O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

Practical Security for Nonprofits: Spectre and Meltdown With Kris Constable

1.304 visualizações

Publicada em

Presentation from NetSquared Vancouver's #Tech4Good Trends event for nonprofits in 2018.

Publicada em: Tecnologia
  • Entre para ver os comentários

  • Seja a primeira pessoa a gostar disto

Practical Security for Nonprofits: Spectre and Meltdown With Kris Constable

  1. 1. Privacy & Security Strategies for Non-Profits Impacts of Meltdown & Spectre By Kris Constable @cqwww
  2. 2. Meltdown & Spectre Speculative execution (what's going to happen next) & side channel attacks (physical, electrical and/or mechanical characteristics – hardware) relating to CPUs (Intel, AMD & ARM) Meltdown: Kernel vs Userland Spectre: Segmentation between applications ... A helpful reminder you need a privacy & security strategy
  3. 3. What can you do? Have an organizational strategy and ensure compliance by measuring compliance
  4. 4. Patch all the things
  5. 5. Masscan & metasploit
  6. 6. Let's go through the layers of the OSI model. CERT suggests upgrading your CPU
  7. 7. Patch your operating systems (server, laptop, phone)
  8. 8. Download the latest version of your browser. I recommend something based off Google Chromium or Mozilla Firefox. I use Iridium and Firefox Focus. For chrome, type this in your URL: chrome://flags/#enable-site-per-process and click “enable” on “Strict site isolation.”
  9. 9. Block JavaScript and Flash by default NoScripts Ablock Plus or Ublock Origin Privacy Badger
  10. 10. Make sure you're using antivirus, including mac/osx users, and are using it properly
  11. 11. Restore from your backups
  12. 12. https://privasectech.com/the-blog/ Or PrivaSecTech on Facebook
  13. 13. Questions? kris@privasectech.com @cqwww