OWASP Dallas

357 views
311 views

Published on

Branden takes the audience through a discussion of the basic elements found in many recent breaches.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
357
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • OWASP Dallas

    1. 1. Recent Breaches & their Causes Branden R. Williams, CISSP, CISM brw@brandenwilliams.com http://www.brandenwilliams.com
    2. 2. Agenda • My background • Where I see breaches • If I were a bad guy, where would I go? • Discuss causes of recent breaches • Q/A
    3. 3. My background
    4. 4. Where do I see breaches? • Fewer attacks against the network layer • Usually relatively complex
    5. 5. Where are the weak ones? • Brick & Mortar Retail • Internal Sites • Small-Medium Biz • Healthcare Practices • New Cashless Ventures
    6. 6. Recent Breach Trends
    7. 7. Applications in Debug Mode • Applications going into production with debugging info set • Excessive logs on systems • Track Data • Usernames/Passwords • Admin functions • Extra functions available for use
    8. 8. Deprecated or old code • Developers leaving old code that can still be executed • page1.asp when page.asp is the correct version • Deprecated functions (triggered through get/post) • Poorly executed upgrades • Old code from old versions (jump.php not in current ver) • Incomplete Upgrades
    9. 9. Poor Hardening • Applications ignoring input validation • Blank SQL Account passwords (INCLUDING SA) • Easily Guessed Passwords • Complex applications with 3rd party middleware • Follow the data path • Consider binary analysis • Clear User IDs/Passwords from app to DB or stored
    10. 10. Other Misc. Causes • DLL injection • Drive-By in the form of hidden iFrames • INTERESTING Attacks • Complexity increasing • Memory Dumping • Sniffer/Keylogger • Any/Any rules on firewalls
    11. 11. Thank you! brw@brandenwilliams.com brandenwilliams.com

    ×