Submit Search
Upload
OWASP Poland Day 2018 - Amir Shladovsky - Crypto-mining
•
0 likes
•
161 views
OWASP
Follow
Presentation delivered by Amir Shladovsky on OWASP Poland Day 2018.
Read less
Read more
Technology
Report
Share
Report
Share
1 of 25
Download now
Download to read offline
Recommended
[OPD 2019] Side-Channels on the Web: Attacks and Defenses
[OPD 2019] Side-Channels on the Web: Attacks and Defenses
OWASP
[Wroclaw #9] The purge - dealing with secrets in Opera Software
[Wroclaw #9] The purge - dealing with secrets in Opera Software
OWASP
Testing Android Security Codemotion Amsterdam edition
Testing Android Security Codemotion Amsterdam edition
Jose Manuel Ortega Candel
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
BlueHat Security Conference
BlueHat v17 || Out of the Truman Show: VM Escape in VMware Gracefully
BlueHat v17 || Out of the Truman Show: VM Escape in VMware Gracefully
BlueHat Security Conference
Breaking the cyber kill chain!
Breaking the cyber kill chain!
Nahidul Kibria
CSW2017 Weston miller csw17_mitigating_native_remote_code_execution
CSW2017 Weston miller csw17_mitigating_native_remote_code_execution
CanSecWest
Hacking intranet websites
Hacking intranet websites
shehab najjar
Recommended
[OPD 2019] Side-Channels on the Web: Attacks and Defenses
[OPD 2019] Side-Channels on the Web: Attacks and Defenses
OWASP
[Wroclaw #9] The purge - dealing with secrets in Opera Software
[Wroclaw #9] The purge - dealing with secrets in Opera Software
OWASP
Testing Android Security Codemotion Amsterdam edition
Testing Android Security Codemotion Amsterdam edition
Jose Manuel Ortega Candel
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
BlueHat Security Conference
BlueHat v17 || Out of the Truman Show: VM Escape in VMware Gracefully
BlueHat v17 || Out of the Truman Show: VM Escape in VMware Gracefully
BlueHat Security Conference
Breaking the cyber kill chain!
Breaking the cyber kill chain!
Nahidul Kibria
CSW2017 Weston miller csw17_mitigating_native_remote_code_execution
CSW2017 Weston miller csw17_mitigating_native_remote_code_execution
CanSecWest
Hacking intranet websites
Hacking intranet websites
shehab najjar
[OPD 2019] Trusted types and the end of DOM XSS
[OPD 2019] Trusted types and the end of DOM XSS
OWASP
CSW2017 Enrico branca What if encrypted communications are not as secure as w...
CSW2017 Enrico branca What if encrypted communications are not as secure as w...
CanSecWest
Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...
Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...
RootedCON
Understanding Windows Access Token Manipulation
Understanding Windows Access Token Manipulation
Justin Bui
Chris Rutter: Avoiding The Security Brick
Chris Rutter: Avoiding The Security Brick
Michael Man
DevDay 2017: Christof Fetzer - SCONE: Secure Linux Container Environments wit...
DevDay 2017: Christof Fetzer - SCONE: Secure Linux Container Environments wit...
DevDay Dresden
SSL Pinning and Bypasses: Android and iOS
SSL Pinning and Bypasses: Android and iOS
Anant Shrivastava
Secure coding in C#
Secure coding in C#
Siddharth Bezalwar
BlueHat v17 || Mitigations for the Masses: From EMET to Windows Defender Exp...
BlueHat v17 || Mitigations for the Masses: From EMET to Windows Defender Exp...
BlueHat Security Conference
BlueHat v17 || Down the Open Source Software Rabbit Hole
BlueHat v17 || Down the Open Source Software Rabbit Hole
BlueHat Security Conference
Securing TodoMVC Using the Web Cryptography API
Securing TodoMVC Using the Web Cryptography API
Kevin Hakanson
Developer's Guide to JavaScript and Web Cryptography
Developer's Guide to JavaScript and Web Cryptography
Kevin Hakanson
Hack any website
Hack any website
sunil kumar
BlueHat v17 || Securing Windows Defender Application Guard
BlueHat v17 || Securing Windows Defender Application Guard
BlueHat Security Conference
Triển khai Modsecurity vào hệ thống NMS - Quan Minh Tâm
Triển khai Modsecurity vào hệ thống NMS - Quan Minh Tâm
Security Bootcamp
The Log4Shell Vulnerability – explained: how to stay secure
The Log4Shell Vulnerability – explained: how to stay secure
Kaspersky
Java script and web cryptography (cf.objective)
Java script and web cryptography (cf.objective)
ColdFusionConference
Avoiding damage, shame and regrets data protection for mobile client-server a...
Avoiding damage, shame and regrets data protection for mobile client-server a...
Stanfy
Tracking vulnerable JARs
Tracking vulnerable JARs
David Jorm
Dmytro Kochergin - "The OWASP TOP 10 - Typical Attacks on Web Applications an...
Dmytro Kochergin - "The OWASP TOP 10 - Typical Attacks on Web Applications an...
LogeekNightUkraine
Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud Threats
Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud Threats
SBWebinars
ISTR 23: Internet Security Threat Report
ISTR 23: Internet Security Threat Report
Symantec Security Response
More Related Content
What's hot
[OPD 2019] Trusted types and the end of DOM XSS
[OPD 2019] Trusted types and the end of DOM XSS
OWASP
CSW2017 Enrico branca What if encrypted communications are not as secure as w...
CSW2017 Enrico branca What if encrypted communications are not as secure as w...
CanSecWest
Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...
Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...
RootedCON
Understanding Windows Access Token Manipulation
Understanding Windows Access Token Manipulation
Justin Bui
Chris Rutter: Avoiding The Security Brick
Chris Rutter: Avoiding The Security Brick
Michael Man
DevDay 2017: Christof Fetzer - SCONE: Secure Linux Container Environments wit...
DevDay 2017: Christof Fetzer - SCONE: Secure Linux Container Environments wit...
DevDay Dresden
SSL Pinning and Bypasses: Android and iOS
SSL Pinning and Bypasses: Android and iOS
Anant Shrivastava
Secure coding in C#
Secure coding in C#
Siddharth Bezalwar
BlueHat v17 || Mitigations for the Masses: From EMET to Windows Defender Exp...
BlueHat v17 || Mitigations for the Masses: From EMET to Windows Defender Exp...
BlueHat Security Conference
BlueHat v17 || Down the Open Source Software Rabbit Hole
BlueHat v17 || Down the Open Source Software Rabbit Hole
BlueHat Security Conference
Securing TodoMVC Using the Web Cryptography API
Securing TodoMVC Using the Web Cryptography API
Kevin Hakanson
Developer's Guide to JavaScript and Web Cryptography
Developer's Guide to JavaScript and Web Cryptography
Kevin Hakanson
Hack any website
Hack any website
sunil kumar
BlueHat v17 || Securing Windows Defender Application Guard
BlueHat v17 || Securing Windows Defender Application Guard
BlueHat Security Conference
Triển khai Modsecurity vào hệ thống NMS - Quan Minh Tâm
Triển khai Modsecurity vào hệ thống NMS - Quan Minh Tâm
Security Bootcamp
The Log4Shell Vulnerability – explained: how to stay secure
The Log4Shell Vulnerability – explained: how to stay secure
Kaspersky
Java script and web cryptography (cf.objective)
Java script and web cryptography (cf.objective)
ColdFusionConference
Avoiding damage, shame and regrets data protection for mobile client-server a...
Avoiding damage, shame and regrets data protection for mobile client-server a...
Stanfy
Tracking vulnerable JARs
Tracking vulnerable JARs
David Jorm
Dmytro Kochergin - "The OWASP TOP 10 - Typical Attacks on Web Applications an...
Dmytro Kochergin - "The OWASP TOP 10 - Typical Attacks on Web Applications an...
LogeekNightUkraine
What's hot
(20)
[OPD 2019] Trusted types and the end of DOM XSS
[OPD 2019] Trusted types and the end of DOM XSS
CSW2017 Enrico branca What if encrypted communications are not as secure as w...
CSW2017 Enrico branca What if encrypted communications are not as secure as w...
Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...
Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...
Understanding Windows Access Token Manipulation
Understanding Windows Access Token Manipulation
Chris Rutter: Avoiding The Security Brick
Chris Rutter: Avoiding The Security Brick
DevDay 2017: Christof Fetzer - SCONE: Secure Linux Container Environments wit...
DevDay 2017: Christof Fetzer - SCONE: Secure Linux Container Environments wit...
SSL Pinning and Bypasses: Android and iOS
SSL Pinning and Bypasses: Android and iOS
Secure coding in C#
Secure coding in C#
BlueHat v17 || Mitigations for the Masses: From EMET to Windows Defender Exp...
BlueHat v17 || Mitigations for the Masses: From EMET to Windows Defender Exp...
BlueHat v17 || Down the Open Source Software Rabbit Hole
BlueHat v17 || Down the Open Source Software Rabbit Hole
Securing TodoMVC Using the Web Cryptography API
Securing TodoMVC Using the Web Cryptography API
Developer's Guide to JavaScript and Web Cryptography
Developer's Guide to JavaScript and Web Cryptography
Hack any website
Hack any website
BlueHat v17 || Securing Windows Defender Application Guard
BlueHat v17 || Securing Windows Defender Application Guard
Triển khai Modsecurity vào hệ thống NMS - Quan Minh Tâm
Triển khai Modsecurity vào hệ thống NMS - Quan Minh Tâm
The Log4Shell Vulnerability – explained: how to stay secure
The Log4Shell Vulnerability – explained: how to stay secure
Java script and web cryptography (cf.objective)
Java script and web cryptography (cf.objective)
Avoiding damage, shame and regrets data protection for mobile client-server a...
Avoiding damage, shame and regrets data protection for mobile client-server a...
Tracking vulnerable JARs
Tracking vulnerable JARs
Dmytro Kochergin - "The OWASP TOP 10 - Typical Attacks on Web Applications an...
Dmytro Kochergin - "The OWASP TOP 10 - Typical Attacks on Web Applications an...
Similar to OWASP Poland Day 2018 - Amir Shladovsky - Crypto-mining
Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud Threats
Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud Threats
SBWebinars
ISTR 23: Internet Security Threat Report
ISTR 23: Internet Security Threat Report
Symantec Security Response
Issa jason dablow
Issa jason dablow
ISSA LA
NETSCOUT Threat Intelligence Report: Findings Summary 1st half of 2018
NETSCOUT Threat Intelligence Report: Findings Summary 1st half of 2018
NETSCOUT
Cybersecurity Awareness Overview.pptx
Cybersecurity Awareness Overview.pptx
sanap6
Cybersecurity Awareness Overview.pptx
Cybersecurity Awareness Overview.pptx
instaeditz009
Detecting Intrusions and Malware - Eric Vanderburg - JurInnov
Detecting Intrusions and Malware - Eric Vanderburg - JurInnov
Eric Vanderburg
Browser isolation (isc)2 may presentation v2
Browser isolation (isc)2 may presentation v2
Wen-Pai Lu
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CanSecWest
Cybersecurity Awareness Overview- BSBXCS402.pptx
Cybersecurity Awareness Overview- BSBXCS402.pptx
itsamuamit11
An Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated, Multi-vector DDoS Attack
Imperva
An Inside Look at a Sophisticated Multi-Vector DDoS Attack
An Inside Look at a Sophisticated Multi-Vector DDoS Attack
Imperva Incapsula
Advanced Threats In The Enterprise
Advanced Threats In The Enterprise
Priyanka Aash
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Lastline, Inc.
Threat Landscape Lessons from IoTs and Honeynets
Threat Landscape Lessons from IoTs and Honeynets
Digital Transformation EXPO Event Series
Cybersecurity Awareness Overview.pptx
Cybersecurity Awareness Overview.pptx
AfsanaMumal2
Evolución de la Ciber Seguridad
Evolución de la Ciber Seguridad
Cristian Garcia G.
Leveraging open banking specifications for rigorous API security – What’s in...
Leveraging open banking specifications for rigorous API security – What’s in...
Rogue Wave Software
Hacking by Pratyush Gupta
Hacking by Pratyush Gupta
Tenet Systems Pvt Ltd
A Profile of the Backoff PoS Malware that Hit 1000+ Retail Businesses
A Profile of the Backoff PoS Malware that Hit 1000+ Retail Businesses
Lastline, Inc.
Similar to OWASP Poland Day 2018 - Amir Shladovsky - Crypto-mining
(20)
Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud Threats
Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud Threats
ISTR 23: Internet Security Threat Report
ISTR 23: Internet Security Threat Report
Issa jason dablow
Issa jason dablow
NETSCOUT Threat Intelligence Report: Findings Summary 1st half of 2018
NETSCOUT Threat Intelligence Report: Findings Summary 1st half of 2018
Cybersecurity Awareness Overview.pptx
Cybersecurity Awareness Overview.pptx
Cybersecurity Awareness Overview.pptx
Cybersecurity Awareness Overview.pptx
Detecting Intrusions and Malware - Eric Vanderburg - JurInnov
Detecting Intrusions and Malware - Eric Vanderburg - JurInnov
Browser isolation (isc)2 may presentation v2
Browser isolation (isc)2 may presentation v2
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
Cybersecurity Awareness Overview- BSBXCS402.pptx
Cybersecurity Awareness Overview- BSBXCS402.pptx
An Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated Multi-Vector DDoS Attack
An Inside Look at a Sophisticated Multi-Vector DDoS Attack
Advanced Threats In The Enterprise
Advanced Threats In The Enterprise
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Threat Landscape Lessons from IoTs and Honeynets
Threat Landscape Lessons from IoTs and Honeynets
Cybersecurity Awareness Overview.pptx
Cybersecurity Awareness Overview.pptx
Evolución de la Ciber Seguridad
Evolución de la Ciber Seguridad
Leveraging open banking specifications for rigorous API security – What’s in...
Leveraging open banking specifications for rigorous API security – What’s in...
Hacking by Pratyush Gupta
Hacking by Pratyush Gupta
A Profile of the Backoff PoS Malware that Hit 1000+ Retail Businesses
A Profile of the Backoff PoS Malware that Hit 1000+ Retail Businesses
More from OWASP
[OPD 2019] Web Apps vs Blockchain dApps
[OPD 2019] Web Apps vs Blockchain dApps
OWASP
[OPD 2019] Threat modeling at scale
[OPD 2019] Threat modeling at scale
OWASP
[OPD 2019] Life after pentest
[OPD 2019] Life after pentest
OWASP
[OPD 2019] .NET Core Security
[OPD 2019] .NET Core Security
OWASP
[OPD 2019] Top 10 Security Facts of 2020
[OPD 2019] Top 10 Security Facts of 2020
OWASP
[OPD 2019] Governance as a missing part of IT security architecture
[OPD 2019] Governance as a missing part of IT security architecture
OWASP
[OPD 2019] Storm Busters: Auditing & Securing AWS Infrastructure
[OPD 2019] Storm Busters: Auditing & Securing AWS Infrastructure
OWASP
[OPD 2019] AST Platform and the importance of multi-layered application secu...
[OPD 2019] AST Platform and the importance of multi-layered application secu...
OWASP
[OPD 2019] Inter-application vulnerabilities
[OPD 2019] Inter-application vulnerabilities
OWASP
[OPD 2019] Automated Defense with Serverless computing
[OPD 2019] Automated Defense with Serverless computing
OWASP
[OPD 2019] Advanced Data Analysis in RegSOC
[OPD 2019] Advanced Data Analysis in RegSOC
OWASP
[OPD 2019] Attacking JWT tokens
[OPD 2019] Attacking JWT tokens
OWASP
[OPD 2019] Rumpkernels meet fuzzing
[OPD 2019] Rumpkernels meet fuzzing
OWASP
[Wroclaw #9] To be or Not To Be - Threat Modeling in Security World
[Wroclaw #9] To be or Not To Be - Threat Modeling in Security World
OWASP
OWASP Poland 13 November 2018 - Martin Knobloch - Building Secure Software
OWASP Poland 13 November 2018 - Martin Knobloch - Building Secure Software
OWASP
OWASP Poland Day 2018 - Damian Rusinek - Outsmarting smart contracts
OWASP Poland Day 2018 - Damian Rusinek - Outsmarting smart contracts
OWASP
OWASP Poland Day 2018 - Frans Rosen - Attacking modern web technologies
OWASP Poland Day 2018 - Frans Rosen - Attacking modern web technologies
OWASP
OWASP Poland Day 2018 - Dani Ramirez - IPMI hacking
OWASP Poland Day 2018 - Dani Ramirez - IPMI hacking
OWASP
OWASP Poland Day 2018 - Pedro Fortuna - Are your Java Script based protection...
OWASP Poland Day 2018 - Pedro Fortuna - Are your Java Script based protection...
OWASP
OWASP Poland Day 2018 - Omer Levi Hevroni - Secure the Pipeline
OWASP Poland Day 2018 - Omer Levi Hevroni - Secure the Pipeline
OWASP
More from OWASP
(20)
[OPD 2019] Web Apps vs Blockchain dApps
[OPD 2019] Web Apps vs Blockchain dApps
[OPD 2019] Threat modeling at scale
[OPD 2019] Threat modeling at scale
[OPD 2019] Life after pentest
[OPD 2019] Life after pentest
[OPD 2019] .NET Core Security
[OPD 2019] .NET Core Security
[OPD 2019] Top 10 Security Facts of 2020
[OPD 2019] Top 10 Security Facts of 2020
[OPD 2019] Governance as a missing part of IT security architecture
[OPD 2019] Governance as a missing part of IT security architecture
[OPD 2019] Storm Busters: Auditing & Securing AWS Infrastructure
[OPD 2019] Storm Busters: Auditing & Securing AWS Infrastructure
[OPD 2019] AST Platform and the importance of multi-layered application secu...
[OPD 2019] AST Platform and the importance of multi-layered application secu...
[OPD 2019] Inter-application vulnerabilities
[OPD 2019] Inter-application vulnerabilities
[OPD 2019] Automated Defense with Serverless computing
[OPD 2019] Automated Defense with Serverless computing
[OPD 2019] Advanced Data Analysis in RegSOC
[OPD 2019] Advanced Data Analysis in RegSOC
[OPD 2019] Attacking JWT tokens
[OPD 2019] Attacking JWT tokens
[OPD 2019] Rumpkernels meet fuzzing
[OPD 2019] Rumpkernels meet fuzzing
[Wroclaw #9] To be or Not To Be - Threat Modeling in Security World
[Wroclaw #9] To be or Not To Be - Threat Modeling in Security World
OWASP Poland 13 November 2018 - Martin Knobloch - Building Secure Software
OWASP Poland 13 November 2018 - Martin Knobloch - Building Secure Software
OWASP Poland Day 2018 - Damian Rusinek - Outsmarting smart contracts
OWASP Poland Day 2018 - Damian Rusinek - Outsmarting smart contracts
OWASP Poland Day 2018 - Frans Rosen - Attacking modern web technologies
OWASP Poland Day 2018 - Frans Rosen - Attacking modern web technologies
OWASP Poland Day 2018 - Dani Ramirez - IPMI hacking
OWASP Poland Day 2018 - Dani Ramirez - IPMI hacking
OWASP Poland Day 2018 - Pedro Fortuna - Are your Java Script based protection...
OWASP Poland Day 2018 - Pedro Fortuna - Are your Java Script based protection...
OWASP Poland Day 2018 - Omer Levi Hevroni - Secure the Pipeline
OWASP Poland Day 2018 - Omer Levi Hevroni - Secure the Pipeline
Recently uploaded
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Zilliz
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Juan lago vázquez
presentation ICT roal in 21st century education
presentation ICT roal in 21st century education
jfdjdjcjdnsjd
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
apidays
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
sudhanshuwaghmare1
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
Rustici Software
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
apidays
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
rafiqahmad00786416
Elevate Developer Efficiency & build GenAI Application with Amazon Q
Elevate Developer Efficiency & build GenAI Application with Amazon Q
Bhuvaneswari Subramani
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
Andrey Devyatkin
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Edi Saputra
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
apidays
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
apidays
Recently uploaded
(20)
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
presentation ICT roal in 21st century education
presentation ICT roal in 21st century education
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
Elevate Developer Efficiency & build GenAI Application with Amazon Q
Elevate Developer Efficiency & build GenAI Application with Amazon Q
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
OWASP Poland Day 2018 - Amir Shladovsky - Crypto-mining
1.
© 2018 Imperva,
Inc. All rights reserved. How to Protect Your Web Applications from Crypto-mining: The New Force Behind Remote Code Execution Attacks Amir Shladovsky – Threat Research Tech Lead, Imperva W a r s a w , 1 0 . 1 0 . 2 0 1 8 OWASP Poland Day 2018
2.
© 2018 Imperva,
Inc. All rights reserved. Evolution of Web Attacks – Economical Aspects 3 Attack Data theft Network theft Data corruption CPU theft Example SQL injection DDoS botnet Ransomware Crypto-mining Sale strategy 3rd party sale 3rd party sale Direct sale No sale
3.
© 2018 Imperva,
Inc. All rights reserved. Agenda • Remote Code Execution (RCE) vulnerabilities • Payloads and trends • A crypto mining malware (CryptoM 1.0/ 2.0) – The money trail – Crypto currencies • Mitigation • Key takeaways 4
4.
© 2018 Imperva,
Inc. All rights reserved. Remote Code Execution (RCE) Vulnerabilities 5 • Definition • Conditions – Untrusted data + insufficient input validation • Example 1 • Recent development – Serialization/ deserialization • Example 2 Object in memory Object serialized Object in transit Object de- serialized Object in memory
5.
© 2018 Imperva,
Inc. All rights reserved. RCE Vulnerability Statistics 7 Taken from:vulndb.cyberriskanalytics.com RCE
6.
© 2018 Imperva,
Inc. All rights reserved. RCE Attacks – External Resources in Payloads • Reconnaissance • Botnet (DDoS, Other) • Crypto mining malware • Other 8
7.
© 2018 Imperva,
Inc. All rights reserved. A Shift in Payload Trends 9 12% 88% DDoS Bot Crypto-mining Malware 45% 55% 2017 2018
8.
© 2018 Imperva,
Inc. All rights reserved. A Crypto Mining Malware 1.0 • RCE vulnerability as an entry point • Evasion techniques • Main characteristics: – Kills competing processes – Gains persistency – Downloads and runs the malware 10 Exploit RCE vulnerability Run downloader code Infect with Crypto mining malware 1 2 3
9.
© 2018 Imperva,
Inc. All rights reserved. logo6.jpg – Stage 1 11 Eliminate rivalries Eliminate security controls
10.
© 2018 Imperva,
Inc. All rights reserved. logo6.jpg – Stages 2 & 3 12 Gains persistency Obtains dynamic configuration Obtains Miner Runs the Miner Calculates number of cores
11.
© 2018 Imperva,
Inc. All rights reserved. Config_1.json 13 Impact: denial of service Mining pool and wallet Mining algorithm
12.
© 2018 Imperva,
Inc. All rights reserved. Crypto Mining Malware 2.0 / RedisWannaMine • Spreads, internally and externally, in a worm like behavior – Using exposed Redis server to replicate itself. – Using Eternal Blue exploit to propagate over windows platform 14
13.
© 2018 Imperva,
Inc. All rights reserved. What is Redis? • In memory Database (RAM) • Widely used • Technical information: – Port 6379 (over 200K IP publicly open with this port) – No authentication by default (up till version 3.2) 15 www.shodan.io
14.
© 2018 Imperva,
Inc. All rights reserved. EternalBlue • Exploit developed by NSA • Leaked by Shadow Broker hacker group • Exploit a vulnerability in Microsoft implementation of SMB protocol to spread out • Famous by WannaCry ransomware that used EternalBlue to propogate 16
15.
© 2018 Imperva,
Inc. All rights reserved. Redis infection process 17 Download and compile masscan Find open Redis servers using masscan
16.
© 2018 Imperva,
Inc. All rights reserved. Crypto Mining Malware 2.0 Infection Chain Exploit CVE-2017-9805 to run a shell command Drop RedisWannaMine Run a crypto miner Scan vulnerable Redis servers Use Redis vulnerability to drop a crypto miner Scan vulnerable Windows SMB servers Use EternalBlue to drop a crypto miner 18
17.
© 2018 Imperva,
Inc. All rights reserved. Going the Extra Mile - Browsers Infection • Using an open source JavaScript webminer • The attacker initially tries to alter the commonly used index.php file and add to it the malicious JavaScript me0w.js 19
18.
© 2018 Imperva,
Inc. All rights reserved. Going the Extra Mile - Browsers Infection • It also scan for all JavaScript files on the server and, once found, inject the same malicious me0w.js file 20
19.
© 2018 Imperva,
Inc. All rights reserved. Crypto Mining Malware Infection Chain 21 Infection of a single victim Crypto Mining Malware 1.0 Infection of the web application visitors Infection of many victims Spread in a worm like behavior
20.
© 2018 Imperva,
Inc. All rights reserved. The Money Trail • Mining pools - Share resources, split the reward 22
21.
© 2018 Imperva,
Inc. All rights reserved. The Money Trail – other currencies 23 Karbowanec (Karbo) Electroneum
22.
© 2018 Imperva,
Inc. All rights reserved. Why not Bitcoin? • Specific hardware • Anonymity 24
23.
© 2018 Imperva,
Inc. All rights reserved. Mitigation • Monitoring • Secure your code • Patch • Virtual patch 25
24.
© 2018 Imperva,
Inc. All rights reserved. Key Takeaways • Protect your assets • RCE vulnerabilities are a serious security risk that can be the entry point to your network • Almost 90% of downloader RCE attacks contain a crypto-mining malware • Attackers are after your server resources 26
25.
© 2018 Imperva,
Inc. All rights reserved. Any questions? Amir Shladovsky amir.shladovsky@imperva.com @AmirShladovsky
Download now