery infrastructure by using large networks of Residential Proxies that mask identity and location.

Bulletproof Proxies allow bad actors to distribute their attacks across legitimate user locations making detection and prevention difficult.

This session will cover the following topics:

  • The rise of Bulletproof Proxies – how they came to exist
  • The balancing act between legitimate and malicious use
  • Techniques used to mask their identity and location
  • Details on large scale attacks targeting financial services and retail sector

Glazier is Head of Cequence Security's new CQ Prime Threat Research Team, whose mission is to help the security industry better understand how cybercriminals execute automated, malicious bot attacks against web, mobile, and API-based applications.

As Head of CQ Research, Glazier focuses on the rapidly escalating problems of account takeover, fake account creation and content scraping at scale. He has an extensive background in fraud and abuse prevention, as well as building threat intelligence systems and databases.

Glazier has also extensively studied the shared attacker infrastructure and network fingerprints of tools used by cybercriminals to carry out these attacks and has presented research at various security conferences such as BotConf, Hack.lu and GreHack.