APT

923 views
844 views

Published on

Slides from my INFOSEC DAY 2011 talk about "APT". Since the slides support the talk, they don't make much sense by themselves (nor does APT...)

Published in: Technology, News & Politics
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
923
On SlideShare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
37
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

APT

  1. 1. APT Advanced Persistent ThreatsBruno MorissonCISSP-ISSMP, CISA, ISO27001LAbm@integrity.pt
  2. 2. APT
  3. 3. Objectivos
  4. 4. Organização
  5. 5. Tecnologia
  6. 6. Operation Aurora RSA IMF Night DragonOperation Shady RAT
  7. 7. Operation Aurora
  8. 8. http://www.wired.com/threatlevel/2010/01/operation-aurora/
  9. 9. http://www.wired.com/threatlevel/2010/01/operation-aurora/
  10. 10. http://en.wikipedia.org/wiki/Operation_Aurora
  11. 11. http://www.wired.com/threatlevel/2010/01/operation-aurora/
  12. 12. http://www.nytimes.com/2010/11/29/world/29cables.html?_r=1&hp
  13. 13. http://www.eweekeurope.co.uk/news/security-breach-hits-rsas-secret-securid-information-24219
  14. 14. http://www.f-secure.com/weblog/archives/00002226.html
  15. 15. http://www.f-secure.com/weblog/archives/00002226.html
  16. 16. http://www.informationweek.com/news/government/security/229700151
  17. 17. http://www.eweek.com/c/a/Security/Northrop-Grumman-L3-Communications-Hacked-via-Cloned-RSA-SecurID-Tokens-841662/
  18. 18. http://www.guardian.co.uk/business/2011/jun/12/imf-cyber-attack-hack
  19. 19. http://www.guardian.co.uk/business/2011/jun/12/imf-cyber-attack-hack
  20. 20. Night Dragon
  21. 21. http://www.networkworld.com/news/2011/021011-night-dragon-attacks-from-china.html
  22. 22. Flickr: m_r3volution
  23. 23. Operation Shady RAT
  24. 24. http://www.symantec.com/connect/blogs/truth-behind-shady-rat
  25. 25. Flickr: slayer23
  26. 26. Flickr: winknicholson
  27. 27. 0 day
  28. 28. http://www.zerodayinitiative.com/advisories/upcoming/
  29. 29. Flickr: arbyreed
  30. 30. Flickr: jeyhun85
  31. 31. Stuxnet
  32. 32. Flickr: digit_al
  33. 33. Flickr: matti_frisk
  34. 34. Flickr: jojo7
  35. 35. http://taosecurity.blogspot.com/2009/06/black-hat-budgeting.html
  36. 36. 95%
  37. 37. A ausência de prova não é prova da ausência
  38. 38. InfoSec-Pros-PT – Mailing-List (~199 membros) eLinkedIn Group (~657) http://groups.google.com/group/InfoSec-Pros-PT http://www.linkedin.com/groups?gid=112919Confraria Security&IT (Networking) Encontros mensais Gratuito http://www.linkedin.com/groups?gid=1859900
  39. 39. Q&ABruno MorissonCISSP-ISSMP, CISA, ISO27001LAbm@integrity.pt

×