SlideShare a Scribd company logo

ARM 7: ThaiCERT Operations and Priorities

APNIC
APNIC

ThaiCERT provides cybersecurity services and operations to reduce cyber threats in Thailand. Its priorities include malware analysis, digital forensics, threat analysis, and incident response. In 2014 it handled over 4,000 incidents, conducted security training and certification programs, hosted cybersecurity competitions, and coordinated responses to vulnerabilities and threats.

1 of 15
Download to read offline
1 ThaiCERT – Operations and Priorities
Malware Lab & Digital Forensics Center Threat Analysis Team Incident Response Team Capacity Building and Compliance Team List of Common CSIRT Services, Handbook for Computer Security Incident Response Teams (CSIRTs), SEI, CMU Proprietary and Confidential National CERT Mission - Maintain a national point of contact for computer security threats and reduce the number of security incidents perpetrated from or targeted at systems in that country. ThaiCERT Services
ISPs 1. Gather raw incident reports Threat Watch System 2. Normalize, lookup, categorize, etc. 3. Generate a normalized report Raw Normalized 4. Distribute the sanitized report to the ISPs via web portal Web Defacement Blogs CERT/CSIRT Partners Proprietary and Confidential ThaiCERT ThreatWatch System
Incident Statistics 2014 Proprietary and Confidential 2,016 incidents (50.3%) were discovered by ThaiCERT ThreatWatch System Top requestors by country Report by Incident Type ThaiCERT handled 4,008 incidents. - Malicious code 1,735 (43.3%) - Fraud (Phishing) 1,010 (25.2%) - Intrusion 711 (17.7%) 12%14.6% 50.3% United States ThaiCERT Germany
Web Defacement Statistics in ASEAN 2014 0 500 1,000 1,500 2,000 2,500 3,000 3,500 Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Brunei Cambodia Indonesia Laos Malaysia Myanmar Philippines Singapore Thailand Vietnam Data collected from public defacement databases by ThaiCERT ThreatWatch SystemNote: Proprietary and Confidential
Alert & Coordination (since ’12) Public and Private Sectors/ CERT/CSIRT Partners Ticketing and Analysis (’12-’15) Monitoring and Detection (’13’15) Threat Threat Alert Thailand Internet Community Public / Private Sectors Regulator Law enforcements (’13-’14) Internet Malware & Vulnerability Scanner (’15) Cyber Threat Detection for Government Agencies Protection Protection (’15) (’15) Web and DDoS Firewall for Government Agencies Traffic Flows Data Center Legitimate web traffics Known Malicious & DDoS Traffics Legitimate web traffics Threat Detection info ThaiCERT Government Monitoring System (GMS) Monitoring and Analysis Proprietary and Confidential
Proprietary and Confidential Information Security Expert Certification Level Test Score Certificates Work experience Advanced Greater than 80% iSEC-M3 or iSEC-T3 At least 5 years High Greater than 70% SEC-M2 or iSEC-T2 At least 3 years Basic Greater than 60% SEC-M1 or iSEC-T1 At least 1 year Capacity Building Activities – Local Certification 72 certificate holders
Technical Security Security Management 8 Capacity Building Activities - Training Mobile Forensics About 200 security practitioners from both public and private sectors were trained by ThaiCERT. Proprietary and Confidential
Proprietary and Confidential Malware Analysis Objectives: • Practice incident handling coordination between the banks, ISPs and ThaiCERT • Assess advanced technical skills such as malware analysis ThaiCERT Incident Drill for Fin sector & ISPs “To enhance the communication and participating teams’ incident response capabilities and cooperation between teams”
Proprietary and Confidential Malware Analysis Competition 2014 (MAC2014) “To raise interest of IT security for university students in Thailand and development of in- demand skill of malware analysis”• Organized by ThaiCERT and JPCERT/CC • Participation of 13 Teams from 9 universities in Bangkok • 3 Days of Training + Final Day for competition • For competition, team need to analyze behavior of malware and present the result skillfully in order to win the prize (a trip to join APCERT AGM 2015)
11 • January 2014, D-Link Rom-0 vulnerability • April 2014, Heartbleed • May 2014, 0-day IE 6- IE 11 • August 2014, Android Trojan (SMS) • September 2014, 0-days • September 2014, ShellShock • October 2014, Poodle Press Conference/ Release Proprietary and Confidential
Proprietary and Confidential Publication
URL: kasikornbankgroup.ru First Found: 6/3/58 Host on Latvia Case study: Phishing without e-mail Feb 25 : Registered Phishing Domain Mar 6 : First found of Phishing site Proprietary and Confidential Phishing on Adsense
ThaiCERT/ETDA’s new home Proprietary and Confidential
15 +66-2-123-1212 Report Incident: report@thaicert.or.th (KeyID: 0xF2CB3EE1) General Inquiry: office@thaicert.or.th (KeyID: 0x52D48426)

Recommended

Incident Handler Certification
Incident Handler CertificationIncident Handler Certification
Incident Handler Certification
SagarNegi10
 
Certified SOC Analyst
Certified SOC AnalystCertified SOC Analyst
Certified SOC Analyst
SagarNegi10
 
Learn intrusion detection: Using Zeek and Elastic for incident response
Learn intrusion detection: Using Zeek and Elastic for incident responseLearn intrusion detection: Using Zeek and Elastic for incident response
Learn intrusion detection: Using Zeek and Elastic for incident response
Infosec
 
Cyber Incident Response Triage - CPX 360 Presentation
Cyber Incident Response Triage - CPX 360 PresentationCyber Incident Response Triage - CPX 360 Presentation
Cyber Incident Response Triage - CPX 360 Presentation
Infocyte
 
Edgescan vulnerability stats report 2019 - h-isac-2-2-2019
Edgescan vulnerability stats report 2019 - h-isac-2-2-2019Edgescan vulnerability stats report 2019 - h-isac-2-2-2019
Edgescan vulnerability stats report 2019 - h-isac-2-2-2019
Eoin Keary
 
5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management Program5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management Program
Tripwire
 
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Edureka!
 
Persistence is Key: Advanced Persistent Threats
Persistence is Key: Advanced Persistent ThreatsPersistence is Key: Advanced Persistent Threats
Persistence is Key: Advanced Persistent Threats
Sameer Thadani
 

Recommended

Incident Handler Certification
Incident Handler CertificationIncident Handler Certification
Incident Handler Certification
SagarNegi10
 
Certified SOC Analyst
Certified SOC AnalystCertified SOC Analyst
Certified SOC Analyst
SagarNegi10
 
Learn intrusion detection: Using Zeek and Elastic for incident response
Learn intrusion detection: Using Zeek and Elastic for incident responseLearn intrusion detection: Using Zeek and Elastic for incident response
Learn intrusion detection: Using Zeek and Elastic for incident response
Infosec
 
Cyber Incident Response Triage - CPX 360 Presentation
Cyber Incident Response Triage - CPX 360 PresentationCyber Incident Response Triage - CPX 360 Presentation
Cyber Incident Response Triage - CPX 360 Presentation
Infocyte
 
Edgescan vulnerability stats report 2019 - h-isac-2-2-2019
Edgescan vulnerability stats report 2019 - h-isac-2-2-2019Edgescan vulnerability stats report 2019 - h-isac-2-2-2019
Edgescan vulnerability stats report 2019 - h-isac-2-2-2019
Eoin Keary
 
5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management Program5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management Program
Tripwire
 
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Edureka!
 
Persistence is Key: Advanced Persistent Threats
Persistence is Key: Advanced Persistent ThreatsPersistence is Key: Advanced Persistent Threats
Persistence is Key: Advanced Persistent Threats
Sameer Thadani
 
Cybersecurity Incident Response Readiness: How to Find and Respond to Attacke...
Cybersecurity Incident Response Readiness: How to Find and Respond to Attacke...Cybersecurity Incident Response Readiness: How to Find and Respond to Attacke...
Cybersecurity Incident Response Readiness: How to Find and Respond to Attacke...
Infocyte
 
IBM ridefinisce la strategia e l'approccio verso gli Avanced Persistent Threa...
IBM ridefinisce la strategia e l'approccio verso gli Avanced Persistent Threa...IBM ridefinisce la strategia e l'approccio verso gli Avanced Persistent Threa...
IBM ridefinisce la strategia e l'approccio verso gli Avanced Persistent Threa...
Luigi Delgrosso
 
The Security Vulnerability Assessment Process & Best Practices
The Security Vulnerability Assessment Process & Best PracticesThe Security Vulnerability Assessment Process & Best Practices
The Security Vulnerability Assessment Process & Best Practices
Kellep Charles
 
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskThe Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
BeyondTrust
 
Advanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementAdvanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security Management
Mayur Nanotkar
 
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local GovernmentTIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
Infocyte
 
Comptia security sy0 601 domain 4 operation and incident response
Comptia security sy0 601 domain 4 operation and incident responseComptia security sy0 601 domain 4 operation and incident response
Comptia security sy0 601 domain 4 operation and incident response
ShivamSharma909
 
A Brief Introduction to Penetration Testing
A Brief Introduction to Penetration TestingA Brief Introduction to Penetration Testing
A Brief Introduction to Penetration Testing
EC-Council
 
Classification of vulnerabilities
Classification of vulnerabilitiesClassification of vulnerabilities
Classification of vulnerabilities
Mayur Mehta
 
Networking and penetration testing
Networking and penetration testingNetworking and penetration testing
Networking and penetration testing
Mohit Belwal
 
PenTest+: Everything you need to know about CompTIA’s new certification
PenTest+: Everything you need to know about CompTIA’s new certificationPenTest+: Everything you need to know about CompTIA’s new certification
PenTest+: Everything you need to know about CompTIA’s new certification
Infosec
 
Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics
Mohammed Adam
 
The Critical Security Controls and the StealthWatch System
The Critical Security Controls and the StealthWatch SystemThe Critical Security Controls and the StealthWatch System
The Critical Security Controls and the StealthWatch System
Lancope, Inc.
 
Threat Hunting 101: Intro to Threat Detection and Incident Response
Threat Hunting 101: Intro to Threat Detection and Incident ResponseThreat Hunting 101: Intro to Threat Detection and Incident Response
Threat Hunting 101: Intro to Threat Detection and Incident Response
Infocyte
 
Automating cybersecurity
Automating cybersecurityAutomating cybersecurity
Automating cybersecurity
Singtel
 
Journey to the Center of Security Operations
Journey to the Center of Security OperationsJourney to the Center of Security Operations
Journey to the Center of Security Operations
♟Sergej Epp
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber security
SumanPramanik7
 
VAPT, Ethical Hacking and Laws in India by prashant mali
VAPT, Ethical Hacking and Laws in India by prashant maliVAPT, Ethical Hacking and Laws in India by prashant mali
VAPT, Ethical Hacking and Laws in India by prashant mali
Adv. Prashant Mali ♛ [Bsc(Phy),MSc(Comp Sci), CCFP,CISSA,LLM]
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical Hacking
S.E. CTS CERT-GOV-MD
 
Intelligence Driven Threat Detection and Response
Intelligence Driven Threat Detection and ResponseIntelligence Driven Threat Detection and Response
Intelligence Driven Threat Detection and Response
EMC
 
Operazioni mirate e malware di Stato nell'era della guerra cibernetica e del ...
Operazioni mirate e malware di Stato nell'era della guerra cibernetica e del ...Operazioni mirate e malware di Stato nell'era della guerra cibernetica e del ...
Operazioni mirate e malware di Stato nell'era della guerra cibernetica e del ...
Gianni Amato
 
Web Defacement Web Defacement The Graffiti Parallels - Root.Dark.Team & Anony...
Web Defacement Web Defacement The Graffiti Parallels - Root.Dark.Team & Anony...Web Defacement Web Defacement The Graffiti Parallels - Root.Dark.Team & Anony...
Web Defacement Web Defacement The Graffiti Parallels - Root.Dark.Team & Anony...
Joey Hernandez
 

More Related Content

What's hot

Cybersecurity Incident Response Readiness: How to Find and Respond to Attacke...
Cybersecurity Incident Response Readiness: How to Find and Respond to Attacke...Cybersecurity Incident Response Readiness: How to Find and Respond to Attacke...
Cybersecurity Incident Response Readiness: How to Find and Respond to Attacke...
Infocyte
 
IBM ridefinisce la strategia e l'approccio verso gli Avanced Persistent Threa...
IBM ridefinisce la strategia e l'approccio verso gli Avanced Persistent Threa...IBM ridefinisce la strategia e l'approccio verso gli Avanced Persistent Threa...
IBM ridefinisce la strategia e l'approccio verso gli Avanced Persistent Threa...
Luigi Delgrosso
 
The Security Vulnerability Assessment Process & Best Practices
The Security Vulnerability Assessment Process & Best PracticesThe Security Vulnerability Assessment Process & Best Practices
The Security Vulnerability Assessment Process & Best Practices
Kellep Charles
 
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskThe Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
BeyondTrust
 
Advanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementAdvanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security Management
Mayur Nanotkar
 
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local GovernmentTIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
Infocyte
 
Comptia security sy0 601 domain 4 operation and incident response
Comptia security sy0 601 domain 4 operation and incident responseComptia security sy0 601 domain 4 operation and incident response
Comptia security sy0 601 domain 4 operation and incident response
ShivamSharma909
 
A Brief Introduction to Penetration Testing
A Brief Introduction to Penetration TestingA Brief Introduction to Penetration Testing
A Brief Introduction to Penetration Testing
EC-Council
 
Classification of vulnerabilities
Classification of vulnerabilitiesClassification of vulnerabilities
Classification of vulnerabilities
Mayur Mehta
 
Networking and penetration testing
Networking and penetration testingNetworking and penetration testing
Networking and penetration testing
Mohit Belwal
 
PenTest+: Everything you need to know about CompTIA’s new certification
PenTest+: Everything you need to know about CompTIA’s new certificationPenTest+: Everything you need to know about CompTIA’s new certification
PenTest+: Everything you need to know about CompTIA’s new certification
Infosec
 
Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics
Mohammed Adam
 
The Critical Security Controls and the StealthWatch System
The Critical Security Controls and the StealthWatch SystemThe Critical Security Controls and the StealthWatch System
The Critical Security Controls and the StealthWatch System
Lancope, Inc.
 
Threat Hunting 101: Intro to Threat Detection and Incident Response
Threat Hunting 101: Intro to Threat Detection and Incident ResponseThreat Hunting 101: Intro to Threat Detection and Incident Response
Threat Hunting 101: Intro to Threat Detection and Incident Response
Infocyte
 
Automating cybersecurity
Automating cybersecurityAutomating cybersecurity
Automating cybersecurity
Singtel
 
Journey to the Center of Security Operations
Journey to the Center of Security OperationsJourney to the Center of Security Operations
Journey to the Center of Security Operations
♟Sergej Epp
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber security
SumanPramanik7
 
VAPT, Ethical Hacking and Laws in India by prashant mali
VAPT, Ethical Hacking and Laws in India by prashant maliVAPT, Ethical Hacking and Laws in India by prashant mali
VAPT, Ethical Hacking and Laws in India by prashant mali
Adv. Prashant Mali ♛ [Bsc(Phy),MSc(Comp Sci), CCFP,CISSA,LLM]
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical Hacking
S.E. CTS CERT-GOV-MD
 
Intelligence Driven Threat Detection and Response
Intelligence Driven Threat Detection and ResponseIntelligence Driven Threat Detection and Response
Intelligence Driven Threat Detection and Response
EMC
 

What's hot (20)

Cybersecurity Incident Response Readiness: How to Find and Respond to Attacke...
Cybersecurity Incident Response Readiness: How to Find and Respond to Attacke...Cybersecurity Incident Response Readiness: How to Find and Respond to Attacke...
Cybersecurity Incident Response Readiness: How to Find and Respond to Attacke...
 
IBM ridefinisce la strategia e l'approccio verso gli Avanced Persistent Threa...
IBM ridefinisce la strategia e l'approccio verso gli Avanced Persistent Threa...IBM ridefinisce la strategia e l'approccio verso gli Avanced Persistent Threa...
IBM ridefinisce la strategia e l'approccio verso gli Avanced Persistent Threa...
 
The Security Vulnerability Assessment Process & Best Practices
The Security Vulnerability Assessment Process & Best PracticesThe Security Vulnerability Assessment Process & Best Practices
The Security Vulnerability Assessment Process & Best Practices
 
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskThe Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
 
Advanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementAdvanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security Management
 
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local GovernmentTIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
 
Comptia security sy0 601 domain 4 operation and incident response
Comptia security sy0 601 domain 4 operation and incident responseComptia security sy0 601 domain 4 operation and incident response
Comptia security sy0 601 domain 4 operation and incident response
 
A Brief Introduction to Penetration Testing
A Brief Introduction to Penetration TestingA Brief Introduction to Penetration Testing
A Brief Introduction to Penetration Testing
 
Classification of vulnerabilities
Classification of vulnerabilitiesClassification of vulnerabilities
Classification of vulnerabilities
 
Networking and penetration testing
Networking and penetration testingNetworking and penetration testing
Networking and penetration testing
 
PenTest+: Everything you need to know about CompTIA’s new certification
PenTest+: Everything you need to know about CompTIA’s new certificationPenTest+: Everything you need to know about CompTIA’s new certification
PenTest+: Everything you need to know about CompTIA’s new certification
 
Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics
 
The Critical Security Controls and the StealthWatch System
The Critical Security Controls and the StealthWatch SystemThe Critical Security Controls and the StealthWatch System
The Critical Security Controls and the StealthWatch System
 
Threat Hunting 101: Intro to Threat Detection and Incident Response
Threat Hunting 101: Intro to Threat Detection and Incident ResponseThreat Hunting 101: Intro to Threat Detection and Incident Response
Threat Hunting 101: Intro to Threat Detection and Incident Response
 
Automating cybersecurity
Automating cybersecurityAutomating cybersecurity
Automating cybersecurity
 
Journey to the Center of Security Operations
Journey to the Center of Security OperationsJourney to the Center of Security Operations
Journey to the Center of Security Operations
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber security
 
VAPT, Ethical Hacking and Laws in India by prashant mali
VAPT, Ethical Hacking and Laws in India by prashant maliVAPT, Ethical Hacking and Laws in India by prashant mali
VAPT, Ethical Hacking and Laws in India by prashant mali
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical Hacking
 
Intelligence Driven Threat Detection and Response
Intelligence Driven Threat Detection and ResponseIntelligence Driven Threat Detection and Response
Intelligence Driven Threat Detection and Response
 

Viewers also liked

Operazioni mirate e malware di Stato nell'era della guerra cibernetica e del ...
Operazioni mirate e malware di Stato nell'era della guerra cibernetica e del ...Operazioni mirate e malware di Stato nell'era della guerra cibernetica e del ...
Operazioni mirate e malware di Stato nell'era della guerra cibernetica e del ...
Gianni Amato
 
Web Defacement Web Defacement The Graffiti Parallels - Root.Dark.Team & Anony...
Web Defacement Web Defacement The Graffiti Parallels - Root.Dark.Team & Anony...Web Defacement Web Defacement The Graffiti Parallels - Root.Dark.Team & Anony...
Web Defacement Web Defacement The Graffiti Parallels - Root.Dark.Team & Anony...
Joey Hernandez
 
Web 2.0 e dintorni
Web 2.0 e dintorniWeb 2.0 e dintorni
Web 2.0 e dintorni
Gianni Amato
 
Linuxday 2013-amato
Linuxday 2013-amatoLinuxday 2013-amato
Linuxday 2013-amatoGianni Amato
 
Amato HackInBo 2013
Amato HackInBo 2013Amato HackInBo 2013
Amato HackInBo 2013
Gianni Amato
 
Linuxday 2014 Amato - Shellshock
Linuxday 2014 Amato - ShellshockLinuxday 2014 Amato - Shellshock
Linuxday 2014 Amato - Shellshock
Gianni Amato
 
Firma Digitale
Firma DigitaleFirma Digitale
Firma Digitale
Gianni Amato
 
Hashbot.com - Acquisizione e Validazione
Hashbot.com - Acquisizione e ValidazioneHashbot.com - Acquisizione e Validazione
Hashbot.com - Acquisizione e ValidazioneGianni Amato
 
Network forensics: un approccio laterale
Network forensics: un approccio lateraleNetwork forensics: un approccio laterale
Network forensics: un approccio lateraleDavide Paltrinieri
 
Introduction to Memory Analysis
Introduction to Memory AnalysisIntroduction to Memory Analysis
Introduction to Memory Analysis
Emil Tan
 
Il Ransomware nelle Aziende - Eset Security Days 2016
Il Ransomware nelle Aziende - Eset Security Days 2016Il Ransomware nelle Aziende - Eset Security Days 2016
Il Ransomware nelle Aziende - Eset Security Days 2016
Gianni Amato
 
Crimini Informatici 2012
Crimini Informatici 2012Crimini Informatici 2012
Crimini Informatici 2012Gianni Amato
 
Botnet e nuove forme di malware
Botnet e nuove forme di malwareBotnet e nuove forme di malware
Botnet e nuove forme di malware
Gianni Amato
 
Reati Informatici e Investigazioni Digitali
Reati Informatici e Investigazioni DigitaliReati Informatici e Investigazioni Digitali
Reati Informatici e Investigazioni Digitali
Gianni Amato
 
Risk Analysis Of Banking Malware Attacks
Risk Analysis Of Banking Malware AttacksRisk Analysis Of Banking Malware Attacks
Risk Analysis Of Banking Malware Attacks
Marco Morana
 
CNIT 126 Ch 0: Malware Analysis Primer & 1: Basic Static Techniques
CNIT 126 Ch 0: Malware Analysis Primer & 1: Basic Static TechniquesCNIT 126 Ch 0: Malware Analysis Primer & 1: Basic Static Techniques
CNIT 126 Ch 0: Malware Analysis Primer & 1: Basic Static Techniques
Sam Bowne
 
ATM Malware: Understanding the threat
ATM Malware: Understanding the threat ATM Malware: Understanding the threat
ATM Malware: Understanding the threat
Cysinfo Cyber Security Community
 
Introduction to Malware Analysis
Introduction to Malware AnalysisIntroduction to Malware Analysis
Introduction to Malware Analysis
Andrew McNicol
 
Malware
MalwareMalware
Malware
Tuhin_Das
 

Viewers also liked (20)

Operazioni mirate e malware di Stato nell'era della guerra cibernetica e del ...
Operazioni mirate e malware di Stato nell'era della guerra cibernetica e del ...Operazioni mirate e malware di Stato nell'era della guerra cibernetica e del ...
Operazioni mirate e malware di Stato nell'era della guerra cibernetica e del ...
 
Web Defacement Web Defacement The Graffiti Parallels - Root.Dark.Team & Anony...
Web Defacement Web Defacement The Graffiti Parallels - Root.Dark.Team & Anony...Web Defacement Web Defacement The Graffiti Parallels - Root.Dark.Team & Anony...
Web Defacement Web Defacement The Graffiti Parallels - Root.Dark.Team & Anony...
 
Web 2.0 e dintorni
Web 2.0 e dintorniWeb 2.0 e dintorni
Web 2.0 e dintorni
 
Linuxday 2013-amato
Linuxday 2013-amatoLinuxday 2013-amato
Linuxday 2013-amato
 
Amato HackInBo 2013
Amato HackInBo 2013Amato HackInBo 2013
Amato HackInBo 2013
 
Linuxday 2014 Amato - Shellshock
Linuxday 2014 Amato - ShellshockLinuxday 2014 Amato - Shellshock
Linuxday 2014 Amato - Shellshock
 
Firma Digitale
Firma DigitaleFirma Digitale
Firma Digitale
 
Hashbot.com - Acquisizione e Validazione
Hashbot.com - Acquisizione e ValidazioneHashbot.com - Acquisizione e Validazione
Hashbot.com - Acquisizione e Validazione
 
Network forensics: un approccio laterale
Network forensics: un approccio lateraleNetwork forensics: un approccio laterale
Network forensics: un approccio laterale
 
Introduction to Memory Analysis
Introduction to Memory AnalysisIntroduction to Memory Analysis
Introduction to Memory Analysis
 
Il Ransomware nelle Aziende - Eset Security Days 2016
Il Ransomware nelle Aziende - Eset Security Days 2016Il Ransomware nelle Aziende - Eset Security Days 2016
Il Ransomware nelle Aziende - Eset Security Days 2016
 
Crimini Informatici 2012
Crimini Informatici 2012Crimini Informatici 2012
Crimini Informatici 2012
 
Botnet e nuove forme di malware
Botnet e nuove forme di malwareBotnet e nuove forme di malware
Botnet e nuove forme di malware
 
Reati Informatici e Investigazioni Digitali
Reati Informatici e Investigazioni DigitaliReati Informatici e Investigazioni Digitali
Reati Informatici e Investigazioni Digitali
 
ATP
ATPATP
ATP
 
Risk Analysis Of Banking Malware Attacks
Risk Analysis Of Banking Malware AttacksRisk Analysis Of Banking Malware Attacks
Risk Analysis Of Banking Malware Attacks
 
CNIT 126 Ch 0: Malware Analysis Primer & 1: Basic Static Techniques
CNIT 126 Ch 0: Malware Analysis Primer & 1: Basic Static TechniquesCNIT 126 Ch 0: Malware Analysis Primer & 1: Basic Static Techniques
CNIT 126 Ch 0: Malware Analysis Primer & 1: Basic Static Techniques
 
ATM Malware: Understanding the threat
ATM Malware: Understanding the threat ATM Malware: Understanding the threat
ATM Malware: Understanding the threat
 
Introduction to Malware Analysis
Introduction to Malware AnalysisIntroduction to Malware Analysis
Introduction to Malware Analysis
 
Malware
MalwareMalware
Malware
 

Similar to ARM 7: ThaiCERT Operations and Priorities

Managed Security Operations Centre Alternative - Managed Security Service
Managed Security Operations Centre Alternative - Managed Security Service Managed Security Operations Centre Alternative - Managed Security Service
Managed Security Operations Centre Alternative - Managed Security Service
Netpluz Asia Pte Ltd
 
Managing security threats in today’s enterprise
Managing security threats in today’s enterpriseManaging security threats in today’s enterprise
Managing security threats in today’s enterprise
Quick Heal Technologies Ltd.
 
Ctia course outline
Ctia course outlineCtia course outline
Ctia course outline
ShivamSharma909
 
Cyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat LandscapeCyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat Landscape
Aaron White
 
Updated Senior Cyber Intel security analyst
Updated Senior Cyber Intel security analystUpdated Senior Cyber Intel security analyst
Updated Senior Cyber Intel security analystTiffany Doby
 
C4I cyber secuirty by Eric Eifert - Keynote 9.pptx
C4I cyber secuirty by Eric Eifert - Keynote 9.pptxC4I cyber secuirty by Eric Eifert - Keynote 9.pptx
C4I cyber secuirty by Eric Eifert - Keynote 9.pptx
bakhtinasiriav
 
Cyber risks in supply chains
Cyber risks in supply chains Cyber risks in supply chains
Cyber risks in supply chains
Aparajita Banerjee
 
The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)
PECB
 
1 - HKT Reporting.pdf
1 - HKT Reporting.pdf1 - HKT Reporting.pdf
1 - HKT Reporting.pdf
eLearning Consortium 電子學習聯盟
 
Ethicalhackingalicencetohack 120223062548-phpapp01
Ethicalhackingalicencetohack 120223062548-phpapp01Ethicalhackingalicencetohack 120223062548-phpapp01
Ethicalhackingalicencetohack 120223062548-phpapp01
rajkumar jonuboyena
 
L11 Transition And Key Roles and SAT ROB IRP.pptx
L11 Transition And Key Roles and SAT ROB IRP.pptxL11 Transition And Key Roles and SAT ROB IRP.pptx
L11 Transition And Key Roles and SAT ROB IRP.pptx
StevenTharp2
 
OpenText Cyber Resilience Fastrak
OpenText Cyber Resilience FastrakOpenText Cyber Resilience Fastrak
OpenText Cyber Resilience Fastrak
Marc St-Pierre
 
FireEye Solutions
FireEye SolutionsFireEye Solutions
FireEye Solutions
Prime Infoserv
 
Webinar - Reducing Your Cybersecurity Risk
Webinar - Reducing Your Cybersecurity RiskWebinar - Reducing Your Cybersecurity Risk
Webinar - Reducing Your Cybersecurity Risk
WPICPE
 
Select and Implement a Next Generation Endpoint Protection Solution
Select and Implement a Next Generation Endpoint Protection SolutionSelect and Implement a Next Generation Endpoint Protection Solution
Select and Implement a Next Generation Endpoint Protection Solution
Info-Tech Research Group
 
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
robbiesamuel
 
Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016
Karl Kispert
 
Risk Management
Risk ManagementRisk Management
Risk Management
ijtsrd
 
Network Vulnerability and Patching
Network Vulnerability and PatchingNetwork Vulnerability and Patching
Network Vulnerability and PatchingEmmanuel Udeagha B.
 

Similar to ARM 7: ThaiCERT Operations and Priorities (20)

Managed Security Operations Centre Alternative - Managed Security Service
Managed Security Operations Centre Alternative - Managed Security Service Managed Security Operations Centre Alternative - Managed Security Service
Managed Security Operations Centre Alternative - Managed Security Service
 
Managing security threats in today’s enterprise
Managing security threats in today’s enterpriseManaging security threats in today’s enterprise
Managing security threats in today’s enterprise
 
Ctia course outline
Ctia course outlineCtia course outline
Ctia course outline
 
Cyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat LandscapeCyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat Landscape
 
Cert adli wahid_iisf2011
Cert adli wahid_iisf2011Cert adli wahid_iisf2011
Cert adli wahid_iisf2011
 
Updated Senior Cyber Intel security analyst
Updated Senior Cyber Intel security analystUpdated Senior Cyber Intel security analyst
Updated Senior Cyber Intel security analyst
 
C4I cyber secuirty by Eric Eifert - Keynote 9.pptx
C4I cyber secuirty by Eric Eifert - Keynote 9.pptxC4I cyber secuirty by Eric Eifert - Keynote 9.pptx
C4I cyber secuirty by Eric Eifert - Keynote 9.pptx
 
Cyber risks in supply chains
Cyber risks in supply chains Cyber risks in supply chains
Cyber risks in supply chains
 
The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)
 
1 - HKT Reporting.pdf
1 - HKT Reporting.pdf1 - HKT Reporting.pdf
1 - HKT Reporting.pdf
 
Ethicalhackingalicencetohack 120223062548-phpapp01
Ethicalhackingalicencetohack 120223062548-phpapp01Ethicalhackingalicencetohack 120223062548-phpapp01
Ethicalhackingalicencetohack 120223062548-phpapp01
 
L11 Transition And Key Roles and SAT ROB IRP.pptx
L11 Transition And Key Roles and SAT ROB IRP.pptxL11 Transition And Key Roles and SAT ROB IRP.pptx
L11 Transition And Key Roles and SAT ROB IRP.pptx
 
OpenText Cyber Resilience Fastrak
OpenText Cyber Resilience FastrakOpenText Cyber Resilience Fastrak
OpenText Cyber Resilience Fastrak
 
FireEye Solutions
FireEye SolutionsFireEye Solutions
FireEye Solutions
 
Webinar - Reducing Your Cybersecurity Risk
Webinar - Reducing Your Cybersecurity RiskWebinar - Reducing Your Cybersecurity Risk
Webinar - Reducing Your Cybersecurity Risk
 
Select and Implement a Next Generation Endpoint Protection Solution
Select and Implement a Next Generation Endpoint Protection SolutionSelect and Implement a Next Generation Endpoint Protection Solution
Select and Implement a Next Generation Endpoint Protection Solution
 
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
 
Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016
 
Risk Management
Risk ManagementRisk Management
Risk Management
 
Network Vulnerability and Patching
Network Vulnerability and PatchingNetwork Vulnerability and Patching
Network Vulnerability and Patching
 

More from APNIC

APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC
 
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
APNIC
 
APNIC Updates presented by Paul Wilson at CaribNOG 27
APNIC Updates presented by Paul Wilson at CaribNOG 27APNIC Updates presented by Paul Wilson at CaribNOG 27
APNIC Updates presented by Paul Wilson at CaribNOG 27
APNIC
 
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
APNIC
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
APNIC
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
APNIC
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
APNIC
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119
APNIC
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
APNIC
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
APNIC
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
APNIC
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
APNIC
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
APNIC
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff Huston
APNIC
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
APNIC
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APNIC
 

More from APNIC (20)

APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
 
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
 
APNIC Updates presented by Paul Wilson at CaribNOG 27
APNIC Updates presented by Paul Wilson at CaribNOG 27APNIC Updates presented by Paul Wilson at CaribNOG 27
APNIC Updates presented by Paul Wilson at CaribNOG 27
 
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff Huston
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
 

Recently uploaded

JAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdfJAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
Javier Lasa
 
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
3ipehhoa
 
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
ufdana
 
This 7-second Brain Wave Ritual Attracts Money To You.!
This 7-second Brain Wave Ritual Attracts Money To You.!This 7-second Brain Wave Ritual Attracts Money To You.!
This 7-second Brain Wave Ritual Attracts Money To You.!
nirahealhty
 
test test test test testtest test testtest test testtest test testtest test ...
test test test test testtest test testtest test testtest test testtest test ...test test test test testtest test testtest test testtest test testtest test ...
test test test test testtest test testtest test testtest test testtest test ...
Arif0071
 
guildmasters guide to ravnica Dungeons & Dragons 5...
guildmasters guide to ravnica Dungeons & Dragons 5...guildmasters guide to ravnica Dungeons & Dragons 5...
guildmasters guide to ravnica Dungeons & Dragons 5...
Rogerio Filho
 
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
keoku
 
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
3ipehhoa
 
History+of+E-commerce+Development+in+China-www.cfye-commerce.shop
History+of+E-commerce+Development+in+China-www.cfye-commerce.shopHistory+of+E-commerce+Development+in+China-www.cfye-commerce.shop
History+of+E-commerce+Development+in+China-www.cfye-commerce.shop
laozhuseo02
 
Latest trends in computer networking.pptx
Latest trends in computer networking.pptxLatest trends in computer networking.pptx
Latest trends in computer networking.pptx
JungkooksNonexistent
 
Comptia N+ Standard Networking lesson guide
Comptia N+ Standard Networking lesson guideComptia N+ Standard Networking lesson guide
Comptia N+ Standard Networking lesson guide
GTProductions1
 
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Brad Spiegel Macon GA
 
The+Prospects+of+E-Commerce+in+China.pptx
The+Prospects+of+E-Commerce+in+China.pptxThe+Prospects+of+E-Commerce+in+China.pptx
The+Prospects+of+E-Commerce+in+China.pptx
laozhuseo02
 
How to Use Contact Form 7 Like a Pro.pptx
How to Use Contact Form 7 Like a Pro.pptxHow to Use Contact Form 7 Like a Pro.pptx
How to Use Contact Form 7 Like a Pro.pptx
Gal Baras
 
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
eutxy
 
Multi-cluster Kubernetes Networking- Patterns, Projects and Guidelines
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesMulti-cluster Kubernetes Networking- Patterns, Projects and Guidelines
Multi-cluster Kubernetes Networking- Patterns, Projects and Guidelines
Sanjeev Rampal
 
Internet-Security-Safeguarding-Your-Digital-World (1).pptx
Internet-Security-Safeguarding-Your-Digital-World (1).pptxInternet-Security-Safeguarding-Your-Digital-World (1).pptx
Internet-Security-Safeguarding-Your-Digital-World (1).pptx
VivekSinghShekhawat2
 
BASIC C++ lecture NOTE C++ lecture 3.pptx
BASIC C++ lecture NOTE C++ lecture 3.pptxBASIC C++ lecture NOTE C++ lecture 3.pptx
BASIC C++ lecture NOTE C++ lecture 3.pptx
natyesu
 
1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...
JeyaPerumal1
 
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
3ipehhoa
 

Recently uploaded (20)

JAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdfJAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
 
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
 
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
 
This 7-second Brain Wave Ritual Attracts Money To You.!
This 7-second Brain Wave Ritual Attracts Money To You.!This 7-second Brain Wave Ritual Attracts Money To You.!
This 7-second Brain Wave Ritual Attracts Money To You.!
 
test test test test testtest test testtest test testtest test testtest test ...
test test test test testtest test testtest test testtest test testtest test ...test test test test testtest test testtest test testtest test testtest test ...
test test test test testtest test testtest test testtest test testtest test ...
 
guildmasters guide to ravnica Dungeons & Dragons 5...
guildmasters guide to ravnica Dungeons & Dragons 5...guildmasters guide to ravnica Dungeons & Dragons 5...
guildmasters guide to ravnica Dungeons & Dragons 5...
 
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
 
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
 
History+of+E-commerce+Development+in+China-www.cfye-commerce.shop
History+of+E-commerce+Development+in+China-www.cfye-commerce.shopHistory+of+E-commerce+Development+in+China-www.cfye-commerce.shop
History+of+E-commerce+Development+in+China-www.cfye-commerce.shop
 
Latest trends in computer networking.pptx
Latest trends in computer networking.pptxLatest trends in computer networking.pptx
Latest trends in computer networking.pptx
 
Comptia N+ Standard Networking lesson guide
Comptia N+ Standard Networking lesson guideComptia N+ Standard Networking lesson guide
Comptia N+ Standard Networking lesson guide
 
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
 
The+Prospects+of+E-Commerce+in+China.pptx
The+Prospects+of+E-Commerce+in+China.pptxThe+Prospects+of+E-Commerce+in+China.pptx
The+Prospects+of+E-Commerce+in+China.pptx
 
How to Use Contact Form 7 Like a Pro.pptx
How to Use Contact Form 7 Like a Pro.pptxHow to Use Contact Form 7 Like a Pro.pptx
How to Use Contact Form 7 Like a Pro.pptx
 
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
 
Multi-cluster Kubernetes Networking- Patterns, Projects and Guidelines
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesMulti-cluster Kubernetes Networking- Patterns, Projects and Guidelines
Multi-cluster Kubernetes Networking- Patterns, Projects and Guidelines
 
Internet-Security-Safeguarding-Your-Digital-World (1).pptx
Internet-Security-Safeguarding-Your-Digital-World (1).pptxInternet-Security-Safeguarding-Your-Digital-World (1).pptx
Internet-Security-Safeguarding-Your-Digital-World (1).pptx
 
BASIC C++ lecture NOTE C++ lecture 3.pptx
BASIC C++ lecture NOTE C++ lecture 3.pptxBASIC C++ lecture NOTE C++ lecture 3.pptx
BASIC C++ lecture NOTE C++ lecture 3.pptx
 
1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...
 
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
 

ARM 7: ThaiCERT Operations and Priorities

  • 1. 1 ThaiCERT – Operations and Priorities
  • 2. Malware Lab & Digital Forensics Center Threat Analysis Team Incident Response Team Capacity Building and Compliance Team List of Common CSIRT Services, Handbook for Computer Security Incident Response Teams (CSIRTs), SEI, CMU Proprietary and Confidential National CERT Mission - Maintain a national point of contact for computer security threats and reduce the number of security incidents perpetrated from or targeted at systems in that country. ThaiCERT Services
  • 3. ISPs 1. Gather raw incident reports Threat Watch System 2. Normalize, lookup, categorize, etc. 3. Generate a normalized report Raw Normalized 4. Distribute the sanitized report to the ISPs via web portal Web Defacement Blogs CERT/CSIRT Partners Proprietary and Confidential ThaiCERT ThreatWatch System
  • 4. Incident Statistics 2014 Proprietary and Confidential 2,016 incidents (50.3%) were discovered by ThaiCERT ThreatWatch System Top requestors by country Report by Incident Type ThaiCERT handled 4,008 incidents. - Malicious code 1,735 (43.3%) - Fraud (Phishing) 1,010 (25.2%) - Intrusion 711 (17.7%) 12%14.6% 50.3% United States ThaiCERT Germany
  • 5. Web Defacement Statistics in ASEAN 2014 0 500 1,000 1,500 2,000 2,500 3,000 3,500 Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Brunei Cambodia Indonesia Laos Malaysia Myanmar Philippines Singapore Thailand Vietnam Data collected from public defacement databases by ThaiCERT ThreatWatch SystemNote: Proprietary and Confidential
  • 6. Alert & Coordination (since ’12) Public and Private Sectors/ CERT/CSIRT Partners Ticketing and Analysis (’12-’15) Monitoring and Detection (’13’15) Threat Threat Alert Thailand Internet Community Public / Private Sectors Regulator Law enforcements (’13-’14) Internet Malware & Vulnerability Scanner (’15) Cyber Threat Detection for Government Agencies Protection Protection (’15) (’15) Web and DDoS Firewall for Government Agencies Traffic Flows Data Center Legitimate web traffics Known Malicious & DDoS Traffics Legitimate web traffics Threat Detection info ThaiCERT Government Monitoring System (GMS) Monitoring and Analysis Proprietary and Confidential
  • 7. Proprietary and Confidential Information Security Expert Certification Level Test Score Certificates Work experience Advanced Greater than 80% iSEC-M3 or iSEC-T3 At least 5 years High Greater than 70% SEC-M2 or iSEC-T2 At least 3 years Basic Greater than 60% SEC-M1 or iSEC-T1 At least 1 year Capacity Building Activities – Local Certification 72 certificate holders
  • 8. Technical Security Security Management 8 Capacity Building Activities - Training Mobile Forensics About 200 security practitioners from both public and private sectors were trained by ThaiCERT. Proprietary and Confidential
  • 9. Proprietary and Confidential Malware Analysis Objectives: • Practice incident handling coordination between the banks, ISPs and ThaiCERT • Assess advanced technical skills such as malware analysis ThaiCERT Incident Drill for Fin sector & ISPs “To enhance the communication and participating teams’ incident response capabilities and cooperation between teams”
  • 10. Proprietary and Confidential Malware Analysis Competition 2014 (MAC2014) “To raise interest of IT security for university students in Thailand and development of in- demand skill of malware analysis”• Organized by ThaiCERT and JPCERT/CC • Participation of 13 Teams from 9 universities in Bangkok • 3 Days of Training + Final Day for competition • For competition, team need to analyze behavior of malware and present the result skillfully in order to win the prize (a trip to join APCERT AGM 2015)
  • 11. 11 • January 2014, D-Link Rom-0 vulnerability • April 2014, Heartbleed • May 2014, 0-day IE 6- IE 11 • August 2014, Android Trojan (SMS) • September 2014, 0-days • September 2014, ShellShock • October 2014, Poodle Press Conference/ Release Proprietary and Confidential
  • 13. URL: kasikornbankgroup.ru First Found: 6/3/58 Host on Latvia Case study: Phishing without e-mail Feb 25 : Registered Phishing Domain Mar 6 : First found of Phishing site Proprietary and Confidential Phishing on Adsense
  • 15. 15 +66-2-123-1212 Report Incident: report@thaicert.or.th (KeyID: 0xF2CB3EE1) General Inquiry: office@thaicert.or.th (KeyID: 0x52D48426)