As The Phish Turns

•Download as PPTX, PDF•

2 likes•1,158 views

Technology News & Politics

Security Life Lessons
Current Threats
Defenses
Keeping up with the Jones
One more thing…

Client-side Exploitation
• Spam
• Phishing
• Malicious Attachments
• Malicious Links

“Web App Sec”
• Do you really know what apps you have
out there?... Really?

Intelligence Operations

http://bit.ly/5duczB

As The Phish Turns

As The Phish Turns

More Related Content

Viewers also liked

Wark Meiserguest1b32f6

DuxburyCraig Chartier

Open Only If You Have Time For God

Open Only If You Have Time For God

Open Only If You Have Time For Godsutrisno2629

Breaking Waters: the birth of a new Nile state

Breaking Waters: the birth of a new Nile state

Breaking Waters: the birth of a new Nile stateAna Cascao

10 Foodsutrisno2629

Barcamp - Widgety Then&Now

Barcamp - Widgety Then&Now

Barcamp - Widgety Then&NowBartosz Pietrzak

Zuzenketa Baztan

Zuzenketa Baztan

Zuzenketa BaztanJosu Jimenez Maia

The COCH project

The COCH project

The COCH projectaskroll

6. GamesJeroen_Bourgonjon

Mobile Marketing

Mobile Marketing

Mobile Marketingsaafro

New Sonysutrisno2629

Raio-X do Google Brasil

Raio-X do Google Brasil

Raio-X do Google BrasilFabio Ricotta

How to Negotiate, Part 2

How to Negotiate, Part 2

How to Negotiate, Part 2tcg: agency

Using GradeMark For Effective Feedback

Using GradeMark For Effective Feedback

Using GradeMark For Effective FeedbackKarl Luke

Coffee1sutrisno2629

Predicador De Rectitud Bruce R

Predicador De Rectitud Bruce R

Predicador De Rectitud Bruce Rinstitutoaltabix

Aneka Posisi Sex

Aneka Posisi Sex

Aneka Posisi Sexsutrisno2629

Using Communication Effectively

Using Communication Effectively

Using Communication EffectivelyOwen Kulemeka

Auxiliarycijat

Serendipity and Lanyrd

Serendipity and Lanyrd

Serendipity and LanyrdNatalie Downe

Viewers also liked (20)

Wark Meiser

Duxbury

Open Only If You Have Time For God

Open Only If You Have Time For God

Open Only If You Have Time For God

Breaking Waters: the birth of a new Nile state

Breaking Waters: the birth of a new Nile state

Breaking Waters: the birth of a new Nile state

10 Food

Barcamp - Widgety Then&Now

Barcamp - Widgety Then&Now

Barcamp - Widgety Then&Now

Zuzenketa Baztan

Zuzenketa Baztan

Zuzenketa Baztan

The COCH project

The COCH project

The COCH project

6. Games

Mobile Marketing

Mobile Marketing

Mobile Marketing

New Sony

Raio-X do Google Brasil

Raio-X do Google Brasil

Raio-X do Google Brasil

How to Negotiate, Part 2

How to Negotiate, Part 2

How to Negotiate, Part 2

Using GradeMark For Effective Feedback

Using GradeMark For Effective Feedback

Using GradeMark For Effective Feedback

Coffee1

Predicador De Rectitud Bruce R

Predicador De Rectitud Bruce R

Predicador De Rectitud Bruce R

Aneka Posisi Sex

Aneka Posisi Sex

Aneka Posisi Sex

Using Communication Effectively

Using Communication Effectively

Using Communication Effectively

Auxiliary

Serendipity and Lanyrd

Serendipity and Lanyrd

Serendipity and Lanyrd

More from Rob Fuller

Why isn't infosec working? Did you turn it off and back on again?

Why isn't infosec working? Did you turn it off and back on again?

Why isn't infosec working? Did you turn it off and back on again?Rob Fuller

KiwiCon 2016 - Kicking Orion's Assets

KiwiCon 2016 - Kicking Orion's Assets

KiwiCon 2016 - Kicking Orion's AssetsRob Fuller

Writing malware while the blue team is staring at you

Writing malware while the blue team is staring at you

Writing malware while the blue team is staring at youRob Fuller

Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)

Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)

Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)Rob Fuller

Attacker Ghost Stories - ShmooCon 2014

Attacker Ghost Stories - ShmooCon 2014

Attacker Ghost Stories - ShmooCon 2014Rob Fuller

GiTFORob Fuller

NotaCon 2011 - Networking for Pentesters

NotaCon 2011 - Networking for Pentesters

NotaCon 2011 - Networking for PentestersRob Fuller

RIT 2009 Intellectual Pwnership

RIT 2009 Intellectual Pwnership

RIT 2009 Intellectual PwnershipRob Fuller

Metasploit magic the dark coners of the framework

Metasploit magic the dark coners of the framework

Metasploit magic the dark coners of the frameworkRob Fuller

Windows Attacks AT is the new black

Windows Attacks AT is the new black

Windows Attacks AT is the new blackRob Fuller

Practical Exploitation - Webappy Style

Practical Exploitation - Webappy Style

Practical Exploitation - Webappy StyleRob Fuller

Intro to White Chapel

Intro to White Chapel

Intro to White ChapelRob Fuller

Dirty Little Secrets They Didn't Teach You In Pentest Class v2

Dirty Little Secrets They Didn't Teach You In Pentest Class v2

Dirty Little Secrets They Didn't Teach You In Pentest Class v2Rob Fuller

A @textfiles approach to gathering the world's DNS

A @textfiles approach to gathering the world's DNS

A @textfiles approach to gathering the world's DNSRob Fuller

The Dirty Little Secrets They Didn’t Teach You In Pentesting Class

The Dirty Little Secrets They Didn’t Teach You In Pentesting Class

The Dirty Little Secrets They Didn’t Teach You In Pentesting ClassRob Fuller

Memory Forensics for Pentesters: Firefox

Memory Forensics for Pentesters: Firefox

Memory Forensics for Pentesters: FirefoxRob Fuller

From Couch To Career In 80 Hours

From Couch To Career In 80 Hours

From Couch To Career In 80 HoursRob Fuller

More from Rob Fuller (17)

Why isn't infosec working? Did you turn it off and back on again?

Why isn't infosec working? Did you turn it off and back on again?

Why isn't infosec working? Did you turn it off and back on again?

KiwiCon 2016 - Kicking Orion's Assets

KiwiCon 2016 - Kicking Orion's Assets

KiwiCon 2016 - Kicking Orion's Assets

Writing malware while the blue team is staring at you

Writing malware while the blue team is staring at you

Writing malware while the blue team is staring at you

Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)

Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)

Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)

Attacker Ghost Stories - ShmooCon 2014

Attacker Ghost Stories - ShmooCon 2014

Attacker Ghost Stories - ShmooCon 2014

GiTFO

NotaCon 2011 - Networking for Pentesters

NotaCon 2011 - Networking for Pentesters

NotaCon 2011 - Networking for Pentesters

RIT 2009 Intellectual Pwnership

RIT 2009 Intellectual Pwnership

RIT 2009 Intellectual Pwnership

Metasploit magic the dark coners of the framework

Metasploit magic the dark coners of the framework

Metasploit magic the dark coners of the framework

Windows Attacks AT is the new black

Windows Attacks AT is the new black

Windows Attacks AT is the new black

Practical Exploitation - Webappy Style

Practical Exploitation - Webappy Style

Practical Exploitation - Webappy Style

Intro to White Chapel

Intro to White Chapel

Intro to White Chapel

Dirty Little Secrets They Didn't Teach You In Pentest Class v2

Dirty Little Secrets They Didn't Teach You In Pentest Class v2

Dirty Little Secrets They Didn't Teach You In Pentest Class v2

A @textfiles approach to gathering the world's DNS

A @textfiles approach to gathering the world's DNS

A @textfiles approach to gathering the world's DNS

The Dirty Little Secrets They Didn’t Teach You In Pentesting Class

The Dirty Little Secrets They Didn’t Teach You In Pentesting Class

The Dirty Little Secrets They Didn’t Teach You In Pentesting Class

Memory Forensics for Pentesters: Firefox

Memory Forensics for Pentesters: Firefox

Memory Forensics for Pentesters: Firefox

From Couch To Career In 80 Hours

From Couch To Career In 80 Hours

From Couch To Career In 80 Hours

Recently uploaded

Dev Dives: Streamline document processing with UiPath Studio Web

Dev Dives: Streamline document processing with UiPath Studio Web

Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity

Streamlining Python Development: A Guide to a Modern Project Setup

Streamlining Python Development: A Guide to a Modern Project Setup

Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm

A Deep Dive on Passkeys: FIDO Paris Seminar.pptx

A Deep Dive on Passkeys: FIDO Paris Seminar.pptx

A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3

Unraveling Multimodality with Large Language Models.pdf

Unraveling Multimodality with Large Language Models.pdf

Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro

The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx

The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx

The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3

TrustArc Webinar - How to Build Consumer Trust Through Data Privacy

TrustArc Webinar - How to Build Consumer Trust Through Data Privacy

TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc

Connect Wave/ connectwave Pitch Deck Presentation

Connect Wave/ connectwave Pitch Deck Presentation

Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation

Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024

Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024

Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada

TeamStation AI System Report LATAM IT Salaries 2024

TeamStation AI System Report LATAM IT Salaries 2024

TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey

"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack

"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack

"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays

Take control of your SAP testing with UiPath Test Suite

Take control of your SAP testing with UiPath Test Suite

Take control of your SAP testing with UiPath Test SuiteDianaGray10

Developer Data Modeling Mistakes: From Postgres to NoSQL

Developer Data Modeling Mistakes: From Postgres to NoSQL

Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB

Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)

Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)

Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos

Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf

Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf

Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely

The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx

The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx

The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3

New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024

New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024

New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada

Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx

Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx

Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3

Digital Identity is Under Attack: FIDO Paris Seminar.pptx

Digital Identity is Under Attack: FIDO Paris Seminar.pptx

Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3

Scanning the Internet for External Cloud Exposures via SSL Certs

Scanning the Internet for External Cloud Exposures via SSL Certs

Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed

Ensuring Technical Readiness For Copilot in Microsoft 365

Ensuring Technical Readiness For Copilot in Microsoft 365

Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited

Recently uploaded (20)

Dev Dives: Streamline document processing with UiPath Studio Web

Dev Dives: Streamline document processing with UiPath Studio Web

Dev Dives: Streamline document processing with UiPath Studio Web

Streamlining Python Development: A Guide to a Modern Project Setup

Streamlining Python Development: A Guide to a Modern Project Setup

Streamlining Python Development: A Guide to a Modern Project Setup

A Deep Dive on Passkeys: FIDO Paris Seminar.pptx

A Deep Dive on Passkeys: FIDO Paris Seminar.pptx

A Deep Dive on Passkeys: FIDO Paris Seminar.pptx

Unraveling Multimodality with Large Language Models.pdf

Unraveling Multimodality with Large Language Models.pdf

Unraveling Multimodality with Large Language Models.pdf

The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx

The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx

The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx

TrustArc Webinar - How to Build Consumer Trust Through Data Privacy

TrustArc Webinar - How to Build Consumer Trust Through Data Privacy

TrustArc Webinar - How to Build Consumer Trust Through Data Privacy

Connect Wave/ connectwave Pitch Deck Presentation

Connect Wave/ connectwave Pitch Deck Presentation

Connect Wave/ connectwave Pitch Deck Presentation

Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024

Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024

Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024

TeamStation AI System Report LATAM IT Salaries 2024

TeamStation AI System Report LATAM IT Salaries 2024

TeamStation AI System Report LATAM IT Salaries 2024

"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack

"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack

"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack

Take control of your SAP testing with UiPath Test Suite

Take control of your SAP testing with UiPath Test Suite

Take control of your SAP testing with UiPath Test Suite

Developer Data Modeling Mistakes: From Postgres to NoSQL

Developer Data Modeling Mistakes: From Postgres to NoSQL

Developer Data Modeling Mistakes: From Postgres to NoSQL

Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)

Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)

Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)

Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf

Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf

Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf

The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx

The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx

The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx

New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024

New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024

New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024

Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx

Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx

Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx

Digital Identity is Under Attack: FIDO Paris Seminar.pptx

Digital Identity is Under Attack: FIDO Paris Seminar.pptx

Digital Identity is Under Attack: FIDO Paris Seminar.pptx

Scanning the Internet for External Cloud Exposures via SSL Certs

Scanning the Internet for External Cloud Exposures via SSL Certs

Scanning the Internet for External Cloud Exposures via SSL Certs

Ensuring Technical Readiness For Copilot in Microsoft 365

Ensuring Technical Readiness For Copilot in Microsoft 365

Ensuring Technical Readiness For Copilot in Microsoft 365

As The Phish Turns

1.

2.

3.

4.

5.

6.

7.

8.

9.

10.

11.

12.

13.

14. Security Life Lessons Current Threats Defenses Keeping up with the Jones One more thing…

15.

16.

17.

18.

19.

20.

21.

22.

23.

24.

25.

26.

27.

28.

29. Client-side Exploitation • Spam • Phishing • Malicious Attachments • Malicious Links “Web App Sec” • Do you really know what apps you have out there?... Really?

30.

31.

32.

33.

34.

35.

36. Intelligence Operations

37.

38.

39.

40.

41.

42.

43.

44.

45.

46. http://bit.ly/5duczB

Editor's Notes

Defenders loosing battle has two sides, the attacker, once in, has to evade every detection, you only have to find on piece of his trail
Gun anywhere / Poor state of security