Hacker s Perspective on your Windows Infrastructure: Windows 10 Mandatory Check List
|
|
- Loraine May
- 7 years ago
- Views:
Transcription
1 Hacker s Perspective on your Windows Infrastructure: Windows 10 Mandatory Check List Paula Januszkiewicz CQURE: CEO, Penetration Tester CQURE Offices: New York, Dubai, Warsaw MVP: Enterprise Security, MCT #win10tour
2
3 Our tools: Tools Check out the following links: - Benjamin Delpy - Csaba Barta
4 Be familiar with the possibilities of the operating system From the user mode and kernel mode We are NOT talking about the forensics! just doing a little hacking + conclusions My goal: See one of the ways hacker can act
5
6 From the network perspective Public services, IP address range etc. Business model Branch connections Potential points of entry From the habits perspective Corporate policy Administrator s friends and hobby User s habits
7 Users Users rarely have software up to date Awareness issues... But for hacker it may be not enough Administrators Local account Password reuse for workstations Different password for workstations Domain account Domain user being local administrator Domain administrator
8 Scripts are Cool
9 Services DLLs Startup (Menu Start) Task Scheduler LSA Providers Run, Run Once GPO Notification Package Winlogon Image Hijacking Drivers Etc.
10 Stay Persistent
11 If you are not ready to attack: Stay stealth and do not change the system behavior Hide your traces Processes Files Infrastructure performance Network traffic Server / Client Platform Performance
12 Stay undetected
13 and find more victims Make recognition where you can get in (ADMIN$) Service Accounts Connection Strings / Application Pool LSA Secrets Inappropriate permissions
14 Victim Recon
15 PASS THE HASH ATTACKS Today s security challenge
16 TODAY S SECURITY CHALLENGE PASS THE HASH ATTACKS
17 PASS THE HASH TECHNIQUE Fred s Laptop Sue s Laptop File Server Fred s User Session Sue s User Session User: Fred Password hash: A3D7 2 User: Sue Password hash: C9DF Malware Session User: Administrator Password hash: E1977 User: Adm... Hash:E1977 Malware User Session User: Adm User: Sue Hash: E1977 Hash: C9DF User: Sue Hash:C9DF FRED RUNS MALWARE, HE IS A LOCAL ADMINISTRATOR 2. THERE IS A PASS THE HASH SESSION ESTABLISHED WITH ANOTHER COMPUTER 3. MALWARE INFECTS SUE S LAPTOP AS FRED 4. MALWARE INFECTS FILE SERVER AS SUE
18 VSM uses Hyper-V powered secure execution environment to protect derived credentials you can get things in but can t get things out P-T-H SOLUTION Decouples NTLM hash from logon secret PASS THE HASH ATTACKS Fully randomizes and manages full length NTLM hash to prevent brute force attack Derived credentials that VSM protected LSA Service gives to Windows are non-replayable
19 Virtualization VIRTUAL SECURE MODE (VSM) VSM isolates sensitive Windows processes in a hardware based Hyper-V container VSM runs the Windows Kernel and a series of Trustlets (Processes) within it VSM protects VSM kernel and Trustlets even if Windows Kernel is fully compromised Requires processor virtualization extensions (e.g.: VT-X, VT-D)
20 Local Security Auth Service Virtual TPM Hyper-Visor Code Integrity Virtual Secure Mode Apps Virtual Secure Mode (VSM) Windows
21 Windows 10: Local Account
22 Windows 10: Domain Account
23
24
25 and reboot the machine
26 VSM Enabled Windows 10: VSM Enabled
27
28
29
30
31
32 Create the remotely controlled network Automate next scans Create your own botnet What can be the hacker s goal in your infrastructure?
33
34 Stay Anonymous Know your victim Use the social skills Stay persistent Stay undetected Use victims to attack more targets
35 Learn how to detect malicious situations Know your system when it is safe you need a baseline If you detect a successful attack do not try to fight Report the issue Investigate and do an IT Audit Estimate the range of the attack Know how to recover your data, when necessary
Microsoft MVP (Enterprise / Azure Security 9 Years) Microsoft Certified Trainer (20 years) Founder: Cybercrime Security Forum!
Session Overview Andy Malone (Scotland, UK) Microsoft MVP (Enterprise / Azure Security 9 Years) Microsoft Certified Trainer (20 years) Founder: Cybercrime Security Forum! Worldwide Event Speaker Winner:
More informationMasterclass: Internet Information Services Management (IIS 8.5 / 8 / 7.5)
Masterclass: Internet Information Services Management (IIS 8.5 / 8 / 7.5) by Paula Januszkiewicz (3 days) Paula Januszkiewicz Paula Januszkiewicz is the world-known Security Expert. Loves to perform Penetration
More information2. From a control perspective, the PRIMARY objective of classifying information assets is to:
MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected
More information5 Steps to Advanced Threat Protection
5 Steps to Advanced Threat Protection Agenda Endpoint Protection Gap Profile of Advanced Threats Consensus Audit Guidelines 5 Steps to Advanced Threat Protection Resources 20 Years of Chasing Malicious
More informationPass-the-Hash II: Admin s Revenge. Skip Duckwall & Chris Campbell
Pass-the-Hash II: Admin s Revenge Skip Duckwall & Chris Campbell Do you know who I am? Skip Co-presented PTH talk last year at BH, Derbycon http://passing-the-hash.blogspot.com @passingthehash on twitter
More informationWhat s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.
What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things. AGENDA Current State of Information Security Data Breach Statics Data Breach Case Studies Why current
More informationWindows 7, Enterprise Desktop Support Technician
Course 50331D: Windows 7, Enterprise Desktop Support Technician Page 1 of 11 Windows 7, Enterprise Desktop Support Technician Course 50331D: 4 days; Instructor-Led Introduction This four-day instructor-ledcourse
More informationWindows 7, Enterprise Desktop Support Technician Course 50331: 5 days; Instructor-led
Lincoln Land Community College Capital City Training Center 130 West Mason Springfield, IL 62702 217-782-7436 www.llcc.edu/cctc Windows 7, Enterprise Desktop Support Technician Course 50331: 5 days; Instructor-led
More informationCourse Description. Course Audience. Course Outline. Course Page - Page 1 of 12
Course Page - Page 1 of 12 Windows 7 Enterprise Desktop Support Technician M-50331 Length: 5 days Price: $2,795.00 Course Description This five-day instructor-led course provides students with the knowledge
More informationCS 356 Lecture 25 and 26 Operating System Security. Spring 2013
CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control
More informationEC-Council CAST CENTER FOR ADVANCED SECURITY TRAINING. CAST 616 Securing Windows Infrastructure. Make The Difference CAST.
CENTER FOR ADVANCED SECURITY TRAINING 616 Securing Windows Infrastructure Make The Difference About Center of Advanced Security Training () The rapidly evolving information security landscape now requires
More information"Charting the Course... ... to Your Success!" MOC 50331 D Windows 7 Enterprise Desktop Support Technician Course Summary
Description Course Summary This course provides students with the knowledge and skills needed to isolate, document and resolve problems on a Windows 7 desktop or laptop computer. It will also help test
More informationPass-the-Hash: How Attackers Spread and How to Stop Them
Pass-the-Hash: How Attackers Spread and How to Stop Them SESSION ID: HTA-W03 Mark Russinovich Technical Fellow Microsoft Corporation Nathan Ide Principal Development Lead Microsoft Corporation Pass-the-Hash:
More informationInformation Security Services
Information Security Services Information Security In 2013, Symantec reported a 62% increase in data breaches over 2012. These data breaches had tremendous impacts on many companies, resulting in intellectual
More informationNetworks and Security Lab. Network Forensics
Networks and Security Lab Network Forensics Network Forensics - continued We start off from the previous week s exercises and analyze each trace file in detail. Tools needed: Wireshark and your favorite
More informationGOOD GUYS VS BAD GUYS: USING BIG DATA TO COUNTERACT ADVANCED THREATS. Joe Goldberg. Splunk. Session ID: SPO-W09 Session Classification: Intermediate
GOOD GUYS VS BAD GUYS: USING BIG DATA TO COUNTERACT ADVANCED THREATS Joe Goldberg Splunk Session ID: SPO-W09 Session Classification: Intermediate About Me Joe Goldberg Current: Splunk - Security Evangelist
More informationModule 3: Resolve Software Failure This module explains how to fix problems with applications that have problems after being installed.
CÔNG TY CỔ PHẦN TRƯỜNG CNTT TÂN ĐỨC TAN DUC INFORMATION TECHNOLOGY SCHOOL JSC LEARN MORE WITH LESS! 50331 - Windows 7, Enterprise Desktop Support Technician Duration: 5 days About this Course This five-day
More informationCompliance Guide ISO 27002. Compliance Guide. September 2015. Contents. Introduction 1. Detailed Controls Mapping 2.
ISO 27002 Compliance Guide September 2015 Contents Compliance Guide 01 02 03 Introduction 1 Detailed Controls Mapping 2 About Rapid7 7 01 INTRODUCTION If you re looking for a comprehensive, global framework
More informationTargeted Intrusion Remediation: Lessons From The Front Lines. Jim Aldridge
Targeted Intrusion Remediation: Lessons From The Front Lines Jim Aldridge All information is derived from MANDIANT observations in non-classified environments. Information has beensanitized where necessary
More informationFive Steps to Improve Internal Network Security. Chattanooga Information security Professionals
Five Steps to Improve Internal Network Security Chattanooga Information security Professionals Who Am I? Security Analyst: Sword & Shield Blogger: averagesecurityguy.info Developer: github.com/averagesecurityguy
More informationThreat landscape how are you getting attacked and what can you do better protect yourself and your e-commerce platform
Threat landscape how are you getting attacked and what can you do better protect yourself and your e-commerce platform Sebastian Zabala Senior Systems Engineer 2013 Trustwave Holdings, Inc. 1 THREAT MANAGEMENT
More informationPresented by Evan Sylvester, CISSP
Presented by Evan Sylvester, CISSP Who Am I? Evan Sylvester FAST Information Security Officer MBA, Texas State University BBA in Management Information Systems at the University of Texas Certified Information
More informationUnit 3 Research Project. Eddie S. Jackson. Kaplan University. IT540: Management of Information Security. Kenneth L. Flick, Ph.D.
Running head: UNIT 3 RESEARCH PROJECT 1 Unit 3 Research Project Eddie S. Jackson Kaplan University IT540: Management of Information Security Kenneth L. Flick, Ph.D. 10/07/2014 UNIT 3 RESEARCH PROJECT 2
More informationFORBIDDEN - Ethical Hacking Workshop Duration
Workshop Course Module FORBIDDEN - Ethical Hacking Workshop Duration Lecture and Demonstration : 15 Hours Security Challenge : 01 Hours Introduction Security can't be guaranteed. As Clint Eastwood once
More informationOperating System Security
Operating System Security Klaus Schütz Windows OS Security Microsoft Redmond Before I start My VP love(d) me A frustrated friend 1 Agenda Evolution of Threats Client vs. Server Security Operating System
More informationMCTS Guide to Microsoft Windows 7. Chapter 7 Windows 7 Security Features
MCTS Guide to Microsoft Windows 7 Chapter 7 Windows 7 Security Features Objectives Describe Windows 7 Security Improvements Use the local security policy to secure Windows 7 Enable auditing to record security
More informationPractical Threat Intelligence. with Bromium LAVA
Practical Threat Intelligence with Bromium LAVA Practical Threat Intelligence Executive Summary Threat intelligence today is costly and time consuming and does not always result in a reduction of successful
More informationWindows Operating Systems. Basic Security
Windows Operating Systems Basic Security Objectives Explain Windows Operating System (OS) common configurations Recognize OS related threats Apply major steps in securing the OS Windows Operating System
More informationBotnets: The dark side of cloud computing
Botnets: The dark side of cloud computing By Angelo Comazzetto, Senior Product Manager Botnets pose a serious threat to your network, your business, your partners and customers. Botnets rival the power
More informationDesktop Virtualization. The back-end
Desktop Virtualization The back-end Will desktop virtualization really fit every user? Cost? Scalability? User Experience? Beyond VDI with FlexCast Mobile users Guest workers Office workers Remote workers
More informationFundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals
Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals Learning Objective Explain the concepts of information systems security (ISS) as applied to an IT infrastructure.
More informationMalicious Websites uncover vulnerabilities (browser, plugins, webapp, server), initiate attack steal sensitive information, install malware, compromise victim s machine Malicious Websites uncover vulnerabilities
More informationBest Practices for DanPac Express Cyber Security
March 2015 - Page 1 Best Practices for This whitepaper describes best practices that will help you maintain a cyber-secure DanPac Express system. www.daniel.com March 2015 - Page 2 Table of Content 1 Introduction
More informationExploiting Transparent User Identification Systems
Exploiting Transparent User Identification Systems Wayne Murphy Benjamin Burns Version 1.0a 1 CONTENTS 1.0 Introduction... 3 1.1 Project Objectives... 3 2.0 Brief Summary of Findings... 4 3.0 Background
More informationThe Value of Physical Memory for Incident Response
The Value of Physical Memory for Incident Response MCSI 3604 Fair Oaks Blvd Suite 250 Sacramento, CA 95864 www.mcsi.mantech.com 2003-2015 ManTech Cyber Solutions International, All Rights Reserved. Physical
More informationWhy You Need to Detect More Than PtH. Matt Hathaway, Senior Product Manager, Rapid7 Jeff Myers, Lead Software Engineer, Rapid7
Why You Need to Detect More Than PtH Matt Hathaway, Senior Product Manager, Rapid7 Jeff Myers, Lead Software Engineer, Rapid7 Who We Are! Matt Hathaway Senior Product Manager for Rapid7 UserInsight Former
More informationSANS Institute First Five Quick Wins
#1 QUICK WIN- APPLICATION WHITELISTING SANS Critical Controls: #2: Inventory of Authorized and Unauthorized Software 1) Deploy application whitelisting technology that allows systems to run software only
More informationApplication Security Testing
Tstsec - Version: 1 09 July 2016 Application Security Testing Application Security Testing Tstsec - Version: 1 4 days Course Description: We are living in a world of data and communication, in which the
More informationAlert (TA14-212A) Backoff Point-of-Sale Malware
Alert (TA14-212A) Backoff Point-of-Sale Malware Original release date: July 31, 2014 Systems Affected Point-of-Sale Systems Overview This advisory was prepared in collaboration with the National Cybersecurity
More informationWeb Security School Final Exam
Web Security School Final Exam By Michael Cobb 1.) Which of the following services is not required to run a Windows server solely configured to run IIS and publish a Web site on the Internet? a. IIS Admin
More informationIntel Cyber-Security Briefing: Trends, Solutions, and Opportunities
Intel Cyber-Security Briefing: Trends, Solutions, and Opportunities John Skinner, Director, Secure Enterprise and Cloud, Intel Americas, Inc. May 2012 Agenda Intel + McAfee: What it means Computing trends
More informationVirtualization for Security
Virtualization for Security t j Including Sandboxing, Disaster Recovery, High Availability, Forensic Analysis, and Honeypotting John Hoopes Technical Editor Aaron Bawcom Paul Kenealy Wesley J. Noonan Craig
More informationBreach Found. Did It Hurt?
ANALYST BRIEF Breach Found. Did It Hurt? INCIDENT RESPONSE PART 2: A PROCESS FOR ASSESSING LOSS Authors Christopher Morales, Jason Pappalexis Overview Malware infections impact every organization. Many
More informationEnhancing Organizational Security Through the Use of Virtual Smart Cards
Enhancing Organizational Security Through the Use of Virtual Smart Cards Today s organizations, both large and small, are faced with the challenging task of securing a seemingly borderless domain of company
More informationTop Ten Cyber Threats
Top Ten Cyber Threats Margaret M. McMahon, Ph.D. ICCRTS 2014 Introduction 2 Motivation Outline How malware affects a system Top Ten (Simple to complex) Brief description Explain impacts Main takeaways
More informationHow We're Getting Creamed
ed Attacks How We're Getting Creamed By Ed Skoudis June 9, 2011 ed Attacks - 2011 Ed Skoudis 1 $ cut -f5 -d: /etc/passwd grep -i skoudis Ed Skoudis Started infosec career at Bellcore in 1996 working for
More informationLoophole+ with Ethical Hacking and Penetration Testing
Loophole+ with Ethical Hacking and Penetration Testing Duration Lecture and Demonstration: 15 Hours Security Challenge: 01 Hours Introduction Security can't be guaranteed. As Clint Eastwood once said,
More informationLesson Plans Microsoft s Managing and Maintaining a Microsoft Windows Server 2003 Environment
Lesson Plans Microsoft s Managing and Maintaining a Microsoft Windows Server 2003 Environment (Exam 70-290) Table of Contents Table of Contents... 1 Course Overview... 2 Section 0-1: Introduction... 4
More informationEthical Hacking Course Layout
Ethical Hacking Course Layout Introduction to Ethical Hacking o What is Information Security? o Problems faced by the Corporate World o Why Corporate needs Information Security? Who is a Hacker? o Type
More informationWindows 7. Qing Liu Qing.Liu@chi.frb.org Michael Stevens Michael.Stevens@chi.frb.org
Windows 7 Qing Liu Qing.Liu@chi.frb.org Michael Stevens Michael.Stevens@chi.frb.org 1 Overview 1. Financial Institution s Preliminary Steps 2. User Interface 3. Data Protection 4. User and Group Changes
More informationSoftware that provides secure access to technology, everywhere.
Software that provides secure access to technology, everywhere. Joseph Patrick Schorr @JoeSchorr October, 2015 2015 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 1 Agenda What are we dealing with? How
More informationWindows servers. NT networks
Windows servers The NT security model NT networks Networked NT machines can be: Primary Domain controller Centralizes user database/authentication Backup Domain controller Domain member Non-domain member
More informationILTA HANDS ON Securing Windows 7
Securing Windows 7 8/23/2011 Table of Contents About this lab... 3 About the Laboratory Environment... 4 Lab 1: Restricting Users... 5 Exercise 1. Verify the default rights of users... 5 Exercise 2. Adding
More informationPenetration Testing Report. Client: xxxxxx Date: 19 th April 2014
1. Executive Summary Penetration Testing Report Client: xxxxxx Date: 19 th April 2014 On the 19th of April, a security assessment was carried out on the internal networks of xxxxxx, with the permission
More informationSecuring Active Directory Correctly
SESSION ID: TECH-F02 Securing Active Directory Correctly Derek Melber, MVP Technical Evangelist ManageEngine @derekmelber About Your Speaker Derek Melber, MCSE & MVP (Group Policy and AD) derek@manageengine.com
More informationMasterclass: Internet Information Services Management (IIS 8.5 / 8 / 7.5)
Masterclass: Internet Information Services Management (IIS 8.5 / 8 / 7.5) CQURE Academy (3 days) Trainer: Grzegorz Tworek Grzegorz has extensive experience on Virtualization, Security, Infrastructure and
More informationPerforming Advanced Incident Response Interactive Exercise
Performing Advanced Incident Response Interactive Exercise Post-Conference Summary Merlin Namuth Robert Huber SCENARIO 1 - PHISHING EMAILS... 3... 3 Mitigations... 3 SCENARIO 2 - IDS ALERT FOR PSEXEC...
More informationRed vs. Blue: Modern Active Directory Attacks, Detection, and Protection Whitepaper
Red vs. Blue: Modern Active Directory Attacks, Detection, and Protection Whitepaper Author: Sean Metcalf CTO Dan Solutions, Inc. sean@dansolutions.com www.dansolutions.com ADSecurity.org Contents Introduction...
More informationObjectif. Participant. Prérequis. Remarque. Programme. Windows 7, Enterprise Desktop Support Technician (seven)
Objectif This five-day instructor-ledcourse provides students with the knowledge and skills needed to isolate, document and resolve problems on a Windows 7 desktop or laptop computer. It will also help
More informationCloud and Security (Cloud hacked via Cloud) Lukas Grunwald
Cloud and Security (Cloud hacked via Cloud) Lukas Grunwald About DN-Systems Global Consulting and Technology Services Planning Evaluation Auditing Operates own Security Lab Project Management Integral
More informationGuidance End User Devices Security Guidance: Apple OS X 10.9
GOV.UK Guidance End User Devices Security Guidance: Apple OS X 10.9 Published 23 January 2014 Contents 1. Changes since previous guidance 2. Usage Scenario 3. Summary of Platform Security 4. How the Platform
More informationPenetration testing. A step beyond missing patches and weak passwords
Penetration testing A step beyond missing patches and weak passwords June 25 th, 2012 Eirik Thormodsrud Graduated from the ISG in 2006 Employed by Ernst & Young Norway ever since (5 ½ years) Manager at
More informationSpyware Doctor Enterprise Technical Data Sheet
Spyware Doctor Enterprise Technical Data Sheet The Best of Breed Anti-Spyware Solution for Businesses Spyware Doctor Enterprise builds on the strength of the industry-leading and multi award-winning Spyware
More informationSecurity A to Z the most important terms
Security A to Z the most important terms Part 1: A to D UNDERSTAND THE OFFICIAL TERMINOLOGY. This is F-Secure Labs. Learn more about the most important security terms with our official explanations from
More informationAll Information is derived from Mandiant consulting in a non-classified environment.
Disclaimer: All Information is derived from Mandiant consulting in a non-classified environment. Case Studies are representative of industry trends and have been derived from multiple client engagements.
More informationJort Kollerie SonicWALL
Jort Kollerie Cloud 85% of businesses said their organizations will use cloud tools moderately to extensively in the next 3 years. 68% of spend in private cloud solutions. - Bain and Dell 3 Confidential
More informationSeven Strategies to Defend ICSs
INTRODUCTION Cyber intrusions into US Critical Infrastructure systems are happening with increased frequency. For many industrial control systems (ICSs), it s not a matter of if an intrusion will take
More informationGuide to deploy MyUSBOnly via Windows Logon Script Revision 1.1. Menu
Menu INTRODUCTION...2 HOW DO I DEPLOY MYUSBONLY ON ALL OF MY COMPUTERS...3 ADMIN KIT...4 HOW TO SETUP A LOGON SCRIPTS...5 Why would I choose one method over another?...5 Can I use both methods to assign
More informationUSM IT Security Council Guide for Security Event Logging. Version 1.1
USM IT Security Council Guide for Security Event Logging Version 1.1 23 November 2010 1. General As outlined in the USM Security Guidelines, sections IV.3 and IV.4: IV.3. Institutions must maintain appropriate
More informationWindows Attack - Gain Enterprise Admin Privileges in 5 Minutes
Windows Attack - Gain Enterprise Admin Privileges in 5 Minutes Compass Security AG, Daniel Stirnimann Compass Security AG Glärnischstrasse 7 Postfach 1628 CH-8640 Rapperswil Tel +41 55-214 41 60 Fax +41
More informationIs Drupal secure? A high-level perspective on web vulnerabilities, Drupal s solutions, and how to maintain site security
Is Drupal secure? A high-level perspective on web vulnerabilities, Drupal s solutions, and how to maintain site security Presented 2009-05-29 by David Strauss Thinking Securely Security is a process, not
More informationOverview of the Penetration Test Implementation and Service. Peter Kanters
Penetration Test Service @ ABN AMRO Overview of the Penetration Test Implementation and Service. Peter Kanters ABN AMRO / ISO April 2010 Contents 1. Introduction. 2. The history of Penetration Testing
More informationPenetration Testing: Lessons from the Field
Penetration Testing: Lessons from the Field CORE SECURITY TECHNOLOGIES SCS SERVICES May 2009 1 Agenda: About me: Alberto Soliño Director of Security Consulting Services at Core Security One of first five
More informationConcierge SIEM Reporting Overview
Concierge SIEM Reporting Overview Table of Contents Introduction... 2 Inventory View... 3 Internal Traffic View (IP Flow Data)... 4 External Traffic View (HTTP, SSL and DNS)... 5 Risk View (IPS Alerts
More informationThe Incident Response Playbook for Android and ios
SESSION ID: AIR-W03R The Incident Response Playbook for Android and ios Andrew Hoog CEO and Co-founder NowSecure @ahoog42 @NowSecureMobile Andrew Hoog Author of three books Incident Response for Android
More informationHow Attackers are Targeting Your Mobile Devices. Wade Williamson
How Attackers are Targeting Your Mobile Devices Wade Williamson Today s Agenda Brief overview of mobile computing today Understanding the risks Analysis of recently discovered malware Protections and best
More informationPlace partner logo and/or Microsoft Partner Program logo here
Place partner logo and/or Microsoft Partner Program logo here TODAY, WE RE EXPERIENCING A REVOLUTION OF CYBER-THREATS THE REVOLUTION CYBER-CRIME CYBER-ESPIONAGE CYBER-WARFARE CYBER-TERROR THE REVOLUTION
More informationSecurity as a Service
Security as a Service 360 Living Security Assessment Why Traditional Security Assessments Are Failing To Keep Up Professional Services Whitepaper April 2014 Craig D'Abreo, CISSP GCIH Vice President - Masergy
More informationFORENSIC ARTIFACTS FROM A PASS THE HASH (PTH) ATTACK BY: GERARD LAYGUI
FORENSIC ARTIFACTS FROM A PASS THE HASH (PTH) ATTACK BY: GERARD LAYGUI DISCLAIMER: THE VIEWS AND OPINIONS EXPRESSED IN THIS PRESENTATION ARE THOSE OF THE AUTHOR S AND DOES NOT NECESSARILY REPRESENT THE
More informationPowerShell for Penetration Testers
Training: PowerShell for Penetration Testers Dates of the training: March 14-15,2016 in Heidelberg, Germany Book Now using the code: TR16HMTRAINING and save an additional 10% of the current valid rate!
More informationSecurity & Threat Detection: Go Beyond Monitoring
Copyright 2014 Splunk Inc. Security & Threat Detection: Go Beyond Monitoring Philip Sow, CISSP Sales Engineering Manager SEA Security: We have come a long way.. FIG 1: New Malware Sample Over Years Advanced
More informationFeeling Vulnerable? Jamie S. Herman, C CISO, CISM, CISSP Balazs Bucsay, OSCE, OSCP, GIAC, GPEN
Feeling Vulnerable? Jamie S. Herman, C CISO, CISM, CISSP Balazs Bucsay, OSCE, OSCP, GIAC, GPEN Balazs Bucsay A Little About Us Hungarian Hacker 14 years of experience in IT- Security Strictly technical
More informationPenetration Testing - a way for improving our cyber security
OWASP EU Tour Bucharest 2013 The OWASP Foundation http://www.owasp.org Penetration Testing - a way for improving our cyber security Adrian Furtunǎ, PhD, OSCP, CEH adif2k8@gmail.com Copyright The OWASP
More informationDevice Hardening, Vulnerability Remediation and Mitigation for Security Compliance
Device Hardening, Vulnerability Remediation and Mitigation for Security Compliance Produced on behalf of New Net Technologies by STEVE BROADHEAD BROADBAND TESTING 2010 broadband testing and new net technologies
More informationTop 10 Anti-fraud Tips: The Cybersecurity Breach Aftermath
ebook Top 10 Anti-fraud Tips: The Cybersecurity Breach Aftermath Protecting against downstream fraud attacks in the wake of large-scale security breaches. Digital companies can no longer trust static login
More informationkurt.dillard.c@g2-inc.com kurtdillard@msn.com
kurt.dillard.c@g2-inc.com kurtdillard@msn.com What Changed Since Alpha What Hasn t Changed How do the USGCB and FDCC Relate? Building Your Test Lab Resources Core Networking - Dynamic Host Configuration
More informationA Decision Maker s Guide to Securing an IT Infrastructure
A Decision Maker s Guide to Securing an IT Infrastructure A Rackspace White Paper Spring 2010 Summary With so many malicious attacks taking place now, securing an IT infrastructure is vital. The purpose
More information10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)
1- A (firewall) is a computer program that permits a user on the internal network to access the internet but severely restricts transmissions from the outside 2- A (system failure) is the prolonged malfunction
More informationRedhawk Network Security, LLC 62958 Layton Ave., Suite One, Bend, OR 97701 sales@redhawksecurity.com 866-605- 6328 www.redhawksecurity.
Planning Guide for Penetration Testing John Pelley, CISSP, ISSAP, MBCI Long seen as a Payment Card Industry (PCI) best practice, penetration testing has become a requirement for PCI 3.1 effective July
More informationEnd User Devices Security Guidance: Apple OS X 10.10
GOV.UK Guidance End User Devices Security Guidance: Apple OS X 10.10 Published Contents 1. Changes since previous guidance 2. Usage scenario 3. Summary of platform security 4. How the platform can best
More informationBest Practices for DeltaV Cyber- Security
January 2013 Page 1 Best Practices for DeltaV Cyber- Security This document describes best practices will help you maintain a cyber-secure DeltaV digital automation system. www.deltav.com January 2013
More informationPTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access
The Best First for Beginners who want to become Penetration Testers PTSv2 in pills: Self-paced, online, flexible access 900+ interactive slides and 3 hours of video material Interactive and guided learning
More informationNERC CIP Ports & Services. Part 2: Complying With NERC CIP Documentation Requirements
NERC CIP Ports & Services Part 2: Complying With NERC CIP Documentation Requirements White Paper FoxGuard Solutions, Inc. November 2014 Defining Ports And Services In part 2 of our Ports and Services white
More informationNext-Generation Penetration Testing. Benjamin Mossé, MD, Mossé Security
Next-Generation Penetration Testing Benjamin Mossé, MD, Mossé Security About Me Managing Director of Mossé Security Creator of an Mossé Cyber Security Institute - in Melbourne +30,000 machines compromised
More informationCSE331: Introduction to Networks and Security. Lecture 32 Fall 2004
CSE331: Introduction to Networks and Security Lecture 32 Fall 2004 Hackers / Intruders External attacks Typical hacker Exploits carried out remotely Does not have an account on the remote machine Insider
More informationCEN 559 Selected Topics in Computer Engineering. Dr. Mostafa H. Dahshan KSU CCIS mdahshan@ccis.ksu.edu.sa
CEN 559 Selected Topics in Computer Engineering Dr. Mostafa H. Dahshan KSU CCIS mdahshan@ccis.ksu.edu.sa Access Control Access Control Which principals have access to which resources files they can read
More informationUsing TS-ACCESS for Remote Desktop Access
Using TS-ACCESS for Remote Desktop Access Introduction TS-ACCESS is a remote desktop access feature available to CUA faculty and staff who need to access administrative systems or other computing resources
More informationConfiguring, Managing and Maintaining Windows Server 2008 Servers
Configuring, Managing and Maintaining Windows Server 2008 Servers Elements of this syllabus are subject to change Course Details Course Code: 6419 Duration: Notes: 5 day(s) This course syllabus should
More informationCodes of Connection for Devices Connected to Newcastle University ICT Network
Code of Connection (CoCo) for Devices Connected to the University s Author Information Security Officer (Technical) Version V1.1 Date 23 April 2015 Introduction This Code of Connection (CoCo) establishes
More informationAgenda. Taxonomy of Botnet Threats. Background. Summary. Background. Taxonomy. Trend Micro Inc. Presented by Tushar Ranka
Taxonomy of Botnet Threats Trend Micro Inc. Presented by Tushar Ranka Agenda Summary Background Taxonomy Attacking Behavior Command & Control Rallying Mechanisms Communication Protocols Evasion Techniques
More information