SlideShare uma empresa Scribd logo

RSA USA 2015 - Getting a Jump on Hackers

Transferir como PPTX, PDF
Wolfgang Kandek
Wolfgang Kandek

Making a case how secure configurations, targeted patching and continuous monitoring make your computing infrastructure immune against attacks.

Internet
1 de 43
SESSION ID: #RSAC Wolfgang Kandek Getting a Jump on Hackers Tech-T08 CTO Qualys @wkandek
#RSAC Hackers  Attack your Organization by continuously probing your organization for weaknesses.  Find and catalog vulnerabilities, software flaws and misconfigurations  Use exploits to gain control over your systems
#RSAC Hackers – Attack Perimeter
#RSAC Hackers  We can get a jump on them by using their weak spots.  Weak Spots:  Millions of Malware samples  Thousands of Vulnerabilities  Tens of Exploitation vectors
#RSAC Hackers  Mass Malware  APT and 0-days  Nation State
#RSAC Hackers – Mass Malware  Majority of all attacks  Mature technologies (on both sides)  Exploit Kits (Angler, Nuclear, …)  Analysis and Patching  “Digital Carelessness”  Research
#RSAC Hackers – Mass Malware  BSI – German Bundesamt für Sicherheit in der Informationstechnik  Digital Situation Report December 2014  Situation is critical  Digitale Sorglosigkeit => “Digital Carelessness”  95% of issues are easily addressed  Attackers use known vulnerabilities  In a limited set of software
#RSAC Hackers – Mass Malware  BSI – German Bundesamt für Sicherheit in der Informationstechnik  Digital Situation Report December 2014  Situation is critical  Digitale Sorglosigkeit => “Digital Carelessness”  95% of issues are easily addressed  Attackers use known vulnerabilities  In a limited set of software
#RSAC Hackers – Mass Malware - Java  Java is on our top unpatched threat for the year
#RSAC Hackers – Mass Malware - Java  Java is on our top unpatched threats for the year  BTW, attacks are on desktop not serverside Java  We can’t patch Java  Our business critical timecard application requires it..  Yes, you can.  Oracle Java v7 and v8 have a “Java Router” embedded  Multiple Javas on a machine can be selectively deployed  Deployment Rulesets - by URL, by checksum, by…
#RSAC Hackers – Mass Malware - Java  Java is on our top unpatched threats for the year  BTW, attacks are on desktop not serverside Java  We can’t patch Java  Our business critical timecard application requires it..  Yes, you can.  Oracle Java v7 and v8 have a “Java Router” embedded  Multiple Javas on a machine can be selectively deployed
#RSAC Hackers – Mass Malware - Java Demo
#RSAC Hackers – APT and 0-days  0-days in 2014/2015  2x Windows in 2014  4x Internet Explorer in 2014, 1x2015  4x Adobe Flash in 2015  Use Safe Neighborhood Software  Alternative OS: Mac OS X  Alternative Browser: Chrome
#RSAC Hackers – APT and 0-days  Alternative Browser: Chrome  60% Marketshare  220 critical vulnerabilities in 2012-2014  0 known attacks  Aggressive Autoupdate & Fast Patching: 24 hours to 7 days  Faster than typical exploits  Sandboxing
#RSAC Hackers – VDBIR 2015  Few Vulnerabilities are being exploited – 40 in 2014  99.9% of Vulnerabilities exploited are > 1 year old  50% of 2014 CVE exploits happened within 2 weeks  Lesson: Patch all, decide which to patch faster (pg 17)  Exploitable Attribute: most important factor (pg 17)
#RSAC Hackers – APT and 0-days  0-days in 2014/2015  2x Windows in 2014  4x Internet Explorer in 2014,1x2015  4x Adobe Flash in 2015  Use Safe Neighborhood Software  Alternative OS: Mac OS X  Alternative Browser: Chrome  Alternative Flash: HTML5?  Sandbox: Chrome/Flash combo not attacked
#RSAC Hackers – APT and 0-days  Sandboxing  Jarno Niemela’s (F-Secure) VB 2013 Paper  930 APT malwares against Hardening
#RSAC Hackers – APT and 0-days  Sandboxing  Jarno Niemela’s (F-Secure) VB 2013 Paper  930 APT malwares against Hardening 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% System Hardening Application Hardening Sandboxie EMET Exploit Mitigations
#RSAC Hackers – APT and 0-days  Sandboxing  Jarno Niemela’s (F-Secure) VB 2013 Paper  930 APT malwares against Hardening  Sandbox testing not conclusive  Application Hardening and EMET are free
#RSAC Hackers – APT and 0-days  But APT means attacker can do anything  Bypass your Hardening, the Sandbox, EMET…  How good are they?  Sophos: CVE-2014-1761 (Word RTF) analysis  15+ sample families assessed
#RSAC Hackers – APT and 0-days  But APT means attacker can do anything  How good are they?  Sophos: CVE-2014-1761 (Word RTF) analysis  15+ sample families assessed
#RSAC Hackers – APT and 0-days  But APT means attacker can do anything  How good are they?  Sophos: CVE-2014-1761 (Word RTF) analysis  15+ sample families assessed  7 skill categories
#RSAC Hackers – APT and 0-days  But APT means attacker can do anything  How good are they?  Sophos: CVE-2014-1761 (Word RTF) analysis  15+ sample families assessed  7 skill categories
#RSAC Hackers – APT and 0-days  But APT means attacker can do anything  How good are they?  Sophos: CVE-2014-1761 (Word RTF) analysis  15+ sample families assessed  7 skill categories  Mixed results 50% trivial, 50% advanced  All (!) attacked only 1 software version – Office 2010 (SP2, 32bit)
#RSAC Hackers – APT and 0-days  But APT means attacker can do anything  How good are they?  Sophos: CVE-2014-1761 (Word RTF) analysis  15+ sample families assessed  7 skill categories  Mixed results 50% trivial, 50% advanced
#RSAC Hackers – APT and 0-days  Dan Guido – Exploit Intelligence Project  Focus on robust configurations to prevent future exploits  Few vulnerabilities are relevant: 14 in 2009, 13 in 2010  20 in 2014  Tighter Security Settings defeat new attacks  DEP, ASLR  EMET (btw, all IE 0-days in 2014)  Disable EXE/Javascript in PDF  Limit Java to internal Applications
#RSAC Hackers – APT and 0-days  Dan Guido – Exploit Intelligence Project  Focus on robust configurations to prevent future exploits  Few vulnerabilities are relevant: 14 in 2009, 13 in 2010  20 in 2014  Tighter Security Settings defeat new attacks  DEP, ASLR  EMET (all IE 0-days in 2014)  Disable EXE/Javascript in PDF
#RSAC Hackers – APT and 0-days  Harden Applications and deploy EMET  Safer Neighbourhoods - Alternative Technology stacks  Limit Java to internal/known Applications – Deployment Rulesets
#RSAC Hackers – Attack Perimeter
#RSAC Hackers – Attack Perimeter
#RSAC Hackers – Attack Perimeter  Perimeter is everywhere  Mobility, Personal Devices  SaaS Applications enable  Security Pros  All Machines Internet hardened  No Client/Peer networking = no malware lateral growth  Security Cons  Traditional Non-Internet Tools challenged  Internet Agent Solutions
#RSAC Hackers – Attack Perimeter
#RSAC Hackers – Attack Perimeter
#RSAC Hackers - Credentials  Abuse worldwide connectivity (e-mail, mobile workstations, VPN)  Steal credentials through phishing attacks (e-mail)  Install undetectable malware  Access VPNs
#RSAC Hackers - Credentials  Abuse worldwide connectivity (e-mail, mobile workstations, VPN)  Steal credentials through phishing attacks (e-mail)  Install undetectable malware  Access VPNs
#RSAC Hackers - Credentials  Teach users to recognize attacks – ✔  Require better passwords – ✔  But limited effect > 2% will still click  Password reuse rampant due to complicated rules  Massive username/password databases available
#RSAC Hackers - Credentials  Teach users to recognize attacks – ✔  Require better passwords – ✔  But limited effect > 2% will still click  Password reuse rampant due to complicated rules  Massive username/passworddatabases available
#RSAC Hackers - Credentials  Teach users to recognize attacks – ✔  Require better passwords – ✔  But limited effect > 2% will still click  Password reuse rampant due to complicated rules  Massive username/password databases available  Password decoding/guessing in the realm of all attackers.
#RSAC Hackers - Credentials  Two factor authentication
#RSAC Hackers - Credentials  Two factor authentication
#RSAC Hackers - Credentials  Teach users to recognize attacks – ✔  Require better passwords – ✔  Teach your users to protect their own personal data  Banks, E-mail, Linkedin  2FA is mature now  Implement 2FA for your systems
#RSAC Act Now – x days  x=30: Scan your Perimeter Server continuously, alert on changes  x=60: Software inventory for Flash,Reader,IE,Office,Java  x=90: Update versions – Mass Malware cure  x=90+: Address Vulnerabilities Quickly  x=90+: Harden Setup - APT and 0-days  Newest Software, Use EMET, Safe neighborhoods  x=90+: Authentication - Deploy 2-Factor  Then: Watch Logs for Anomalies, Run Sandboxes
SESSION ID: #RSAC Thank you Tech-T08 http://laws.qualys.com @wkandek Wolfgang Kandek

Recomendados

Penetration and hacking training brief
Penetration and hacking training briefPenetration and hacking training brief
Penetration and hacking training briefBill Nelson
 
Red team-view-gaps-in-the-serverless-application-attack-surface
Red team-view-gaps-in-the-serverless-application-attack-surfaceRed team-view-gaps-in-the-serverless-application-attack-surface
Red team-view-gaps-in-the-serverless-application-attack-surfacePriyanka Aash
 
Simplified Security Code Review Process
Simplified Security Code Review ProcessSimplified Security Code Review Process
Simplified Security Code Review ProcessSherif Koussa
 
Webinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array worksWebinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array worksCyren, Inc
 
Webinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat reportWebinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat reportCyren, Inc
 
Detect Threats Faster
Detect Threats FasterDetect Threats Faster
Detect Threats FasterForce 3
 
42 - Malware - Understand the Threat and How to Respond
42 - Malware - Understand the Threat and How to Respond42 - Malware - Understand the Threat and How to Respond
42 - Malware - Understand the Threat and How to RespondThomas Roccia
 
Holy Threat Intelligence AMPman! We Need Endpoint Security!
Holy Threat Intelligence AMPman! We Need Endpoint Security!Holy Threat Intelligence AMPman! We Need Endpoint Security!
Holy Threat Intelligence AMPman! We Need Endpoint Security!Force 3
 

Recomendados

Penetration and hacking training brief
Penetration and hacking training briefPenetration and hacking training brief
Penetration and hacking training briefBill Nelson
 
Red team-view-gaps-in-the-serverless-application-attack-surface
Red team-view-gaps-in-the-serverless-application-attack-surfaceRed team-view-gaps-in-the-serverless-application-attack-surface
Red team-view-gaps-in-the-serverless-application-attack-surfacePriyanka Aash
 
Simplified Security Code Review Process
Simplified Security Code Review ProcessSimplified Security Code Review Process
Simplified Security Code Review ProcessSherif Koussa
 
Webinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array worksWebinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array worksCyren, Inc
 
Webinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat reportWebinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat reportCyren, Inc
 
Detect Threats Faster
Detect Threats FasterDetect Threats Faster
Detect Threats FasterForce 3
 
42 - Malware - Understand the Threat and How to Respond
42 - Malware - Understand the Threat and How to Respond42 - Malware - Understand the Threat and How to Respond
42 - Malware - Understand the Threat and How to RespondThomas Roccia
 
Holy Threat Intelligence AMPman! We Need Endpoint Security!
Holy Threat Intelligence AMPman! We Need Endpoint Security!Holy Threat Intelligence AMPman! We Need Endpoint Security!
Holy Threat Intelligence AMPman! We Need Endpoint Security!Force 3
 
Secure Code Reviews
Secure Code ReviewsSecure Code Reviews
Secure Code ReviewsMarco Morana
 
How to find Zero day vulnerabilities
How to find Zero day vulnerabilitiesHow to find Zero day vulnerabilities
How to find Zero day vulnerabilitiesMohammed A. Imran
 
Webinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxingWebinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxingCyren, Inc
 
Mobile Penetration Testing: Episode II - Attack of the Code
Mobile Penetration Testing: Episode II - Attack of the CodeMobile Penetration Testing: Episode II - Attack of the Code
Mobile Penetration Testing: Episode II - Attack of the CodeNowSecure
 
How Android and iOS Security Enhancements Complicate Threat Detection
How Android and iOS Security Enhancements Complicate Threat DetectionHow Android and iOS Security Enhancements Complicate Threat Detection
How Android and iOS Security Enhancements Complicate Threat DetectionNowSecure
 
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...Brian Kelly
 
Content Analysis System and Advanced Threat Protection
Content Analysis System and Advanced Threat ProtectionContent Analysis System and Advanced Threat Protection
Content Analysis System and Advanced Threat ProtectionBlue Coat
 
Future-proofing maritime ports against emerging cyber-physical threats
Future-proofing maritime ports against emerging cyber-physical threatsFuture-proofing maritime ports against emerging cyber-physical threats
Future-proofing maritime ports against emerging cyber-physical threatsSteven SIM Kok Leong
 
Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Satria Ady Pradana
 
Malware Evasion Techniques
Malware Evasion TechniquesMalware Evasion Techniques
Malware Evasion TechniquesThomas Roccia
 
Web Application Security with PHP
Web Application Security with PHPWeb Application Security with PHP
Web Application Security with PHPjikbal
 
OWASP Mobile Top 10
OWASP Mobile Top 10OWASP Mobile Top 10
OWASP Mobile Top 10NowSecure
 
Future-proofing Supply Chain against emerging Cyber-physical Threats
Future-proofing Supply Chain against emerging Cyber-physical ThreatsFuture-proofing Supply Chain against emerging Cyber-physical Threats
Future-proofing Supply Chain against emerging Cyber-physical ThreatsSteven SIM Kok Leong
 
Security Code Review: Magic or Art?
Security Code Review: Magic or Art?Security Code Review: Magic or Art?
Security Code Review: Magic or Art?Sherif Koussa
 
Stop Passing the Bug: IoT Supply Chain Security
Stop Passing the Bug: IoT Supply Chain SecurityStop Passing the Bug: IoT Supply Chain Security
Stop Passing the Bug: IoT Supply Chain SecuritySynopsys Software Integrity Group
 
Anatomy of an Attack
Anatomy of an AttackAnatomy of an Attack
Anatomy of an AttackCisco Canada
 
Preventing Known and Unknown Threats
Preventing Known and Unknown ThreatsPreventing Known and Unknown Threats
Preventing Known and Unknown ThreatsOPSWAT
 
OWASP Day - OWASP Day - Lets secure!
OWASP Day - OWASP Day - Lets secure! OWASP Day - OWASP Day - Lets secure!
OWASP Day - OWASP Day - Lets secure! Prathan Phongthiproek
 
Anatomy Of An Attack
Anatomy Of An AttackAnatomy Of An Attack
Anatomy Of An AttackCisco Canada
 
[CB19] Deep Exploit: Fully Automatic Penetration Test Tool Using Reinforcemen...
[CB19] Deep Exploit: Fully Automatic Penetration Test Tool Using Reinforcemen...[CB19] Deep Exploit: Fully Automatic Penetration Test Tool Using Reinforcemen...
[CB19] Deep Exploit: Fully Automatic Penetration Test Tool Using Reinforcemen...CODE BLUE
 
Hackers & Crackers (+ Software Freedom)
Hackers & Crackers (+ Software Freedom)Hackers & Crackers (+ Software Freedom)
Hackers & Crackers (+ Software Freedom)S. M. Masoud Sadrnezhaad
 
Pledge, Turn, Prestige - The Snowden Pitch
Pledge, Turn, Prestige - The Snowden PitchPledge, Turn, Prestige - The Snowden Pitch
Pledge, Turn, Prestige - The Snowden PitchMarcus John Henry Brown
 

Mais conteúdo relacionado

Mais procurados

Secure Code Reviews
Secure Code ReviewsSecure Code Reviews
Secure Code ReviewsMarco Morana
 
How to find Zero day vulnerabilities
How to find Zero day vulnerabilitiesHow to find Zero day vulnerabilities
How to find Zero day vulnerabilitiesMohammed A. Imran
 
Webinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxingWebinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxingCyren, Inc
 
Mobile Penetration Testing: Episode II - Attack of the Code
Mobile Penetration Testing: Episode II - Attack of the CodeMobile Penetration Testing: Episode II - Attack of the Code
Mobile Penetration Testing: Episode II - Attack of the CodeNowSecure
 
How Android and iOS Security Enhancements Complicate Threat Detection
How Android and iOS Security Enhancements Complicate Threat DetectionHow Android and iOS Security Enhancements Complicate Threat Detection
How Android and iOS Security Enhancements Complicate Threat DetectionNowSecure
 
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...Brian Kelly
 
Content Analysis System and Advanced Threat Protection
Content Analysis System and Advanced Threat ProtectionContent Analysis System and Advanced Threat Protection
Content Analysis System and Advanced Threat ProtectionBlue Coat
 
Future-proofing maritime ports against emerging cyber-physical threats
Future-proofing maritime ports against emerging cyber-physical threatsFuture-proofing maritime ports against emerging cyber-physical threats
Future-proofing maritime ports against emerging cyber-physical threatsSteven SIM Kok Leong
 
Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Satria Ady Pradana
 
Malware Evasion Techniques
Malware Evasion TechniquesMalware Evasion Techniques
Malware Evasion TechniquesThomas Roccia
 
Web Application Security with PHP
Web Application Security with PHPWeb Application Security with PHP
Web Application Security with PHPjikbal
 
OWASP Mobile Top 10
OWASP Mobile Top 10OWASP Mobile Top 10
OWASP Mobile Top 10NowSecure
 
Future-proofing Supply Chain against emerging Cyber-physical Threats
Future-proofing Supply Chain against emerging Cyber-physical ThreatsFuture-proofing Supply Chain against emerging Cyber-physical Threats
Future-proofing Supply Chain against emerging Cyber-physical ThreatsSteven SIM Kok Leong
 
Security Code Review: Magic or Art?
Security Code Review: Magic or Art?Security Code Review: Magic or Art?
Security Code Review: Magic or Art?Sherif Koussa
 
Anatomy of an Attack
Anatomy of an AttackAnatomy of an Attack
Anatomy of an AttackCisco Canada
 
Preventing Known and Unknown Threats
Preventing Known and Unknown ThreatsPreventing Known and Unknown Threats
Preventing Known and Unknown ThreatsOPSWAT
 
OWASP Day - OWASP Day - Lets secure!
OWASP Day - OWASP Day - Lets secure! OWASP Day - OWASP Day - Lets secure!
OWASP Day - OWASP Day - Lets secure! Prathan Phongthiproek
 
Anatomy Of An Attack
Anatomy Of An AttackAnatomy Of An Attack
Anatomy Of An AttackCisco Canada
 
[CB19] Deep Exploit: Fully Automatic Penetration Test Tool Using Reinforcemen...
[CB19] Deep Exploit: Fully Automatic Penetration Test Tool Using Reinforcemen...[CB19] Deep Exploit: Fully Automatic Penetration Test Tool Using Reinforcemen...
[CB19] Deep Exploit: Fully Automatic Penetration Test Tool Using Reinforcemen...CODE BLUE
 

Mais procurados (20)

Secure Code Reviews
Secure Code ReviewsSecure Code Reviews
Secure Code Reviews
 
How to find Zero day vulnerabilities
How to find Zero day vulnerabilitiesHow to find Zero day vulnerabilities
How to find Zero day vulnerabilities
 
Webinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxingWebinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxing
 
Mobile Penetration Testing: Episode II - Attack of the Code
Mobile Penetration Testing: Episode II - Attack of the CodeMobile Penetration Testing: Episode II - Attack of the Code
Mobile Penetration Testing: Episode II - Attack of the Code
 
How Android and iOS Security Enhancements Complicate Threat Detection
How Android and iOS Security Enhancements Complicate Threat DetectionHow Android and iOS Security Enhancements Complicate Threat Detection
How Android and iOS Security Enhancements Complicate Threat Detection
 
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
 
Content Analysis System and Advanced Threat Protection
Content Analysis System and Advanced Threat ProtectionContent Analysis System and Advanced Threat Protection
Content Analysis System and Advanced Threat Protection
 
Future-proofing maritime ports against emerging cyber-physical threats
Future-proofing maritime ports against emerging cyber-physical threatsFuture-proofing maritime ports against emerging cyber-physical threats
Future-proofing maritime ports against emerging cyber-physical threats
 
Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)
 
Malware Evasion Techniques
Malware Evasion TechniquesMalware Evasion Techniques
Malware Evasion Techniques
 
Web Application Security with PHP
Web Application Security with PHPWeb Application Security with PHP
Web Application Security with PHP
 
OWASP Mobile Top 10
OWASP Mobile Top 10OWASP Mobile Top 10
OWASP Mobile Top 10
 
Future-proofing Supply Chain against emerging Cyber-physical Threats
Future-proofing Supply Chain against emerging Cyber-physical ThreatsFuture-proofing Supply Chain against emerging Cyber-physical Threats
Future-proofing Supply Chain against emerging Cyber-physical Threats
 
Security Code Review: Magic or Art?
Security Code Review: Magic or Art?Security Code Review: Magic or Art?
Security Code Review: Magic or Art?
 
Stop Passing the Bug: IoT Supply Chain Security
Stop Passing the Bug: IoT Supply Chain SecurityStop Passing the Bug: IoT Supply Chain Security
Stop Passing the Bug: IoT Supply Chain Security
 
Anatomy of an Attack
Anatomy of an AttackAnatomy of an Attack
Anatomy of an Attack
 
Preventing Known and Unknown Threats
Preventing Known and Unknown ThreatsPreventing Known and Unknown Threats
Preventing Known and Unknown Threats
 
OWASP Day - OWASP Day - Lets secure!
OWASP Day - OWASP Day - Lets secure! OWASP Day - OWASP Day - Lets secure!
OWASP Day - OWASP Day - Lets secure!
 
Anatomy Of An Attack
Anatomy Of An AttackAnatomy Of An Attack
Anatomy Of An Attack
 
[CB19] Deep Exploit: Fully Automatic Penetration Test Tool Using Reinforcemen...
[CB19] Deep Exploit: Fully Automatic Penetration Test Tool Using Reinforcemen...[CB19] Deep Exploit: Fully Automatic Penetration Test Tool Using Reinforcemen...
[CB19] Deep Exploit: Fully Automatic Penetration Test Tool Using Reinforcemen...
 

Destaque

Pledge, Turn, Prestige - The Snowden Pitch
Pledge, Turn, Prestige - The Snowden PitchPledge, Turn, Prestige - The Snowden Pitch
Pledge, Turn, Prestige - The Snowden PitchMarcus John Henry Brown
 
How to Identify Managers Paranoia
How to Identify Managers ParanoiaHow to Identify Managers Paranoia
How to Identify Managers ParanoiaTrailukya Dutta
 
Paranoia
ParanoiaParanoia
ParanoiaJames
 
Jonas Gyalokay, Airtame @ Nordic growth Hackers event #3
Jonas Gyalokay, Airtame @ Nordic growth Hackers event #3Jonas Gyalokay, Airtame @ Nordic growth Hackers event #3
Jonas Gyalokay, Airtame @ Nordic growth Hackers event #3Nordic Growth Hackers
 
Profile Of The Worlds Top Hackers Webinar Slides 063009
Profile Of The Worlds Top Hackers Webinar Slides 063009Profile Of The Worlds Top Hackers Webinar Slides 063009
Profile Of The Worlds Top Hackers Webinar Slides 063009Lumension
 
Of Hobbits, Amish, Hackers and Technology (or, is technology for humans or vi...
Of Hobbits, Amish, Hackers and Technology (or, is technology for humans or vi...Of Hobbits, Amish, Hackers and Technology (or, is technology for humans or vi...
Of Hobbits, Amish, Hackers and Technology (or, is technology for humans or vi...Kaido Kikkas
 
Paranoia or risk management 2013
Paranoia or risk management 2013Paranoia or risk management 2013
Paranoia or risk management 2013Henrik Kramshøj
 
On Going Evaluations
On Going EvaluationsOn Going Evaluations
On Going EvaluationsTheJellehKed
 
Sakai11 Migration Planning: When Paranoia Leads to Success
Sakai11 Migration Planning: When Paranoia Leads to SuccessSakai11 Migration Planning: When Paranoia Leads to Success
Sakai11 Migration Planning: When Paranoia Leads to Successrobin0red
 
Pants policies and paranoia
Pants policies and paranoiaPants policies and paranoia
Pants policies and paranoiaPracticalHT
 
Healthy Paranoia: What Keeps Me Up at Night
Healthy Paranoia: What Keeps Me Up at NightHealthy Paranoia: What Keeps Me Up at Night
Healthy Paranoia: What Keeps Me Up at NightMatt Wurst
 
Gpw 2013, Konstruktive Paranoia, 2013-03-15
Gpw 2013, Konstruktive Paranoia, 2013-03-15Gpw 2013, Konstruktive Paranoia, 2013-03-15
Gpw 2013, Konstruktive Paranoia, 2013-03-15vit_r
 
Hacks, hackers and data journalism
Hacks, hackers and data journalismHacks, hackers and data journalism
Hacks, hackers and data journalismGlen McGregor
 
romantic paranoia
romantic paranoiaromantic paranoia
romantic paranoia_numbers
 
Attitude
AttitudeAttitude
AttitudeVishal
 
HIMSS Summit of the Southeast: Compliance and Controls
HIMSS Summit of the Southeast: Compliance and ControlsHIMSS Summit of the Southeast: Compliance and Controls
HIMSS Summit of the Southeast: Compliance and ControlsTony Gambacorta
 
Adventures in paranoia with sinatra and sequel
Adventures in paranoia with sinatra and sequelAdventures in paranoia with sinatra and sequel
Adventures in paranoia with sinatra and sequelEleanor McHugh
 

Destaque (20)

Hackers & Crackers (+ Software Freedom)
Hackers & Crackers (+ Software Freedom)Hackers & Crackers (+ Software Freedom)
Hackers & Crackers (+ Software Freedom)
 
Pledge, Turn, Prestige - The Snowden Pitch
Pledge, Turn, Prestige - The Snowden PitchPledge, Turn, Prestige - The Snowden Pitch
Pledge, Turn, Prestige - The Snowden Pitch
 
How to Identify Managers Paranoia
How to Identify Managers ParanoiaHow to Identify Managers Paranoia
How to Identify Managers Paranoia
 
Paranoia
ParanoiaParanoia
Paranoia
 
Jonas Gyalokay, Airtame @ Nordic growth Hackers event #3
Jonas Gyalokay, Airtame @ Nordic growth Hackers event #3Jonas Gyalokay, Airtame @ Nordic growth Hackers event #3
Jonas Gyalokay, Airtame @ Nordic growth Hackers event #3
 
Profile Of The Worlds Top Hackers Webinar Slides 063009
Profile Of The Worlds Top Hackers Webinar Slides 063009Profile Of The Worlds Top Hackers Webinar Slides 063009
Profile Of The Worlds Top Hackers Webinar Slides 063009
 
Of Hobbits, Amish, Hackers and Technology (or, is technology for humans or vi...
Of Hobbits, Amish, Hackers and Technology (or, is technology for humans or vi...Of Hobbits, Amish, Hackers and Technology (or, is technology for humans or vi...
Of Hobbits, Amish, Hackers and Technology (or, is technology for humans or vi...
 
Paranoia or risk management 2013
Paranoia or risk management 2013Paranoia or risk management 2013
Paranoia or risk management 2013
 
On Going Evaluations
On Going EvaluationsOn Going Evaluations
On Going Evaluations
 
Sakai11 Migration Planning: When Paranoia Leads to Success
Sakai11 Migration Planning: When Paranoia Leads to SuccessSakai11 Migration Planning: When Paranoia Leads to Success
Sakai11 Migration Planning: When Paranoia Leads to Success
 
Pants policies and paranoia
Pants policies and paranoiaPants policies and paranoia
Pants policies and paranoia
 
Healthy Paranoia: What Keeps Me Up at Night
Healthy Paranoia: What Keeps Me Up at NightHealthy Paranoia: What Keeps Me Up at Night
Healthy Paranoia: What Keeps Me Up at Night
 
Gpw 2013, Konstruktive Paranoia, 2013-03-15
Gpw 2013, Konstruktive Paranoia, 2013-03-15Gpw 2013, Konstruktive Paranoia, 2013-03-15
Gpw 2013, Konstruktive Paranoia, 2013-03-15
 
Hacks, hackers and data journalism
Hacks, hackers and data journalismHacks, hackers and data journalism
Hacks, hackers and data journalism
 
romantic paranoia
romantic paranoiaromantic paranoia
romantic paranoia
 
Attitude
AttitudeAttitude
Attitude
 
HIMSS Summit of the Southeast: Compliance and Controls
HIMSS Summit of the Southeast: Compliance and ControlsHIMSS Summit of the Southeast: Compliance and Controls
HIMSS Summit of the Southeast: Compliance and Controls
 
'Paranoia’
'Paranoia’'Paranoia’
'Paranoia’
 
Media 2
Media 2Media 2
Media 2
 
Adventures in paranoia with sinatra and sequel
Adventures in paranoia with sinatra and sequelAdventures in paranoia with sinatra and sequel
Adventures in paranoia with sinatra and sequel
 

Semelhante a RSA USA 2015 - Getting a Jump on Hackers

Cyber threats landscape and defense
Cyber threats landscape and defenseCyber threats landscape and defense
Cyber threats landscape and defensefantaghost
 
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming NextThe Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming NextPriyanka Aash
 
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming NextThe Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming NextPriyanka Aash
 
How to be come a hacker slide for 2600 laos
How to be come a hacker slide for 2600 laosHow to be come a hacker slide for 2600 laos
How to be come a hacker slide for 2600 laosOuthai SAIOUDOM
 
Are ransomware attacks the problem for web hosting firms?
Are ransomware attacks the problem for web hosting firms?Are ransomware attacks the problem for web hosting firms?
Are ransomware attacks the problem for web hosting firms?ahanashrin
 
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014viaForensics
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing BasicsRick Wanner
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Securitysudip pudasaini
 
So You Want a Job in Cybersecurity
So You Want a Job in CybersecuritySo You Want a Job in Cybersecurity
So You Want a Job in CybersecurityTeri Radichel
 
AppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptx
AppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptxAppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptx
AppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptxEthioTelecom_Getahun Biratu
 
Fighting malware - keeping your Intellectual Property safe
Fighting malware - keeping your Intellectual Property safeFighting malware - keeping your Intellectual Property safe
Fighting malware - keeping your Intellectual Property safePrayukth K V
 
The malware monetization machine
The malware monetization machineThe malware monetization machine
The malware monetization machinePriyanka Aash
 
Allianz Global CISO october-2015-draft
Allianz Global CISO october-2015-draftAllianz Global CISO october-2015-draft
Allianz Global CISO october-2015-draftEoin Keary
 
Embedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DeviceEmbedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DevicePriyanka Aash
 
Embedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DeviceEmbedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DevicePriyanka Aash
 
What is Ransomware? A Quick Guide
What is Ransomware? A Quick GuideWhat is Ransomware? A Quick Guide
What is Ransomware? A Quick GuideSarah Roberts
 
How Malware Works - Understanding Software Vulnerabilities
How Malware Works - Understanding Software VulnerabilitiesHow Malware Works - Understanding Software Vulnerabilities
How Malware Works - Understanding Software VulnerabilitiesBunmi Sowande
 
BlueHat v17 || Wannacrypt + Smbv1.0 Vulnerability = One of the Most Damaging ...
BlueHat v17 || Wannacrypt + Smbv1.0 Vulnerability = One of the Most Damaging ...BlueHat v17 || Wannacrypt + Smbv1.0 Vulnerability = One of the Most Damaging ...
BlueHat v17 || Wannacrypt + Smbv1.0 Vulnerability = One of the Most Damaging ...BlueHat Security Conference
 

Semelhante a RSA USA 2015 - Getting a Jump on Hackers (20)

Cyber threats landscape and defense
Cyber threats landscape and defenseCyber threats landscape and defense
Cyber threats landscape and defense
 
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming NextThe Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
 
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming NextThe Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
 
How to be come a hacker slide for 2600 laos
How to be come a hacker slide for 2600 laosHow to be come a hacker slide for 2600 laos
How to be come a hacker slide for 2600 laos
 
Are ransomware attacks the problem for web hosting firms?
Are ransomware attacks the problem for web hosting firms?Are ransomware attacks the problem for web hosting firms?
Are ransomware attacks the problem for web hosting firms?
 
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing Basics
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
 
So You Want a Job in Cybersecurity
So You Want a Job in CybersecuritySo You Want a Job in Cybersecurity
So You Want a Job in Cybersecurity
 
cybersecurity-careers.pdf
cybersecurity-careers.pdfcybersecurity-careers.pdf
cybersecurity-careers.pdf
 
AppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptx
AppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptxAppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptx
AppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptx
 
Fighting malware - keeping your Intellectual Property safe
Fighting malware - keeping your Intellectual Property safeFighting malware - keeping your Intellectual Property safe
Fighting malware - keeping your Intellectual Property safe
 
The malware monetization machine
The malware monetization machineThe malware monetization machine
The malware monetization machine
 
Allianz Global CISO october-2015-draft
Allianz Global CISO october-2015-draftAllianz Global CISO october-2015-draft
Allianz Global CISO october-2015-draft
 
Embedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DeviceEmbedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure Device
 
Embedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DeviceEmbedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure Device
 
B&W Netsparker overview
B&W Netsparker overviewB&W Netsparker overview
B&W Netsparker overview
 
What is Ransomware? A Quick Guide
What is Ransomware? A Quick GuideWhat is Ransomware? A Quick Guide
What is Ransomware? A Quick Guide
 
How Malware Works - Understanding Software Vulnerabilities
How Malware Works - Understanding Software VulnerabilitiesHow Malware Works - Understanding Software Vulnerabilities
How Malware Works - Understanding Software Vulnerabilities
 
BlueHat v17 || Wannacrypt + Smbv1.0 Vulnerability = One of the Most Damaging ...
BlueHat v17 || Wannacrypt + Smbv1.0 Vulnerability = One of the Most Damaging ...BlueHat v17 || Wannacrypt + Smbv1.0 Vulnerability = One of the Most Damaging ...
BlueHat v17 || Wannacrypt + Smbv1.0 Vulnerability = One of the Most Damaging ...
 

Mais de Wolfgang Kandek

Gartner UK 2015 Anatomy of An Attack
Gartner UK 2015 Anatomy of An AttackGartner UK 2015 Anatomy of An Attack
Gartner UK 2015 Anatomy of An AttackWolfgang Kandek
 
MindTheSec Anatomia de um Ataque
MindTheSec Anatomia de um AtaqueMindTheSec Anatomia de um Ataque
MindTheSec Anatomia de um AtaqueWolfgang Kandek
 
Februar Patch Tuesday 2015 Webinar
Februar Patch Tuesday 2015 WebinarFebruar Patch Tuesday 2015 Webinar
Februar Patch Tuesday 2015 WebinarWolfgang Kandek
 
RSA ASIA 2014 - Internet of Things
RSA ASIA 2014 - Internet of Things RSA ASIA 2014 - Internet of Things
RSA ASIA 2014 - Internet of Things Wolfgang Kandek
 
20 Critical Security Controls and QualysGuard
20 Critical Security Controls and QualysGuard20 Critical Security Controls and QualysGuard
20 Critical Security Controls and QualysGuardWolfgang Kandek
 
Patch Summary Webinar February 14
Patch Summary Webinar February 14Patch Summary Webinar February 14
Patch Summary Webinar February 14Wolfgang Kandek
 
Patch Summary Webinar April 11
Patch Summary Webinar April 11 Patch Summary Webinar April 11
Patch Summary Webinar April 11 Wolfgang Kandek
 
SANS Critical Security Controls Summit London 2013
SANS Critical Security Controls Summit London 2013SANS Critical Security Controls Summit London 2013
SANS Critical Security Controls Summit London 2013Wolfgang Kandek
 

Mais de Wolfgang Kandek (11)

Anatomie eines Angriffs
Anatomie eines AngriffsAnatomie eines Angriffs
Anatomie eines Angriffs
 
Gartner UK 2015 Anatomy of An Attack
Gartner UK 2015 Anatomy of An AttackGartner UK 2015 Anatomy of An Attack
Gartner UK 2015 Anatomy of An Attack
 
MindTheSec Anatomia de um Ataque
MindTheSec Anatomia de um AtaqueMindTheSec Anatomia de um Ataque
MindTheSec Anatomia de um Ataque
 
Unsafe SSL webinar
Unsafe SSL webinarUnsafe SSL webinar
Unsafe SSL webinar
 
BSI Lagebericht 2014
BSI Lagebericht 2014BSI Lagebericht 2014
BSI Lagebericht 2014
 
Februar Patch Tuesday 2015 Webinar
Februar Patch Tuesday 2015 WebinarFebruar Patch Tuesday 2015 Webinar
Februar Patch Tuesday 2015 Webinar
 
RSA ASIA 2014 - Internet of Things
RSA ASIA 2014 - Internet of Things RSA ASIA 2014 - Internet of Things
RSA ASIA 2014 - Internet of Things
 
20 Critical Security Controls and QualysGuard
20 Critical Security Controls and QualysGuard20 Critical Security Controls and QualysGuard
20 Critical Security Controls and QualysGuard
 
Patch Summary Webinar February 14
Patch Summary Webinar February 14Patch Summary Webinar February 14
Patch Summary Webinar February 14
 
Patch Summary Webinar April 11
Patch Summary Webinar April 11 Patch Summary Webinar April 11
Patch Summary Webinar April 11
 
SANS Critical Security Controls Summit London 2013
SANS Critical Security Controls Summit London 2013SANS Critical Security Controls Summit London 2013
SANS Critical Security Controls Summit London 2013
 

Último

APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC
 
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...tanu pandey
 
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...nilamkumrai
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.soniya singh
 
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Delhi Call girls
 
Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts SweatshirtTrump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirtrahman018755
 
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.soniya singh
 
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...SUHANI PANDEY
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge GraphsEleniIlkou
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLimonikaupta
 
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.soniya singh
 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...Escorts Call Girls
 
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceDelhi Call girls
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Servicegwenoracqe6
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtrahman018755
 
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...SUHANI PANDEY
 
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...roncy bisnoi
 

Último (20)

valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
 
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
 
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
 
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
 
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
 
Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts SweatshirtTrump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirt
 
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
 
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
 
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
 
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
 
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
 
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
 
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
 

RSA USA 2015 - Getting a Jump on Hackers

  • 1. SESSION ID: #RSAC Wolfgang Kandek Getting a Jump on Hackers Tech-T08 CTO Qualys @wkandek
  • 2. #RSAC Hackers  Attack your Organization by continuously probing your organization for weaknesses.  Find and catalog vulnerabilities, software flaws and misconfigurations  Use exploits to gain control over your systems
  • 4. #RSAC Hackers  We can get a jump on them by using their weak spots.  Weak Spots:  Millions of Malware samples  Thousands of Vulnerabilities  Tens of Exploitation vectors
  • 5. #RSAC Hackers  Mass Malware  APT and 0-days  Nation State
  • 6. #RSAC Hackers – Mass Malware  Majority of all attacks  Mature technologies (on both sides)  Exploit Kits (Angler, Nuclear, …)  Analysis and Patching  “Digital Carelessness”  Research
  • 7. #RSAC Hackers – Mass Malware  BSI – German Bundesamt für Sicherheit in der Informationstechnik  Digital Situation Report December 2014  Situation is critical  Digitale Sorglosigkeit => “Digital Carelessness”  95% of issues are easily addressed  Attackers use known vulnerabilities  In a limited set of software
  • 8. #RSAC Hackers – Mass Malware  BSI – German Bundesamt für Sicherheit in der Informationstechnik  Digital Situation Report December 2014  Situation is critical  Digitale Sorglosigkeit => “Digital Carelessness”  95% of issues are easily addressed  Attackers use known vulnerabilities  In a limited set of software
  • 9. #RSAC Hackers – Mass Malware - Java  Java is on our top unpatched threat for the year
  • 10. #RSAC Hackers – Mass Malware - Java  Java is on our top unpatched threats for the year  BTW, attacks are on desktop not serverside Java  We can’t patch Java  Our business critical timecard application requires it..  Yes, you can.  Oracle Java v7 and v8 have a “Java Router” embedded  Multiple Javas on a machine can be selectively deployed  Deployment Rulesets - by URL, by checksum, by…
  • 11. #RSAC Hackers – Mass Malware - Java  Java is on our top unpatched threats for the year  BTW, attacks are on desktop not serverside Java  We can’t patch Java  Our business critical timecard application requires it..  Yes, you can.  Oracle Java v7 and v8 have a “Java Router” embedded  Multiple Javas on a machine can be selectively deployed
  • 12. #RSAC Hackers – Mass Malware - Java Demo
  • 13. #RSAC Hackers – APT and 0-days  0-days in 2014/2015  2x Windows in 2014  4x Internet Explorer in 2014, 1x2015  4x Adobe Flash in 2015  Use Safe Neighborhood Software  Alternative OS: Mac OS X  Alternative Browser: Chrome
  • 14. #RSAC Hackers – APT and 0-days  Alternative Browser: Chrome  60% Marketshare  220 critical vulnerabilities in 2012-2014  0 known attacks  Aggressive Autoupdate & Fast Patching: 24 hours to 7 days  Faster than typical exploits  Sandboxing
  • 15. #RSAC Hackers – VDBIR 2015  Few Vulnerabilities are being exploited – 40 in 2014  99.9% of Vulnerabilities exploited are > 1 year old  50% of 2014 CVE exploits happened within 2 weeks  Lesson: Patch all, decide which to patch faster (pg 17)  Exploitable Attribute: most important factor (pg 17)
  • 16. #RSAC Hackers – APT and 0-days  0-days in 2014/2015  2x Windows in 2014  4x Internet Explorer in 2014,1x2015  4x Adobe Flash in 2015  Use Safe Neighborhood Software  Alternative OS: Mac OS X  Alternative Browser: Chrome  Alternative Flash: HTML5?  Sandbox: Chrome/Flash combo not attacked
  • 17. #RSAC Hackers – APT and 0-days  Sandboxing  Jarno Niemela’s (F-Secure) VB 2013 Paper  930 APT malwares against Hardening
  • 18. #RSAC Hackers – APT and 0-days  Sandboxing  Jarno Niemela’s (F-Secure) VB 2013 Paper  930 APT malwares against Hardening 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% System Hardening Application Hardening Sandboxie EMET Exploit Mitigations
  • 19. #RSAC Hackers – APT and 0-days  Sandboxing  Jarno Niemela’s (F-Secure) VB 2013 Paper  930 APT malwares against Hardening  Sandbox testing not conclusive  Application Hardening and EMET are free
  • 20. #RSAC Hackers – APT and 0-days  But APT means attacker can do anything  Bypass your Hardening, the Sandbox, EMET…  How good are they?  Sophos: CVE-2014-1761 (Word RTF) analysis  15+ sample families assessed
  • 21. #RSAC Hackers – APT and 0-days  But APT means attacker can do anything  How good are they?  Sophos: CVE-2014-1761 (Word RTF) analysis  15+ sample families assessed
  • 22. #RSAC Hackers – APT and 0-days  But APT means attacker can do anything  How good are they?  Sophos: CVE-2014-1761 (Word RTF) analysis  15+ sample families assessed  7 skill categories
  • 23. #RSAC Hackers – APT and 0-days  But APT means attacker can do anything  How good are they?  Sophos: CVE-2014-1761 (Word RTF) analysis  15+ sample families assessed  7 skill categories
  • 24. #RSAC Hackers – APT and 0-days  But APT means attacker can do anything  How good are they?  Sophos: CVE-2014-1761 (Word RTF) analysis  15+ sample families assessed  7 skill categories  Mixed results 50% trivial, 50% advanced  All (!) attacked only 1 software version – Office 2010 (SP2, 32bit)
  • 25. #RSAC Hackers – APT and 0-days  But APT means attacker can do anything  How good are they?  Sophos: CVE-2014-1761 (Word RTF) analysis  15+ sample families assessed  7 skill categories  Mixed results 50% trivial, 50% advanced
  • 26. #RSAC Hackers – APT and 0-days  Dan Guido – Exploit Intelligence Project  Focus on robust configurations to prevent future exploits  Few vulnerabilities are relevant: 14 in 2009, 13 in 2010  20 in 2014  Tighter Security Settings defeat new attacks  DEP, ASLR  EMET (btw, all IE 0-days in 2014)  Disable EXE/Javascript in PDF  Limit Java to internal Applications
  • 27. #RSAC Hackers – APT and 0-days  Dan Guido – Exploit Intelligence Project  Focus on robust configurations to prevent future exploits  Few vulnerabilities are relevant: 14 in 2009, 13 in 2010  20 in 2014  Tighter Security Settings defeat new attacks  DEP, ASLR  EMET (all IE 0-days in 2014)  Disable EXE/Javascript in PDF
  • 28. #RSAC Hackers – APT and 0-days  Harden Applications and deploy EMET  Safer Neighbourhoods - Alternative Technology stacks  Limit Java to internal/known Applications – Deployment Rulesets
  • 31. #RSAC Hackers – Attack Perimeter  Perimeter is everywhere  Mobility, Personal Devices  SaaS Applications enable  Security Pros  All Machines Internet hardened  No Client/Peer networking = no malware lateral growth  Security Cons  Traditional Non-Internet Tools challenged  Internet Agent Solutions
  • 34. #RSAC Hackers - Credentials  Abuse worldwide connectivity (e-mail, mobile workstations, VPN)  Steal credentials through phishing attacks (e-mail)  Install undetectable malware  Access VPNs
  • 35. #RSAC Hackers - Credentials  Abuse worldwide connectivity (e-mail, mobile workstations, VPN)  Steal credentials through phishing attacks (e-mail)  Install undetectable malware  Access VPNs
  • 36. #RSAC Hackers - Credentials  Teach users to recognize attacks – ✔  Require better passwords – ✔  But limited effect > 2% will still click  Password reuse rampant due to complicated rules  Massive username/password databases available
  • 37. #RSAC Hackers - Credentials  Teach users to recognize attacks – ✔  Require better passwords – ✔  But limited effect > 2% will still click  Password reuse rampant due to complicated rules  Massive username/passworddatabases available
  • 38. #RSAC Hackers - Credentials  Teach users to recognize attacks – ✔  Require better passwords – ✔  But limited effect > 2% will still click  Password reuse rampant due to complicated rules  Massive username/password databases available  Password decoding/guessing in the realm of all attackers.
  • 39. #RSAC Hackers - Credentials  Two factor authentication
  • 40. #RSAC Hackers - Credentials  Two factor authentication
  • 41. #RSAC Hackers - Credentials  Teach users to recognize attacks – ✔  Require better passwords – ✔  Teach your users to protect their own personal data  Banks, E-mail, Linkedin  2FA is mature now  Implement 2FA for your systems
  • 42. #RSAC Act Now – x days  x=30: Scan your Perimeter Server continuously, alert on changes  x=60: Software inventory for Flash,Reader,IE,Office,Java  x=90: Update versions – Mass Malware cure  x=90+: Address Vulnerabilities Quickly  x=90+: Harden Setup - APT and 0-days  Newest Software, Use EMET, Safe neighborhoods  x=90+: Authentication - Deploy 2-Factor  Then: Watch Logs for Anomalies, Run Sandboxes