Enviar pesquisa
Carregar
Csw2016 evron sysman_apt_reports_and_opsec_evolution
•
1 gostou
•
1,186 visualizações
CanSecWest
Seguir
CanSecWest2016
Leia menos
Leia mais
Internet
Vista de apresentação de diapositivos
Denunciar
Compartilhar
Vista de apresentação de diapositivos
Denunciar
Compartilhar
1 de 57
Baixar agora
Baixar para ler offline
Recomendados
Fighting malware - keeping your Intellectual Property safe
Fighting malware - keeping your Intellectual Property safe
Prayukth K V
CrowdCasts Monthly: You Have an Adversary Problem
CrowdCasts Monthly: You Have an Adversary Problem
CrowdStrike
Hack.LU - The Infosec Crossroads
Hack.LU - The Infosec Crossroads
Saumil Shah
Bear Hunting: History and Attribution of Russian Intelligence Operations
Bear Hunting: History and Attribution of Russian Intelligence Operations
CrowdStrike
KASPERSKY SECURITY BULLETIN 2013
KASPERSKY SECURITY BULLETIN 2013
Kappa Data
The Infosec Crossroads - 44CON 2016
The Infosec Crossroads - 44CON 2016
Saumil Shah
The Seven Axioms Of Security
The Seven Axioms Of Security
Saumil Shah
CrowdStrike Webinar: Taking Dwell-Time Out of Incident Response
CrowdStrike Webinar: Taking Dwell-Time Out of Incident Response
Brendon Macaraeg
Recomendados
Fighting malware - keeping your Intellectual Property safe
Fighting malware - keeping your Intellectual Property safe
Prayukth K V
CrowdCasts Monthly: You Have an Adversary Problem
CrowdCasts Monthly: You Have an Adversary Problem
CrowdStrike
Hack.LU - The Infosec Crossroads
Hack.LU - The Infosec Crossroads
Saumil Shah
Bear Hunting: History and Attribution of Russian Intelligence Operations
Bear Hunting: History and Attribution of Russian Intelligence Operations
CrowdStrike
KASPERSKY SECURITY BULLETIN 2013
KASPERSKY SECURITY BULLETIN 2013
Kappa Data
The Infosec Crossroads - 44CON 2016
The Infosec Crossroads - 44CON 2016
Saumil Shah
The Seven Axioms Of Security
The Seven Axioms Of Security
Saumil Shah
CrowdStrike Webinar: Taking Dwell-Time Out of Incident Response
CrowdStrike Webinar: Taking Dwell-Time Out of Incident Response
Brendon Macaraeg
Redefining Defense - HITB2017AMS Keynote
Redefining Defense - HITB2017AMS Keynote
Saumil Shah
2016: The Infosec Crossroads - Keynote at Intuit #Hacktober2015
2016: The Infosec Crossroads - Keynote at Intuit #Hacktober2015
Saumil Shah
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
CrowdStrike
The Seven Axioms of Security - ITWeb 2017
The Seven Axioms of Security - ITWeb 2017
Saumil Shah
APT(Advanced Persistent Threats) & strategies to counter APT
APT(Advanced Persistent Threats) & strategies to counter APT
Avkash Kathiriya
Building an Application Security Program with Sun Tzu, The Dalai Lama and Hon...
Building an Application Security Program with Sun Tzu, The Dalai Lama and Hon...
Denim Group
The Security Industry is Suffering from Fragmentation, What Can Your Organiza...
The Security Industry is Suffering from Fragmentation, What Can Your Organiza...
ThreatConnect
Webinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array works
Cyren, Inc
dotScale 2014
dotScale 2014
Alison Gianotto
Evolving Cybersecurity Threats
Evolving Cybersecurity Threats
Nevada County Tech Connection
Cross Border Cyber Attacks: Impact on Digital Sovereignty
Cross Border Cyber Attacks: Impact on Digital Sovereignty
Saumil Shah
Getting Your Security Budget Approved Without FUD
Getting Your Security Budget Approved Without FUD
Denim Group
Webinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat report
Cyren, Inc
Sammanfattning av 2014 Trustwave Global Security Report
Sammanfattning av 2014 Trustwave Global Security Report
Inuit AB
Csw2016 wang docker_escapetechnology
Csw2016 wang docker_escapetechnology
CanSecWest
Csw2016 julien moinard-hardsploit
Csw2016 julien moinard-hardsploit
CanSecWest
Csw2016 d antoine_automatic_exploitgeneration
Csw2016 d antoine_automatic_exploitgeneration
CanSecWest
Csw2016 gawlik bypassing_differentdefenseschemes
Csw2016 gawlik bypassing_differentdefenseschemes
CanSecWest
Csw2016 economou nissim-getting_physical
Csw2016 economou nissim-getting_physical
CanSecWest
Csw2016 macaulay eh_trace-rop_hooks
Csw2016 macaulay eh_trace-rop_hooks
CanSecWest
Csw2016 chen grassi-he-apple_graphics_is_compromised
Csw2016 chen grassi-he-apple_graphics_is_compromised
CanSecWest
Csw2016 song li-smart_wars
Csw2016 song li-smart_wars
CanSecWest
Mais conteúdo relacionado
Mais procurados
Redefining Defense - HITB2017AMS Keynote
Redefining Defense - HITB2017AMS Keynote
Saumil Shah
2016: The Infosec Crossroads - Keynote at Intuit #Hacktober2015
2016: The Infosec Crossroads - Keynote at Intuit #Hacktober2015
Saumil Shah
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
CrowdStrike
The Seven Axioms of Security - ITWeb 2017
The Seven Axioms of Security - ITWeb 2017
Saumil Shah
APT(Advanced Persistent Threats) & strategies to counter APT
APT(Advanced Persistent Threats) & strategies to counter APT
Avkash Kathiriya
Building an Application Security Program with Sun Tzu, The Dalai Lama and Hon...
Building an Application Security Program with Sun Tzu, The Dalai Lama and Hon...
Denim Group
The Security Industry is Suffering from Fragmentation, What Can Your Organiza...
The Security Industry is Suffering from Fragmentation, What Can Your Organiza...
ThreatConnect
Webinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array works
Cyren, Inc
dotScale 2014
dotScale 2014
Alison Gianotto
Evolving Cybersecurity Threats
Evolving Cybersecurity Threats
Nevada County Tech Connection
Cross Border Cyber Attacks: Impact on Digital Sovereignty
Cross Border Cyber Attacks: Impact on Digital Sovereignty
Saumil Shah
Getting Your Security Budget Approved Without FUD
Getting Your Security Budget Approved Without FUD
Denim Group
Webinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat report
Cyren, Inc
Sammanfattning av 2014 Trustwave Global Security Report
Sammanfattning av 2014 Trustwave Global Security Report
Inuit AB
Mais procurados
(14)
Redefining Defense - HITB2017AMS Keynote
Redefining Defense - HITB2017AMS Keynote
2016: The Infosec Crossroads - Keynote at Intuit #Hacktober2015
2016: The Infosec Crossroads - Keynote at Intuit #Hacktober2015
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
The Seven Axioms of Security - ITWeb 2017
The Seven Axioms of Security - ITWeb 2017
APT(Advanced Persistent Threats) & strategies to counter APT
APT(Advanced Persistent Threats) & strategies to counter APT
Building an Application Security Program with Sun Tzu, The Dalai Lama and Hon...
Building an Application Security Program with Sun Tzu, The Dalai Lama and Hon...
The Security Industry is Suffering from Fragmentation, What Can Your Organiza...
The Security Industry is Suffering from Fragmentation, What Can Your Organiza...
Webinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array works
dotScale 2014
dotScale 2014
Evolving Cybersecurity Threats
Evolving Cybersecurity Threats
Cross Border Cyber Attacks: Impact on Digital Sovereignty
Cross Border Cyber Attacks: Impact on Digital Sovereignty
Getting Your Security Budget Approved Without FUD
Getting Your Security Budget Approved Without FUD
Webinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat report
Sammanfattning av 2014 Trustwave Global Security Report
Sammanfattning av 2014 Trustwave Global Security Report
Destaque
Csw2016 wang docker_escapetechnology
Csw2016 wang docker_escapetechnology
CanSecWest
Csw2016 julien moinard-hardsploit
Csw2016 julien moinard-hardsploit
CanSecWest
Csw2016 d antoine_automatic_exploitgeneration
Csw2016 d antoine_automatic_exploitgeneration
CanSecWest
Csw2016 gawlik bypassing_differentdefenseschemes
Csw2016 gawlik bypassing_differentdefenseschemes
CanSecWest
Csw2016 economou nissim-getting_physical
Csw2016 economou nissim-getting_physical
CanSecWest
Csw2016 macaulay eh_trace-rop_hooks
Csw2016 macaulay eh_trace-rop_hooks
CanSecWest
Csw2016 chen grassi-he-apple_graphics_is_compromised
Csw2016 chen grassi-he-apple_graphics_is_compromised
CanSecWest
Csw2016 song li-smart_wars
Csw2016 song li-smart_wars
CanSecWest
Csw2016 wheeler barksdale-gruskovnjak-execute_mypacket
Csw2016 wheeler barksdale-gruskovnjak-execute_mypacket
CanSecWest
CSW2017 Harri hursti csw17 final
CSW2017 Harri hursti csw17 final
CanSecWest
Csw2016 tang virtualization_device emulator testing technology
Csw2016 tang virtualization_device emulator testing technology
CanSecWest
Csw2016 freingruber bypassing_application_whitelisting
Csw2016 freingruber bypassing_application_whitelisting
CanSecWest
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CanSecWest
CSW2017 Kyle ehmke lots of squats- ap-ts never miss leg day
CSW2017 Kyle ehmke lots of squats- ap-ts never miss leg day
CanSecWest
CSW2017 Scott kelly secureboot-csw2017-v1
CSW2017 Scott kelly secureboot-csw2017-v1
CanSecWest
CSW2017 Qinghao tang+Xinlei ying vmware_escape_final
CSW2017 Qinghao tang+Xinlei ying vmware_escape_final
CanSecWest
Csw2016 gong pwn_a_nexus_device_with_a_single_vulnerability
Csw2016 gong pwn_a_nexus_device_with_a_single_vulnerability
CanSecWest
CSW2017 Qiang li zhibinhu_meiwang_dig into qemu security
CSW2017 Qiang li zhibinhu_meiwang_dig into qemu security
CanSecWest
CSW2017 Qidan he+Gengming liu_cansecwest2017
CSW2017 Qidan he+Gengming liu_cansecwest2017
CanSecWest
CSW2017 Mickey+maggie low cost radio attacks on modern platforms
CSW2017 Mickey+maggie low cost radio attacks on modern platforms
CanSecWest
Destaque
(20)
Csw2016 wang docker_escapetechnology
Csw2016 wang docker_escapetechnology
Csw2016 julien moinard-hardsploit
Csw2016 julien moinard-hardsploit
Csw2016 d antoine_automatic_exploitgeneration
Csw2016 d antoine_automatic_exploitgeneration
Csw2016 gawlik bypassing_differentdefenseschemes
Csw2016 gawlik bypassing_differentdefenseschemes
Csw2016 economou nissim-getting_physical
Csw2016 economou nissim-getting_physical
Csw2016 macaulay eh_trace-rop_hooks
Csw2016 macaulay eh_trace-rop_hooks
Csw2016 chen grassi-he-apple_graphics_is_compromised
Csw2016 chen grassi-he-apple_graphics_is_compromised
Csw2016 song li-smart_wars
Csw2016 song li-smart_wars
Csw2016 wheeler barksdale-gruskovnjak-execute_mypacket
Csw2016 wheeler barksdale-gruskovnjak-execute_mypacket
CSW2017 Harri hursti csw17 final
CSW2017 Harri hursti csw17 final
Csw2016 tang virtualization_device emulator testing technology
Csw2016 tang virtualization_device emulator testing technology
Csw2016 freingruber bypassing_application_whitelisting
Csw2016 freingruber bypassing_application_whitelisting
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Kyle ehmke lots of squats- ap-ts never miss leg day
CSW2017 Kyle ehmke lots of squats- ap-ts never miss leg day
CSW2017 Scott kelly secureboot-csw2017-v1
CSW2017 Scott kelly secureboot-csw2017-v1
CSW2017 Qinghao tang+Xinlei ying vmware_escape_final
CSW2017 Qinghao tang+Xinlei ying vmware_escape_final
Csw2016 gong pwn_a_nexus_device_with_a_single_vulnerability
Csw2016 gong pwn_a_nexus_device_with_a_single_vulnerability
CSW2017 Qiang li zhibinhu_meiwang_dig into qemu security
CSW2017 Qiang li zhibinhu_meiwang_dig into qemu security
CSW2017 Qidan he+Gengming liu_cansecwest2017
CSW2017 Qidan he+Gengming liu_cansecwest2017
CSW2017 Mickey+maggie low cost radio attacks on modern platforms
CSW2017 Mickey+maggie low cost radio attacks on modern platforms
Semelhante a Csw2016 evron sysman_apt_reports_and_opsec_evolution
Straight Talk on Machine Learning -- What the Marketing Department Doesn’t Wa...
Straight Talk on Machine Learning -- What the Marketing Department Doesn’t Wa...
Sven Krasser
CPX 2016 Moti Sagey Security Vendor Landscape
CPX 2016 Moti Sagey Security Vendor Landscape
Moti Sagey מוטי שגיא
Inconvenient Truth(s) - On Application Security (from 2007)
Inconvenient Truth(s) - On Application Security (from 2007)
Dinis Cruz
A Sober Look at Machine Learning
A Sober Look at Machine Learning
Sven Krasser
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 rule
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 rule
EnterpriseGRC Solutions, Inc.
An Inside Look At The WannaCry Ransomware Outbreak
An Inside Look At The WannaCry Ransomware Outbreak
CrowdStrike
Hacking-as-a-Service - Hacking Is Now Accessible to Everyone - Are We Prepared?
Hacking-as-a-Service - Hacking Is Now Accessible to Everyone - Are We Prepared?
LIFARS
Malware evolution and Endpoint Detection and Response
Malware evolution and Endpoint Detection and Response
Adrian Guthrie
Malware evolution and Endpoint Detection and Response Technology
Malware evolution and Endpoint Detection and Response Technology
Adrian Guthrie
Uncertainty, Risk, and Information Value in Software Requirements and Archite...
Uncertainty, Risk, and Information Value in Software Requirements and Archite...
Emmanuel Letier
Combating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside Out
Lancope, Inc.
2016 09-19 - stephan jou - machine learning meetup v1
2016 09-19 - stephan jou - machine learning meetup v1
Jenny Midwinter
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
Outpost24
ISSA CISO Summit 2017 - AN UNLIKELY ROMANCE THE CURRENT STATE OF BUG BOUNTIES
ISSA CISO Summit 2017 - AN UNLIKELY ROMANCE THE CURRENT STATE OF BUG BOUNTIES
Casey Ellis
Needlesand haystacks i360-dublin
Needlesand haystacks i360-dublin
Derek King
Next generation security analytics
Next generation security analytics
Christian Have
Cyber Deception After Detection: Safe Observation Environment Using Software ...
Cyber Deception After Detection: Safe Observation Environment Using Software ...
Shimanaka Tohru
Modern Cyber Battlefield - Application of COIN Principals to Today's Kinetic ...
Modern Cyber Battlefield - Application of COIN Principals to Today's Kinetic ...
crmcg2007
NAVEX Global's Benchmarking Your Hotline in 2016: What is your Data Telling You?
NAVEX Global's Benchmarking Your Hotline in 2016: What is your Data Telling You?
NAVEX Global
The Centrality of a Detailed Understanding of your Audience
The Centrality of a Detailed Understanding of your Audience
Rising Media Ltd.
Semelhante a Csw2016 evron sysman_apt_reports_and_opsec_evolution
(20)
Straight Talk on Machine Learning -- What the Marketing Department Doesn’t Wa...
Straight Talk on Machine Learning -- What the Marketing Department Doesn’t Wa...
CPX 2016 Moti Sagey Security Vendor Landscape
CPX 2016 Moti Sagey Security Vendor Landscape
Inconvenient Truth(s) - On Application Security (from 2007)
Inconvenient Truth(s) - On Application Security (from 2007)
A Sober Look at Machine Learning
A Sober Look at Machine Learning
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 rule
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 rule
An Inside Look At The WannaCry Ransomware Outbreak
An Inside Look At The WannaCry Ransomware Outbreak
Hacking-as-a-Service - Hacking Is Now Accessible to Everyone - Are We Prepared?
Hacking-as-a-Service - Hacking Is Now Accessible to Everyone - Are We Prepared?
Malware evolution and Endpoint Detection and Response
Malware evolution and Endpoint Detection and Response
Malware evolution and Endpoint Detection and Response Technology
Malware evolution and Endpoint Detection and Response Technology
Uncertainty, Risk, and Information Value in Software Requirements and Archite...
Uncertainty, Risk, and Information Value in Software Requirements and Archite...
Combating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside Out
2016 09-19 - stephan jou - machine learning meetup v1
2016 09-19 - stephan jou - machine learning meetup v1
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
Outpost24 webinar - Mapping Vulnerabilities with the MITRE ATT&CK Framework
ISSA CISO Summit 2017 - AN UNLIKELY ROMANCE THE CURRENT STATE OF BUG BOUNTIES
ISSA CISO Summit 2017 - AN UNLIKELY ROMANCE THE CURRENT STATE OF BUG BOUNTIES
Needlesand haystacks i360-dublin
Needlesand haystacks i360-dublin
Next generation security analytics
Next generation security analytics
Cyber Deception After Detection: Safe Observation Environment Using Software ...
Cyber Deception After Detection: Safe Observation Environment Using Software ...
Modern Cyber Battlefield - Application of COIN Principals to Today's Kinetic ...
Modern Cyber Battlefield - Application of COIN Principals to Today's Kinetic ...
NAVEX Global's Benchmarking Your Hotline in 2016: What is your Data Telling You?
NAVEX Global's Benchmarking Your Hotline in 2016: What is your Data Telling You?
The Centrality of a Detailed Understanding of your Audience
The Centrality of a Detailed Understanding of your Audience
Mais de CanSecWest
Csw2017 bazhaniuk exploring_yoursystemdeeper_updated
Csw2017 bazhaniuk exploring_yoursystemdeeper_updated
CanSecWest
CSW2017 Geshev+Miller logic bug hunting in chrome on android
CSW2017 Geshev+Miller logic bug hunting in chrome on android
CanSecWest
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
CanSecWest
CSW2017 jun li_car anomaly detection
CSW2017 jun li_car anomaly detection
CanSecWest
CSW2017 chuanda ding_state of windows application security
CSW2017 chuanda ding_state of windows application security
CanSecWest
CSW2017 Weston miller csw17_mitigating_native_remote_code_execution
CSW2017 Weston miller csw17_mitigating_native_remote_code_execution
CanSecWest
CSW2017 Peng qiu+shefang-zhong win32k -dark_composition_finnal_finnal_rm_mark
CSW2017 Peng qiu+shefang-zhong win32k -dark_composition_finnal_finnal_rm_mark
CanSecWest
CSW2017 Henry li how to find the vulnerability to bypass the control flow gua...
CSW2017 Henry li how to find the vulnerability to bypass the control flow gua...
CanSecWest
CSW2017 Enrico branca What if encrypted communications are not as secure as w...
CSW2017 Enrico branca What if encrypted communications are not as secure as w...
CanSecWest
CSW2017 Minrui yan+Jianhao-liu a visualization tool for evaluating can-bus cy...
CSW2017 Minrui yan+Jianhao-liu a visualization tool for evaluating can-bus cy...
CanSecWest
CSW2017 Privilege escalation on high-end servers due to implementation gaps i...
CSW2017 Privilege escalation on high-end servers due to implementation gaps i...
CanSecWest
CSW2017 Saumil shah stegosploit_internals_cansecwest_2017
CSW2017 Saumil shah stegosploit_internals_cansecwest_2017
CanSecWest
CSW2017 Amanda rousseau cansecwest2017_net_hijacking_powershell
CSW2017 Amanda rousseau cansecwest2017_net_hijacking_powershell
CanSecWest
Mais de CanSecWest
(13)
Csw2017 bazhaniuk exploring_yoursystemdeeper_updated
Csw2017 bazhaniuk exploring_yoursystemdeeper_updated
CSW2017 Geshev+Miller logic bug hunting in chrome on android
CSW2017 Geshev+Miller logic bug hunting in chrome on android
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
CSW2017 jun li_car anomaly detection
CSW2017 jun li_car anomaly detection
CSW2017 chuanda ding_state of windows application security
CSW2017 chuanda ding_state of windows application security
CSW2017 Weston miller csw17_mitigating_native_remote_code_execution
CSW2017 Weston miller csw17_mitigating_native_remote_code_execution
CSW2017 Peng qiu+shefang-zhong win32k -dark_composition_finnal_finnal_rm_mark
CSW2017 Peng qiu+shefang-zhong win32k -dark_composition_finnal_finnal_rm_mark
CSW2017 Henry li how to find the vulnerability to bypass the control flow gua...
CSW2017 Henry li how to find the vulnerability to bypass the control flow gua...
CSW2017 Enrico branca What if encrypted communications are not as secure as w...
CSW2017 Enrico branca What if encrypted communications are not as secure as w...
CSW2017 Minrui yan+Jianhao-liu a visualization tool for evaluating can-bus cy...
CSW2017 Minrui yan+Jianhao-liu a visualization tool for evaluating can-bus cy...
CSW2017 Privilege escalation on high-end servers due to implementation gaps i...
CSW2017 Privilege escalation on high-end servers due to implementation gaps i...
CSW2017 Saumil shah stegosploit_internals_cansecwest_2017
CSW2017 Saumil shah stegosploit_internals_cansecwest_2017
CSW2017 Amanda rousseau cansecwest2017_net_hijacking_powershell
CSW2017 Amanda rousseau cansecwest2017_net_hijacking_powershell
Último
@9999965857 🫦 Sexy Desi Call Girls Laxmi Nagar 💓 High Profile Escorts Delhi 🫶
@9999965857 🫦 Sexy Desi Call Girls Laxmi Nagar 💓 High Profile Escorts Delhi 🫶
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)
Damian Radcliffe
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
APNIC
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
soniya singh
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
tanu pandey
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Sheetaleventcompany
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
aditipandeya
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
soniya singh
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
soniya singh
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
soniya singh
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
soniya singh
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
soniya singh
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
Delhi Call girls
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
tanu pandey
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Damian Radcliffe
INDIVIDUAL ASSIGNMENT #3 CBG, PRESENTATION.
INDIVIDUAL ASSIGNMENT #3 CBG, PRESENTATION.
CarlotaBedoya1
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
ellan12
Último
(20)
@9999965857 🫦 Sexy Desi Call Girls Laxmi Nagar 💓 High Profile Escorts Delhi 🫶
@9999965857 🫦 Sexy Desi Call Girls Laxmi Nagar 💓 High Profile Escorts Delhi 🫶
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
INDIVIDUAL ASSIGNMENT #3 CBG, PRESENTATION.
INDIVIDUAL ASSIGNMENT #3 CBG, PRESENTATION.
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
Csw2016 evron sysman_apt_reports_and_opsec_evolution
1.
APT REPORTS AND
OPSEC EVOLUTION OR ©
2.
CanSecWest 2016 © WHY ARE
WE HERE? 2 We will simplify the attack process, demonstrate the evolution of various actors over the years, and suggest ways to close the evolutionary gap. @deanSysman (CREDIT):@gadievron / @inbarraz
3.
CanSecWest 2016 © TITLE TEXT 3
4.
CanSecWest 2016 © WE’VE ALWAYS
HAD MALWARE 4
5.
CanSecWest 2016 © IT ALL
CHANGED WHEN… 5 APT1 was disclosed by Mandiant, ! on February 2013.! ! The extent of exposure was huge.! ! Result:! ! Operations were significantly disrupted!
6.
CanSecWest 2016 © BUT THEY
WERE NOT ALONE 6 Other campaigns had already been disclosed, ! such as Stuxnet and Flame.! Stuxnet was tight (~500K)! and target-specific.! ! Flame was a monster (20M),! clearly meant for scale.!
7.
CanSecWest 2016 © ACTORS STARTED
ADAPTING 7 Let’s look at other APTs, and see various choices threat actors made:! Gauss - In addition to a scaled operation (>2K victims), there was an instance where the malware opens only on a specific targets. Constraints must have been tight.! ! Rocket Kitten - Using an off-the-shelf tool (Core Impact).! We’d like to thing they had OPSEC meetings…!
8.
CanSecWest 2016 © OPSEC IN
60 SECONDS 8 Why do you need OPSEC?! 1. Assure success! 2. Prevent Detection! 3. Prevent Attribution! Analogous processes: ! Regular software development, risk management!
9.
CanSecWest 2016 © OPSEC IN
60 SECONDS 9 When is OPSEC compromised?! 1. Time-to-Market! 2. Scalability! 3. Ease of deployment! ! ! ! GENERALLY SPEAKING, EVERY REPORT ! REPRESENTS AN OPSEC FAILURE IN A WAY!
10.
CanSecWest 2016 © 10
11.
CanSecWest 2016 © THE HACKING
TEAM 11 But we don’t have the other actors’ email…!
12.
CanSecWest 2016 © MANY APT
REPORTS SUCK 12
13.
CanSecWest 2016 © MANY APT
REPORTS SUCK 13
14.
CanSecWest 2016 © MANY APT
REPORTS SUCK 14
15.
CanSecWest 2016 © AS A
RESULT 15
16.
CanSecWest 2016 © 16
17.
CanSecWest 2016 © 17
18.
CanSecWest 2016 © APT REPORTS
ARE FREE QA 18 Lessons Learned:! APT1 C2 -> Turla Satellite Traffic Hijacking! Learning in Progress: Stuxnet/Duqu/Flame -> Duqu2 still similar code! You never know… Iron Tiger: Clearly Chinese Careto: All fits so well - could actually be false flag! Duqu 2: Multiple false flags!
19.
CanSecWest 2016 © SO YOU’VE
READ AN APT REPORT… 19 | Malware Analysis | C2 Setup | Attack Vectors | IOCs | Attacker Objective
20.
CanSecWest 2016 © WHAT IT
FEELS LIKE 20
21.
CanSecWest 2016 © ENGAGEMENT PROCESS 21 We’re
“reverse engineering” the attacks by means of forensic investigation - what is it we should be seeing?! Let’s “re-engineer” how attackers works by examining their operational planning, with a simplified model we’ll call the Engagement Process.!
22.
CanSecWest 2016 © ATTACKER SIDE 22
23.
CanSecWest 2016 © It’s like
going shopping.! ! ! ! What Would I Like to Know?! 1. COMPOSE INTELLIGENCE REQUIREMENTS 23
24.
CanSecWest 2016 © Examples:! - Does
Saddam Hussain have WMD’s?! - Where are the WMD’s?! - Does he intend to use the WMD’s?! - Who is working on the WMD’s?! - How can we get Matt Damon back?! 1. COMPOSE INTELLIGENCE REQUIREMENTS 24
25.
CanSecWest 2016 © “Where can
I find answers?”! or:! “Who holds the information I need?”! 2. COMPILE TARGET LIST 25
26.
CanSecWest 2016 © Examples:! -> Verticals:
Banking, Energy, Pharmaceutical! -> Specific Targets! Exceptions:! -> Sofacy! 2. COMPILE TARGET LIST 26
27.
CanSecWest 2016 © 3. INTELLIGENCE
GATHERING 27
28.
CanSecWest 2016 © 4. TARGET
REPORT 28
29.
CanSecWest 2016 © 5. ATTACK
PLAN AND EXECUTION 29
30.
CanSecWest 2016 © Examples:! 5. ATTACK
PLAN AND EXECUTION 30
31.
CanSecWest 2016 © AND THE
BEAT GOES ON 31 Target Report Intelligence Gathering Attack Plan and Execution
32.
CanSecWest 2016 © 3. INTELLIGENCE
GATHERING: REVISITED 32
33.
CanSecWest 2016 © OPSEC REVISITED 33 1.
Map target’s defenses! 2. Examine Security Vendor Backend capabilities! 3. Look for other players! a. Regin - APT Magnet! 4. Really try to hide your identity!
34.
CanSecWest 2016 © OPSEC REVISITED 34
35.
CanSecWest 2016 © OPSEC REVISITED 35
36.
CanSecWest 2016 © CYBER ENGAGEMENT
CYCLE EVOLUTION 36 1. Threat Group 3390/Emissary Panda! Whenever possible, revert to OS-included tools (WMI, powershell, at, ipconfig, etc.)! 2. Duqu2! A rare example of lateral movement/persistence! evolution.!
37.
CanSecWest 2016 © 6. FOLD
/ RETREAT 37
38.
CanSecWest 2016 © 6. FOLD
/ RETREAT 38 Evolution examples:! 1. Red October: Dismantle after publication! 2. The Mask: Following vendor blog - 4hrs folding! 3. Duqu2: Don’t wait for publication - hunt vendor! Counter examples: APT12, Gaza Hacker team!
39.
CanSecWest 2016 © DEFENDER SIDE 39
40.
CanSecWest 2016 © 40 Problem! Takeaways! Action
41.
CanSecWest 2016 © Problem:! Not enough
information on attacker objectives! Takeaways: 1. It’s like having a stalker - they really like you! 1. COMPOSE INTELLIGENCE REQUIREMENTS 41
42.
CanSecWest 2016 © 1. COMPOSE
INTELLIGENCE REQUIREMENTS 42
43.
CanSecWest 2016 © Problem:! Not enough
information on attacker objectives! Takeaways: 1. It’s like having a stalker - they really like you! 2. Stealing data is just one of the options! 1. COMPOSE INTELLIGENCE REQUIREMENTS 43
44.
CanSecWest 2016 © 1. COMPOSE
INTELLIGENCE REQUIREMENTS 44
45.
CanSecWest 2016 © Problem:! Not enough
information on attacker objectives! Takeaways: 1. It’s like having a stalker - they really like you! 2. Stealing data is just one of the options! ! Action: Perform a meaningful, periodical Risk Assessment! 1. COMPOSE INTELLIGENCE REQUIREMENTS 45
46.
CanSecWest 2016 © 2. COMPILE
TARGET LIST 46 Problem:! No time-sensitive information -> No pattern! Takeaways: If you have similar data or platforms as another compromised organization -> You’re on the list! Action: Perform a relevant Threat Assessment (Threat = Intent + Capability)!
47.
CanSecWest 2016 © 3-5. CYBER
ENGAGEMENT CYCLE 47 Target Report Intelligence Gathering Attack Plan and Execution
48.
CanSecWest 2016 © PRE-ENGAGEMENT STAGE 48 Problem:! Publicly
available sensitive data! Lax security awareness allows probing (Automatic/Human)! Takeaways: Attacker can gain a lot before reaching your network! Action: Limit public information! Act outside your own perimeter! Periodical awareness refreshments!
49.
CanSecWest 2016 © ENGAGEMENT STAGE 49 Problem:! Not
many share Lateral Movement reports! Takeaways: The engagement is an ongoing process, there are many opportunities for the defender to intervene! Action: Put as many obstacles as possible (Layered Security)! Don’t be shy, share your breach data!
50.
CanSecWest 2016 © Problem:! Attacker can
destroy forensic evidence! Takeaways: Snapshots and logs can potentially save the day! Action: Backup Response Plan! 6. FOLD/RETREAT 50
51.
CanSecWest 2016 © TRY THIS
AT HOME 51 DEMAND BETTER APT REPORTS FROM YOUR VENDOR 1. Compose Intelligence Requirements! 2. Compile Target List! 3. Intelligence Gathering! 4. Target Report! 5. Attack Plan and Execution! 6. Fold! | Malware Analysis | C2 Setup | Attack Vectors | IOCs | Attacker Objective Engagement Process!
52.
CanSecWest 2016 © THE DECLINE
OF SHAME 52
53.
CanSecWest 2016 © THE DECLINE
OF SHAME 53
54.
CanSecWest 2016 © WHAT WE
WOULD LIKE TO SEE 54 1. Better, more actionable APT reports! 2. Earlier breach reports (heads up will do)! 3. Actionable, public information sharing! 4. Enough with the attribution addiction!
55.
CanSecWest 2016 © WHAT WE
WOULD LIKE TO SEE 55
56.
CanSecWest 2016 © FINAL WORDS 56 APT
Reports can be a huge help Stay on the attacker’s 6 Increase their costs
57.
CanSecWest 2016 © 57 Inbar
Raz VP of Research @inbarraz inbar@perimeterx.com Gadi Evron Founder, CEO @gadievron gadi@cymmetria.com Dean Sysman Co-Founder, CTO @DeanSysman dean@cymmetria.com
Baixar agora