Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Living With The Ghost
A tale of Misconfigurations
-Head of Security Operations @ BEETLES
-Father of XAVIAN
-Security Researcher
-Lame Joke poster at FB Status
-CCISO, CEH, ...
Whoever said,
“There’s no such thing as bad publicity”
never experienced a data breach.
What we do
What we know
What we see [from a small POC test]
But SysAdmins only see RED
Gh0sT
in
the
Ignored
Security Misconfiguration
Security misconfiguration can happen at any level of an application
stack, including the network s...
How it happens
● Information disclosures
● Directory listing
● Stack traces or debug mode enabled
● Outdated or unpatched ...
Unpatched routers
Bangladesh have nearly 400+ vulnerable CISCO devices to CVE-2018-0171
Unpatched routers
Bangladesh have nearly 800+ vulnerable MIKROTIK devices to CVE-2018-14847 are
already infected by COINHI...
Unprotected resources
Bangladesh have 1000++ unprotected devices directly connected to internet.
Default credential
Bangladesh is the HOME of default credential enabled Systems.
ISP’s are using common password
workinher
This is a global problem
What we found [Case X]
The Mind Gap
Biz VS Devs VS OPS
THANKS
Shahee living with-the_ghost-final
Shahee living with-the_ghost-final
Shahee living with-the_ghost-final
Upcoming SlideShare
Loading in …5
×

Shahee living with-the_ghost-final

58 views

Published on

Configuration errors can cause similiar system failure like software bugs. misconfigurations can replicate crashes, hangs, silent failures of the system, the common characteristics found in every software bugs. But sysadmins usually ignores these misconfiguration issues if systems seems up and running smoothly. Usually unlike software bugs which gets much attention, the misconfiguration issues are usually neglected, which may lead to a data breach even system breach and unauthorised network access. And one day these misconguration becomes a living place of the ghosts in the network.

Published in: Internet
  • Be the first to comment

  • Be the first to like this

Shahee living with-the_ghost-final

  1. 1. Living With The Ghost A tale of Misconfigurations
  2. 2. -Head of Security Operations @ BEETLES -Father of XAVIAN -Security Researcher -Lame Joke poster at FB Status -CCISO, CEH, MCSA, MCP -Serious at Twitter: @shaheemirza
  3. 3. Whoever said, “There’s no such thing as bad publicity” never experienced a data breach.
  4. 4. What we do
  5. 5. What we know
  6. 6. What we see [from a small POC test]
  7. 7. But SysAdmins only see RED
  8. 8. Gh0sT in the Ignored
  9. 9. Security Misconfiguration Security misconfiguration can happen at any level of an application stack, including the network services, platform, web server, application server, database, frameworks, custom code, and pre-installed virtual machines, containers, or storage.
  10. 10. How it happens ● Information disclosures ● Directory listing ● Stack traces or debug mode enabled ● Outdated or unpatched software/hardware ● Default credential ● Unnecessary features ● Unprotected resources ● Overly permissive policies ● CNAME record and unclaimed cloud resources
  11. 11. Unpatched routers Bangladesh have nearly 400+ vulnerable CISCO devices to CVE-2018-0171
  12. 12. Unpatched routers Bangladesh have nearly 800+ vulnerable MIKROTIK devices to CVE-2018-14847 are already infected by COINHIVE miner.
  13. 13. Unprotected resources Bangladesh have 1000++ unprotected devices directly connected to internet.
  14. 14. Default credential Bangladesh is the HOME of default credential enabled Systems.
  15. 15. ISP’s are using common password workinher
  16. 16. This is a global problem
  17. 17. What we found [Case X]
  18. 18. The Mind Gap Biz VS Devs VS OPS
  19. 19. THANKS

×