Wait Wait... don't pwn me! at RSA Conference 2015Mark Miller
Test your wits and current security news knowledge against our panel of distinguished guests. Past rock stars include Joshua Corman, Chris Eng, Space Rogue and Matt Tesauro. "Wait Wait... Don't Pwn Me!" is patterned after the NPR news quiz show, where we challenge the panel and the audience with "Bluff the Listener", "This Week's Security News" and "Lightning Fill In the Blank." - See more at: https://www.rsaconference.com/events/us15/agenda/sessions/1826/wait-wait-dont-pwn-me#sthash.KRNR5DnZ.dpuf
Co Speaker: Cheryl Biswas
Talk Description:
How about this: a blue team talk given by red teamers. But here’s our rationale - your best defence right now is a strategic offence. The rules of the game have changed and we need to get defence up to speed.
We’ll show you what the key elements are in a good defence strategy; what you can and need to be using to full advantage. We’ll talk about the new “buzzwords” and how they apply: visibility; patterns; big data. There’s a whole lotta data to wrangle, and you aren’t seeing the whole picture if you aren’t doing things right. Threat intel is about getting the big picture as it applies to you. You’ll learn the importance of context and prioritization so that you can manipulate intel feeds to do your bidding. And then we’ll take things further and talk about hunting the adversary, using an update on proven methodologies.
We’ll show you how to understand your data, correlate threats and pin point attacks. Attendees will leave with a new understanding of the resources they have on hand, and how to leverage those into an Adaptive Proactive Defense Strategy.
AI for security or security for AI - Sergey GordeychikSergey Gordeychik
Machine learning technologies are turning from rocket science into daily engineering life. You no longer have to know the difference between Faster R-CNN and HMM to develop a machine vision system, and even OpenCV has bindings for JavaScript allowing to resolve quite serious tasks all the while remaining in front end. On other hand massive implementation of AI in various areas brings about problems, and security is one of the greatest concerns. In the broader context security is really all about trust.
Do we trust AI? I don’t, personally.
What is “state of the art” in AI security? Yesterday it was a PoC, not a product, today becoming a We will fix it later, tomorrow it will be a if it works, don’t touch it. And tomorrow is too late.
But what we can do for Trustworthy AI? There are just no simple answers.
You can’t install antivirus or calculate hashes to control integrity of annotated dataset. Traditional firewalls and IDS are almost useless in ML cloud internal SDN Infiniband network. Event C-level Compliance such as PCI DSS and GDPR doesn’t work for massive country-level AI deployments. What about vulnerability management for TensorFlow ML model? How it will impact ROC and AUC?..
To make it better we should rethink Cyber Resilience for AI process, systems and applications to make sure that they continuously deliver the intended outcome despite adverse cyber events. Make sure that security is genuinely integrated into innovation that AI brings into our lives. To trust AI and earn his trust, perhaps?
Rv defcon25 keeping an eye on mobile applications - mikhail sosonkinreconvillage
This document discusses various techniques for analyzing mobile applications, including jailbreaking, dynamic instrumentation with Frida and Cycript, objective-C tracing, man-in-the-middle proxying, fuzzing, and automation of user interactions using a Lua-based tool called CHAOTICMARCH. The goal is to gain a deeper understanding of how applications work under the hood by observing runtime behavior, API calls, file access, and inter-process communication. Automation is advocated to facilitate repeatable testing and maximize code coverage.
This document discusses techniques used by malware to evade detection by file-based sandboxes. It outlines various evasion techniques used, such as human interaction via mouse clicks or message boxes, configuration checks that look for sandbox timeout periods, hiding processes, and detecting virtual machine environments. The document also demonstrates a sample malware that only activates with a mouse click. It concludes that while file-based sandboxes are useful research tools, they are not effective at detecting advanced malware due to evasion techniques, and that understanding multi-vector attacks is needed to analyze such threats.
Sandbox detection: leak, abuse, test - Hacktivity 2015Zoltan Balazs
This document discusses techniques for detecting and evading malware analysis sandboxes. It begins by outlining common sandbox detection methods like checking screen resolution, installed software, CPU/system information, and network settings. It then discusses challenges like simulating sleep functions and network connections. The document emphasizes that while evading analysis is possible, manual review remains difficult to defeat. It concludes by advising blue teams to thoroughly test sandboxes and customize them to their environment before purchasing.
Wait Wait... don't pwn me! at RSA Conference 2015Mark Miller
Test your wits and current security news knowledge against our panel of distinguished guests. Past rock stars include Joshua Corman, Chris Eng, Space Rogue and Matt Tesauro. "Wait Wait... Don't Pwn Me!" is patterned after the NPR news quiz show, where we challenge the panel and the audience with "Bluff the Listener", "This Week's Security News" and "Lightning Fill In the Blank." - See more at: https://www.rsaconference.com/events/us15/agenda/sessions/1826/wait-wait-dont-pwn-me#sthash.KRNR5DnZ.dpuf
Co Speaker: Cheryl Biswas
Talk Description:
How about this: a blue team talk given by red teamers. But here’s our rationale - your best defence right now is a strategic offence. The rules of the game have changed and we need to get defence up to speed.
We’ll show you what the key elements are in a good defence strategy; what you can and need to be using to full advantage. We’ll talk about the new “buzzwords” and how they apply: visibility; patterns; big data. There’s a whole lotta data to wrangle, and you aren’t seeing the whole picture if you aren’t doing things right. Threat intel is about getting the big picture as it applies to you. You’ll learn the importance of context and prioritization so that you can manipulate intel feeds to do your bidding. And then we’ll take things further and talk about hunting the adversary, using an update on proven methodologies.
We’ll show you how to understand your data, correlate threats and pin point attacks. Attendees will leave with a new understanding of the resources they have on hand, and how to leverage those into an Adaptive Proactive Defense Strategy.
AI for security or security for AI - Sergey GordeychikSergey Gordeychik
Machine learning technologies are turning from rocket science into daily engineering life. You no longer have to know the difference between Faster R-CNN and HMM to develop a machine vision system, and even OpenCV has bindings for JavaScript allowing to resolve quite serious tasks all the while remaining in front end. On other hand massive implementation of AI in various areas brings about problems, and security is one of the greatest concerns. In the broader context security is really all about trust.
Do we trust AI? I don’t, personally.
What is “state of the art” in AI security? Yesterday it was a PoC, not a product, today becoming a We will fix it later, tomorrow it will be a if it works, don’t touch it. And tomorrow is too late.
But what we can do for Trustworthy AI? There are just no simple answers.
You can’t install antivirus or calculate hashes to control integrity of annotated dataset. Traditional firewalls and IDS are almost useless in ML cloud internal SDN Infiniband network. Event C-level Compliance such as PCI DSS and GDPR doesn’t work for massive country-level AI deployments. What about vulnerability management for TensorFlow ML model? How it will impact ROC and AUC?..
To make it better we should rethink Cyber Resilience for AI process, systems and applications to make sure that they continuously deliver the intended outcome despite adverse cyber events. Make sure that security is genuinely integrated into innovation that AI brings into our lives. To trust AI and earn his trust, perhaps?
Rv defcon25 keeping an eye on mobile applications - mikhail sosonkinreconvillage
This document discusses various techniques for analyzing mobile applications, including jailbreaking, dynamic instrumentation with Frida and Cycript, objective-C tracing, man-in-the-middle proxying, fuzzing, and automation of user interactions using a Lua-based tool called CHAOTICMARCH. The goal is to gain a deeper understanding of how applications work under the hood by observing runtime behavior, API calls, file access, and inter-process communication. Automation is advocated to facilitate repeatable testing and maximize code coverage.
This document discusses techniques used by malware to evade detection by file-based sandboxes. It outlines various evasion techniques used, such as human interaction via mouse clicks or message boxes, configuration checks that look for sandbox timeout periods, hiding processes, and detecting virtual machine environments. The document also demonstrates a sample malware that only activates with a mouse click. It concludes that while file-based sandboxes are useful research tools, they are not effective at detecting advanced malware due to evasion techniques, and that understanding multi-vector attacks is needed to analyze such threats.
Sandbox detection: leak, abuse, test - Hacktivity 2015Zoltan Balazs
This document discusses techniques for detecting and evading malware analysis sandboxes. It begins by outlining common sandbox detection methods like checking screen resolution, installed software, CPU/system information, and network settings. It then discusses challenges like simulating sleep functions and network connections. The document emphasizes that while evading analysis is possible, manual review remains difficult to defeat. It concludes by advising blue teams to thoroughly test sandboxes and customize them to their environment before purchasing.
This document discusses security concepts through the lens of a hypothetical scenario involving a Smalltalk application. It begins by introducing metaphors of security as an onion and Swiss cheese, with layers and vulnerabilities. It then imagines a scenario where a Smalltalk web application is compromised via vulnerabilities in the front-end web server. This allows an attacker to gain access and target artifacts of the Smalltalk application like image files and source code. The document outlines steps an attacker could take and risks to confidentiality, integrity and availability. It concludes by recommending secure development practices to assume breaches will occur and protect sensitive information.
Rajarshi Gupta at AI Frontiers : Security is AI’s biggest challenge, AI is Se...AI Frontiers
The progress of AI in the last decade has seemed almost magical. But we will discuss the unique challenges posed by Security and what makes this domain the biggest challenge for AI. Reporting from the frontlines, we will describe the deployment of large-scale production-grade AI systems to combat security breaches, using lessons learned at Avast from defending over 400 million consumers every single day. Topics will cover the recent AI advancements in file-based anti-malware solutions, behavior-based on-device solutions, and network-based IoT security solutions.
Hacking with Skynet - How AI is Empowering AdversariesGTKlondike
It's no question that modern advances in AI and Deep Learning technologies have allowed organizations to greatly scale their defensive capabilities. Between detecting evolving threats, automating discovery, fighting dynamic attacks, and even freeing up time for IT professionals; AI-fueled automation has been a boon for system defenders. But before we get too comfortable, we need to remember that there is another side to this fight.
In this talk, we'll take a look at how AI technologies are enhancing adversarial capabilities and how challenges in defensive machine learning are opening up new attack surfaces.
LST Toolkit: Exfiltration Over Sound, Light, TouchDimitry Snezhkov
The document discusses offensive and defensive strategies around exfiltrating sensitive data from secured environments. It describes observing defenses that focus on network-level exfiltration and lack behavioral context. Custom threat modeling and solutions may be needed. Tactics discussed include exploiting existing facilities, avoiding defenses, and transforming data to bypass monitoring. The document also outlines fictional scenarios where innovative techniques like encoding data in screen pixels or QR codes are used to exfiltrate information despite strengthened defenses.
2019 FRSecure CISSP Mentor Program: Class NineFRSecure
This document summarizes a CISSP mentor program session from May 13, 2019. It discusses assessing access control and software testing methods. The session covers penetration testing methodology and tools, vulnerability testing, and security assessments. Penetration testing involves planning, reconnaissance, scanning, vulnerability assessment, exploitation, and reporting. Vulnerability scanning checks for issues like missing patches and configuration errors. Security assessments take a holistic approach to evaluating multiple controls across domains.
How to hide your browser 0-day @ DisobeyZoltan Balazs
1. The document describes a method called #IRONSQUIRREL for delivering browser exploits in an encrypted format using elliptic curve Diffie-Hellman key exchange to prevent detection and analysis.
2. It was implemented in exploit kits like Angler to prevent reverse engineering of zero-day exploits and leakage of exploit code. The encrypted delivery prevents network-based detection and replay of the exploit.
3. The document provides details on how #IRONSQUIRREL works and improves on previous encrypted delivery methods. It also discusses challenges and techniques for analysts to detect and analyze such encrypted exploits, as well as recommendations for attackers to strengthen #IRONSQUIRREL against analysis.
The document discusses the path of cyber security and how to become a hacker or security professional. It outlines the typical steps of penetration testing: reconnaissance and analysis, vulnerability mapping, gaining access, privilege escalation, maintaining access, and covering tracks. It recommends starting with networking and programming skills, focusing on an area of expertise like web security, participating in competitions and creating a practice lab to learn. The presenter gives demonstrations on vulnerable VMs and recommends courses, CTF competitions, and building your own lab to advance your skills in security research, tool development, and operations.
The document discusses the path of cyber security and how to become a hacker or security professional. It outlines the typical steps of penetration testing: reconnaissance and analysis, vulnerability mapping, gaining access, privilege escalation, maintaining access, and covering tracks. It recommends starting with networking and programming skills, focusing on an area of expertise like web security, participating in competitions and creating a practice lab to learn. The presenter gives demonstrations on vulnerable VMs and recommends courses, CTF competitions, and building your own lab to advance your skills in security research, tool development, and operations.
The document discusses Windows credential attacks and defenses. It describes common credential theft techniques like dumping credentials from LSASS memory using Mimikatz. It then covers various Windows credential hardening defenses over time like Protected Processes, Restricted Admin, and CredentialGuard. It demonstrates CredentialGuard's effectiveness at preventing credential theft compared to normal and older Windows configurations through a lab demo. The presentation aims to educate on real-world credential attacks while showing that effective defense is possible.
Jon Noble. Jon will give a brief overview of why you should consider security as part of your CloudStack deployment, why your approach to security needs to be different than in a traditional environment, and also talk about some of the motives behind the attacks – why they attack you and what they do once they have compromised a system.
This document discusses computer security and ethical hacking. It covers various types of hacking like interruption and interception. It defines different types of hackers like white hat, black hat and gray hat hackers. It explains the process of ethical hacking which includes preparation, footprinting, vulnerability identification and exploitation. The document provides details on what hackers do after gaining access like covering tracks, creating backdoors. It suggests ways to protect systems like patching vulnerabilities, encrypting data, and setting up firewalls and intrusion detection systems. It advises actions to take after being hacked like restoring from backups.
Marco Grassi gives a presentation on reverse engineering, penetration testing, and hardening Android apps. The presentation covers techniques for reverse engineering APKs, dealing with obfuscation, tamper detection, securing network communications, attacks on IPC, and more advanced topics like runtime manipulation. Real-world examples are provided to demonstrate vulnerabilities found in apps and how they can be exploited.
This is a presentation I gave to senior high school students. The 1st part is an overview the 2nd part is more detailed on the ways to perform the Ethical Hacking.
Need my help? Contact Keith Brooks via one of the following ways:
Blog http://blog.vanessabrooks.com
Twitter http://twitter.com/lotusevangelist
http://about.me/keithbrooks
This talk by Chris Grayson contains lots of information about how to enter the so-called "hackerspace." From mental approaches to books, movies, and other media to online courses and knowledge repositories, this presentation is intended to be the one-stop-shop for anyone trying to become a penetration tester.
[2010 CodeEngn Conference 04] window31 - Art of Keylogging 키보드보안과 관계없는 키로거들GangSeok Lee
2010 CodeEngn Conference 04
각종 논문 데이터나 기타 연구자료들을 살펴보면 키보드보안의 한계점에 대해 지목하고 그것에 대한 보완 대책을 논의하고 있는 내용이 많다. 물론 그러한 학문적인 접근도 중요하지만, 실제 키로깅을 하고 있는 해커의 입장에서는 어떤 식으로 키입력과 계정을 가져가는지 해커의 접근 방법을 살펴보는 것도 필요하다. 일반적으로 해커들은 커널 레벨이나 하드웨어 지식 베이스에 입각한 난해한 기법보다는, 보다 간편하며 실용적인 방법을 통해 계정을 가져간다. 그리고 그 같은 행위는 현재 키보드보안의 커버 범위를 뛰어넘는 새로운 기법을 보여주는 경우가 대다수이다. 이런 상황을 배경으로 실제 기업에서 발생하고 있는 사례나, 유저의 감염케이스를 리버스 엔지니어링으로 살펴보는 시간을 마련했다. 바이너리 해킹의 예술을 맛볼 수 있는 Art of Keylogging 발표에서 키 입력 탈취에 대한 새로운 트렌드를 소개한다.
http://codeengn.com/conference/04
This document discusses using a programmable USB device called a USB Rubber Ducky to conduct an attack. It describes using the Rubber Ducky to deploy a Metasploit payload to get system access, then using Mimikatz to dump passwords from memory and obtain a domain admin account. With that level of access, an attacker could copy sensitive source code, delete or manipulate organizational data, fully control user accounts, and install malware through Group Policy. The document suggests defining a whitelist of authorized devices and increasing employee awareness as ways to mitigate such an attack.
This document outlines an attack scenario using a programmable USB keyboard to gain domain admin access and steal software source code from a company. It describes using a USB Rubber Ducky device pre-programmed with PowerShell commands to deploy a Metasploit payload and extract credentials from the LSASS process using Mimikatz. This would allow taking over a domain admin account, copying source code, deleting data, and fully controlling the network. The document suggests mitigations like whitelisting authorized devices and increasing social engineering awareness.
❼❷⓿❺❻❷❽❷❼❽ Dpboss Matka Result Satta Matka Guessing Satta Fix jodi Kalyan Final ank Satta Matka Dpbos Final ank Satta Matta Matka 143 Kalyan Matka Guessing Final Matka Final ank Today Matka 420 Satta Batta Satta 143 Kalyan Chart Main Bazar Chart vip Matka Guessing Dpboss 143 Guessing Kalyan night
More Related Content
Similar to C-SEC|2016 Session 2 The Security Game : You Failed at the Beginning By Incognito Lab a Division of ACinfotec
This document discusses security concepts through the lens of a hypothetical scenario involving a Smalltalk application. It begins by introducing metaphors of security as an onion and Swiss cheese, with layers and vulnerabilities. It then imagines a scenario where a Smalltalk web application is compromised via vulnerabilities in the front-end web server. This allows an attacker to gain access and target artifacts of the Smalltalk application like image files and source code. The document outlines steps an attacker could take and risks to confidentiality, integrity and availability. It concludes by recommending secure development practices to assume breaches will occur and protect sensitive information.
Rajarshi Gupta at AI Frontiers : Security is AI’s biggest challenge, AI is Se...AI Frontiers
The progress of AI in the last decade has seemed almost magical. But we will discuss the unique challenges posed by Security and what makes this domain the biggest challenge for AI. Reporting from the frontlines, we will describe the deployment of large-scale production-grade AI systems to combat security breaches, using lessons learned at Avast from defending over 400 million consumers every single day. Topics will cover the recent AI advancements in file-based anti-malware solutions, behavior-based on-device solutions, and network-based IoT security solutions.
Hacking with Skynet - How AI is Empowering AdversariesGTKlondike
It's no question that modern advances in AI and Deep Learning technologies have allowed organizations to greatly scale their defensive capabilities. Between detecting evolving threats, automating discovery, fighting dynamic attacks, and even freeing up time for IT professionals; AI-fueled automation has been a boon for system defenders. But before we get too comfortable, we need to remember that there is another side to this fight.
In this talk, we'll take a look at how AI technologies are enhancing adversarial capabilities and how challenges in defensive machine learning are opening up new attack surfaces.
LST Toolkit: Exfiltration Over Sound, Light, TouchDimitry Snezhkov
The document discusses offensive and defensive strategies around exfiltrating sensitive data from secured environments. It describes observing defenses that focus on network-level exfiltration and lack behavioral context. Custom threat modeling and solutions may be needed. Tactics discussed include exploiting existing facilities, avoiding defenses, and transforming data to bypass monitoring. The document also outlines fictional scenarios where innovative techniques like encoding data in screen pixels or QR codes are used to exfiltrate information despite strengthened defenses.
2019 FRSecure CISSP Mentor Program: Class NineFRSecure
This document summarizes a CISSP mentor program session from May 13, 2019. It discusses assessing access control and software testing methods. The session covers penetration testing methodology and tools, vulnerability testing, and security assessments. Penetration testing involves planning, reconnaissance, scanning, vulnerability assessment, exploitation, and reporting. Vulnerability scanning checks for issues like missing patches and configuration errors. Security assessments take a holistic approach to evaluating multiple controls across domains.
How to hide your browser 0-day @ DisobeyZoltan Balazs
1. The document describes a method called #IRONSQUIRREL for delivering browser exploits in an encrypted format using elliptic curve Diffie-Hellman key exchange to prevent detection and analysis.
2. It was implemented in exploit kits like Angler to prevent reverse engineering of zero-day exploits and leakage of exploit code. The encrypted delivery prevents network-based detection and replay of the exploit.
3. The document provides details on how #IRONSQUIRREL works and improves on previous encrypted delivery methods. It also discusses challenges and techniques for analysts to detect and analyze such encrypted exploits, as well as recommendations for attackers to strengthen #IRONSQUIRREL against analysis.
The document discusses the path of cyber security and how to become a hacker or security professional. It outlines the typical steps of penetration testing: reconnaissance and analysis, vulnerability mapping, gaining access, privilege escalation, maintaining access, and covering tracks. It recommends starting with networking and programming skills, focusing on an area of expertise like web security, participating in competitions and creating a practice lab to learn. The presenter gives demonstrations on vulnerable VMs and recommends courses, CTF competitions, and building your own lab to advance your skills in security research, tool development, and operations.
The document discusses the path of cyber security and how to become a hacker or security professional. It outlines the typical steps of penetration testing: reconnaissance and analysis, vulnerability mapping, gaining access, privilege escalation, maintaining access, and covering tracks. It recommends starting with networking and programming skills, focusing on an area of expertise like web security, participating in competitions and creating a practice lab to learn. The presenter gives demonstrations on vulnerable VMs and recommends courses, CTF competitions, and building your own lab to advance your skills in security research, tool development, and operations.
The document discusses Windows credential attacks and defenses. It describes common credential theft techniques like dumping credentials from LSASS memory using Mimikatz. It then covers various Windows credential hardening defenses over time like Protected Processes, Restricted Admin, and CredentialGuard. It demonstrates CredentialGuard's effectiveness at preventing credential theft compared to normal and older Windows configurations through a lab demo. The presentation aims to educate on real-world credential attacks while showing that effective defense is possible.
Jon Noble. Jon will give a brief overview of why you should consider security as part of your CloudStack deployment, why your approach to security needs to be different than in a traditional environment, and also talk about some of the motives behind the attacks – why they attack you and what they do once they have compromised a system.
This document discusses computer security and ethical hacking. It covers various types of hacking like interruption and interception. It defines different types of hackers like white hat, black hat and gray hat hackers. It explains the process of ethical hacking which includes preparation, footprinting, vulnerability identification and exploitation. The document provides details on what hackers do after gaining access like covering tracks, creating backdoors. It suggests ways to protect systems like patching vulnerabilities, encrypting data, and setting up firewalls and intrusion detection systems. It advises actions to take after being hacked like restoring from backups.
Marco Grassi gives a presentation on reverse engineering, penetration testing, and hardening Android apps. The presentation covers techniques for reverse engineering APKs, dealing with obfuscation, tamper detection, securing network communications, attacks on IPC, and more advanced topics like runtime manipulation. Real-world examples are provided to demonstrate vulnerabilities found in apps and how they can be exploited.
This is a presentation I gave to senior high school students. The 1st part is an overview the 2nd part is more detailed on the ways to perform the Ethical Hacking.
Need my help? Contact Keith Brooks via one of the following ways:
Blog http://blog.vanessabrooks.com
Twitter http://twitter.com/lotusevangelist
http://about.me/keithbrooks
This talk by Chris Grayson contains lots of information about how to enter the so-called "hackerspace." From mental approaches to books, movies, and other media to online courses and knowledge repositories, this presentation is intended to be the one-stop-shop for anyone trying to become a penetration tester.
[2010 CodeEngn Conference 04] window31 - Art of Keylogging 키보드보안과 관계없는 키로거들GangSeok Lee
2010 CodeEngn Conference 04
각종 논문 데이터나 기타 연구자료들을 살펴보면 키보드보안의 한계점에 대해 지목하고 그것에 대한 보완 대책을 논의하고 있는 내용이 많다. 물론 그러한 학문적인 접근도 중요하지만, 실제 키로깅을 하고 있는 해커의 입장에서는 어떤 식으로 키입력과 계정을 가져가는지 해커의 접근 방법을 살펴보는 것도 필요하다. 일반적으로 해커들은 커널 레벨이나 하드웨어 지식 베이스에 입각한 난해한 기법보다는, 보다 간편하며 실용적인 방법을 통해 계정을 가져간다. 그리고 그 같은 행위는 현재 키보드보안의 커버 범위를 뛰어넘는 새로운 기법을 보여주는 경우가 대다수이다. 이런 상황을 배경으로 실제 기업에서 발생하고 있는 사례나, 유저의 감염케이스를 리버스 엔지니어링으로 살펴보는 시간을 마련했다. 바이너리 해킹의 예술을 맛볼 수 있는 Art of Keylogging 발표에서 키 입력 탈취에 대한 새로운 트렌드를 소개한다.
http://codeengn.com/conference/04
This document discusses using a programmable USB device called a USB Rubber Ducky to conduct an attack. It describes using the Rubber Ducky to deploy a Metasploit payload to get system access, then using Mimikatz to dump passwords from memory and obtain a domain admin account. With that level of access, an attacker could copy sensitive source code, delete or manipulate organizational data, fully control user accounts, and install malware through Group Policy. The document suggests defining a whitelist of authorized devices and increasing employee awareness as ways to mitigate such an attack.
This document outlines an attack scenario using a programmable USB keyboard to gain domain admin access and steal software source code from a company. It describes using a USB Rubber Ducky device pre-programmed with PowerShell commands to deploy a Metasploit payload and extract credentials from the LSASS process using Mimikatz. This would allow taking over a domain admin account, copying source code, deleting data, and fully controlling the network. The document suggests mitigations like whitelisting authorized devices and increasing social engineering awareness.
Similar to C-SEC|2016 Session 2 The Security Game : You Failed at the Beginning By Incognito Lab a Division of ACinfotec (20)
❼❷⓿❺❻❷❽❷❼❽ Dpboss Matka Result Satta Matka Guessing Satta Fix jodi Kalyan Final ank Satta Matka Dpbos Final ank Satta Matta Matka 143 Kalyan Matka Guessing Final Matka Final ank Today Matka 420 Satta Batta Satta 143 Kalyan Chart Main Bazar Chart vip Matka Guessing Dpboss 143 Guessing Kalyan night
SATTA MATKA SATTA FAST RESULT KALYAN TOP MATKA RESULT KALYAN SATTA MATKA FAST RESULT MILAN RATAN RAJDHANI MAIN BAZAR MATKA FAST TIPS RESULT MATKA CHART JODI CHART PANEL CHART FREE FIX GAME SATTAMATKA ! MATKA MOBI SATTA 143 spboss.in TOP NO1 RESULT FULL RATE MATKA ONLINE GAME PLAY BY APP SPBOSS
NIMA2024 | De toegevoegde waarde van DEI en ESG in campagnes | Nathalie Lam |...BBPMedia1
Nathalie zal delen hoe DEI en ESG een fundamentele rol kunnen spelen in je merkstrategie en je de juiste aansluiting kan creëren met je doelgroep. Door middel van voorbeelden en simpele handvatten toont ze hoe dit in jouw organisatie toegepast kan worden.
Unveiling the Dynamic Personalities, Key Dates, and Horoscope Insights: Gemin...my Pandit
Explore the fascinating world of the Gemini Zodiac Sign. Discover the unique personality traits, key dates, and horoscope insights of Gemini individuals. Learn how their sociable, communicative nature and boundless curiosity make them the dynamic explorers of the zodiac. Dive into the duality of the Gemini sign and understand their intellectual and adventurous spirit.
HR search is critical to a company's success because it ensures the correct people are in place. HR search integrates workforce capabilities with company goals by painstakingly identifying, screening, and employing qualified candidates, supporting innovation, productivity, and growth. Efficient talent acquisition improves teamwork while encouraging collaboration. Also, it reduces turnover, saves money, and ensures consistency. Furthermore, HR search discovers and develops leadership potential, resulting in a strong pipeline of future leaders. Finally, this strategic approach to recruitment enables businesses to respond to market changes, beat competitors, and achieve long-term success.
The Most Inspiring Entrepreneurs to Follow in 2024.pdfthesiliconleaders
In a world where the potential of youth innovation remains vastly untouched, there emerges a guiding light in the form of Norm Goldstein, the Founder and CEO of EduNetwork Partners. His dedication to this cause has earned him recognition as a Congressional Leadership Award recipient.
Navigating the world of forex trading can be challenging, especially for beginners. To help you make an informed decision, we have comprehensively compared the best forex brokers in India for 2024. This article, reviewed by Top Forex Brokers Review, will cover featured award winners, the best forex brokers, featured offers, the best copy trading platforms, the best forex brokers for beginners, the best MetaTrader brokers, and recently updated reviews. We will focus on FP Markets, Black Bull, EightCap, IC Markets, and Octa.
4 Benefits of Partnering with an OnlyFans Agency for Content Creators.pdfonlyfansmanagedau
In the competitive world of content creation, standing out and maximising revenue on platforms like OnlyFans can be challenging. This is where partnering with an OnlyFans agency can make a significant difference. Here are five key benefits for content creators considering this option:
The Genesis of BriansClub.cm Famous Dark WEb PlatformSabaaSudozai
BriansClub.cm, a famous platform on the dark web, has become one of the most infamous carding marketplaces, specializing in the sale of stolen credit card data.
[To download this presentation, visit:
https://www.oeconsulting.com.sg/training-presentations]
This presentation is a curated compilation of PowerPoint diagrams and templates designed to illustrate 20 different digital transformation frameworks and models. These frameworks are based on recent industry trends and best practices, ensuring that the content remains relevant and up-to-date.
Key highlights include Microsoft's Digital Transformation Framework, which focuses on driving innovation and efficiency, and McKinsey's Ten Guiding Principles, which provide strategic insights for successful digital transformation. Additionally, Forrester's framework emphasizes enhancing customer experiences and modernizing IT infrastructure, while IDC's MaturityScape helps assess and develop organizational digital maturity. MIT's framework explores cutting-edge strategies for achieving digital success.
These materials are perfect for enhancing your business or classroom presentations, offering visual aids to supplement your insights. Please note that while comprehensive, these slides are intended as supplementary resources and may not be complete for standalone instructional purposes.
Frameworks/Models included:
Microsoft’s Digital Transformation Framework
McKinsey’s Ten Guiding Principles of Digital Transformation
Forrester’s Digital Transformation Framework
IDC’s Digital Transformation MaturityScape
MIT’s Digital Transformation Framework
Gartner’s Digital Transformation Framework
Accenture’s Digital Strategy & Enterprise Frameworks
Deloitte’s Digital Industrial Transformation Framework
Capgemini’s Digital Transformation Framework
PwC’s Digital Transformation Framework
Cisco’s Digital Transformation Framework
Cognizant’s Digital Transformation Framework
DXC Technology’s Digital Transformation Framework
The BCG Strategy Palette
McKinsey’s Digital Transformation Framework
Digital Transformation Compass
Four Levels of Digital Maturity
Design Thinking Framework
Business Model Canvas
Customer Journey Map
Anny Serafina Love - Letter of Recommendation by Kellen Harkins, MS.AnnySerafinaLove
This letter, written by Kellen Harkins, Course Director at Full Sail University, commends Anny Love's exemplary performance in the Video Sharing Platforms class. It highlights her dedication, willingness to challenge herself, and exceptional skills in production, editing, and marketing across various video platforms like YouTube, TikTok, and Instagram.
Cover Story - China's Investment Leader - Dr. Alyce SUmsthrill
In World Expo 2010 Shanghai – the most visited Expo in the World History
https://www.britannica.com/event/Expo-Shanghai-2010
China’s official organizer of the Expo, CCPIT (China Council for the Promotion of International Trade https://en.ccpit.org/) has chosen Dr. Alyce Su as the Cover Person with Cover Story, in the Expo’s official magazine distributed throughout the Expo, showcasing China’s New Generation of Leaders to the World.
Discover innovative uses of Revit in urban planning and design, enhancing city landscapes with advanced architectural solutions. Understand how architectural firms are using Revit to transform how processes and outcomes within urban planning and design fields look. They are supplementing work and putting in value through speed and imagination that the architects and planners are placing into composing progressive urban areas that are not only colorful but also pragmatic.
6. 6
incognitolab
incognitolab.com
Lacks of incentive at global scale
• Security software
• Undergroundeconomy
• Bug
• Cybercrime
Cybersecurity
Economics
Ref: DelftX: Secon101x Cyber Security Economics [edX]
7. 7
incognitolab
incognitolab.com
A WRONGMINDSET
"Good engineering involves thinking about how things
can be made to work; the security mindset involves
thinking about how things can be made to fail.”
-Bruce Schneier-
A wrong mindset
Ref: https://www.schneier.com/crypto-gram/
17. 17
incognitolab
incognitolab.com
Extra reading: DEFCON24: Six Degrees of Domain Admin
User:
Eve
FILESHARE
SERVER
Group:
Local
Admin
ERP
Server
1
User:
ITadmin
User:
ERPadmin
Group:
Domain
Admins
DOMAIN
CONTROLLER
Can
access
to
Member
of Admin
to
Has
Member
of
Has
session
Can
access
to
ERP
Server
2
ERP
Server
3
Can
access
to
GRAPH THEORY
23. 23
incognitolab
incognitolab.com
Privilege
Escalation
Protect against mimikatz
•Disable cleartext password in memory
Set DWORD value = 0
HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet
/Control/SecurityProviders/WDigest/UseLogonCredential
• LSASS.exe protected mode
Set DWORD value = 1
HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet
/Control/Lsa
• Protect your privilege account
Use LAPS (Microsoft’s Local Administrator Password Service)
25. 25
incognitolab
incognitolab.com
What should I pay?
Reference: SANS:IT SECURITY SPENDING TREND
• Firewall to segregateyour internal network
• 2 Factors authentication for administrative
accounts and remote access
• Local privileged account management
26. 26
incognitolab
incognitolab.com
MONEY WITHOUT BRAINS
IS ALWAYS DANGEROUS
-Napoleon Hill-
• Spend more money on your
people, otherwise let
professional do it for you.
• Consulting companies also
spend money on marketing,
select them wisely