\\\\\\\\\\\\ DIGITAL FORENSICS ALUMNI //////////// Newsletter 34 - Marzo/Aprile 2014 \\\\\\\\\\\\\\\\\\\\\\\\\/////////////////////////
|
|
|
- Walter Dennis
- 8 years ago
- Views:
Transcription
1 \\\\\\\\\\\\ DIGITAL FORENSICS ALUMNI //////////// Newsletter 34 - Marzo/Aprile 2014 \\\\\\\\\\\\\\\\\\\\\\\\\///////////////////////// Indice: 1 - News 2 - Leggi, Dottrina, Giurisprudenza 3 - Papers/Tutorials 4 - Tools 5 - Formazione 6 - Conferences e Call for Papers 7 - Links ************************************************** DFA OPEN DAY giugno 2014 Milano Argomenti: OSINT e Investigazioni Digitali e Security e Incident Response aziendale Ingresso gratuito. NEWS IO NON CRAKKO LE PASSWORD! LE SO: RILASCIATO MIMIKATZ OFFLINE CORTE UE RIDIMENSIONA IL CONTROLLO DEI DATI TELEMATICI, MA SI RISCHIA UN VUOTO NORMATIVO icloud: PANORAMICA SULLA SICUREZZA E SULLA PRIVACY IN icloud DERUBATO DEL COMPUTER ATTIVA LA WEBCAM E METTE ONLINE LE FOTO DEL LADRO. FOTO A VENEZIA CON IPAD RUBATO, SCOPERTO RAPPORTO CLUSIT 2014 DISPONIBILE MULTA A GOOGLE PER STREET VIEW IL MALWARE CRYPTODEFENSE CIFRA I DATI DIMENTICANDO LA CHIAVE SUL PC CRYPTODEFENSE, THE CRYPTOLOCKER IMITATOR, MAKES OVER $34,000 IN ONE MONTH HIDDEN SIGNATURE IN ONLINE PHOTOS COULD HELP NAB CHILD ABUSERS 40 MILLION STOLEN CREDIT CARD NUMBERS: HOW THE TARGET BREACH HAPPENED EU LEGISLATORS APPROVE NEW CYBERSECURITY LAW EU DATA RETENTION DIRECTIVE RULED INVALID NSA'S PLANS REPORTEDLY INVOLVE INFECTING MILLIONS OF COMPUTERS WITH SURVEILLANCE MALWARE
2 NSA INFILTRATED HUAWEI NETWORKS, INSTALLED BACKDOORS WHITE HOUSE CALLS ON LAWMAKERS TO END NSA BULK METADATA COLLECTION CRIMINAL GROUP OF ONLINE FRAUDSTER DISMANTLED EU COURT OF JUSTICE RULES AGAINST DATA RETENTION DIRECTIVE [ITA] RUSSIA vs ITALY OVER COPYRIGHT VIOLATIONS NIST REMOVES CRYPTOGRAPHY ALGORITHM FROM RANDOM NUMBER GENERATOR RECOMMENDATIONS NEW ANDROID BITCOIN MINING MALWARE FOUND ON GOOGLE PLAY MASSIVE COLLECTION OF LEAKED PASSWORDS DEMYSTIFYING POINT OF SALE MALWARE AND ATTACKS ANDROID BOTNET TARGETS MIDDLE EAST BANKS BITCOIN MINING MALWARE FOUND ON SURVEILLANCE CAMERA DVRS POLICE HID USE OF CELL PHONE TRACKING DEVICE FROM JUDGE BECAUSE OF NDA EDWARD SNOWDEN SPEAKS AT SOUTH BY SOUTHWEST CONFERENCE THE IMPORTANCE OF FORENSIC TOOLS VALIDATION THE IMPORTANCE OF COMMAND AND CONTROL ANALYSIS FOR INCIDENT RESPONSE REX VS THE ROMANS ANTI HACKING TEAM KERNEL EXTENSION MALWARE STEALS APPLE ID CREDENTIALS FROM JAILBROKEN IOS DEVICES THE HEARTBLEED SAGA HEARTBLEED VULNERABILITY IN OPENSSL CRYPTOGRAPHIC LIBRARY CONFIRMED: NASTY HEARTBLEED BUG EXPOSES OPENVPN PRIVATE KEYS, TOO NSA DENIES IT KNEW ABOUT HEARTBLEED VULNERABILITY
3 LAVABIT CASE SUPPORTS NSA'S ASSERTION THAT THEY DID NOT HAVE HEARTBLEED RESEARCHERS SAY HEARTBLEED NOT EXPLOITED BEFORE DISCLOSURE OPENSSL HEARTBLEED: BLOODY NOSE FOR OPEN-SOURCE BLEEDING HEARTS TECH GIANTS, CHASTENED BY HEARTBLEED, FINALLY AGREE TO FUND OPENSSL LEGGI, DOTTRINA, GIURISPRUDENZA TRASMETTERE I FILE AZIENDALI ALL AVVOCATO: NON GIUSTIFICA IL LICENZIAMENTO Cassazione: per un post non si può oscurare un blog Cassazione: è diffamazione parlar male su Facebook anche senza fare nomi Crimini informatici: identità personale VS identità digitale Regole tecniche: protocollo e conservazione digitale Dlgs 21/ Contratti a distanza e Codice del consumo Regolamento Agcom diritto d'autore online Direttiva UE Network and Information Security (NIS) PAPERS/TUTORIALS 2014 DATA BREACH INVESTIGATIONS REPORT REVERSE ENGINEERING FOR BEGINNER RUSSIAN UNDERGROUND ECONOMY REVISITED PE INJECTION EXPLAINED DLL SIDE-LOADING: A THORN IN THE SIDE OF THE ANTI-VIRUS INDUSTRY JTAG GALAXY SIII KINDLE PAPERWHITE EXPLORATORY FORENSICS
4 A FORENSIC EXAMINER'S GUIDE TO GOOGLE GLASS [ITA] LE FRODI NELLA RETE WINDOWS 8 FORENSIC GUIDE [ITA] CLOUD FORENSICS MIMIKATZ OFFLINE - DUMPING PASSWORD IN WINDOWS HIBERNATION FILE OSX 10.9 MEMORY ACQUISITION TOOLS FOR ANALYZING STATIC PROPERTIES OF SUSPICIOUS FILES ON WINDOWS APT ATTRIBUTIONS AND DNS PROFILING SIGNATURE DETECTION WITH CROWDRESPONSE NEOPOCKET: A NEW ATM MALWARE MO SHELLS MO PROBLEMS: WEB SERVER LOG ANALYSIS THUNDERBIRD PARSER TOOLS MIMIKATZ OFFLINE ELCOMSOFT FORENSIC DISK DECRYPTOR W3AF - WEB APPLICATION ATTACK AND AUDIT FRAMEWORK DEFT DEFT 8.1 Virtual appliance PEFRAME - STATIC MALWARE ANALYSIS RAGPICKER MALWARE CRAWLER MANTARAY
![com/2012/05/thomson_windows-8-forensic-guide2.pdf [ITA] CLOUD FORENSICS http://mattiaep.blogspot.it/2014/04/pubblicata-la-mia-presentazione-su.](/docs-images/56/7596022/images/page_4.jpg "html MIMIKATZ OFFLINE - DUMPING PASSWORD IN WINDOWS HIBERNATION FILE http://blog.digital-forensics.it/2014/03/et-voila-le-mimikatz-offline.html http://blog.digital-forensics.it/2014/03/mimikatz-offline-addendum_28.")
5 FACEBOOK CHAT EXTRACTOR V1.2 FORMAZIONE SANS ICS/SCADA SECURITY ESSENTIALS May, 2014 London, United Kindom SANS HACKER TECHNIQUES, EXPLOITS & INCIDENT HANDLING June, 2014 Milan, Italy CONFERENCES & CFP DFA OPEN DAY June, 2014 Milano, Italy Argomenti: OSINT e Investigazioni Digitali e Security e Incident Response aziendale Ingresso gratuito. SANS "HACKER TECHNIQUES, EXPLOITS & INCIDENT HANDLING" June, 2014 Milano, Italy NOTA: per codice sconto 10% scrivere a pasquale.stirparo@sefirtech.com o mattia.epifani@realitynet.it ICDF2C - 6TH INTERNATIONAL CONFERENCE ON DIGITAL FORENSICS & CYBER CRIME September 18 20, 2014 New Haven, Connecticut, USA CLOUD SECURITY ALLIANCE EMEA CONGRESS November, 2014 Parco dei Principi Grand Hotel & Spa, Rome LINKS BLOGS & PORTALS
6 [ITA] [ITA] [ITA] [ITA] <--- NEW PODCASTS WIKIS TOOLS GOOGLE DIGITAL FORENSICS SEARCH Newsletter a cura del Consiglio dell Associazione DFA - Digital Forensics Alumni. INFORMATIVA AI SENSI DELL ART. 13 DEL D.LGS. 196/2003 Digital Forensics Alumni in qualità di titolare del trattamento dei dati personali, informa che i dati conf
CHROME 23 INCLUDES DO NOT TRACK OPTION http://arstechnica.com/tech-policy/2012/11/do-not-track-finally-arrives-with-version-23-of-chrom
\\\\\\\\\\\\ DIGITAL FORENSICS ALUMNI //////////// Newsletter 24 - Novembre 2012 \\\\\\\\\\\\\\\\\\\\\\\\\///////////////////////// Indice: 1 - News 2 - Leggi, Dottrina, Giurisprudenza 3 - Links 4 - Tools
NATIONWIDE INSURANCE NETWORK BREACH AFFECTS ONE MILLION http://www.scmagazine.com/personal-info-of-1m-compromised-in-nationwide-breach/article/270448/
\\\\\\\\\\\\ DIGITAL FORENSICS ALUMNI //////////// Newsletter 25 - Dicembre 2012 \\\\\\\\\\\\\\\\\\\\\\\\\///////////////////////// Indice: 1 - News 2 - Leggi, Dottrina, Giurisprudenza 3 - Links 4 - Tools
LA FARNESINA 'BUCATA' DAGLI HACKER http://espresso.repubblica.it/dettaglio/la-farnesina-bucata-dagli-hacker/2205912
\\\\\\\\\\\\ DIGITAL FORENSICS ALUMNI //////////// Newsletter 28 - Marzo/Aprile 2013 \\\\\\\\\\\\\\\\\\\\\\\\\///////////////////////// Indice: 1 - News 2 - Leggi, Dottrina, Giurisprudenza 3 - Links 4
AUSTRALIA'S PRIVACY COMMISSIONER TELLS GOOGLE TO DESTROY STREETVIEW PAYLOAD DATA http://www.theregister.co.uk/2012/08/08/google_must_destroy_data/
\\\\\\\\\\\\ DIGITAL FORENSICS ALUMNI //////////// Newsletter 21 - Agosto 2012 \\\\\\\\\\\\\\\\\\\\\\\\\///////////////////////// Indice: 1 - News 2 - Leggi, Dottrina, Giurisprudenza 3 - Links 4 - Tools
ARRIVA IL PRIMO BANCOMAT BITCOIN IN ITALIA http://www.repubblica.it/tecnologia/2014/06/11/news/il_primo_bitcoin_bancomat_in_italia-88645518/
\\\\\\\\\\\\ DIGITAL FORENSICS ALUMNI //////////// Newsletter 35 - Maggio/Giugno 2014 \\\\\\\\\\\\\\\\\\\\\\\\\///////////////////////// Indice: 1 - News 2 - Leggi, Dottrina, Giurisprudenza 3 - Papers/Tutorials
TOR: L'FBI SI INFILTRA E ARRESTA UN PEDOFILO http://www.tomshw.it/cont/news/tor-non-e-piu-blindata-l-fbi-si-infiltra-e-arresta-un-pedofilo/48
\\\\\\\\\\\\ DIGITAL FORENSICS ALUMNI //////////// Newsletter 30 - Luglio/Agosto 2013 \\\\\\\\\\\\\\\\\\\\\\\\\///////////////////////// Indice: 1 - News 2 - Leggi, Dottrina, Giurisprudenza 3 - Links 4
\\\\\\\\\\\\ DIGITAL FORENSICS ALUMNI //////////// Newsletter 36 - Luglio/Agosto 2014 \\\\\\\\\\\\\\\\\\\\\\\\\/////////////////////////
\\\\\\\\\\\\ DIGITAL FORENSICS ALUMNI //////////// Newsletter 36 - Luglio/Agosto 2014 \\\\\\\\\\\\\\\\\\\\\\\\\///////////////////////// Indice: 1 - News 2 - Leggi, Dottrina, Giurisprudenza 3 - Papers/Tutorials
TRATTAMENTI DATI PER ATTIVITÀ DI PROPAGANDA ELETTORALE - ESONERO DALL'INFORMATIVA http://www.garanteprivacy.it/garante/doc.jsp?
\\\\\\\\\\\\ DIGITAL FORENSICS ALUMNI //////////// Newsletter 17 - Aprile 2012 \\\\\\\\\\\\\\\\\\\\\\\\\///////////////////////// Indice: 1 - News 2 - Links 3 - Tools 4 - Papers 5 - Formazione 6 - Conferences
http://www.altalex.com/index.php?idu=193118&cmd5=21b8ec335692c54d0cada421fb338bae&idnot=16944
\\\\\\\\\\\\ DIGITAL FORENSICS ALUMNI //////////// Newsletter 18 - Maggio 2012 \\\\\\\\\\\\\\\\\\\\\\\\\///////////////////////// Indice: 1 - News 2 - Links 3 - Tools 4 - Papers 5 - Formazione 6 - Conferences
Intothe Eyeof the Twister 19 Oct2012
Cloud Forensics Intothe Eyeof the Twister 19 Oct2012 The Speaker Computer Engineering Degree Active Member of Commission IT Engineer to Engineers Association of Latina Province CLUSIT Member (ITALIAN INFORMATION
INDUSTRY OVERVIEW: HEALTHCARE
ii IBM MSS INDUSTRY OVERVIEW: HEALTHCARE RESEARCH AND INTELLIGENCE REPORT RELEASE DATE: OCTOBER 7, 2014 BY: JOHN KUHN, SENIOR THREAT RESEARCHER iii TABLE OF CONTENTS EXECUTIVE OVERVIEW/KEY FINDINGS...
SENTENZA DELLA CORTE DI CASSAZIONE: L'INVIO DI EMAIL NON INTEGRA IL REATO DI MOLESTIE EX ART. 66 http://www.penale.it/page.asp?
\\\\\\\\\\\\ DIGITAL FORENSICS ALUMNI //////////// Newsletter 12 - Novembre 2011 \\\\\\\\\\\\\\\\\\\\\\\\\///////////////////////// Indice: 1 - News 2 - Links 3 - Tools 4 - Papers 5 - Formazione 6 - Conferences
\\\\\\\\\\\\ DIGITAL FORENSICS ALUMNI //////////// Newsletter 13 - Dicembre 2011 \\\\\\\\\\\\\\\\\\\\\\\\\/////////////////////////
\\\\\\\\\\\\ DIGITAL FORENSICS ALUMNI //////////// Newsletter 13 - Dicembre 2011 \\\\\\\\\\\\\\\\\\\\\\\\\///////////////////////// Indice: 1 - News 2 - Links 3 - Tools 4 - Papers 5 - Formazione 6 - Conferences
A Case for Managed Security
A Case for Managed Security By Christopher Harper Managing Director, Security Superior Managed IT & Security Services 1. INTRODUCTION Most firms believe security breaches happen because of one key malfunction
Crosscheck Web Services Patent Pending Automated SOA Compliance and Security Assessment
Pagina 1 di 5 Hacking News Malwares Cyber Attack Vulnerabilities Hacking Groups Spying e.g. Hacking Facebook +1,310,745 163,900 392,600 +10m Follow Firing Range Open Source Web App Vulnerability Scanning
2012 Data Breach Investigations Report
2012 Data Breach Investigations Report A study conducted by the Verizon RISK Team with cooperation from the Australian Federal Police, Dutch National High Tech Crime Unit, Irish Reporting & Information
This session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit.
The hidden risks of mobile applications This session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit. To learn more about TraceSecurity visit www.tracesecurity.com
Cyber Security in Taiwan's Government Institutions: From APT To. Investigation Policies
Cyber Security in Taiwan's Government Institutions: From APT To Investigation Policies Ching-Yu, Hung Investigation Bureau, Ministry of Justice, Taiwan, R.O.C. Abstract In this article, we introduce some
INDUSTRY OVERVIEW: FINANCIAL
ii IBM MSS INDUSTRY OVERVIEW: FINANCIAL RESEARCH AND INTELLIGENCE REPORT RELEASE DATE: NOVEMBER 5, 2014 BY: JOHN KUHN, SENIOR THREAT RESEARCHER iii TABLE OF CONTENTS EXECUTIVE OVERVIEW... 1 MAJOR FINANCIAL
COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM
COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM Course Description This is the Information Security Training program. The Training provides you Penetration Testing in the various field of cyber world.
Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015
Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence AIBA Quarterly Meeting September 10, 2015 The Answer 2 Everyone The relationship between the board, C-suite, IT, and compliance leaders
Certified Cyber Security Analyst VS-1160
VS-1160 Certified Cyber Security Analyst Certification Code VS-1160 Vskills certification for Cyber Security Analyst assesses the candidate as per the company s need for cyber security and forensics. The
Encyclopedia of Information Assurance Suggested Titles: March 25, 2013 The following titles have not been contracted.
Encyclopedia of Information Assurance Suggested Titles: March 25, 2013 The following titles have not been contracted. Administrative Awareness Case Study: Government Offices Certification and Accreditation:
CRYPTUS DIPLOMA IN IT SECURITY
CRYPTUS DIPLOMA IN IT SECURITY 6 MONTHS OF TRAINING ON ETHICAL HACKING & INFORMATION SECURITY COURSE NAME: CRYPTUS 6 MONTHS DIPLOMA IN IT SECURITY Course Description This is the Ethical hacking & Information
Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望
Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望 Agenda Information Security Trends Year 2014 in Review Outlook for 2015 Advice to the Public Hong Kong Computer Emergency Response Team Coordination
Christos Douligeris cdoulig at unipi dot gr. Department of Informatics University of Piraeus
cdoulig at unipi dot gr Department of Informatics University of Piraeus Safety & Security in Cyber Space: Building up Trust in the EU Athens, 6-7 March 2014 Cybersecurity: where do we stand? Major Trends
Secure Your Mobile Workplace
Secure Your Mobile Workplace Sunny Leung Senior System Engineer Symantec 3th Dec, 2013 1 Agenda 1. The Threats 2. The Protection 3. Q&A 2 The Mobile Workplaces The Threats 4 Targeted Attacks up 42% in
FORBIDDEN - Ethical Hacking Workshop Duration
Workshop Course Module FORBIDDEN - Ethical Hacking Workshop Duration Lecture and Demonstration : 15 Hours Security Challenge : 01 Hours Introduction Security can't be guaranteed. As Clint Eastwood once
Digital Identity & Authentication Directions Biometric Applications Who is doing what? Academia, Industry, Government
Digital Identity & Authentication Directions Biometric Applications Who is doing what? Academia, Industry, Government Briefing W. Frisch 1 Outline Digital Identity Management Identity Theft Management
KEY STEPS FOLLOWING A DATA BREACH
KEY STEPS FOLLOWING A DATA BREACH Introduction This document provides key recommended steps to be taken following the discovery of a data breach. The document does not constitute an exhaustive guideline,
What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.
What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things. AGENDA Current State of Information Security Data Breach Statics Data Breach Case Studies Why current
With Great Power comes Great Responsibility: Managing Privileged Users
With Great Power comes Great Responsibility: Managing Privileged Users Darren Harmer Senior Systems Engineer Agenda What is a Privileged User Privileged User Why is it important? Security Intelligence
Myths and Facts about the Cyber Intelligence Sharing and Protection Act (CISPA)
Myths and Facts about the Cyber Intelligence Sharing and Protection Act (CISPA) MYTH: The cyber threat is being exaggerated. FACT: Cyber attacks are a huge threat to American lives, national security,
Marble & MobileIron Mobile App Risk Mitigation
Marble & MobileIron Mobile App Risk Mitigation SOLUTION GUIDE Enterprise users routinely expose their employers data and threaten network security by unknowingly installing malicious mobile apps onto their
Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training - Session One
Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training - Session One End User Security, IS Control Evaluation & Self- Assessment Information Security Trends and Countermeasures
Cyber Security 2014 SECURE BANKING SOLUTIONS, LLC
Cyber Security CHAD KNUTSON SECURE BANKING SOLUTIONS 2014 SECURE BANKING SOLUTIONS, LLC Presenter Chad Knutson Senior Information Security Consultant Masters in Information Assurance CISSP (Certified Information
2012 Bit9 Cyber Security Research Report
2012 Bit9 Cyber Security Research Report Table of Contents Executive Summary Survey Participants Conclusion Appendix 3 4 10 11 Executive Summary According to the results of a recent survey conducted by
Property of Secure Network Technologies-Do Not Distribute or Post Without Written Permission-Copyrights and Trademark Apply
Malware - Mules & Money Mobile Edition v2.0 By Steve Stasiukonis What We Do Security Assessments & Penetration Tests Incident Response Digital Investigation & Forensic Services Technical Surveillance Countermeasure
Risks and Countermeasures in the Public Cloud
Risks and Countermeasures in the Public Cloud Alessandro Vallega fond member of AIEA Security Business Development, Oracle Italy Oracle Community for Security Director Clusit Board of Directors Paragliding
CSIS/DOJ Active Cyber Defense Experts Roundtable March 10, 2015
CSIS/DOJ Active Cyber Defense Experts Roundtable March 10, 2015 On March 10, 2015 the Center for Strategic and International Studies, in conjunction with the Cybersecurity Unit of the U.S. Department of
How Security Testing can ensure Your Mobile Application Security. Yohannes, CEHv8, ECSAv8, ISE, OSCP(PWK) Information Security Consultant
How Security Testing can ensure Your Mobile Application Security Yohannes, CEHv8, ECSAv8, ISE, OSCP(PWK) Information Security Consultant Once More Consulting & Advisory Services IT Governance IT Strategic
Incident Response. Six Best Practices for Managing Cyber Breaches. www.encase.com
Incident Response Six Best Practices for Managing Cyber Breaches www.encase.com What We ll Cover Your Challenges in Incident Response Six Best Practices for Managing a Cyber Breach In Depth: Best Practices
Loophole+ with Ethical Hacking and Penetration Testing
Loophole+ with Ethical Hacking and Penetration Testing Duration Lecture and Demonstration: 15 Hours Security Challenge: 01 Hours Introduction Security can't be guaranteed. As Clint Eastwood once said,
Industrial Control Systems Security. Denny Gregianin_Sales Area Manager
Industrial Control Systems Security Denny Gregianin_Sales Area Manager VEM in Numbers 5 29 170 800 495 5000 Dipendenti e Fatturato Design & Delivery NOC SOC HR & Quality Operations Custom Application Development
MOBILE SECURITY: DON T FENCE ME IN
MOBILE SECURITY: DON T FENCE ME IN Apart from the known and the unknown, what else is there? 18 Harold Pinter, Nobel Prize-winning playwright, screenwriter, director, actor 32 INTRODUCTION AND METHODOLOGY
The Value of Physical Memory for Incident Response
The Value of Physical Memory for Incident Response MCSI 3604 Fair Oaks Blvd Suite 250 Sacramento, CA 95864 www.mcsi.mantech.com 2003-2015 ManTech Cyber Solutions International, All Rights Reserved. Physical
Research Topics in the National Cyber Security Research Agenda
Research Topics in the National Cyber Security Research Agenda Trust and Security for our Digital Life About this document: This document summarizes the research topics as identified in the National Cyber
Applying the 80/20 approach for Operational Excellence. How to combat new age threats, optimize investments and increase security.
Applying the 80/20 approach for Operational Excellence How to combat new age threats, optimize investments and increase security Vinod Vasudevan Agenda Current Threat Landscape The 80/20 Approach Achieving
IT Security Quo Vadis?
Munich IT Security Research Group IT Security Quo Vadis? Hans-Joachim Hof MuSe - Munich IT Security Research Group Munich University of Applied Sciences hof@hm.edu http://muse.bayern Prof. Dr.-Ing. Hans-Joachim
Specific recommendations
Background OpenSSL is an open source project which provides a Secure Socket Layer (SSL) V2/V3 and Transport Layer Security (TLS) V1 implementation along with a general purpose cryptographic library. It
What s Lurking in Your Network & The Business Impact of Data Breaches. Colby Clark Director of Incident Management FishNet Security
What s Lurking in Your Network & The Business Impact of Data Breaches Colby Clark Director of Incident Management FishNet Security Who am I? Colby Clark is the Director of Incident Management at Fishnet
Anatomy of a Breach: A case study in how to protect your organization. Presented By Greg Sparrow
Anatomy of a Breach: A case study in how to protect your organization Presented By Greg Sparrow Agenda Background & Threat landscape Breach: A Case Study Incident Response Best Practices Lessons Learned
Security Intelligence Services. www.kaspersky.com
Kaspersky Security Intelligence Services. Threat Intelligence Services www.kaspersky.com THREAT INTELLIGENCE SERVICES Tracking, analyzing, interpreting and mitigating constantly evolving IT security threats
EMERGING THREATS & STRATEGIES FOR DEFENSE. Stephen Coty Chief Security Evangelist @StephenCoty
EMERGING THREATS & STRATEGIES FOR DEFENSE Stephen Coty Chief Security Evangelist @StephenCoty Industry Analysis 2014 Data Breaches - Ponemon Ponemon 2014 Data Breach Report *Statistics from 2013 Verizon
CYBER LIABILITY. Bring on tomorrow. Network Security and Privacy. May 15, 2014
CYBER LIABILITY Network Security and Privacy Bring on tomorrow May 15, 2014 1 AGENDA I. Identify Exposures II. Identify how a breach can occur III. The Coverage (Third Party Liability + First Party Losses)
The FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED
The FBI Cyber Program Bauer Advising Symposium October 11, 2012 Today s Agenda What is the threat? Who are the adversaries? How are they attacking you? What can the FBI do to help? What can you do to stop
Dall Information Security alla Cyber Security, e ritorno
Dall Information Security alla Cyber Security, e ritorno (Come migliorare la sicurezza dell azienda attraverso un efficace governo degli incidenti) Luca Bechelli (CLUSIT) Marco Di Leo (HP) Fabio Vernacotola
Advanced Visibility. Moving Beyond a Log Centric View. Matthew Gardiner, RSA & Richard Nichols, RSA
Advanced Visibility Moving Beyond a Log Centric View Matthew Gardiner, RSA & Richard Nichols, RSA 1 Security is getting measurability worse Percent of breaches where time to compromise (red)/time to Discovery
KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com
KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global
Penetration Test Methodology on Information-Security Product Utilizing the Virtualization Technology
Penetration Test Methodology on Information-Security Product Utilizing the Virtualization Technology JungDae Kim (jdcom@ksel.co.kr) ByongKi Park (bgbak@ksel.co.kr) CONTENTS 1 Background Information 2 Vulnerability
Rethinking Cyber Security in the Age of the Breach
Global Cloud Networking Advanced Managed Security Cloud Unified Communications Rethinking Cyber Security in the Age of the Breach Craig D Abreo, CISSP VP Security Operations Copyright 2015 Masergy Communica8ons,
High End Information Security Services
High End Information Security Services Welcome Trion Logics Security Solutions was established after understanding the market's need for a high end - End to end security integration and consulting company.
Presented by Evan Sylvester, CISSP
Presented by Evan Sylvester, CISSP Who Am I? Evan Sylvester FAST Information Security Officer MBA, Texas State University BBA in Management Information Systems at the University of Texas Certified Information
SCADA / Smart Grid Security Who is really in control of our Control Systems?
SCADA / Smart Grid Security Who is really in control of our Control Systems? Simone Riccetti Certified SCADA Security Architect Agenda Overview of Security landscape SCADA security problem How to protect
24/7 Visibility into Advanced Malware on Networks and Endpoints
WHITEPAPER DATA SHEET 24/7 Visibility into Advanced Malware on Networks and Endpoints Leveraging threat intelligence to detect malware and exploitable vulnerabilities Oct. 24, 2014 Table of Contents Introduction
Attribution: The Holy Grail or Waste of Time? Billy Leonard Google Should this be the end, our Holy Grail? How s that picture going to help you now? But, the pictures make me safer! We can do better. Our
DTI / Titolo principale della presentazione IPHONE ENCRYPTION. Litiano Piccin. 11 ottobre 2014
1 IPHONE ENCRYPTION 2 MOBILE FORENSICS Nella Computer Forensics, le evidenze che vengono acquisite sono dispositivi statici di massa; questa significa che possiamo ottenere la stessa immagine (bit stream)
Guidelines. London School of Economics & Political Science. Remote Access and Mobile Working Guidelines. Information Management and Technology
London School of Economics & Political Science Information Management and Technology Guidelines Remote Access and Mobile Working Guidelines Jethro Perkins Information Security Manager Summary This document
Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)
Page 1 of 6 Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits) TNCC Cybersecurity Program web page: http://tncc.edu/programs/cyber-security Course Description: Encompasses
Beyond the Box: A Strategic Approach Against APTs
Beyond the Box: A Strategic Approach Against APTs Filippo Monticelli Regional Director Italy & Malta CYBERSECURITY SUMMIT 2015 Roma 20/05/2015 Copyright Fortinet Inc. All rights reserved. Complexity of
Panel Title: Data Breaches: Industry and Law Enforcement Perspectives on Best Practices
Panel Title: Data Breaches: Industry and Law Enforcement Perspectives on Best Practices Over the course of this one hour presentation, panelists will cover the following subject areas, providing answers
"This is a truly remarkable attack, but not. just in its scope hackers successfully. penetrated one of the most secure
ICPAK ANNUAL FORENSIC AUDIT CONFERENCE Digital Forensics in Fraud & Corruption Investigations 9 October 2014 Leisure Lodge Hotel, Diani Kenya Faith Basiye, CFE Head Group Forensic Services KCB Banking
CYBERSECURITY NEXUS CSX. 15 October 2014 ISACA Winchester Chapter
CYBERSECURITY NEXUS CSX 15 October 2014 ISACA Winchester Chapter INTRODUCTION Career International Brewer, various roles (1991-1996) KPMG, IT Risk Service Line Leader (1996-2012) Betfair, Head of Governance,
Surviving the Era of Hack Attacks Cyber Security on a Global Scale
Surviving the Era of Hack Attacks Cyber Security on a Global Scale Dr. Adriana Sanford ASU Lincoln Professor of Global Corporate Compliance and Ethics Clinical Associate Professor of Law and Ethics This
Mobile Security Framework; Advances in Mobile Governance in Korea. TaeKyung Kim tkkim@stu.ac.kr
Mobile Security Framework; Advances in Mobile Governance in Korea TaeKyung Kim tkkim@stu.ac.kr I. e-banking in Korea 1. e-banking? BIS (Bank for International Settlements) - e-finance(electronic banking)
Linux and Law Enforcement
Linux and Law Enforcement Challenges and Opportunities Dr. Joshua I. James Digital Forensic Investigation Research Laboratory SoonChunHyang University Joshua@cybercrimetech.com http://forensics.sch.ac.kr
Information Security. CS526 Topic 1
Information Security CS 526 Topic 1 Overview of the Course 1 Today s Security News Today: 220 million records stolen, 16 arrested in massive South Korean data breach A number of online gaming & movie ticket
FACT SHEET: Ransomware and HIPAA
FACT SHEET: Ransomware and HIPAA A recent U.S. Government interagency report indicates that, on average, there have been 4,000 daily ransomware attacks since early 2016 (a 300% increase over the 1,000
FORENSIC ANALYSIS Aleš Padrta
FORENSIC ANALYSIS Aleš Padrta CESNET, CESNET-CERTS, FLAB CESNET Czech NREN operator CESNET-CERTS 2004 Established 2008 Accredited CSIRT FLAB Forensic LABoratory Established 6/2011 Support team for CESNET-CERTS
THE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS
THE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS INCONVENIENT STATISTICS 70% of ALL threats are at the Web application layer. Gartner 73% of organizations have been hacked in the past two
Sicurezza Data Center 22 giugno 2015. Fabio Paravani Regional Account Manager
Sicurezza Data Center 22 giugno 2015 Fabio Paravani Regional Account Manager A world safe for exchanging digital information CEO Founded Headquarters Employees Offices 2012 Sales Eva Chen 1988, United
Belmont Savings Bank. Are there Hackers at the gate? 2013 Wolf & Company, P.C.
Belmont Savings Bank Are there Hackers at the gate? 2013 Wolf & Company, P.C. MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2013 Wolf & Company, P.C. About Wolf & Company, P.C.
Cyber - Security and Investigations. Ingrid Beierly August 18, 2008
Cyber - Security and Investigations Ingrid Beierly August 18, 2008 Agenda Visa Cyber - Security and Investigations Today s Targets Recent Attack Patterns Hacking Statistics (removed) Top Merchant Vulnerabilities
Practice Good Enterprise Security Management. Presented by Laurence CHAN, MTR Corporation Limited
Practice Good Enterprise Security Management Presented by Laurence CHAN, MTR Corporation Limited About Me Manager Information Security o o o o Policy formulation and governance Incident response Incident
Cyber Risks in the Boardroom
Cyber Risks in the Boardroom Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks in a Changing
CryptoLocker la punta dell iceberg, impariamo a difenderci dagli attacchi mirati. Patrick Gada 18 March 2015 Senior Sales Engineer
CryptoLocker la punta dell iceberg, impariamo a difenderci dagli attacchi mirati Patrick Gada 18 March 2015 Senior Sales Engineer CryptoLocker Rossi Mario, CryptoLocker CryptoLocker Attacco del 27 gennaio
Privacy and data protection in a post-snowden world. Carly Nyst Head of International Advocacy
Privacy and data protection in a post-snowden world Carly Nyst Head of International Advocacy The great irony is that we re the only ones not spying on the American people. - Keith Alexander, head of the
(U)SimMonitor: A New Malware that Compromises the Security of Cellular Technology and Allows Security Evaluation
(U)SimMonitor: A New Malware that Compromises the Security of Cellular Technology and Allows Security Evaluation DR. C. NTANTOGIAN 1, DR. C. XENAKIS 1, DR. G. KAROPOULOS 2 1 DEPT. O F DIGITAL SYST EMS,
DATA SHEET. What Darktrace Finds
DATA SHEET What Darktrace Finds Darktrace finds anomalies that bypass other security tools, due to the uniqueness of the Enterprise Immune System, capable of detecting threats without reliance on rules,
12 Security Camera System Best Practices - Cyber Safe
12 Security Camera System Best Practices - Cyber Safe Dean Drako, President and CEO, Eagle Eye Networks Website version of white paper Dean Drako video introduction for cyber security white paper Introduction
It s 2 o clock: Who Has Your Data? Josh Krueger Chief Technology Officer Integrity Technology Solutions
It s 2 o clock: Who Has Your Data? Josh Krueger Chief Technology Officer Integrity Technology Solutions Your home is your business and your farm is your network. But who has access to it? Can you protect
Detailed Description about course module wise:
Detailed Description about course module wise: Module 1: Basics of Networking and Major Protocols 1.1 Networks and its Types. 1.2 Network Topologies 1.3 Major Protocols and their Functions 1.4 OSI Reference
Security Awareness. ITS Security Training. Fall 2015
Security Awareness ITS Security Training Fall 2015 Why am I here? Isn t security an IT problem? Technology can address only a fraction of security risks. You are a primary target, or rather, your data
CYBERSECURITY HOT TOPICS
1 CYBERSECURITY HOT TOPICS Secure Banking Solutions 2 Presenter Chad Knutson VP SBS Institute Senior Information Security Consultant Masters in Information Assurance CISSP, CISA, CRISC www.protectmybank.com
Security A to Z the most important terms
Security A to Z the most important terms Part 1: A to D UNDERSTAND THE OFFICIAL TERMINOLOGY. This is F-Secure Labs. Learn more about the most important security terms with our official explanations from
DDoS Attacks: The Latest Threat to Availability. Dr. Bill Highleyman Managing Editor Availability Digest
DDoS Attacks: The Latest Threat to Availability Dr. Bill Highleyman Managing Editor Availability Digest The Anatomy of a DDoS Attack Sombers Associates, Inc. 2013 2 What is a Distributed Denial of Service
WHAT YOU NEED TO KNOW ABOUT CYBER SECURITY
SMALL BUSINESSES WHAT YOU NEED TO KNOW ABOUT CYBER SECURITY ONE CLICK CAN CHANGE EVERYTHING SMALL BUSINESSES My reputation was ruined by malicious emails ONE CLICK CAN CHANGE EVERYTHING Cybercrime comes
Security Intelligence Services. Cybersecurity training. www.kaspersky.com
Kaspersky Security Intelligence Services. Cybersecurity training www.kaspersky.com CYBERSECURITY TRAINING Leverage Kaspersky Lab s cybersecurity knowledge, experience and intelligence through these innovative