Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Secure Yourself, Practice what we preach - BSides Austin 2015

1,167 views

Published on

We all practice Information Security, but do we practice what we preach? Do we do what we ask of our employees and clients to our own, family and work computers?

Published in: Technology
  • HOT MILFS LOOKING FOR SEX! F.U.C.K A MILF NEAR YOU TONIGHT!◆◆◆ http://t.cn/AiuW9zn5
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Earn $500 for taking a 1 hour paid survey! read more... ▲▲▲ https://tinyurl.com/make2793amonth
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Secure Yourself, Practice what we preach - BSides Austin 2015

  1. 1. Secure yourself, practice what we preach Michael Gough – Founder MalwareArchaeology.com
  2. 2. Who am I • Blue Team Defender Ninja, Logoholic, Malware Archaeologist • @HackerHurricane also my Blog • Inventor of the Malware Management Framework • I love logs – they tell us Who, What, Where, When and hopefully How
  3. 3. This talk is a discussion • Your input is required • Don’t be a Ding Dong, and you might get one! • Share, Share, Share! • We all want to know what you know
  4. 4. Why this talk? • It dawned on me we are not talking about our personal experiences • We have personal systems • We have work systems • We have families and they have systems • How can we ask our employers to secure stuff if we don’t do it ourselves?
  5. 5. Which method is best? • Let’s avoid this area, it will take too long • Let’s focus on What is being used and get other options for everyone to investigate • This is about sharing • So we can protect ourselves • And practice what we preach • Take that to our employers and improve the condition there too
  6. 6. The Anthem Breach • And many others that leaked our PII • Can be used to apply for credit • Steal your identity • File a fake tax return • Etc.
  7. 7. Credit Cards • Thank you Target… (last year’s motto) • Screw you Anthem (thus this year’s motto) • Due to Target I stopped using my Debit Card except at one location where I can get cash and gas and gift cards (MY MONEY !!!) • Credit Cards for everything (their money not mine) • Two cards, one for everyday (popped 3 times in 2014) • One for online only
  8. 8. Your Credit • Putting a “Freeze” on your credit is one way to prevent your credit misuse • Cost vary by State • Texas is $10-$10.83 for each Credit Reporting agency • You have to do all 3 Reporting Agencies • Credit Monitoring
  9. 9. Credit Freeze EXPERIAN: • To request a security freeze, • log on to www.experian.com/freeze, • Call 1 888 EXPERIAN (1 888 397 3742) TRANSUNION: • Place a Security Freeze on your TransUnion Credit Report • Online: https://freeze.transunion.com • Phone: 888-909-8872 EQUIFAX: • For other ways to add a Security Freeze to your credit file, • please contact our Automated Security Freeze System at (800) 349-9960. • https://www.freeze.equifax.com
  10. 10. How you build your system • We need to backup our data • Build your system with an OS drive and a Data drive • NO DATA on your OS drive • Make it easy to rebuild if something fishy happens
  11. 11. Build Standards • Center for Internet Security • CIS Benchmarks can help you know what to set • Both personally and for the enterprise • Windows • MAC • Linux • IE, FireFox, Safari
  12. 12. Backups • Encrypt it ! • On-Site – multiple copies • Off-Site – Drive at family or friend • Cloud – CloudBerry • Amazon S3 • Glacier – CrashPlan – Carbonite
  13. 13. Password Managers • LastPass – YubiKey – Google Auth • Dashlane – Google Auth • Password Safe – Yubikey • KeyPass • 1Password • RoboForm
  14. 14. Multi-Factor Auth • Fido • Yubikey • Google Auth • Lots of standards • PayPal • eBay
  15. 15. Browsers • Don’t use IE • FireFox – Script Block – Web of Trust – AdBlock Plus – EFF – Privacy Badger • Chrome – Script Block – Web of Trust – AdBlock Plus – EFF – Privcy Badger • Safari • Aviator
  16. 16. Search Engines • Google • Bing • Yahoo • DuckDuckGo • Yandex
  17. 17. Drive Encryption • TruCrypt – 7.1a • BitLocker • File Vault
  18. 18. Cloud Storage • Do you store your data in the Cloud? • InstantCryptor.com – Browser based encryption – FireFox & Chrome – DropBox – Google Drive • Trucrypt 7.1a
  19. 19. Bookmarks • Xmarks • Sync your bookmarks so recovery is easy • Save stuff at home, see it at work and visa- versa • FireFox Sync
  20. 20. DNS • OpenDNS – Nice for your family - FREE • Google DNS
  21. 21. Remote Access • VNC • GoToMyPC • OpenVPN • Your FW HW • TOR
  22. 22. Mac, PC or Linux? • We could spend an hour on this topic alone • Windows is ~85% of our systems • MAC’s get less malware, but still get malware • Linux? • Whatever you use, don’t be an Administrator • 90% reduction of risk
  23. 23. MAC Knock Knock - github.com/synack/knockknock • KnockKnock displays persistent items (scripts, commands, binaries, etc.), that are set to execute automatically on OS X. For a comprehensive presentation on OS X malware, persistence, and KnockKnock, see the following slides. • $ python knockknock.py
  24. 24. Cell Phones • I use an Apple… • It gets updated • What do you do ? • CIS Benchmarks for IOS and Android
  25. 25. Software Restrictions • Windows only • AppBlocker (service – Audit mode) • Software Restriction Policies • Only on Pro, Ultimate and Enterprise • Stops .EXE from running in C:Users • Can really slow down the malwarez
  26. 26. Software Restrictions
  27. 27. Software Restrictions • https://technet.microsoft.com/en-us/magazine/2008.06.srp.aspx
  28. 28. Software Restrictions • EventCode = 866 *
  29. 29. Logs • Windows Logging Cheat Sheet • Enable the logs • Collect locally • Learn how to read them • Try and send to a Log Management solution – SumoLogic – Splunk server – ELK stack – Or do it manually
  30. 30. Wireless • Anything we don’t know? • WPA • Use Guest for guests • Set OpenDNS as the DNS server to affect all users – Provides reporting
  31. 31. Cell Phones • ATT Smart Limits • Sprint Parent Controls • Verizon Family Safeguards • T-Mobile Family Allowances • Great for our kids
  32. 32. Social Networking • LinkedIn • Facebook • Twitter • Etc…
  33. 33. Privacy • Lots of breaches here • NSA, GCHQ, etc… • Social Networking • What do you do ? • 5 min discussion
  34. 34. Questions? • HackerHurricane.com • @HackerHurricane • MalwareArchaeology.com

×