Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Cyber Oriented Engineering

Introduce the cyber threat map, review up-to-date tools, methodolgies and best-practices used by hackers, and learn how to apply them to secure our systems.

  • Login to see the comments

Cyber Oriented Engineering

  1. 1. CYBER ORIENTED ENGINEERING SALO SHP 1
  2. 2. /whois 2 https://www.linkedin.com/in/salo-shp/ https://www.tikalk.com
  3. 3. Malicious software “Any software usable for a malicious intent” Virus Worm BotTrojan Ransomware Spyware Adware ScarewareRiskware Mineware 3
  4. 4. “There is no patch for human stupidity” Kevin Mitnick 4
  5. 5. 5
  6. 6. https://youtu.be/aVlYuPzmJoY http://kestas.kuliukas.com/RainbowTables/ 6
  7. 7. Undocumented feature (aka BUG) Vulnerability Hotfix 7
  8. 8. 8
  9. 9. Undocumented feature (aka BUG) Vulnerability Hotfix NVD/CAN/CVE - Common Vulnerabilities & Exposures 9
  10. 10. 10
  11. 11. 11
  12. 12. https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=office 12
  13. 13. Undocumented feature (aka BUG) Vulnerability Hotfix CVE Antimalware 13
  14. 14. 14
  15. 15. 15
  16. 16. https://www.wired.com/story/inside-scan4you-takedown/16
  17. 17. Undocumented feature (aka BUG) Vulnerability Hotfix CVE Antimalware RMF 17
  18. 18. National Institute of Standards and Technology (DoC) SP-800-171r1 - Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations
 https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-171r1.pdf SP-800-53r4 - Security and Privacy Controls for Federal Information Systems and Organizations
 https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf CSF - Cyber Security Framework
 https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf SP-800-37r1 - Guide for Applying the Risk Management Framework to Federal Information Systems
 https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-37r1.pdf 18
  19. 19. International Organisation for Standardisation Publications cost money ISO/IEC 2700x family of information security standards internationally recognised and accepted Allows system managers to identify and mitigate gaps and overlaps in coverage Focuses specifically and purposefully on information technology 19
  20. 20. GDPR - General Data Protection Regulation Privacy by Design
 http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX: 32016R0679 Health & Human services - HIPAA (Health Insurance Portability and Accountability Act) Standards for Privacy of Individually Identifiable Health Information
 https://www.hhs.gov/sites/default/files/privacysummary.pdf PCIDSS - Payment Card Industry Data Security Standard
 https://www.pcisecuritystandards.org/documents/PCI_DSS_v3-2-1.pdf 20
  21. 21. Undocumented feature (aka BUG) Vulnerability Hotfix CVE Antimalware RMF 0day Exploit 21
  22. 22. https://www.zerodayinitiative.com/blog/2018/9/20/zdi-can-6135-a-remote-code-execution-vulnerability-in-the-microsoft-windows-jet-database-engine https://github.com/thezdi/PoC/tree/master/ZDI-18-1075 22
  23. 23. 23
  24. 24. 24
  25. 25. 25
  26. 26. 26
  27. 27. 27 https://github.com/kayrus/kubelet-exploit
  28. 28. 28
  29. 29. Undocumented feature (aka BUG) Vulnerability CVE 0day Exploit Kit Vector Hotfix Antimalware RMF 29
  30. 30. 30
  31. 31. http://www.cs.cmu.edu/~wing/publications/Howard-Wing03.pdf https://manadhata.github.io/pdf/tse11.pdf 31
  32. 32. Confidentiality Integrity Availability Unauthorised disclosure of information Unauthorised modification or destruction of information Disruption of access to information CIA triad 32
  33. 33. Undocumented feature (aka BUG) Vulnerability Hotfix CVE Antimalware RMF 0day Exploit Kit Vector Distro 33
  34. 34. Kali BackBox Parrot SecOS BlackArch DEFT Samurai Web Pentoo Caine Network Sec Toolkit Fedora Security Spin Bugtraq ArchStrike Cyborg Matriux WEAKERTH4N BlackUbuntu LionSec Dracos Qubes Flare-VM Tails NetHunter NodeZero Knoppix 34
  35. 35. Damn Vulnerable web App (DVWA) WebGoat Damn Vulnerable Linux Metasploitable2 https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project/Pages/Offline bWAPP Damn Vulnerable iOS App (DVIA) Game of Hacks Google Gruyere HackThis!! Hack This Site Hellbound Hackers McAfee HacMe Mutillidae2 OverTheWire Peruggia Root Me Try2Hack Vicnum Web Security Dojo XXE Hackxor Zero Bank https://pentesterlab.com/exercises/ https://www.vulnhub.com https://www.enigmagroup.org/pages/challenges https://github.com/Hacker0x01/hacker101 35
  36. 36. Undocumented feature (aka BUG) Vector Distro skid troll Vector Vulnerability Hotfix CVE Antimalware RMF 0day Exploit Kit 36
  37. 37. 37
  38. 38. Undocumented feature (aka BUG) Vector Distro skid hacktivist troll Vector Vulnerability Hotfix CVE Antimalware RMF 0day Exploit Kit 38
  39. 39. 39
  40. 40. Undocumented feature (aka BUG) APT skid hacktivist troll CVE 0day RMF Exploit Antimalware Vulnerability Hotfix Kit Vector Distro 40
  41. 41. 41
  42. 42. 42
  43. 43. https://www2.fireeye.com/rs/fireye/images/rpt-apt28.pdf 43
  44. 44. 44
  45. 45. Personnel PT / CTF Honey pots Methodology Frameworks Forensics Bountyz Assets Artefact
 repos Appliances Monitoring 3-3-3-1 45
  46. 46. Confidentiality Integrity Availability Unauthorised disclosure of information Unauthorised modification or destruction of information Disruption of access to information EffectiveUnintrusive Permissive Mitigate the threat Be transparent as possible Don’t limit users beyond necessary 46
  47. 47. Classify Catch Commit 47
  48. 48. Hardware Ephemeral Firmware Software Players Tokens SessionsAPI Servers Workstations Network StorageAuthentication
 modules Third party Users Bots AccessIdentification Support Level Type Meta Remote Printers Switches BIOS TPM CMOS Services IPMI/iLo Sensors Applications OS Modules Plugins Artefacts Documents Location Classify 48
  49. 49. Updates CM Training Access control Maintenance Backup Ansible Scheduled Configuration Databases Artefacts Encryption 2FA Bio Identification Time/role based Bot based From SCM Signed 0 downtime Courses Certifications Best practices Tests Scenarios Consistent 0 touch Commit 49
  50. 50. Audit Accountability Monitor State Logs Store 4ever NLP Auto Parsing Cross levels TRACE What Who When Why Metrics Performance Usage Meta data Cloud log Unexpected SLA Anomalies Changes Desired Catch 50
  51. 51. Whitelist state integrity SAFE > s0rry Anonymise environment Minimise attack vector 51
  52. 52. Critical battery

×