The document discusses advanced cybersecurity attacks and strategies to prevent them. It covers common attacks like privilege escalation, spoofing, and man-in-the-middle attacks. It also discusses secure coding concepts like input validation, error handling, and fuzz testing. Application attacks like SQL injection and cross-site scripting are explained as well as frameworks and guides for security.
This document discusses identity and access management. It explores authentication concepts like identification, authentication, and authorization. It examines factors of authentication like something you know, have, or are. It also compares authentication services like Kerberos, LDAP, and single sign-on. The document discusses managing user accounts and compares access control models such as role-based access control, discretionary access control, and mandatory access control.
This chapter discusses securing hosts and data. It covers implementing least functionality on systems by disabling unnecessary services and accounts. When deploying operating systems, it is important to use standardized configurations along with automation and templates. When using the cloud, responsibilities vary depending on the deployment model. Mobile device management allows securing and monitoring mobile devices through application, content and hardware controls.
The document discusses key topics in cybersecurity basics including the CIA triad of confidentiality, integrity and availability. It covers security controls like encryption that help achieve these goals. Risk concepts such as threats, vulnerabilities and risk mitigation are explained. The document also discusses virtualization, associated risks and benefits, as well as basic command line tools used in Windows and Linux systems.
This document discusses securing networks through the use of intrusion detection systems, intrusion prevention systems, packet sniffers, firewalls, virtual private networks, and securing wireless networks. It covers topics such as host-based and network-based IDS, sensor placement, detection methods, VPN types, wireless encryption, and common wireless attacks.
501 ch 6 threats vulnerabilities and common attacksgocybersec
This document discusses threat actors, malware types, common attacks, blocking malware, and educating users. It describes different types of threat actors including script kiddies, hacktivists, insiders, organized crime, competitors, and nation states. It also outlines various malware types such as viruses, worms, Trojans, ransomware, and rootkits. Additionally, it covers social engineering techniques and common attacks like phishing, spear phishing, and privilege escalation. Finally, it discusses best practices for blocking malware and the importance of educating users.
This chapter discusses risk management tools and techniques. It covers vulnerability scanning, penetration testing, and using security tools like protocol analyzers and logs to identify vulnerabilities, monitor networks, and ensure compliance. Vulnerability scanning identifies weaknesses without exploiting systems, while penetration testing more actively tries to compromise systems. Understanding risks and using the appropriate tools can help secure systems and protect confidential data.
501 ch 10 understanding cryptography and pkigocybersec
This document discusses cryptography concepts including hashing for integrity, encryption for confidentiality, symmetric and asymmetric encryption algorithms, and public key infrastructure (PKI). It covers how hashing ensures data integrity by creating a unique hash value for data, how encryption protects confidentiality using algorithms and keys, and how digital signatures provide authentication and non-repudiation. It also summarizes common hashing algorithms, encryption methods like AES and RSA, and how protocols like TLS, HTTPS, and S/MIME use cryptography to secure communications.
The document discusses network technologies and tools for implementing a secure network. It reviews basic networking concepts like protocols, network devices, and network address allocation. It also provides examples of how to configure firewall rules and use devices like switches, routers, and proxies to securely segment networks and filter traffic. The goal is to understand these fundamentals and apply methods like ACLs, VLANs, and protocol filtering to harden network security.
This document discusses identity and access management. It explores authentication concepts like identification, authentication, and authorization. It examines factors of authentication like something you know, have, or are. It also compares authentication services like Kerberos, LDAP, and single sign-on. The document discusses managing user accounts and compares access control models such as role-based access control, discretionary access control, and mandatory access control.
This chapter discusses securing hosts and data. It covers implementing least functionality on systems by disabling unnecessary services and accounts. When deploying operating systems, it is important to use standardized configurations along with automation and templates. When using the cloud, responsibilities vary depending on the deployment model. Mobile device management allows securing and monitoring mobile devices through application, content and hardware controls.
The document discusses key topics in cybersecurity basics including the CIA triad of confidentiality, integrity and availability. It covers security controls like encryption that help achieve these goals. Risk concepts such as threats, vulnerabilities and risk mitigation are explained. The document also discusses virtualization, associated risks and benefits, as well as basic command line tools used in Windows and Linux systems.
This document discusses securing networks through the use of intrusion detection systems, intrusion prevention systems, packet sniffers, firewalls, virtual private networks, and securing wireless networks. It covers topics such as host-based and network-based IDS, sensor placement, detection methods, VPN types, wireless encryption, and common wireless attacks.
501 ch 6 threats vulnerabilities and common attacksgocybersec
This document discusses threat actors, malware types, common attacks, blocking malware, and educating users. It describes different types of threat actors including script kiddies, hacktivists, insiders, organized crime, competitors, and nation states. It also outlines various malware types such as viruses, worms, Trojans, ransomware, and rootkits. Additionally, it covers social engineering techniques and common attacks like phishing, spear phishing, and privilege escalation. Finally, it discusses best practices for blocking malware and the importance of educating users.
This chapter discusses risk management tools and techniques. It covers vulnerability scanning, penetration testing, and using security tools like protocol analyzers and logs to identify vulnerabilities, monitor networks, and ensure compliance. Vulnerability scanning identifies weaknesses without exploiting systems, while penetration testing more actively tries to compromise systems. Understanding risks and using the appropriate tools can help secure systems and protect confidential data.
501 ch 10 understanding cryptography and pkigocybersec
This document discusses cryptography concepts including hashing for integrity, encryption for confidentiality, symmetric and asymmetric encryption algorithms, and public key infrastructure (PKI). It covers how hashing ensures data integrity by creating a unique hash value for data, how encryption protects confidentiality using algorithms and keys, and how digital signatures provide authentication and non-repudiation. It also summarizes common hashing algorithms, encryption methods like AES and RSA, and how protocols like TLS, HTTPS, and S/MIME use cryptography to secure communications.
The document discusses network technologies and tools for implementing a secure network. It reviews basic networking concepts like protocols, network devices, and network address allocation. It also provides examples of how to configure firewall rules and use devices like switches, routers, and proxies to securely segment networks and filter traffic. The goal is to understand these fundamentals and apply methods like ACLs, VLANs, and protocol filtering to harden network security.
This document discusses network technologies and tools, including networking concepts like TCP/IP and common protocols, network devices like switches and routers, and methods for implementing a secure network. It covers topics like sniffing and DoS attacks, network segmentation using VLANs, firewall configuration with rules and zones, and the use of switches, routers, and other devices to prevent spoofing and floods and securely separate network traffic.
From The Hidden Internet: Lesson From 12 Months Of MonitoringPriyanka Aash
From 12 months of monitoring the internet, dark web and deep web, the following was found:
- Over 500,000 open databases containing around 20 terabytes of exposed data were found, including 5,000 in India.
- Over 6.7 billion leaked passwords were indexed, putting 40% of organizations at risk of being breached using leaked credentials.
- Thousands of code leaks were found, with 15% caused by employees leaking internal credentials, keys and sensitive information.
- Millions of open cloud resources and buckets containing terabytes of exposed data were found, including over 10,000 unsecured EBS snapshots and 400 RDS snapshots.
Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...SecureAuth
Two-factor authentication is a great first step in securing your VPN, but we have seen that it is not always infallible. With advances in authentication technology we now have techniques to analyze the context of a user before and during authentication and step up your security when needed, without burdening your users. SecureAuth IdP is the industry’s first access control solution to provide adaptive authentication and leverage live attack intelligence to identify suspicious actors and drop a net around them, stopping them in their tracks.
Cryptzone: What is a Software-Defined Perimeter?Cryptzone
Cryptzone explains a Software-Defined Perimeter, a new network security model that dynamically creates 1:1 network connections between users and the data they access.
This document provides an overview and schedule for a training on active deception techniques for red and blue teams. It covers topics like external reconnaissance, privilege escalation, and lateral movement. Deception strategies are discussed for each topic to detect adversarial activities like DNS reconnaissance, exploiting unattend files, or cloning webpages. The training will include hands-on exercises and visualizations in Kibana to detect engagement with deception assets.
Cryptzone: The Software-Defined PerimeterCryptzone
How Visible Is Your Network? See how a Software-Defined Perimeter from Cryptzone helps secure your network by dynamically creating a 1:1 network connections between users and the data they access.
Dive deep into AWS IoT end-to-end security mechanisms, MQTT and device secure communication, mutual TLS authentication, thing identity, security processes and authorization using AWS roles and policies.
Slides with our notes can be found here:
http://www.josephwojowski.com/conference-presentations.html
#ATA58 LSC-10 presentation on data security for project managers by Alaina Brantner and Joseph Wojowski.
Why API Security Is More Complicated Than You Think (and Why It’s Your #1 Pri...ProgrammableWeb
Why API Security Is More Complicated Than You Think (and Why It’s Your #1 Priority)
David Berlind, Editor-in-Chief, ProgrammableWeb
In the last year, the users of various social media services have had their accounts compromised due to API security related issues. ProgrammableWeb’s investigations into these transgressions reveals a degree of hacker sophistication that could never have been anticipated. The attacks were layered and complicated and one can only guess at the final objectives (but we have our hunches). In this presentation, ProgrammableWeb editor-in-chief reveals the sophistication of these attacks with a step-by-step walkthrough of what the perpetrators did and then offers a a layered-security prescription for preventing your organization, APIs, and applications from being similarly compromised.
How to Overcome Network Access Control Limitations for Better Network SecurityCryptzone
The document summarizes the limitations of Network Access Control (NAC) solutions for securing networks and controlling access in modern IT environments where resources are distributed. It argues that a Software-Defined Perimeter (SDP) model provides better security by establishing encrypted, individual connections between each user and only the specific applications and resources they are authorized to access, rather than relying on trust-based access inside the network perimeter. Key benefits of SDP include zero-trust authentication, dynamic identity-based policies, encryption of all traffic, simplicity, and consistency across cloud and hybrid environments.
The Future of Data Management - the Enterprise Data HubDataWorks Summit
The document discusses security for Hadoop systems. It outlines key requirements for Hadoop security including perimeter protection, data protection, access control and visibility. It then details Cloudera's current and planned security capabilities for authentication, authorization, auditing, encryption and key management. Examples are given of companies using Cloudera security solutions to meet compliance requirements and protect sensitive data in Hadoop.
If you do not have a proper key management process for changing the keys, then it’s better to have no encryption at all. A look inside Key Management Techniques.
Zero Trust, Zero Trust Network, or Zero Trust Architecture refer to security concepts and threat model that no longer assumes that actors, systems or services operating from within the security perimeter should be automatically trusted, and instead must verify anything and everything trying to connect to its systems before granting access.
Getting Started in Pentesting the Cloud: AzureBeau Bullock
Webcast Recording: https://www.youtube.com/watch?v=fCbVMWvncuw
Increasingly, more organizations are migrating resources to being hosted in the cloud. With this comes a greater potential for misconfiguration if there isn’t a solid understanding of the attack surface. While there are many similarities between traditional on-premises pentesting and cloud-based pentesting, the latter is an animal of its own. This webcast will attempt to clear up some of the fogginess around cloud-based pentesting, specific to Microsoft Azure environments, including Microsoft 365.
In order to adequately determine the attack surface, the appropriate coverage areas will be highlighted. Differences between Azure resources and Microsoft 365 can oftentimes be confusing but knowing these differences is key to helping you pivot and escalate privileges. Conditional access policies are great for defining different scenarios for how users can authenticate securely but can also be misconfigured. There are security protections for stopping certain password attacks but some of these can be bypassed. Ultimately, a methodology for testing Azure environments along with tools and techniques will be presented in this talk.
Threat Detection and Mitigation at Scale on AWS - SID301 - Anaheim AWS SummitAmazon Web Services
The document discusses threat detection and mitigation at scale on AWS. It describes how traditional threat detection is difficult due to skills shortages, high signal-to-noise ratios, and large datasets. It then outlines how AWS services like CloudTrail, VPC Flow Logs, CloudWatch Logs, and GuardDuty can be used to detect threats through log data and machine learning. The document also discusses how threats can be remediated through network services like WAF, automation tools like Lambda, and partner solutions.
Threat Detection and Mitigation at Scale on AWS - SID301 - Atlanta AWS SummitAmazon Web Services
The document discusses threat detection and mitigation at scale on AWS. It describes how traditional threat detection is difficult due to skills shortage, high signal to noise ratio, and large datasets. It then outlines how AWS services like CloudTrail, VPC Flow Logs, CloudWatch Logs, GuardDuty, and Macie can be used to detect threats at scale using machine learning. It also discusses how threats can be remediated using network services like WAF, Shield, and automation tools like Lambda, Systems Manager, and partner solutions.
TABLETOP SCENARIO: Your organization regularly patches, uses application whitelisting, has NextGen-NG™ firewalls/IDS’s, and has the latest Cyber-APT-Trapping-Blinky-Box™. You were just made aware that your entire customer database was found being sold on the dark web. Go. Putting too much trust in security products alone can be the downfall of an organization. In the 2015 BSides Tampa talk “Pentest Apocalypse” Beau discussed 10 different pentesting techniques that allow attackers to easily compromise an organization. These techniques still work for many organizations but occasionally more advanced tactics and techniques are required. This talk will continue where “Pentest Apocalypse” left off and demonstrate a number of red team techniques that organizations need to be aware of in order to prevent a “Red Team Apocalypse” as described in the tabletop scenario above.
Automation Patterns for Scalable Secret ManagementMary Racter
So you’ve scaled your app up to 1000 instances. Do they all share the same credentials for access to stateful resources? Then the attack surface for your stateful resources just got scaled up too. Automated secret management lets you focus on scaling up your app, not your risk of data compromise.
This talk aims to introduce some important considerations in attack surface management at scale, and provide some patterns and tips on integrating secret management workflows into Continuous Deployment infrastructure.
The document discusses key concepts in information security including the security trinity of confidentiality, integrity, and availability. It outlines the four As of security - account management, authentication controls, authorization/access controls, and audit controls. The document then explains how various security controls protect confidentiality, integrity, and availability. It concludes with outlining a risk-driven security process of identifying assets, risks, impacts, and controls to defend assets within an organization's security budget and objectives.
This document discusses using Hadoop to fight cyber fraud by analyzing big data. It explains that big data technologies provide powerful tools for services but also enable malicious cyber attacks by sophisticated attackers. Hadoop allows analyzing large datasets to detect fraud and security threats through techniques like machine learning, anomaly detection, and predicting real-time and historical patterns. The document advocates asking bigger questions to innovate solutions and gain operational and business advantages from big data analytics.
This document discusses network technologies and tools, including networking concepts like TCP/IP and common protocols, network devices like switches and routers, and methods for implementing a secure network. It covers topics like sniffing and DoS attacks, network segmentation using VLANs, firewall configuration with rules and zones, and the use of switches, routers, and other devices to prevent spoofing and floods and securely separate network traffic.
From The Hidden Internet: Lesson From 12 Months Of MonitoringPriyanka Aash
From 12 months of monitoring the internet, dark web and deep web, the following was found:
- Over 500,000 open databases containing around 20 terabytes of exposed data were found, including 5,000 in India.
- Over 6.7 billion leaked passwords were indexed, putting 40% of organizations at risk of being breached using leaked credentials.
- Thousands of code leaks were found, with 15% caused by employees leaking internal credentials, keys and sensitive information.
- Millions of open cloud resources and buckets containing terabytes of exposed data were found, including over 10,000 unsecured EBS snapshots and 400 RDS snapshots.
Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...SecureAuth
Two-factor authentication is a great first step in securing your VPN, but we have seen that it is not always infallible. With advances in authentication technology we now have techniques to analyze the context of a user before and during authentication and step up your security when needed, without burdening your users. SecureAuth IdP is the industry’s first access control solution to provide adaptive authentication and leverage live attack intelligence to identify suspicious actors and drop a net around them, stopping them in their tracks.
Cryptzone: What is a Software-Defined Perimeter?Cryptzone
Cryptzone explains a Software-Defined Perimeter, a new network security model that dynamically creates 1:1 network connections between users and the data they access.
This document provides an overview and schedule for a training on active deception techniques for red and blue teams. It covers topics like external reconnaissance, privilege escalation, and lateral movement. Deception strategies are discussed for each topic to detect adversarial activities like DNS reconnaissance, exploiting unattend files, or cloning webpages. The training will include hands-on exercises and visualizations in Kibana to detect engagement with deception assets.
Cryptzone: The Software-Defined PerimeterCryptzone
How Visible Is Your Network? See how a Software-Defined Perimeter from Cryptzone helps secure your network by dynamically creating a 1:1 network connections between users and the data they access.
Dive deep into AWS IoT end-to-end security mechanisms, MQTT and device secure communication, mutual TLS authentication, thing identity, security processes and authorization using AWS roles and policies.
Slides with our notes can be found here:
http://www.josephwojowski.com/conference-presentations.html
#ATA58 LSC-10 presentation on data security for project managers by Alaina Brantner and Joseph Wojowski.
Why API Security Is More Complicated Than You Think (and Why It’s Your #1 Pri...ProgrammableWeb
Why API Security Is More Complicated Than You Think (and Why It’s Your #1 Priority)
David Berlind, Editor-in-Chief, ProgrammableWeb
In the last year, the users of various social media services have had their accounts compromised due to API security related issues. ProgrammableWeb’s investigations into these transgressions reveals a degree of hacker sophistication that could never have been anticipated. The attacks were layered and complicated and one can only guess at the final objectives (but we have our hunches). In this presentation, ProgrammableWeb editor-in-chief reveals the sophistication of these attacks with a step-by-step walkthrough of what the perpetrators did and then offers a a layered-security prescription for preventing your organization, APIs, and applications from being similarly compromised.
How to Overcome Network Access Control Limitations for Better Network SecurityCryptzone
The document summarizes the limitations of Network Access Control (NAC) solutions for securing networks and controlling access in modern IT environments where resources are distributed. It argues that a Software-Defined Perimeter (SDP) model provides better security by establishing encrypted, individual connections between each user and only the specific applications and resources they are authorized to access, rather than relying on trust-based access inside the network perimeter. Key benefits of SDP include zero-trust authentication, dynamic identity-based policies, encryption of all traffic, simplicity, and consistency across cloud and hybrid environments.
The Future of Data Management - the Enterprise Data HubDataWorks Summit
The document discusses security for Hadoop systems. It outlines key requirements for Hadoop security including perimeter protection, data protection, access control and visibility. It then details Cloudera's current and planned security capabilities for authentication, authorization, auditing, encryption and key management. Examples are given of companies using Cloudera security solutions to meet compliance requirements and protect sensitive data in Hadoop.
If you do not have a proper key management process for changing the keys, then it’s better to have no encryption at all. A look inside Key Management Techniques.
Zero Trust, Zero Trust Network, or Zero Trust Architecture refer to security concepts and threat model that no longer assumes that actors, systems or services operating from within the security perimeter should be automatically trusted, and instead must verify anything and everything trying to connect to its systems before granting access.
Getting Started in Pentesting the Cloud: AzureBeau Bullock
Webcast Recording: https://www.youtube.com/watch?v=fCbVMWvncuw
Increasingly, more organizations are migrating resources to being hosted in the cloud. With this comes a greater potential for misconfiguration if there isn’t a solid understanding of the attack surface. While there are many similarities between traditional on-premises pentesting and cloud-based pentesting, the latter is an animal of its own. This webcast will attempt to clear up some of the fogginess around cloud-based pentesting, specific to Microsoft Azure environments, including Microsoft 365.
In order to adequately determine the attack surface, the appropriate coverage areas will be highlighted. Differences between Azure resources and Microsoft 365 can oftentimes be confusing but knowing these differences is key to helping you pivot and escalate privileges. Conditional access policies are great for defining different scenarios for how users can authenticate securely but can also be misconfigured. There are security protections for stopping certain password attacks but some of these can be bypassed. Ultimately, a methodology for testing Azure environments along with tools and techniques will be presented in this talk.
Threat Detection and Mitigation at Scale on AWS - SID301 - Anaheim AWS SummitAmazon Web Services
The document discusses threat detection and mitigation at scale on AWS. It describes how traditional threat detection is difficult due to skills shortages, high signal-to-noise ratios, and large datasets. It then outlines how AWS services like CloudTrail, VPC Flow Logs, CloudWatch Logs, and GuardDuty can be used to detect threats through log data and machine learning. The document also discusses how threats can be remediated through network services like WAF, automation tools like Lambda, and partner solutions.
Threat Detection and Mitigation at Scale on AWS - SID301 - Atlanta AWS SummitAmazon Web Services
The document discusses threat detection and mitigation at scale on AWS. It describes how traditional threat detection is difficult due to skills shortage, high signal to noise ratio, and large datasets. It then outlines how AWS services like CloudTrail, VPC Flow Logs, CloudWatch Logs, GuardDuty, and Macie can be used to detect threats at scale using machine learning. It also discusses how threats can be remediated using network services like WAF, Shield, and automation tools like Lambda, Systems Manager, and partner solutions.
TABLETOP SCENARIO: Your organization regularly patches, uses application whitelisting, has NextGen-NG™ firewalls/IDS’s, and has the latest Cyber-APT-Trapping-Blinky-Box™. You were just made aware that your entire customer database was found being sold on the dark web. Go. Putting too much trust in security products alone can be the downfall of an organization. In the 2015 BSides Tampa talk “Pentest Apocalypse” Beau discussed 10 different pentesting techniques that allow attackers to easily compromise an organization. These techniques still work for many organizations but occasionally more advanced tactics and techniques are required. This talk will continue where “Pentest Apocalypse” left off and demonstrate a number of red team techniques that organizations need to be aware of in order to prevent a “Red Team Apocalypse” as described in the tabletop scenario above.
Automation Patterns for Scalable Secret ManagementMary Racter
So you’ve scaled your app up to 1000 instances. Do they all share the same credentials for access to stateful resources? Then the attack surface for your stateful resources just got scaled up too. Automated secret management lets you focus on scaling up your app, not your risk of data compromise.
This talk aims to introduce some important considerations in attack surface management at scale, and provide some patterns and tips on integrating secret management workflows into Continuous Deployment infrastructure.
The document discusses key concepts in information security including the security trinity of confidentiality, integrity, and availability. It outlines the four As of security - account management, authentication controls, authorization/access controls, and audit controls. The document then explains how various security controls protect confidentiality, integrity, and availability. It concludes with outlining a risk-driven security process of identifying assets, risks, impacts, and controls to defend assets within an organization's security budget and objectives.
This document discusses using Hadoop to fight cyber fraud by analyzing big data. It explains that big data technologies provide powerful tools for services but also enable malicious cyber attacks by sophisticated attackers. Hadoop allows analyzing large datasets to detect fraud and security threats through techniques like machine learning, anomaly detection, and predicting real-time and historical patterns. The document advocates asking bigger questions to innovate solutions and gain operational and business advantages from big data analytics.
Practical security - access control, least privilege, cryptography at work, security attacks and pen testing your system with MetaSploit. The enemy knows the system. Not security by obscurity
Top five configuration security errors and how to avoid them - DEM09-S - Chic...Amazon Web Services
This document summarizes the top 5 security errors found in customer research and breach analysis from July to October 2018. It finds that 49% of organizations leave databases unencrypted, 41% do not rotate account access keys regularly, 32% publicly expose Amazon S3 buckets, 29% enable root user activities, and 27% leave default network settings open. It then discusses why there are so many errors, including disparate point security products, and proposes an effective cloud security approach with integrated requirements across visibility, configurations, compliance, runtime security, and more.
This document discusses security considerations for Software as a Service (SaaS) applications. It notes that SaaS providers implement some security controls, but they may not meet all organizational requirements. It recommends using Cloud Access Security Brokers (CASBs) to enforce enterprise security policies for cloud applications and gain visibility into user activity. The document outlines CASB architecture options and benefits, such as detecting shadow IT, controlling SaaS access, and protecting company data in SaaS applications. It emphasizes starting with a small implementation and adding functionality over time.
501 ch 9 implementing controls to protect assetsgocybersec
This document discusses various methods for implementing controls to protect assets, including implementing defense in depth with layered security, comparing physical security controls, adding redundancy and fault tolerance, protecting data with regular backups, and analyzing business continuity elements like recovery time objectives and alternate sites.
The Shifting Landscape of PoS MalwareOutputSilas Cutler
The document discusses the shifting landscape of point-of-sale (POS) malware. It covers the rise of commodity POS malware kits that are cheap and available online. It also discusses targeted breaches like the one against Target in 2013 where tailored malware was used to steal payment card data from their POS systems. Looking forward, the document discusses how the liability shift for EMV compliance in October 2015 and migration to tokenization systems may help address POS payment card theft going forward.
Css sf azure_8-9-17-protecting_web_apps_stephen coty_alAlert Logic
The document discusses strategies for protecting web applications from security threats. It begins by examining the types of attacks organizations face, including application attacks, brute force attacks, and suspicious activity. It then covers hacker reconnaissance methods such as crawling websites, using vulnerability scanners, and searching open forums and the dark web. The document outlines how attacks can escalate from exploiting web applications to gaining privileged access. It concludes by providing recommendations for developing a secure code, access management policies, patch management, monitoring strategies, and staying informed of the latest vulnerabilities.
Secure and Privacy-Preserving Big-Data ProcessingShantanu Sharma
Over the last decade, public and private clouds emerged as de facto platforms for big-data analytical workloads. Outsourcing one’s data to the cloud, however, comes with multiple security and privacy challenges. In a world where service providers can be located anywhere in the world, fall under varying legal jurisdictions, i.e., be a subject of different laws governing privacy and confidentiality of one’s data, and be a target of well-sponsored (sometimes even government-sponsored) security attacks protecting data in a cloud is far from trivial. This tutorial focuses on two principal lines of research (cryptographic- and hardware-based) aimed to provide secure processing of big-data in a modern cloud. First, we focus on cryptographic (encryption- and secret- sharing-based) techniques developed over the last two decades and specifically compare them based on efficiency and information leakage. We demonstrate that despite extensive research on cryptography, secure query processing over outsourced data remains an open challenge. We then survey the landscape of emerging secure hardware, i.e., recent hardware extensions like Intel’s Software Guard Extensions (SGX) aimed to secure third-party computations in the cloud. Unfortunately, despite being designed to provide a secure execution environment, existing SGX implementations suffer from a range of side-channel attacks that require careful software techniques to make them practically secure. Taking SGX as an example, we will discuss representative classes of side-channel attacks, and security challenges involved in the construction of hardware-based data processing systems. We conclude that neither cryptographic techniques nor secure hardware are sufficient alone. To provide efficient and secure large-scale data processing at the cloud, a new line of work that combines software and hardware mechanisms is required. We discuss an orthogonal approach designed around the concept of data partitioning, i.e., splitting the data processing into cryptographically secure and non-secure parts. Finally, we will discuss some open questions in designing secure cryptographic techniques that can process large-sized data efficiently.
Cloud Security Engineering - Tools and TechniquesGokul Alex
Cloud Security Engineering Education Materials prepared by Gokul Alex. It covers the essential tools and techniques to protect cloud enterprise architectures and cloud information systems.
Big Data is an increasingly powerful enterprise asset and this talk will explore the relationship between big data and cyber security, how we preserve privacy whilst exploiting the advantages of data collection and processing. Big Data technologies provide both governments and corporations powerful tools to offer more efficient and personalized services. The rapid adoption of these technologies has of course created tremendous social benefits. Unfortunately unwanted side effects are the potential rich pickings available to those with malicious intentions. Increasingly, the sophisticated cyber attacker is able to exploit the rich array public data to build detailed profiles on their adversaries to support their malicious intentions
Show me the money. If hackers were able to manipulate the world’s accounting systems, governments and corporations would be in a frenzy. Guess what? Hackers can…and will. In this presentation we describe manipulating the major financial accounting systems used by corporations large and small to show the importance of good Information Security and Accounting controls. In this talk we identify ways to manipulate accounting systems for financial gain demonstrating mass accounting systems fraud. Through our research we will demonstrate multiple ways to manipulate accounting data and misappropriate funds. We will also show information security and accounting controls needed to detect these types of advanced attacks. Tom and Spencer will be releasing and demonstrating new PoC malware and a Metasploit meterpreter extension that targets Microsoft Dynamics GP, one of the most popular accounting systems in the world.
DevSecOps aims to integrate security practices into DevOps workflows to deliver value faster and safer. It addresses challenges like keeping security practices aligned with continuous delivery models and empowered DevOps teams. DevSecOps incorporates security checks and tools into development pipelines to find and fix issues early. This helps prevent breaches like the 2017 Equifax hack, which exploited a known vulnerability. DevSecOps promotes a culture of collaboration, shared responsibility, and proactive security monitoring throughout the software development lifecycle.
This document provides a summary of core security requirements for cloud computing. It discusses the need to plan for security in cloud environments given issues like multi-tenancy, availability, confidentiality, and integrity. Specific requirements mentioned include secure access and separation of resources for multi-tenancy, assurances around availability, strong identity management, encryption of data at rest and in motion, and checks to ensure data integrity. The document emphasizes the importance of independent audits of cloud providers and having clear expectations around security requirements and notifications of any failures to meet requirements.
Protecting Financial Networks from Cyber CrimeLancope, Inc.
Financial services organizations are prime targets for cyber criminals. They must take extreme care to protect customer data, while also ensuring high levels of network availability to allow for 24/7 access to critical financial information. Additionally, industry consolidation has created large, heterogeneous network environments within large financial institutions, making it difficult to ensure that networks have the necessary visibility and protection to prevent a devastating security breach. By leveraging NetFlow from existing network infrastructure, financial services organizations can achieve comprehensive visibility across even the largest, most complex networks. The ability to quickly detect a wide range of potentially malicious activity helps prevent damaging data breaches and network disruptions. Attend this informational webinar, conducted by Lancope’s Director of Security Research, Tom Cross, to learn: How NetFlow can help quickly uncover both internal and external threats How pervasive network insight can accelerate incident response and forensic investigations How to substantially decrease enterprise risks
Web App Security Presentation by Ryan Holland - 05-31-2017TriNimbus
Web App Security - A presentation by Ryan Holland, Sr. Director, Cloud Architecture at Alert Logic for the Vancouver AWS User Group Meetup on May 31, 2017.
This document provides an overview of an offensive cyber security engineer training program offered by infosectrain.com. The 120-hour instructor-led online program includes training in ethical hacking, penetration testing, cyber security tools and techniques. It aims to provide students with skills in areas like reconnaissance, scanning, vulnerability analysis, exploitation, post-exploitation, and reporting. The program covers topics such as Active Directory penetration testing, password cracking, and privilege escalation. It includes hands-on labs and prepares students for the EC-Council Certified Ethical Hacker certification exam.
The Offensive Cyber Security Certification will upgrade your skills to become a pentester, exploit developer. You will learn multiple offensive approaches to access infrastructure, environment, and information, performing risk analysis and mitigation, compliance, and much more with this program.
The Offensive Cyber Security Certification will upgrade your skills to become a pentester, exploit developer. You will learn multiple offensive approaches to access infrastructure, environment, and information, performing risk analysis and mitigation, compliance, and much more with this program.
https://www.infosectrain.com/courses/offensive-cyber-security-engineer-training/
Similar to 501 ch 7 protecting against advanced attacks (20)
This chapter discusses protecting against advanced attacks by comparing common attacks like denial-of-service, spoofing, and man-in-the-middle attacks. It also summarizes secure coding concepts such as input validation, error handling, and cryptography. Application attacks like cross-site scripting are identified. Finally, it discusses security frameworks and guides.
Security policies outline acceptable usage, personnel responsibilities, and data protection guidelines. They define separation of duties, background checks, data classification, and incident response plans. Implementing security awareness training and regularly reviewing policies helps ensure compliance and mitigate risks from unauthorized access or data loss.
This chapter discusses implementing controls to protect organizational assets. It covers implementing defense in depth with layered security and control diversity. Physical security controls for perimeter protection, access control, and environmental controls are compared. The chapter also discusses adding redundancy and fault tolerance for disks, servers, and power. Methods for protecting data with backups like full, differential and incremental backups are also summarized. Finally, elements of business continuity planning like business impact analysis, recovery time objectives, and types of alternate sites are briefly outlined.
Risk management tools help identify vulnerabilities and reduce risk. Vulnerability scanning identifies weaknesses without exploiting systems, while penetration testing actively tries to exploit vulnerabilities. Logs and security tools provide visibility into network activity and detect threats. Regular reviews of tools and logs are important for ongoing monitoring and risk management.
Threat actors range from script kiddies with little expertise to well-funded nation states. Malware types include viruses, worms, Trojans, ransomware and more. Common attacks are phishing, spear phishing, whaling, and privilege escalation. Organizations block malware using tools like antivirus software, firewalls, spam filters and user education on threats.
This document discusses advanced attacks and secure coding concepts. It compares common attacks like denial-of-service, privilege escalation, and spoofing. It also summarizes secure coding practices such as input validation, error handling, and normalization. Application attacks like SQL injection, cross-site scripting, and cross-site request forgery are identified. Finally, it touches on security frameworks and guides.
This chapter discusses securing operating systems, hosts, and data. It covers implementing least functionality and keeping systems updated to reduce attack surfaces. It also summarizes cloud computing models including IaaS, PaaS, and SaaS and mobile device deployment models. The chapter discusses securing data at rest and in transit through encryption techniques.
This chapter discusses securing networks through the use of intrusion detection and prevention systems, wireless security best practices, and virtual private networks (VPNs) for remote access. It covers topics such as IDS and IPS detection methods, securing wireless networks using encryption and authentication, common wireless attacks, and site-to-site and remote access VPN configurations. Network access control is also examined to inspect client devices and restrict unhealthy systems.
This chapter reviews basic networking concepts like protocols, ports, and network devices. It discusses how switches prevent flooding attacks and use protocols like STP. Routers are covered, including how they route traffic and use ACLs to filter traffic. Firewalls are also summarized, including the differences between stateful and stateless configurations and how firewall rules work. Network segmentation methods like DMZs, proxies, and VLANs are also introduced.
This document discusses identity and access management concepts including authentication factors like something you know, have, or are; authentication services like Kerberos and LDAP; managing user accounts; and access control models like role-based access control and mandatory access control. Authentication verifies a user's identity while authorization determines the resources and actions a user can access based on their proven identity. Proper account management and access controls are important for security.
This chapter discusses core security concepts like the CIA triad of confidentiality, integrity and availability. It introduces risk concepts such as threats, vulnerabilities and risk mitigation. It covers different types of controls including technical, administrative and physical controls. The chapter also discusses virtualization topics such as hypervisors, snapshots and risks. Finally, it demonstrates some basic command line tools for Windows and Linux like ping, ipconfig and ifconfig.
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Full-RAG: A modern architecture for hyper-personalizationZilliz
Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!SOFTTECHHUB
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
3. Proprietary & Confidential
@GoCyberSec | January, 2020
Common Attacks
• Privilege escalation
– Gain additional privileges after initial exploit
• Spoofing
– Impersonating or masquerading as someone or something else
– MAC spoofing
– IP spoofing
– Email spoofing
4. Proprietary & Confidential
@GoCyberSec | January, 2020
Common Attacks
• SYN flood attack
– Common attack against Internet servers
– Disrupts the TCP three-way handshake
– Withholds 3rd packet
6. Proprietary & Confidential
@GoCyberSec | January, 2020
DNS Attacks
• DNS poisoning /spoofing
–Attempt to corrupt DNS data
–Protect against with DNSSEC
• Pharming
–Redirects a web site’s traffic to another web site
• DDoS DNS attacks
–DNS amplification attack
7. Proprietary & Confidential
@GoCyberSec | January, 2020
Amplification Attack
• Smurf
– A ping is normally unicast
– Smurf attack sends the ping out as a broadcast
– Smurf attack spoofs the source IP
– Directed broadcast through an amplifying network
– Disable directed broadcasts on border routers
8. Proprietary & Confidential
@GoCyberSec | January, 2020
Password Attacks
• Brute Force Attacks
–Attempts to guess all possible character combination
• Dictionary Attack
–Uses a dictionary of words and attempts every word in the
dictionary
• Password hashes attack
–Password: IC@nP@$$S3curity+
–Hash 75c8ac11c86ca966b58166187589cc15
9. Proprietary & Confidential
@GoCyberSec | January, 2020
Password Attacks
• Pass the hash
–Attacker discovers the hash
–Attacker uses the hash to
log on
–Older protocols susceptible
• Microsoft LAN Manager
(LM)
• NT LAN Manager (NTLM)
• Use NTMLv2 instead
• Birthday attack
–Birthday paradox
–Hash collision
–Prevent attack with strong
hashing
• Rainbow table attack
–Prevent with salted hashes
10. Proprietary & Confidential
@GoCyberSec | January, 2020
Common Attacks
• Replay
–Replays data in an attempt to impersonate client
–Timestamps and sequence numbers are effective
countermeasures
• Can be
–An application/service attack
–A wireless attack
–A cryptographic attack
11. Proprietary & Confidential
@GoCyberSec | January, 2020
Common Attacks
• Known plaintext
– Attacker has samples of both the plaintext and the ciphertext
• Compare with chosen plaintext
The information contained in this email and any accompanying attachments may contain proprietary
information about the Pay & Park & Pay parking garage.
Nr55tySu3IFIf7f3Cjn540fSs0j0QbshCN0yOAvhN3UKr85uEkvawEPG3lhLIklwBz7hBzhaRZ96KUYIT3
wQbf2cSkWHtN8ZQrQ+ZGJHhe8HkL42CPjHIGc0HW4urJ+NNLnNxqHyRo34azbnXsd3qd3Ce5GE7
blWtY0duwNKy0xqhmDihUJs9nDhXBV4nBkZ6shcmKGEUSyvCr/hOEpAYw==
12. Proprietary & Confidential
@GoCyberSec | January, 2020
Common Attacks
• Typo squatting / URL hijacking
• Attackers purchase similar domain names for various malicious
purposes
• Users visit the typo squatting domain when they enter the URL
incorrectly with a common typo
• Clickjacking
• Tricks users into clicking something different
• Typically uses frames
13. Proprietary & Confidential
@GoCyberSec | January, 2020
Common Attacks
• Session hijacking
- Impersonate the user with the session ID
- Session IDs stored in cookies
• Domain hijacking
- Attacker changes the registration of the domain name
- Typically done by using social engineering techniques to guess
owner’s password
14. Proprietary & Confidential
@GoCyberSec | January, 2020
Common Attacks
• Man-in-the-browser attack
–Type of proxy Trojan horse
–Can capture browser session data
• Driver manipulation
–Shimming
–Refactoring
15. Proprietary & Confidential
@GoCyberSec | January, 2020
Common Attacks
• Zero-day vulnerabilities
–Undocumented and unknown to the public
–Vendor might know about it, but has not yet released a patch to
address it
• Zero day attack
–Attempts to exploit zero-day vulnerabilities
–Also known as zero day- exploit
16. Proprietary & Confidential
@GoCyberSec | January, 2020
Memory Buffer Vulnerabilities
• Memory leak
- App consumes more and more memory
- Can crash operating system
• Integer overflow
- App attempts to use or create numeric value too big for the
available storage
- 8-bit storage
- 95 x 59 = 5,605 (needs at least 13 bits to store)
17. Proprietary & Confidential
@GoCyberSec | January, 2020
Memory Buffer Vulnerabilities
• Buffer overflow and buffer overflow attack
- Occur when an application receives data that it can’t handle
- Exposes system memory
- Often includes NOP instructions (such as x90)
- Can then insert malicious code into memory
- Input validation helps prevent buffer overflow attacks
18. Proprietary & Confidential
@GoCyberSec | January, 2020
Secure Coding Concepts
• Compiled code
• Optimized
• Run as an executable
• Compiler checks the program for errors and
• Runtime code
• Code is evaluated, interpreted, and executed when the code is
run
• HTML is interpreted by web browsers and displayed as web
pages
19. Proprietary & Confidential
@GoCyberSec | January, 2020
Secure Coding Concepts
• Input Validation
• Verifies validity of data before using it
- Verifies proper characters
- Uses boundary and/or range checking
- Blocks HTML code
- Prevents the use of certain characters
• Client-side vs server-side
- Server-side is more secure (many sites use both)
• Input validation prevents
- Buffer overflow, SQL injection, command injection, and
cross-site scripting attacks
20. Proprietary & Confidential
@GoCyberSec | January, 2020
Secure Coding Concepts
• Avoid race conditions
- Occur when two modules attempt to access the same resource
- First module to complete the process wins
- Database locks prevent race conditions
• Error and Exception Handling
- Catch errors and provides feedback
• Prevent improper input from crashing an application providing
information to attackers
• Errors to users should be general
• Logged information should be detailed
21. Proprietary & Confidential
@GoCyberSec | January, 2020
Secure Coding Concepts
• Code reuse
- Avoid dead code
• Software development codes (SDKs)
- Provide software tools easy to reuse
• Code obfuscation
- Camouflage code
22. Proprietary & Confidential
@GoCyberSec | January, 2020
Code Quality and Testing
• Static code analyzers
• Dynamic analysis
• Stress testing
• Sandboxing
• Model verification
• Fuzzing
• Sends random strings of data to applications looking for
vulnerabilities
• Attackers use to detect strings of data that can be used in an attack
• Administrators use fuzz testing to test applications
23. Proprietary & Confidential
@GoCyberSec | January, 2020
SDLC Models
Software development life cycle
(SDLC) models
• Waterfall
–Multiple stages going from top to
bottom
–Strict
• Agile
–Starts with set of principles
–Uses iterative cycles with
incremental changes
–Flexible
25. Proprietary & Confidential
@GoCyberSec | January, 2020
Secure Coding Concepts
• Change management
– Ensures developers do not make unauthorized changes
– Provides accounting structure
• Version control
– Tracks software versions
– Identifies who made the change and when
• Provisioning (an application)
– Preparing to deploy it
– Configuring for different applications
• Deprovisioning (an application)
– Removing it completely
28. Proprietary & Confidential
@GoCyberSec | January, 2020
Database concepts
• Tables
–Rows (also called records or tuples)
–Columns (also called attributes)
–Cells hold individual values (such as “Lisa”)
29. Proprietary & Confidential
@GoCyberSec | January, 2020
Database concepts
Normalization
• Organizing tables and columns to reduce redundant data and
improve performance
• First normal form (1NF)
• Second normal form (2NF)
• Third normal form (3NF)
31. Proprietary & Confidential
@GoCyberSec | January, 2020
SQL Queries
SELECT * FROM Customers WHERE name = 'Homer Simpson‘
Using SQL Injection
SELECT * FROM Customers WHERE name = ' ' or '1'='1' --'
Result
SELECT * FROM Customers WHERE name = ' '
SELECT * FROM Customers WHERE '1'='1'
32. Proprietary & Confidential
@GoCyberSec | January, 2020
SQL Injection Attack
• Used on unprotected web pages to access backend databases
• Often use the phrase ' or '1'='1 '
• Tricks database into providing information
• Best protection
–Input validation & stored procedures
• XML injection (similar to SQL injection)
33. Proprietary & Confidential
@GoCyberSec | January, 2020
Application Attacks
Other injection attacks
• Command injection attack
–Attempts to run operating system commands from within an
application
• Cross-site scripting (XSS)
–Attackers embed malicious HTML or JavaScript code
–Can be in web site or links in email
–Prevented with server-side input validation
–OWASP recommends use of library
34. Proprietary & Confidential
@GoCyberSec | January, 2020
Application Attacks
• Cross-site request forgery (XSRF)
–Causes users to perform actions on websites without their
knowledge
–Attackers can use to steal cookies and harvest passwords
–XSRF tokens successfully block this attack
35. Proprietary & Confidential
@GoCyberSec | January, 2020
Frameworks and Guides
• Frameworks
–Regulatory
–Non-regulatory
–National versus international
–Industry-specific
• Guides
–Vendor-specific
–Platform-specific
–Role- or goal-specific
A SYN flood is a form of denial-of-service attack in which an attacker sends a succession of SYN requests to a target's system in an attempt to consume enough server resources to make the system unresponsive to legitimate traffic.
Essentially, with SYN flood DDoS, the offender sends TCP connection requests faster than the targeted machine can process them, causing network saturation.
In a SYN flood attack, the attacker sends repeated SYN packets to every port on the targeted server, often using a fake IP address. The server, unaware of the attack, receives multiple, apparently legitimate requests to establish communication. It responds to each attempt with a SYN-ACK packet from each open port.
Address Resolution Protocol (ARP) poisoning is when an attacker sends falsified ARP messages over a local area network (LAN) to link an attacker’s MAC address with the IP address of a legitimate computer or server on the network.
Once the attacker’s MAC address is linked to an authentic IP address, the attacker can receive any messages directed to the legitimate MAC address
DNS cache poisoning, also known as DNS spoofing, is a type of attack that exploits vulnerabilities in the domain name system (DNS) to divert Internet traffic away from legitimate servers and towards fake ones.
The Internet doesn’t just have a single DNS server, as that would be extremely inefficient. Your Internet service provider runs its own DNS servers, which cache information from other DNS servers. Your home router functions as a DNS server, which caches information from your ISP’s DNS servers.
A DNS cache can become poisoned if it contains an incorrect entry. For example, if an attacker gets control of a DNS server and changes some of the information on it — for example, they could say that google.com actually points to an IP address the attacker owns — that DNS server would tell its users to look for Google.com at the wrong address. The attacker’s address could contain some sort of malicious phishing website
Pharming is a cyber attack intended to redirect a website's traffic to another, fake site.
DNS amplification attack. DNS amplification is a Distributed Denial of Service (DDoS) attack in which the attacker exploits vulnerabilities in domain name system (DNS) servers to turn initially small queries into much larger payloads, which are used to bring down the victim's servers.
A Smurf attack scenario can be broken down as follows:
Smurf malware is used to generate a fake Echo request containing a spoofed source IP, which is actually the target server address.
The request is sent to an intermediate IP broadcast network.
The request is transmitted to all of the network hosts on the network.
Each host sends an ICMP response to the spoofed source address.
With enough ICMP responses forwarded, the target server is brought down.
Microsoft LAN Manager (LM)
NT (New Technology) LAN Manager (NTLM)
Use NTMLv2 instead
A birthday attack is a name used to refer to a class of brute-force attacks. It gets its name from the surprising result that the probability that two or more people in a group of 23 share the same birthday is greater than 1/2; such a result is called a birthday paradox.
Birthday attacks are often used to find collisions of hash functions. Hash collision occurs when the hashing algorithm creates same hash from different passwords.
A rainbow table attack is a type of hacking wherein the perpetrator tries to use a rainbow hash table to crack the passwords stored in a database system. A rainbow table is a hash function used in cryptography for storing important data such as passwords in a database
During replay attacks the intruder sends to the victim the same message as was already used in the victim's communication. The message is correctly encrypted, so its receiver may treat is as a correct request and take actions desired by the intruder.
The attacker might either have eavesdropped a message between two sides before or he may know the message format from his previous communication with one of the sides. This message may contain some kind of the secret key and be used for authentication
Clickjacking is an attack that tricks a user into clicking a webpage element which is invisible or disguised as another element.
Man-in-the-browser is a form of man-in-the-middle attack where an attacker is able to insert himself into the communications channel between two trusting parties by compromising a Web browser used by one of the parties, for the purpose of eavesdropping, data theft and/or session tampering.
Device drivers allow an operating system such as Windows to talk to hardware devices such as printers, keyboard, mouse.
Sophisticated attackers may dive deep into device drivers and manipulate them so that they undermine the security on your computer. They could also take control of the audio and video of the computer, stop your anti-virus software from running, or your data could be exposed to someone else.
Shimming: A shim is a small library that is created to intercept API (Application Program Interface) calls transparently and do one of three things: handle the operation itself; change the arguments passed; or redirect the request elsewhere.
Refactoring: A set of techniques used to identify the flow and then modify the internal structure of code without changing the code’s visible behavior
A memory leak is the gradual loss of available computer memory when a program (an application or part of the operating system) repeatedly fails to return memory that it has obtained for temporary use
An Integer Overflow is the condition that occurs when the result of an arithmetic operation, such as multiplication or addition, exceeds the maximum size of the integer type used to store it.
A buffer overflow occurs when a program or process attempts to write more data to a fixed length block of memory,.
Compiled code are converted directly into machine code that the processor can execute. As a result, they tend to be faster and more efficient to execute than interpreted languages. They also give the developer more control over hardware aspects, like memory management and CPU usage
Examples of pure compiled languages are C, C++, Erlang, Haskell, Rust, and Go
Compiled code is the output of a compiler.
Run-time code: Interpreters will run through a program line by line and execute each command.
Interpreted languages were once known to be significantly slower than compiled languages
Examples of common interpreted languages are HMTL, PHP, Ruby, Python, and JavaScript.
Static code analysis is a method of debugging by examining source code before a program is run. It’s done by analyzing a set of code against a set (or multiple sets) of coding rules.
Dynamic analysis identifies defects after you run a program (e.g., during unit testing). However, some coding errors might not surface during unit testing. So, there are defects that dynamic testing might miss that static code analysis can find.
Both types of analysis detect defects. The big difference is where they find defects in the development lifecycle.
Static code checking addresses problems early on and it pinpoints exactly where the error is in the code.
STRESS TESTING is a type of Software Testing that verifies the stability & reliability of the system. This test mainly measures the system on its robustness and error handling capabilities under extremely heavy load conditions
Sandboxing: Application sandboxing, also called application containerization, is an approach to software development and mobile application management (MAM) that limits the environments in which certain code can execute. The goal of sandboxing is to improve security by isolating an application to prevent outside malware, intruders, system resources or other applications from interacting with the protected app
model verification
The process of demonstrating that a model works as intended is referred to in simulation literature as model verification. It is much easier to debug a model built in stages and with minimal detail than to debug a large and complex model.
Waterfall approach is a sequential model where the output of each phase acts as the input for the following phase, allowing the process to move downstream (like a waterfall).
Agile approach to software development covers an array of SDLC styles, but the overarching theme is the same, this category is more adaptable and gives developers time to work while requirements are changing.
Waterfall
Pros:
Easy to Understand
Provides Structure
Milestones are well understood
Requirements stability
Easy time management
Cons:
All requirements must be known from start
Low level of flexibility
Provides little transparency for end-users
Agile
Pros:
Flexibility to make changes to requirements
Testing is integrated from start to finish
Increased speed to market
Improved Risk Management
Cons:
Projects can run longer than anticipated
Requires high level commitment of time and energy from developers