Bsides angler-evolution talk
•
1 like•450 views
The document discusses the evolution of the Angler exploit kit from its origins to 2016. It describes how Angler adapted to use new payloads, domains, and infrastructure over time to evade detection while remaining a highly successful exploit kit. It highlights Angler's continued innovation and adoption of techniques like domain shadowing and encryption to distribute malware via drive-by downloads and compromise users.
Report
Share
Report
Share
Download to read offline
Recommended
Lacework | Top 10 Cloud Security Threats
James Condon presented the top 10 threats to cloud security. These included cryptojacking, data leaks from misconfigurations, SSH brute force attacks, data exfiltration by advanced persistent threats, malware like ransomware and coin miners, remote code execution from vulnerabilities, container escapes, server compromises, and malicious insiders. Mitigations involved visibility, access controls, patching, monitoring, and security best practices.
Attacking VPN's
This document provides an overview of VPN penetration testing. It begins with an introduction of the presenter and agenda. It then defines what a VPN is and why they are used. The main types of VPN protocols covered are PPTP, IPSec, SSL, and hybrid VPNs. Details are given about each protocol type. The document also discusses VPN traffic, applications, and potential issues like weak encryption, brute force attacks, lack of data integrity checks, and port failures leading to data leaks. Contact information is provided at the end.
21092018-C4E-What's Next for the Net? Security, Reliability, Capability, Perf...
21092018-C4E-What's Next for the Net? Security, Reliability, Capability, Perf...Center for Entrepreneurship (C4E), University of Cyprus
This document summarizes a presentation by Michael Nelson and Martin Levy of Cloudflare on the future of the internet. Some of the key points made in the presentation include:
- The internet is changing faster than ever before and it is difficult to see the changes happening in the underlying infrastructure.
- Focus should be placed on data rather than the network itself.
- The edge is where much of the innovation and action will take place going forward through services like Cloudflare Workers that allow running custom code at the edge.
- Trends include replacing hardware with cloud services, having intelligent systems optimize performance and security at the edge, and democratizing the web through application platforms.Top 10 Threats to Cloud Security
The document provides a summary of the top 10 threats to cloud security as presented by James Condon from Lacework. The top threats are: 1) publicly accessible resources, 2) leaked keys, 3) malicious insiders, 4) brute force attacks, 5) remote code execution, 6) container escapes, 7) supply chain attacks, 8) malware, 9) cryptojacking, and 10) ransomware. For each threat, examples are given and mitigations are proposed. The document concludes by introducing Lacework's unified cloud security platform.
Lacework Kubernetes Meetup | August 28, 2018
The document discusses container and cloud security. It describes Lacework's Polygraph security platform, which provides threat intelligence, detection, visibility, and alerting capabilities across cloud infrastructure, workloads, accounts, VMs, containers and files. It highlights risks like container escapes and privilege escalation. The document also provides examples of container security threats like the Healthz RCE vulnerability and recommendations like implementing multi-factor authentication, pod security policies, and restricting privileges.
Dark Insight: the Basic of Security - Alexander Obozinskiy
The document discusses various topics related to cyber security including hardware threats, software threats, network threats, data threats, social engineering, securing systems, and recommended security tools. It lists examples of vulnerabilities and security issues across operating systems, software, networks, and data. It also provides recommendations for securing hardware, operating systems, software, networks, data, cryptography, and web applications.
Botconf ppt
This presentation discusses the various types of distributed denial of service attacks launched worldwide by botnets in 2014. From DNS to Layer7 attacks, this deck provides an expert analysis of botnet breakdowns by-the-numbers including where the majority of botnets came from regionally, what attack trends were most popular, and when these attacks occurred.
Tizen Security
Provides an overview of the Tizen operating system, with a focus on security elements thereon. Covers securing apps on the Tizen platform as well, and ways to test them as an infosec professional. Co-pesented at DerbyCon 2103 with Mark Manning.
Recommended
Lacework | Top 10 Cloud Security Threats
James Condon presented the top 10 threats to cloud security. These included cryptojacking, data leaks from misconfigurations, SSH brute force attacks, data exfiltration by advanced persistent threats, malware like ransomware and coin miners, remote code execution from vulnerabilities, container escapes, server compromises, and malicious insiders. Mitigations involved visibility, access controls, patching, monitoring, and security best practices.
Attacking VPN's
This document provides an overview of VPN penetration testing. It begins with an introduction of the presenter and agenda. It then defines what a VPN is and why they are used. The main types of VPN protocols covered are PPTP, IPSec, SSL, and hybrid VPNs. Details are given about each protocol type. The document also discusses VPN traffic, applications, and potential issues like weak encryption, brute force attacks, lack of data integrity checks, and port failures leading to data leaks. Contact information is provided at the end.
21092018-C4E-What's Next for the Net? Security, Reliability, Capability, Perf...
21092018-C4E-What's Next for the Net? Security, Reliability, Capability, Perf...Center for Entrepreneurship (C4E), University of Cyprus
This document summarizes a presentation by Michael Nelson and Martin Levy of Cloudflare on the future of the internet. Some of the key points made in the presentation include:
- The internet is changing faster than ever before and it is difficult to see the changes happening in the underlying infrastructure.
- Focus should be placed on data rather than the network itself.
- The edge is where much of the innovation and action will take place going forward through services like Cloudflare Workers that allow running custom code at the edge.
- Trends include replacing hardware with cloud services, having intelligent systems optimize performance and security at the edge, and democratizing the web through application platforms.Top 10 Threats to Cloud Security
The document provides a summary of the top 10 threats to cloud security as presented by James Condon from Lacework. The top threats are: 1) publicly accessible resources, 2) leaked keys, 3) malicious insiders, 4) brute force attacks, 5) remote code execution, 6) container escapes, 7) supply chain attacks, 8) malware, 9) cryptojacking, and 10) ransomware. For each threat, examples are given and mitigations are proposed. The document concludes by introducing Lacework's unified cloud security platform.
Lacework Kubernetes Meetup | August 28, 2018
The document discusses container and cloud security. It describes Lacework's Polygraph security platform, which provides threat intelligence, detection, visibility, and alerting capabilities across cloud infrastructure, workloads, accounts, VMs, containers and files. It highlights risks like container escapes and privilege escalation. The document also provides examples of container security threats like the Healthz RCE vulnerability and recommendations like implementing multi-factor authentication, pod security policies, and restricting privileges.
Dark Insight: the Basic of Security - Alexander Obozinskiy
The document discusses various topics related to cyber security including hardware threats, software threats, network threats, data threats, social engineering, securing systems, and recommended security tools. It lists examples of vulnerabilities and security issues across operating systems, software, networks, and data. It also provides recommendations for securing hardware, operating systems, software, networks, data, cryptography, and web applications.
Botconf ppt
This presentation discusses the various types of distributed denial of service attacks launched worldwide by botnets in 2014. From DNS to Layer7 attacks, this deck provides an expert analysis of botnet breakdowns by-the-numbers including where the majority of botnets came from regionally, what attack trends were most popular, and when these attacks occurred.
Tizen Security
Provides an overview of the Tizen operating system, with a focus on security elements thereon. Covers securing apps on the Tizen platform as well, and ways to test them as an infosec professional. Co-pesented at DerbyCon 2103 with Mark Manning.
Kali linux and some features [view in Full screen mode]
This is a short presentation about Kali Linux and some of it's features , some reasons why i should use Linux in general and more ...
DDoS Attacks and Countermeasures
The document discusses DDoS attacks and countermeasures. It begins with an overview of common DDoS attack types like botnet attacks and distributed reflected DNS attacks. It then discusses challenges like how easy it is to build botnets and buy them online. The document also covers the xFlash attack technique and new capabilities in Flash 9. The second part discusses countermeasures, emphasizing performance tuning, caching, scalability through architecture like shared nothing, and implementing defense in depth. It concludes by thanking the audience and asking for questions.
BlueHat v17 || A Lustrum of Malware Network Communication: Evolution and Insi...
BlueHat v17 || A Lustrum of Malware Network Communication: Evolution and Insi...BlueHat Security Conference
Chaz Lever, Georgia Institute of Technology
Both the operational and academic security communities have used dynamic analysis sandboxes to execute malware samples for roughly a decade. Network information derived from dynamic analysis is frequently used for threat detection, network policy, and incident response. Despite these common and important use cases, the efficacy of the network detection signal derived from such analysis has yet to be studied in depth. This paper seeks to address this gap by analyzing the network communications of 26.8 million samples that were collected over a period of five years.
Using several malware and network datasets, our large-scale study makes three core contributions. (1) We show that dynamic analysis traces should be carefully curated and provide a rigorous methodology that analysts can use to remove potential noise from such traces. (2) We show that Internet miscreants are increasingly using potentially unwanted programs (PUPs) that rely on a surprisingly stable DNS and IP infrastructure. This indicates that the security community is in need of better protections against such threats, and network policies may provide a solid foundation for such protections. (3) Finally, we see that, for the vast majority of malware samples, network traffic provides the earliest indicator of infection—several weeks and often months before the malware sample is discovered. Therefore, network defenders should rely on automated malware analysis to extract indicators of compromise and not to build early detection systems. Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...
( ** Edureka Online Training: https://www.edureka.co/cybersecurity-certification-training ** )
This Edureka "Ethical Hacking using Kali Linux" video will give you an introduction to Ethical Hacking and Kali Linux. This video will give you an exhaustive video on the fundamentals of Kali Linux and teach how to use the operating system along with its various tools. Below are the topics in this video:
What is ethical hacking?
What is Kali Linux?
Why use Kali Linux?
Command Line Essentials
Proxychains
Macchanger
Wireless Penetration Testing
Cracking WPA2 using Aircrack-ng & Crunch
Instagram: https://www.instagram.com/edureka_lea...
Facebook: https://www.facebook.com/edurekaIN/
Twitter: https://twitter.com/edurekain
LinkedIn: https://www.linkedin.com/company/edureka
12 types of DDoS attacks
A DDoS attack can have the potential to bring down any
business to its knees.This document gives a brief overview of various types of DDoS attacks.
Kali linux
Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It is preinstalled with over 600 penetration testing programs and based on Debian Jessie. Kali Linux supports 32- and 64-bit images for x86 systems as well as ARM architectures like BeagleBoard and Samsung Chromebook. It has a dedicated project for porting to Android devices called Kali NetHunter, which enables wireless attacks and Bad USB attacks from Nexus devices.
Parrot Security OS | Introduction to Parrot Security OS | Cybersecurity Train...
(** Cyber Security Course: https://www.edureka.co/cybersecurity-certification-training **)
This ‘Parrot Security OS’ PPT by Edureka will help you learn all about one of the topmost Linux distribution for ethical hacking – Parrot Security OS.
Below is the list of topics covered in this session:
Linux Distributions for Ethical Hacking
Parrot Security OS
Kali Linux vs Parrot Security OS
How to install Parrot Security?
Parrot Security OS Tools
Cyber Security Playlist: https://bit.ly/2N2jlNN
Cyber Security Blog Series: https://bit.ly/2AuULkP
Instagram: https://www.instagram.com/edureka_lea...
Facebook: https://www.facebook.com/edurekaIN/
Twitter: https://twitter.com/edurekain
LinkedIn: https://www.linkedin.com/company/edureka
Weekend Malware Research 2012
Andrew Morris collected malware samples over the weekend using Dionaea and JBoss honeypots. The Dionaea honeypot captured over 100 Conficker malware samples exploiting Windows SMB vulnerabilities. The JBoss honeypot was infected by the ZECMD worm within 24 hours, exploiting exposed JMX consoles. Both provided real-world malware samples for analysis without risking other systems on Morris' network. He offered to collaborate on further manual analysis of the samples.
Malware cryptomining uploadv3
This document summarizes a presentation on malware analysis techniques. It discusses how malware spreads, common types of malware like ransomware and cryptomining malware, and approaches to analyzing malware both statically and dynamically. Static analysis techniques examined include scanning files, searching for strings, and analyzing file headers and dynamic linking. Dynamic analysis involves running malware in a controlled environment to observe its behaviors and network activity. Cryptomining malware is described as using victims' computers to mine cryptocurrency without permission.
CNIT 128 3. Attacking iOS Applications (Part 1)
For a college class: Hacking Mobile Devices at CCSF
Based on "The Mobile Application Hacker's Handbook 1st Edition", by Dominic Chell
Instructor: Sam Bowne
More info: https://samsclass.info/128/128_S19.shtml
Nebula Webinar | Private Cloud Security: Practical Solutions for a Challengin...
Join Nebula's Director of Security Research, Dr. Bryan Payne, as he discusses why deploying a secure private cloud matters and how to mitigate and protect against malicious activities occurring on your network.
During this webinar Bryan will provide insight on:
* Why security even matters in a private cloud
* Steps to deploy a secure private cloud
* Mitigation strategies to prevent attacks
How to launch and defend against a DDoS
This document discusses how to launch and defend against DDoS attacks. It explains that DDoS attacks are easy to conduct using tools that allow for spoofing of IP addresses. It also describes how protocols like UDP and DNS amplification attacks can be used to launch large attacks. The document then provides recommendations for how to defend against DDoS attacks, including using a global network with anycast, hiding your origin IP, separating protocols by IP, and working closely with your upstream provider.
BlueHat v17 || All Your Cloud Are Belong to Us; Hunting Compromise in Azure
BlueHat v17 || All Your Cloud Are Belong to Us; Hunting Compromise in Azure BlueHat Security Conference
Nate Warfield, Microsoft
Ben Ridgway, Microsoft
MongoDB, Redis, Elastic, Hadoop, SMBv1, IIS6.0, Samba. What do they all have in common? Thousands of them were pwned. In Azure. In 2017. Attackers have shifted tactics, leveraged nation-state leaked tools and are leveraging ransomware to monetize their attacks. Cloud networks are prime targets; the DMZ is gone, the firewall doesn't exist and customers may not realize they've exposed insecure services to the internet until it's too late. In this talk we'll discuss hunting, finding and remediating compromised customer systems in Azure - a non-trivial task with 1.59million exposed hosts and counting. Remediating system compromise is only the first stage so we'll also cover how we applied the lessons learned to proactively secure Azure Marketplace. Kali linux
This presentation is talking about Kali Linux and how we can use KALI LINUX. Kali Linux is an advanced Penetration Testing and Security Auditing Linux distribution (distro). It was designed to replace the BackTrack Linux distro. Linux is itself based off the UNIX kernel. Everyone was using it because its for free and its secure development environment.
Zero Day Malware Detection/Prevention Using Open Source Software
Zero Day Malware Detection/Prevention Using Open Source Software – Proof of Concept
Fathi Kamil Mohad Zainuddin
Senior Analyst (Malware Research Centre, MyCERT)
Your Blacklist is Dead: Why the Future of Command and Control is the Cloud
"What happens when attackers start taking advantage of whitelisted APIs as a form of obfuscated command and control? Companies both large and small are moving workloads to the cloud and are very concerned with how to secure their resources which actually live in AWS, GCP, and Azure. However, they don’t address how enabling this access changes their internal attack surface and weakens their defenses.
In this talk, we demonstrate that attackers no longer have any reason to rely on conventional CNC, being able to outsource their costs and infrastructure management to the likes of Slack, Github, Pastebin, Dropbox, Google, and social media sites. Using these sorts of techniques, URL blacklisting becomes obsolete, IDS becomes less effective, and attackers no longer have to waste their time writing domain generation algorithms.
Specifically, I will demo a proof-of-concept malware which uses multiple SaaS services, social networks, and more conventional “cloud infrastructure” (S3) that would be extremely difficult to mitigate generically with today’s IPS solutions, and we discuss how the same techniques can be used by red teams and attackers to quietly maintain persistence and exfiltrate data."
Kali linux summarised
Kali Linux is a Debian-based Linux distribution designed for digital forensics and penetration testing. It is maintained by Offensive Security and is a rewrite of their previous distribution, BackTrack. Kali Linux includes over 600 penetration testing tools and can run natively, from a live USB/CD, or in a virtual machine. It is specialized for penetration testing and forensics, unlike the more general purpose Ubuntu distribution. Common penetration testing tools included are nmap, Wireshark, John the Ripper, and Aircrack-ng for wireless assessments. Packet injection allows sending frames in monitor mode for wireless attacks like impersonation and deauthentication. The Alfa Network wireless adapter is often used for wireless hacks with its high
Secure Application Development in the Age of Continuous Delivery
As delivered at LinuxCon and ContainerCon in Berlin 2016.
Traditionally, when datacenter operators talk about application security, they've tended to focus on issues related to key management, firewalls and data access. By contrast, application developers have a security focus which is more aligned with code analysis and fuzzing techniques.
The reality is, secure application deployment principles extend from the infrastructure layer through the application and include how the application is deployed. With the prevalence of continuous deployment of micro-services, it’s imperative to focus efforts on what attackers’ view as vulnerable; particularly in an environment where new exploits are being disclosed almost daily.
In this session we’ll present:
• How known vulnerabilities can make their way into production deployments
• How deployment of vulnerable code can be minimized
• How to determine the vulnerability status of a container
• How to determine the risk associated with a specific package
ION Sri Lanka - TLS for Network Operators
This document discusses the increased usage of Transport Layer Security (TLS) across internet applications and networks due to revelations of global surveillance. It outlines responses by organizations like the IETF to strengthen security and privacy of internet protocols by incorporating TLS. These include new working groups to update TLS usage and deprecating insecure versions. As a result, network operators are encouraged to support TLS encrypted traffic and help customers adopt TLS for their services and applications. Challenges in monitoring encrypted traffic and validating certificate authenticity are also addressed.
AtlSecCon 2016
The document discusses emerging cybersecurity threats such as exploit kits, ransomware, and phishing scams. It provides an overview of the Angler exploit kit and how it has evolved, targeting vulnerabilities in Adobe Flash, Internet Explorer, and Silverlight. It also examines the CryptoWall ransomware version 4 and how it encrypts files and communicates with command and control servers. Additionally, it analyzes the SamSam ransomware attacks targeting healthcare organizations and the Rombertik malware which uses layers of obfuscation and anti-analysis techniques to propagate via spam and steal user credentials.
Using GreyNoise to Quantify Response Time of Cloud Provider Abuse Teams
Cloud hosting providers, such as Amazon AWS, Google Cloud, DigitalOcean, Microsoft Azure, and many others, have to respond to a regular barrage of abuse complaint reports from all around the world when their customers virtual private servers are used for malicious activity. This activity can happen knowingly by the "renter" of the system or on behalf of an attacker if the server becomes infected. Although by no means the end all, one way of measuring the trust posture of a cloud hosting provider is by analyzing the amount of time between shared hosts beginning to attack other hosts on the Internet and the activity ceasing, generally by way of forced-decommissioning, quarantining, or remediation of the root-cause, such as a malware infection. In this talk, we discuss using the data collected by GreyNoise, a large network of passive collector nodes, to measure the time-to-remediation of infected or malicious machines. We will discuss methodology, results, and actionable takeaways for conference attendees who use shared cloud hosting in their businesses.
Weaponizing Intelligence: Interdiction in Today’s Threat Landscape
The document discusses threat intelligence and interdiction efforts at Cisco Systems. It describes Cisco's threat intelligence capabilities including hundreds of researchers, billions of daily network requests and emails monitored, and trillions of threats blocked. It then discusses how interdiction involves disrupting threats outside networks through cooperation with law enforcement, hosting providers, and other partners. An example interdiction case study involving the Samsam ransomware actor targeting vulnerable JBoss servers is provided.
More Related Content
What's hot
Kali linux and some features [view in Full screen mode]
This is a short presentation about Kali Linux and some of it's features , some reasons why i should use Linux in general and more ...
DDoS Attacks and Countermeasures
The document discusses DDoS attacks and countermeasures. It begins with an overview of common DDoS attack types like botnet attacks and distributed reflected DNS attacks. It then discusses challenges like how easy it is to build botnets and buy them online. The document also covers the xFlash attack technique and new capabilities in Flash 9. The second part discusses countermeasures, emphasizing performance tuning, caching, scalability through architecture like shared nothing, and implementing defense in depth. It concludes by thanking the audience and asking for questions.
BlueHat v17 || A Lustrum of Malware Network Communication: Evolution and Insi...
BlueHat v17 || A Lustrum of Malware Network Communication: Evolution and Insi...BlueHat Security Conference
Chaz Lever, Georgia Institute of Technology
Both the operational and academic security communities have used dynamic analysis sandboxes to execute malware samples for roughly a decade. Network information derived from dynamic analysis is frequently used for threat detection, network policy, and incident response. Despite these common and important use cases, the efficacy of the network detection signal derived from such analysis has yet to be studied in depth. This paper seeks to address this gap by analyzing the network communications of 26.8 million samples that were collected over a period of five years.
Using several malware and network datasets, our large-scale study makes three core contributions. (1) We show that dynamic analysis traces should be carefully curated and provide a rigorous methodology that analysts can use to remove potential noise from such traces. (2) We show that Internet miscreants are increasingly using potentially unwanted programs (PUPs) that rely on a surprisingly stable DNS and IP infrastructure. This indicates that the security community is in need of better protections against such threats, and network policies may provide a solid foundation for such protections. (3) Finally, we see that, for the vast majority of malware samples, network traffic provides the earliest indicator of infection—several weeks and often months before the malware sample is discovered. Therefore, network defenders should rely on automated malware analysis to extract indicators of compromise and not to build early detection systems. Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...
( ** Edureka Online Training: https://www.edureka.co/cybersecurity-certification-training ** )
This Edureka "Ethical Hacking using Kali Linux" video will give you an introduction to Ethical Hacking and Kali Linux. This video will give you an exhaustive video on the fundamentals of Kali Linux and teach how to use the operating system along with its various tools. Below are the topics in this video:
What is ethical hacking?
What is Kali Linux?
Why use Kali Linux?
Command Line Essentials
Proxychains
Macchanger
Wireless Penetration Testing
Cracking WPA2 using Aircrack-ng & Crunch
Instagram: https://www.instagram.com/edureka_lea...
Facebook: https://www.facebook.com/edurekaIN/
Twitter: https://twitter.com/edurekain
LinkedIn: https://www.linkedin.com/company/edureka
12 types of DDoS attacks
A DDoS attack can have the potential to bring down any
business to its knees.This document gives a brief overview of various types of DDoS attacks.
Kali linux
Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It is preinstalled with over 600 penetration testing programs and based on Debian Jessie. Kali Linux supports 32- and 64-bit images for x86 systems as well as ARM architectures like BeagleBoard and Samsung Chromebook. It has a dedicated project for porting to Android devices called Kali NetHunter, which enables wireless attacks and Bad USB attacks from Nexus devices.
Parrot Security OS | Introduction to Parrot Security OS | Cybersecurity Train...
(** Cyber Security Course: https://www.edureka.co/cybersecurity-certification-training **)
This ‘Parrot Security OS’ PPT by Edureka will help you learn all about one of the topmost Linux distribution for ethical hacking – Parrot Security OS.
Below is the list of topics covered in this session:
Linux Distributions for Ethical Hacking
Parrot Security OS
Kali Linux vs Parrot Security OS
How to install Parrot Security?
Parrot Security OS Tools
Cyber Security Playlist: https://bit.ly/2N2jlNN
Cyber Security Blog Series: https://bit.ly/2AuULkP
Instagram: https://www.instagram.com/edureka_lea...
Facebook: https://www.facebook.com/edurekaIN/
Twitter: https://twitter.com/edurekain
LinkedIn: https://www.linkedin.com/company/edureka
Weekend Malware Research 2012
Andrew Morris collected malware samples over the weekend using Dionaea and JBoss honeypots. The Dionaea honeypot captured over 100 Conficker malware samples exploiting Windows SMB vulnerabilities. The JBoss honeypot was infected by the ZECMD worm within 24 hours, exploiting exposed JMX consoles. Both provided real-world malware samples for analysis without risking other systems on Morris' network. He offered to collaborate on further manual analysis of the samples.
Malware cryptomining uploadv3
This document summarizes a presentation on malware analysis techniques. It discusses how malware spreads, common types of malware like ransomware and cryptomining malware, and approaches to analyzing malware both statically and dynamically. Static analysis techniques examined include scanning files, searching for strings, and analyzing file headers and dynamic linking. Dynamic analysis involves running malware in a controlled environment to observe its behaviors and network activity. Cryptomining malware is described as using victims' computers to mine cryptocurrency without permission.
CNIT 128 3. Attacking iOS Applications (Part 1)
For a college class: Hacking Mobile Devices at CCSF
Based on "The Mobile Application Hacker's Handbook 1st Edition", by Dominic Chell
Instructor: Sam Bowne
More info: https://samsclass.info/128/128_S19.shtml
Nebula Webinar | Private Cloud Security: Practical Solutions for a Challengin...
Join Nebula's Director of Security Research, Dr. Bryan Payne, as he discusses why deploying a secure private cloud matters and how to mitigate and protect against malicious activities occurring on your network.
During this webinar Bryan will provide insight on:
* Why security even matters in a private cloud
* Steps to deploy a secure private cloud
* Mitigation strategies to prevent attacks
How to launch and defend against a DDoS
This document discusses how to launch and defend against DDoS attacks. It explains that DDoS attacks are easy to conduct using tools that allow for spoofing of IP addresses. It also describes how protocols like UDP and DNS amplification attacks can be used to launch large attacks. The document then provides recommendations for how to defend against DDoS attacks, including using a global network with anycast, hiding your origin IP, separating protocols by IP, and working closely with your upstream provider.
BlueHat v17 || All Your Cloud Are Belong to Us; Hunting Compromise in Azure
BlueHat v17 || All Your Cloud Are Belong to Us; Hunting Compromise in Azure BlueHat Security Conference
Nate Warfield, Microsoft
Ben Ridgway, Microsoft
MongoDB, Redis, Elastic, Hadoop, SMBv1, IIS6.0, Samba. What do they all have in common? Thousands of them were pwned. In Azure. In 2017. Attackers have shifted tactics, leveraged nation-state leaked tools and are leveraging ransomware to monetize their attacks. Cloud networks are prime targets; the DMZ is gone, the firewall doesn't exist and customers may not realize they've exposed insecure services to the internet until it's too late. In this talk we'll discuss hunting, finding and remediating compromised customer systems in Azure - a non-trivial task with 1.59million exposed hosts and counting. Remediating system compromise is only the first stage so we'll also cover how we applied the lessons learned to proactively secure Azure Marketplace. Kali linux
This presentation is talking about Kali Linux and how we can use KALI LINUX. Kali Linux is an advanced Penetration Testing and Security Auditing Linux distribution (distro). It was designed to replace the BackTrack Linux distro. Linux is itself based off the UNIX kernel. Everyone was using it because its for free and its secure development environment.
Zero Day Malware Detection/Prevention Using Open Source Software
Zero Day Malware Detection/Prevention Using Open Source Software – Proof of Concept
Fathi Kamil Mohad Zainuddin
Senior Analyst (Malware Research Centre, MyCERT)
Your Blacklist is Dead: Why the Future of Command and Control is the Cloud
"What happens when attackers start taking advantage of whitelisted APIs as a form of obfuscated command and control? Companies both large and small are moving workloads to the cloud and are very concerned with how to secure their resources which actually live in AWS, GCP, and Azure. However, they don’t address how enabling this access changes their internal attack surface and weakens their defenses.
In this talk, we demonstrate that attackers no longer have any reason to rely on conventional CNC, being able to outsource their costs and infrastructure management to the likes of Slack, Github, Pastebin, Dropbox, Google, and social media sites. Using these sorts of techniques, URL blacklisting becomes obsolete, IDS becomes less effective, and attackers no longer have to waste their time writing domain generation algorithms.
Specifically, I will demo a proof-of-concept malware which uses multiple SaaS services, social networks, and more conventional “cloud infrastructure” (S3) that would be extremely difficult to mitigate generically with today’s IPS solutions, and we discuss how the same techniques can be used by red teams and attackers to quietly maintain persistence and exfiltrate data."
Kali linux summarised
Kali Linux is a Debian-based Linux distribution designed for digital forensics and penetration testing. It is maintained by Offensive Security and is a rewrite of their previous distribution, BackTrack. Kali Linux includes over 600 penetration testing tools and can run natively, from a live USB/CD, or in a virtual machine. It is specialized for penetration testing and forensics, unlike the more general purpose Ubuntu distribution. Common penetration testing tools included are nmap, Wireshark, John the Ripper, and Aircrack-ng for wireless assessments. Packet injection allows sending frames in monitor mode for wireless attacks like impersonation and deauthentication. The Alfa Network wireless adapter is often used for wireless hacks with its high
Secure Application Development in the Age of Continuous Delivery
As delivered at LinuxCon and ContainerCon in Berlin 2016.
Traditionally, when datacenter operators talk about application security, they've tended to focus on issues related to key management, firewalls and data access. By contrast, application developers have a security focus which is more aligned with code analysis and fuzzing techniques.
The reality is, secure application deployment principles extend from the infrastructure layer through the application and include how the application is deployed. With the prevalence of continuous deployment of micro-services, it’s imperative to focus efforts on what attackers’ view as vulnerable; particularly in an environment where new exploits are being disclosed almost daily.
In this session we’ll present:
• How known vulnerabilities can make their way into production deployments
• How deployment of vulnerable code can be minimized
• How to determine the vulnerability status of a container
• How to determine the risk associated with a specific package
ION Sri Lanka - TLS for Network Operators
This document discusses the increased usage of Transport Layer Security (TLS) across internet applications and networks due to revelations of global surveillance. It outlines responses by organizations like the IETF to strengthen security and privacy of internet protocols by incorporating TLS. These include new working groups to update TLS usage and deprecating insecure versions. As a result, network operators are encouraged to support TLS encrypted traffic and help customers adopt TLS for their services and applications. Challenges in monitoring encrypted traffic and validating certificate authenticity are also addressed.
What's hot (19)
Kali linux and some features [view in Full screen mode]
Kali linux and some features [view in Full screen mode]
BlueHat v17 || A Lustrum of Malware Network Communication: Evolution and Insi...
BlueHat v17 || A Lustrum of Malware Network Communication: Evolution and Insi...
Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...
Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...
Parrot Security OS | Introduction to Parrot Security OS | Cybersecurity Train...
Parrot Security OS | Introduction to Parrot Security OS | Cybersecurity Train...
Nebula Webinar | Private Cloud Security: Practical Solutions for a Challengin...
Nebula Webinar | Private Cloud Security: Practical Solutions for a Challengin...
BlueHat v17 || All Your Cloud Are Belong to Us; Hunting Compromise in Azure
BlueHat v17 || All Your Cloud Are Belong to Us; Hunting Compromise in Azure
Zero Day Malware Detection/Prevention Using Open Source Software
Zero Day Malware Detection/Prevention Using Open Source Software
Your Blacklist is Dead: Why the Future of Command and Control is the Cloud
Your Blacklist is Dead: Why the Future of Command and Control is the Cloud
Secure Application Development in the Age of Continuous Delivery
Secure Application Development in the Age of Continuous Delivery
Similar to Bsides angler-evolution talk
AtlSecCon 2016
The document discusses emerging cybersecurity threats such as exploit kits, ransomware, and phishing scams. It provides an overview of the Angler exploit kit and how it has evolved, targeting vulnerabilities in Adobe Flash, Internet Explorer, and Silverlight. It also examines the CryptoWall ransomware version 4 and how it encrypts files and communicates with command and control servers. Additionally, it analyzes the SamSam ransomware attacks targeting healthcare organizations and the Rombertik malware which uses layers of obfuscation and anti-analysis techniques to propagate via spam and steal user credentials.
Using GreyNoise to Quantify Response Time of Cloud Provider Abuse Teams
Cloud hosting providers, such as Amazon AWS, Google Cloud, DigitalOcean, Microsoft Azure, and many others, have to respond to a regular barrage of abuse complaint reports from all around the world when their customers virtual private servers are used for malicious activity. This activity can happen knowingly by the "renter" of the system or on behalf of an attacker if the server becomes infected. Although by no means the end all, one way of measuring the trust posture of a cloud hosting provider is by analyzing the amount of time between shared hosts beginning to attack other hosts on the Internet and the activity ceasing, generally by way of forced-decommissioning, quarantining, or remediation of the root-cause, such as a malware infection. In this talk, we discuss using the data collected by GreyNoise, a large network of passive collector nodes, to measure the time-to-remediation of infected or malicious machines. We will discuss methodology, results, and actionable takeaways for conference attendees who use shared cloud hosting in their businesses.
Weaponizing Intelligence: Interdiction in Today’s Threat Landscape
The document discusses threat intelligence and interdiction efforts at Cisco Systems. It describes Cisco's threat intelligence capabilities including hundreds of researchers, billions of daily network requests and emails monitored, and trillions of threats blocked. It then discusses how interdiction involves disrupting threats outside networks through cooperation with law enforcement, hosting providers, and other partners. An example interdiction case study involving the Samsam ransomware actor targeting vulnerable JBoss servers is provided.
Secure Your Apps with NGINX Plus and the ModSecurity WAF
On-demand recording: https://nginx.webex.com/nginx/lsr.php?RCID=e62ece89fb21133d312f02af7be8e2c0
The NGINX Plus with ModSecurity WAF (web application firewall) protects your applications from a wide variety of threats, including DDoS and Layer 7 attacks. Improve application uptime, block malicious users, and log crucial data about suspicious transactions with this new offering from NGINX.
The NGINX Plus with ModSecurity WAF is built on a new architecture, offered first to NGINX Plus customers. Our new WAF will help you protect your site against top threats and comply with PCI-DSS Requirement 6.6.
Join us in this webinar to learn:
* The top security attacks against websites
* How much attacks are increasing and why
* How a WAF adds to your site's security protection
* How NGINX Plus with ModSecurity WAF works, in a live demo
30 it securitythreatsvulnerabilitiesandcountermeasuresv1_2
This document provides a summary of an IT security presentation on threats, vulnerabilities, and countermeasures. The presentation discusses the evolving cyber threat landscape, including more advanced cyber crime and nation-state threats. It covers common vulnerabilities like cross-site scripting, SQL injection, and malicious file execution. It also summarizes the OWASP Top 10 security risks and the SANS Top 20 vulnerabilities. The presentation provides information on specific threats like keyloggers and the WSNPOEM malware and outlines mitigation strategies. It discusses finding the right balance of security based on risk and cost. Contact information is provided for follow up questions.
Ransomware- What you need to know to Safeguard your Data
Ransomware - a malicious software used by hackers to block access to a computer system until a ransom is paid. Attackers contact the user with ransom demands. Most attackers request payment in Bitcoin (the crypto-currency). Even if you pay the ransom, the attackers may not deliver the key to unencrypt files.
As ransomware attacks continue to grow in number and sophistication, individual PC users and organizations should reassess their current security strategy. There is a common misconception that adding layers of automated defence technologies will reduce the risk of falling victim to ransomware attacks. While endpoint security products and secure email gateways can offer some level of protection, sooner or later a phishing email, which is the most widely-used attack vector, will penetrate defences and user will be faced with determining whether or not an email is legitimate or part of an attack.
Compliance made easy. Pass your audits stress-free.
This document discusses reducing ransomware risks and provides an overview of a webinar on the topic. It begins with a poll asking organizations about their experience with ransomware attacks. It then introduces the speakers and discusses malware trends seen by Cisco Talos, including the continued prevalence of ransomware. The webinar agenda is outlined, covering malware trends, what ransomware is, high-level solutions, and next steps. High-level solutions include blocking malicious traffic, securing email, using endpoint protection, and network segmentation. The presentation encourages education, making lateral movement difficult through segmentation, and having response plans. It concludes with an additional poll and information on following up.
DNS Security, is it enough?
DNS security is important. But, in today’s world of dynamic cloud environments (AWS and Azure), content delivery networks (CDNs) and crowdsourced content and advertisements, looking only at the domain name is not a complete indicator of security. “Grey” domains are no longer the exception, they have become the norm. Join this webcast to explore the risks of relying on DNS-only based solutions and ways to add security to your DNS traffic without sacrificing performance or additional security insights.
Tune in for the Ultimate WAF Torture Test: Bots Attack!
This webinar compares the bot detection and mitigation capabilities of Imperva, F5 Networks, and Distil Networks web application firewall (WAF) products. A testing scenario involving a fictional airline website is used to evaluate how each product handles different bots and attacks. Distil Networks is shown to be the most effective at blocking bots while allowing legitimate traffic. The webinar also provides best practices for optimizing a WAF for bot detection, such as profiling applications and limiting exposure. Attendees are offered a free trial and traffic analysis from Distil Networks.
Revealing the dark web
This document summarizes a presentation by Nick Cavalancia and Patrick Knight of Veriato on revealing the dark web and how to leverage technologies to alert and block dark web access. The presentation covers an introduction to the dark web including how employees can access it, defines common dark web threats, and discusses how to detect and block dark web activity through monitoring TOR browser use, VPN traffic, and specific dark web site addresses. The presentation promotes Veriato's Cerebral insider threat intelligence platform for comprehensively addressing these risks.
PLNOG15-DNS is the root of all evil in the network. How to become a superhero...
DNS is a critical networking protocol that is also easy to exploit, making it a major security risk. Traditional security measures are ineffective against evolving DNS threats. Infoblox provides dedicated DNS security appliances and automated threat intelligence to protect against DNS attacks including DDoS, exploits, and data exfiltration techniques used by advanced threats. The solution detects and blocks malicious DNS queries and tunnels while allowing legitimate traffic.
How to stay protected against ransomware
Ransomware has become one of the most widespread and damaging threats that internet users face. Since the infamous CryptoLocker first appeared in 2013, we’ve seen a new era of file-encrypting ransomware variants delivered through spam messages and Exploit Kits, extorting money from home users and businesses alike.
Webinar - Tips and Tricks on Website Security
Slides of our free webinar on website security tips and tricks together with our friends from Stopbadware.org. The goal was to provide an overview important tips why website get hacked and blacklisted and what each website or blog owner can do to protect his website.
The webinar was moderated and presented by Max Weinstein, President and Executive Director of StopBadware and Anirban Banerjee, Co-founder of StopTheHacker Inc.
Malware analysis
- Malware analysis involves both static and dynamic analysis techniques to understand malware behavior and assess potential damage. Static analysis involves disassembling and reviewing malware code and structure without executing it. Dynamic analysis observes malware behavior when executed in an isolated virtual environment.
- Tools for static analysis include file hashing, string extraction, and PE header examination. Dynamic analysis tools monitor the registry, file system, processes, and network traffic created by malware runtime behavior. These include Process Monitor, Wireshark, Process Explorer, and network sniffers.
- To safely conduct malware analysis, one should create an isolated virtual lab separated from production networks, and install behavioral monitoring and code analysis tools like OllyDbg, Process Monitor, and Wiresh
Zscaler ThreatLabz dissects the latest SSL security attacks
The occurrence of SSL-based threats are continuing to rise. Hackers are getting more and more creative in how they deliver threats, which creates new inspection challenges. Attend this webcast to discuss the latest attack trends, and best practices you can employ within your Zscaler installation to bolster your security.
Secure Application Development in the Age of Continuous Delivery
As delivered by Tim Mackey, Senior Technical Evangelist - Black Duck Software, at LinuxCon and ContainerCon in Berlin 2016.
Traditionally, when datacenter operators talk about application security, they've tended to focus on issues related to key management, firewalls and data access. By contrast, application developers have a security focus which is more aligned with code analysis and fuzzing techniques.
The reality is, secure application deployment principles extend from the infrastructure layer through the application and include how the application is deployed. With the prevalence of continuous deployment of micro-services, it’s imperative to focus efforts on what attackers’ view as vulnerable; particularly in an environment where new exploits are being disclosed almost daily.
In this session we’ll present:
• How known vulnerabilities can make their way into production deployments
• How deployment of vulnerable code can be minimized
• How to determine the vulnerability status of a container
• How to determine the risk associated with a specific package
Disruptionware-TRustedCISO103020v0.7.pptx
Distruptionware is a form of Ransomware. This presentation covers how to protect your company from it.
Talos Insight: Threat Innovation Emerging from the Noise
Session: Talos Insight: Threat Innovation Emerging from the Noise
Presenter: Earl Carter, Talos Threat Researcher
Date: October 15, 2015
Workshop on Network Security
@skeptic_fx (Ahamed Nafeez) and I conducted a National Level Workshop on Network and Web Security on August 11th, 2010 during our third year BE CSE.
Surfing with Sharks KS ED TECH 2012
This document provides an overview of how the internet can be a dangerous place due to cybercriminal activities like hacking and malware. It discusses popular exploit kits that package exploits and deliver malware payloads through drive-by downloads. Criminal tactics discussed include purchasing exploit kits, trojans, and victims in online black markets to setup infection campaigns. The document demonstrates how these campaigns work through phishing emails and compromised websites to exploit vulnerabilities and infect victims. It emphasizes that everyone is a target and provides tips to help protect yourself like keeping software updated, using safe browsing practices, and disabling plugins when possible.
Similar to Bsides angler-evolution talk (20)
Using GreyNoise to Quantify Response Time of Cloud Provider Abuse Teams
Using GreyNoise to Quantify Response Time of Cloud Provider Abuse Teams
Weaponizing Intelligence: Interdiction in Today’s Threat Landscape
Weaponizing Intelligence: Interdiction in Today’s Threat Landscape
Secure Your Apps with NGINX Plus and the ModSecurity WAF
Secure Your Apps with NGINX Plus and the ModSecurity WAF
30 it securitythreatsvulnerabilitiesandcountermeasuresv1_2
30 it securitythreatsvulnerabilitiesandcountermeasuresv1_2
Ransomware- What you need to know to Safeguard your Data
Ransomware- What you need to know to Safeguard your Data
Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.
Tune in for the Ultimate WAF Torture Test: Bots Attack!
Tune in for the Ultimate WAF Torture Test: Bots Attack!
PLNOG15-DNS is the root of all evil in the network. How to become a superhero...
PLNOG15-DNS is the root of all evil in the network. How to become a superhero...
Zscaler ThreatLabz dissects the latest SSL security attacks
Zscaler ThreatLabz dissects the latest SSL security attacks
Secure Application Development in the Age of Continuous Delivery
Secure Application Development in the Age of Continuous Delivery
Talos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the Noise
Recently uploaded
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
“I’m still / I’m still / Chaining from the Block”
“An Outlook of the Ongoing and Future Relationship between Blockchain Technologies and Process-aware Information Systems.” Invited talk at the joint workshop on Blockchain for Information Systems (BC4IS) and Blockchain for Trusted Data Sharing (B4TDS), co-located with with the 36th International Conference on Advanced Information Systems Engineering (CAiSE), 3 June 2024, Limassol, Cyprus.
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
Things to Consider When Choosing a Website Developer for your Website | FODUU
Choosing the right website developer is crucial for your business. This article covers essential factors to consider, including experience, portfolio, technical skills, communication, pricing, reputation & reviews, cost and budget considerations and post-launch support. Make an informed decision to ensure your website meets your business goals.
20240605 QFM017 Machine Intelligence Reading List May 2024
Everything I found interesting about machines behaving intelligently during May 2024
UiPath Test Automation using UiPath Test Suite series, part 6
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Mind map of terminologies used in context of Generative AI
Mind map of common terms used in context of Generative AI.
Climate Impact of Software Testing at Nordic Testing Days
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
CAKE: Sharing Slices of Confidential Data on Blockchain
Presented at the CAiSE 2024 Forum, Intelligent Information Systems, June 6th, Limassol, Cyprus.
Synopsis: Cooperative information systems typically involve various entities in a collaborative process within a distributed environment. Blockchain technology offers a mechanism for automating such processes, even when only partial trust exists among participants. The data stored on the blockchain is replicated across all nodes in the network, ensuring accessibility to all participants. While this aspect facilitates traceability, integrity, and persistence, it poses challenges for adopting public blockchains in enterprise settings due to confidentiality issues. In this paper, we present a software tool named Control Access via Key Encryption (CAKE), designed to ensure data confidentiality in scenarios involving public blockchains. After outlining its core components and functionalities, we showcase the application of CAKE in the context of a real-world cyber-security project within the logistics domain.
Paper: https://doi.org/10.1007/978-3-031-61000-4_16
OpenID AuthZEN Interop Read Out - Authorization
During Identiverse 2024 and EIC 2024, members of the OpenID AuthZEN WG got together and demoed their authorization endpoints conforming to the AuthZEN API
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
ここ3000字までしか入らないけどタイトルの方がたくさん文字入ると思います。
20240607 QFM018 Elixir Reading List May 2024
Everything I found interesting about the Elixir programming ecosystem in May 2024
National Security Agency - NSA mobile device best practices
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
Essentials of Automations: The Art of Triggers and Actions in FME
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Artificial Intelligence for XMLDevelopment
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...Edge AI and Vision Alliance
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/building-and-scaling-ai-applications-with-the-nx-ai-manager-a-presentation-from-network-optix/
Robin van Emden, Senior Director of Data Science at Network Optix, presents the “Building and Scaling AI Applications with the Nx AI Manager,” tutorial at the May 2024 Embedded Vision Summit.
In this presentation, van Emden covers the basics of scaling edge AI solutions using the Nx tool kit. He emphasizes the process of developing AI models and deploying them globally. He also showcases the conversion of AI models and the creation of effective edge AI pipelines, with a focus on pre-processing, model conversion, selecting the appropriate inference engine for the target hardware and post-processing.
van Emden shows how Nx can simplify the developer’s life and facilitate a rapid transition from concept to production-ready applications.He provides valuable insights into developing scalable and efficient edge AI solutions, with a strong focus on practical implementation.Recently uploaded (20)
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Things to Consider When Choosing a Website Developer for your Website | FODUU
Things to Consider When Choosing a Website Developer for your Website | FODUU
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
CAKE: Sharing Slices of Confidential Data on Blockchain
CAKE: Sharing Slices of Confidential Data on Blockchain
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
Bsides angler-evolution talk
- 1. Evolution of the Angler Exploit Kit
- 2. About Myself • Earl Carter • Threat Researcher, Talos Group • Over 20 Years in Network Security • 3rd Degree Black Belt Taekwondo
- 3. Cloud to Core Visibility web requests a day 16 BILLION email messages a day 500 BILLIONEndpoint malware queries a day 18.5 BILLION
- 5. Basic Terminology Drive-by Download Attacks Malvertising Exploit Kits Landing Page Exploit Payload
- 6. Drive-by Download Attacks • The act of downloading something unintentionally, usually malicious • No need to click to download • Malvertising is a common vector
- 7. Malvertising • Content varies by system • Content varies by user • Content varies by visit
- 8. Lots of Noise CNN 26 Domains 39 Hosts 171 Objects 557 Connections
- 9. What is an exploit kit? • A software package designed to exploit vulnerable browsers and plugins • Blackhole was the first major exploit kit
- 10. Angler Exposed
- 11. Attacker Innovation • Angler is the most successful exploit kit • Demonstrates continued innovation • New Functionality Quickly Spreads – Exploit kits competing for business • Exploits kits get overlooked as a sophisticated threat
- 12. Monetization of Hacking There are three main payload types: • Ransomware • Cryptowall, Teslacrypt • Click-fraud agents • Bedep • Miscellaneous • trojans, keyloggers, spyware
- 13. Domain Shadowing • Static IP Address • Registered Domains • Fast Flux DNS • Dynamic DNS • Domain Shadowing Jan-Feb 2015
- 14. URL Structure Landing Page Jan-Jul 2015 /lists/18026519312117497906 /polymorphism-relate-disambiguation-probation/807433931184758078 /search?q=pmOmaU2uh_me&e2=Cp4- iyeALf7zBKFL35SjcU&4VHps=LLnyCmlfcZ5gKB&98=pUuxRyaYW-xQPyh& /fizziest.php?q=G0PP8NWqU2pJgBkEkkb4nR&h=SHY&c=el7AqmPg- LYqbGJkbLhw&s=AeIDQZMgbummm1RYkwJB&az=zpv3C6laNuDACeto8OYvU TQu&ea=p&i=a1twO7co5&g=F /viewtopic.php?f=1&t=015806680
- 15. URL Structure Exploit Page Jan-Jul 2015 /L8Vz9fnAJQ-NIIEeBal7h7QTEL5YpvcKfrOMuBGcE7sOA4Xt /0V2e2PeF9XDbT_uCRPA43XEZexvaFojkBGfja5kEHDT28-u-Vkko5AB04Ht6w4AV /AVmBMYOz8hkFOC9zv9APM-UAx35zDy31CHZNI5aVT388hbag.pycharm? two=PgIqiVNOqsq&seven=yKj0ku /change.xfdl? model=4cAwSLa0TZ&sound=iCIuP7&street=&sort=Ew3TGK&American=3__xZmrR &right=&animal=rfWXuq2Gf&two=UufQU4W-e
- 16. 302 Cushioning • iFrame vs Malvertising • 302 Redirection • Return to Dynamic DNS (DDNS) May 2015
- 18. Taking a Close Look • Deep Data Analytics July 2015 • Telemetry from compromised users • ~1000 Sandbox Runs • July 2015 • Angler Underwent several URL Changes • Multiple “Hacking Team” 0-Days added • Ended with tons of data
- 19. Detection Challenges • Hashes • Found 3,000+ Unique Hashes • 6% in VT • Most detection <10 • Encrypted Payloads • Using Diffie Helman Encryption for IE Exploit • Unique to each user • Domain Behavior • DDNS • Domain Shadowing • Adversary Owned Domains • Hard Coded IP
- 20. Exploit Details “Hacking Team” Adobe Flash 0days CVE-2015-5119, CVE-2015-5122 IE 10 and 11 JScript9 Memory Corruption Vulnerability CVE-2015-2419 IE OLE Vulnerability CVE 2014-6332 Adobe Flash CVE 2014-6332 Silverlight
- 21. Unique Referers Unique Referers By Day July 2015
- 22. Unique IP Addresses Per Day
- 23. IP Address / ASN Relationship Angler HTTP Requests by Provider July 2015
- 24. Shutting Down the Source • Partnered with Limestone Networks • Angler Infeastructure • Level-3 • Magnitude and Scale • Collaborated with OpenDNS • Visibility into DNS Infrastructure
- 25. New Insight The Bigger Picture
- 27. Angler Victims
- 28. Potential Revenue To play with the numbers, please visit: http://talosintel.com/angler-exposed/
- 29. Angler Exploit Kit Evolves Again • Parameter Changes: • New Gate • Registered Domains Jan 2016
- 31. URL Changes Jan 2016 Old Format New Format
- 32. New Gate
- 33. New Gate
- 35. New Actor
- 36. Summary • Angler Changed • Rules Updated • Customer Protected • No Coverage Lapse • New Gate • Method to direct users to EK • Leveraging .tk TLD • Free Domains • New Actor • 95+% .top TLD • 700+ Domains in ~14 days
- 37. Protecting Yourself Install security patches as soon as possible Use anti-malware software Make periodic backups of your system that are kept offline
- 38. Conclusion • Angler Continues to Evolve • Other Exploit Kits Quickly Follow Suit • Detection must Evolve to Keep Pace • Collaboration Provides Greater Visibility • Exploit Kits Industrialized – Big Money