Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Hacking a company


Published on

Presentation about the most dangerous attacks on Companies and People. The true power of physical security, Social engineering, tips and tricks about malware and hacking tools and devices

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Hacking a company

  1. 1. Hacking a Company Igor Beliaiev
  2. 2. whoami Security Engineer OWASP Lviv member Igor Beliaiev
  3. 3. Red Teaming A red team is an independent group that challenges an organization to improve its effectiveness. Penetration testers assess organization security, often unbeknownst to client staff. This type of Red Team provides a more realistic picture of the security readiness than announced assessments. (c) Wikipedia
  4. 4. Red Teaming … of the airport security 95% failure rate 67 out of 70
  5. 5. %companyname
  6. 6. Compliance vs Security
  7. 7. Attack planning The weakest part in security? The security level of the system is determined by its most insecure element The most valuable information in company? PEOPLEMONEY CLIENTS Choosing targets Finance IT(backups, access, data) Accounting Infrastructure Legal
  8. 8. Risks analysis Technological risks: Malware/viruses/intrusions Cyber attacks Service provider failure Physical security (f.e. loss of devices) Data related vulnerabilities Phishing Human risks: Human error/mistakes Insider sabotage/theft Lack of skills Lack of knowledge Lack of guidance
  9. 9. Social Engineering Works
  10. 10. Social Engineering Works
  11. 11. Caution - a lot of BLUR inside
  12. 12. Ask to use your USB flash
  13. 13. Let’s go deeper
  14. 14. Is it a feature?
  15. 15. Acting like IT Support
  16. 16. Accounting
  17. 17. Finance
  18. 18. IT support
  19. 19. Change in mindset needed
  20. 20. going inside…SoftServe
  21. 21. skype: ghost-bel