This document provides an analysis of the attack surface for 19 major healthcare organizations based on data collected by Bit Discovery from public sources on the internet. It includes statistics on each organization's total assets, domain names, cloud assets, use of content delivery networks, certificate authorities, expired certificates, geographic distribution, private IP addresses, WordPress vulnerabilities, and recommendations for building a security program around mapping the attack surface.
What Makes Web Applications Desirable For HackersJaime Manteiga
For years’ unethical hackers have preferred Web Applications as the favorite pattern of attack. In this webinar, we will take a look inside the mind of an attacker — including uncovering their motivation and hacking techniques. Web Applications become compromised all the time; additionally, organizations seem to be repeating mistakes when it comes to application security. This webinar will serve as a baseline to establish appropriate web information security controls and mitigation strategies by thinking like an unethical hacker.
https://www.venkon.us/
The good, the bad and the ugly of the target data breachUlf Mattsson
The landscape of threats to sensitive data is rapidly changing. New technologies bring with them new vulnerabilities, and organizations like Target are failing to react properly to the shifts around them. What's needed is an approach equal to the persistent, advanced attacks companies face every day. The sooner we start adopting the same proactive thinking hackers are using to get at our data, the better we will be able to protect it.
This webinar will cover:
Data security today, the landscape, etc.
Discuss a few recent studies and changing threat landscape
The Target breach and other recent breaches
The effects of new technologies on breaches
Shifting from reactive to proactive thinking
Preparing for future attacks with new techniques
If last year’s presentation on the SANS 20 felt like more of a rant than a practical application of elite IT knowledge, Ian Trump’s technical track presentation is going to unleash GFI MAX as a security dashboard like nothing you have seen.
The Octopi team has leveraged network scanning and event log checks, and Ian takes the GFI MAX dashboard to a whole new level. MSP’s can take his code and research and immediately apply it to their practices to secure their customers from cyber threats. Dehydrated from the summer information security conferences, Ian will give you the threat intel you need to be on the lookout for in the months ahead.
Besides all the GFI MAX goodness, being part of a live demo to find APT, and seeing Ian link Human Rights, Market Research, Ice, Law, Iggy Azalea, War Ferrets, Christian Studies, Event Auditing, Security Tools, Taylor Swift and How we can all fix the cyber problem into one epic presentation – well, you don’t want to miss this.
Verizon 2014 data breach investigation report and the target breachUlf Mattsson
The landscape of threats to sensitive data is changing. New technologies bring with them new vulnerabilities, and organizations like Target are failing to adapt to the shifts around them.
What’s needed is an approach equal to the persistent, advanced attacks companies face every day. The sooner we start adopting the same proactive thinking hackers are using to get at our data, the better we will be able to protect it.
In this webinar, Protegrity CTO and data security thought leader Ulf Mattsson integrates new information from the Verizon 2014 Data Breach Investigation Report (DBIR) into his analysis on what is driving data breaches today, and how we can prevent them in the future.
KEY TOPICS INCLUDE:
• The changing threat landscape
• The effects of new technologies on breaches
• Analysis of recent breaches, including Target
• Compliance vs. security
• The importance of shifting from reactive to proactive thinking
• Preparing for future attacks with new technology & techniques
Observations on Modern Cyber Crime and Espionage - Wade Baker, VerizonAkamai Technologies
Based on forensic evidence collected while investigating some of the largest data breaches in history, Wade Baker will present a rare view into the world of cyber crime & espionage. Over the last seven years, Baker and his colleagues have compiled one of the largest and most detailed security incident repositories in the world. Their research has been used by law enforcement agencies around the world to prosecute criminals as well as by numerous organizations to assess and improve their security program. The presentation will discuss the evolution of cybercrime & espionage and delve into the people, methods, and motives that drive it today. See Wade Baker's Edge Presentation: http://www.akamai.com/html/custconf/edgetv.html#wade-baker
The Akamai Edge Conference is a gathering of the industry revolutionaries who are committed to creating leading edge experiences, realizing the full potential of what is possible in a Faster Forward World. From customer innovation stories, industry panels, technical labs, partner and government forums to Web security and developers' tracks, there’s something for everyone at Edge 2013.
Learn more at http://www.akamai.com/edge
What Makes Web Applications Desirable For HackersJaime Manteiga
For years’ unethical hackers have preferred Web Applications as the favorite pattern of attack. In this webinar, we will take a look inside the mind of an attacker — including uncovering their motivation and hacking techniques. Web Applications become compromised all the time; additionally, organizations seem to be repeating mistakes when it comes to application security. This webinar will serve as a baseline to establish appropriate web information security controls and mitigation strategies by thinking like an unethical hacker.
https://www.venkon.us/
The good, the bad and the ugly of the target data breachUlf Mattsson
The landscape of threats to sensitive data is rapidly changing. New technologies bring with them new vulnerabilities, and organizations like Target are failing to react properly to the shifts around them. What's needed is an approach equal to the persistent, advanced attacks companies face every day. The sooner we start adopting the same proactive thinking hackers are using to get at our data, the better we will be able to protect it.
This webinar will cover:
Data security today, the landscape, etc.
Discuss a few recent studies and changing threat landscape
The Target breach and other recent breaches
The effects of new technologies on breaches
Shifting from reactive to proactive thinking
Preparing for future attacks with new techniques
If last year’s presentation on the SANS 20 felt like more of a rant than a practical application of elite IT knowledge, Ian Trump’s technical track presentation is going to unleash GFI MAX as a security dashboard like nothing you have seen.
The Octopi team has leveraged network scanning and event log checks, and Ian takes the GFI MAX dashboard to a whole new level. MSP’s can take his code and research and immediately apply it to their practices to secure their customers from cyber threats. Dehydrated from the summer information security conferences, Ian will give you the threat intel you need to be on the lookout for in the months ahead.
Besides all the GFI MAX goodness, being part of a live demo to find APT, and seeing Ian link Human Rights, Market Research, Ice, Law, Iggy Azalea, War Ferrets, Christian Studies, Event Auditing, Security Tools, Taylor Swift and How we can all fix the cyber problem into one epic presentation – well, you don’t want to miss this.
Verizon 2014 data breach investigation report and the target breachUlf Mattsson
The landscape of threats to sensitive data is changing. New technologies bring with them new vulnerabilities, and organizations like Target are failing to adapt to the shifts around them.
What’s needed is an approach equal to the persistent, advanced attacks companies face every day. The sooner we start adopting the same proactive thinking hackers are using to get at our data, the better we will be able to protect it.
In this webinar, Protegrity CTO and data security thought leader Ulf Mattsson integrates new information from the Verizon 2014 Data Breach Investigation Report (DBIR) into his analysis on what is driving data breaches today, and how we can prevent them in the future.
KEY TOPICS INCLUDE:
• The changing threat landscape
• The effects of new technologies on breaches
• Analysis of recent breaches, including Target
• Compliance vs. security
• The importance of shifting from reactive to proactive thinking
• Preparing for future attacks with new technology & techniques
Observations on Modern Cyber Crime and Espionage - Wade Baker, VerizonAkamai Technologies
Based on forensic evidence collected while investigating some of the largest data breaches in history, Wade Baker will present a rare view into the world of cyber crime & espionage. Over the last seven years, Baker and his colleagues have compiled one of the largest and most detailed security incident repositories in the world. Their research has been used by law enforcement agencies around the world to prosecute criminals as well as by numerous organizations to assess and improve their security program. The presentation will discuss the evolution of cybercrime & espionage and delve into the people, methods, and motives that drive it today. See Wade Baker's Edge Presentation: http://www.akamai.com/html/custconf/edgetv.html#wade-baker
The Akamai Edge Conference is a gathering of the industry revolutionaries who are committed to creating leading edge experiences, realizing the full potential of what is possible in a Faster Forward World. From customer innovation stories, industry panels, technical labs, partner and government forums to Web security and developers' tracks, there’s something for everyone at Edge 2013.
Learn more at http://www.akamai.com/edge
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...Alisha Deboer
Cyber terrorists are sophisticated, organized and disruptive to your business. How prepared are you? Explore the landscape of malicious actors most likely to strike your business and what you can do about it.
Save Your Network – Protecting Healthcare Data from Deadly BreachesLancope, Inc.
As recent events have proven, healthcare organizations are especially vulnerable to cyber-attacks due to the amount of valuable data they maintain. With advanced attacks becoming so ubiquitous, how can healthcare organizations protect patient data and avoid becoming the next high-profile victim in the headlines?
The answer lies in network visibility. Healthcare providers and others are invited to join this complimentary webinar to learn how to:
-Cost-effectively transform their network into a sensor grid for detecting sophisticated attacks
-Quickly uncover suspicious behaviors associated with zero-day attacks, APTs, insider threats and other risks that frequently evade conventional defenses
-Protect their reputation by thwarting attacks before they lead to devastating data loss
Did you know 30% of Ecommerce website visitors are unsavory competitors, hackers, and fraudsters?
Fact is, online retailers are particularly susceptible to the effects of advanced bot threats, including competitive tactics like price scraping, product matching, variation tracking and availability targeting. Even worse, security breaches such as transaction fraud and account takeovers endanger the overall security of your website, customer base, and brand.
When aggressive scrapers caused repeated site slowdowns, Brian Gress, Director of IT Systems & Governance at Hayneedle, said enough was enough.
Key takeaways include how to:
- Stop competitors from scraping your prices and monitoring your inventory
- Reduce chargeback fees due to transaction fraud, carding and account hijacking
- Optimize your conversion funnel and enjoy clean analytics and KPIs
- Protect your brand image, reputation and SEO rankings
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat ReportSymantec
The biggest story in 2014 was, of course, the Heartbleed bug, which shook the foundations of Internet security. This wasn’t about criminals being clever; it was about the inherent vulnerabilities of human-built software, and it reminded everyone of the need for vigilance, better implementation, and more diligent website security.
Of course, while Heartbleed hit the headlines, criminals were still hard at work making their own opportunities for exploitation, theft and disruption. 2014 saw criminals grow more professional, sophisticated, and aggressive in their tactics to the detriment of businesses and individuals alike.
[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...CODE BLUE
This presentation provides an analysis of the advanced persistent threat (APT) attacks that have occurred during the past two years on the semiconductor industry. Our research shows that the majority of these attacks were concentrated on the Taiwan semiconductor sector. This is worthy of concern, as Taiwan's semiconductor industry plays a very crucial role in the world. Even a small disruption in the supply chain could have a serious ripple effect throughout the entire industry. Surprisingly, up until now, there has been less coverage on these attacks. In this presentation, we seek to shed light on the threat actors and campaigns of these attacks, where they are collectively referred to as Operation Chimera (a.k.a. Skeleton). Additionally, we provide a brief overview of the current information security status of Taiwan's semiconductor industry.
Between 2018 and 2019, we discovered several attacks on various semiconductor vendors located at the Hsinchu Science-based Industrial Park in Taiwan. As these attacks employed similar attack techniques and tactics, a pattern could be discerned from the malicious activities. From this pattern, we deduced that these attacks, which we dubbed Operation Chimera, were actually conducted by the same threat actor. The main objective of these attacks appeared to be stealing intelligence, specifically documents about IC chips, software development kits (SDKs), IC designs, the source code, etc. If such documents are successfully stolen, the impact can be devastating. The motive behind these attacks likely stems from competitors or even countries seeking to gain a competitive advantage over rivals.
Machine identities and their authentication -- using certificates, digital keys and code signing -- are the safety net under our information economy. Learn how to protect them, with three key concepts. From the RSA 2019 Showcase .
The EU Data Protection Regulation and what it means for your organizationSophos Benelux
Session on what the EU Data Protection Regulation actually means for EU organizations and how you can comply. Presented by Michael Heering at the Online Security Summit Belgium.
Digital Shadows protects organizations from digital risks across the widest range of data sources within the open, deep, and dark web.
Learn more at https://resources.digitalshadows.com/
FBI & Secret Service- Business Email Compromise WorkshopErnest Staats
Compiled some Open source and other tools that I that I have used for BEC/EAC protection, security, & training. I had a great time sitting on the panel with other members.
GDPR is weeks away. Being prepared for a data breach is as important as preventing one. No matter how hard you try to protect your network, your data is already out there – just think about how much data you have transferred to third-party organisations such as pension providers, marketing agencies and training companies etc.
This presentation outlines simple steps that can be taken to ensure that if sensitive data is leaked, marketed or sold on the Dark Web, - no matter where it has originated from - you will be notified instantly, maximising your time to respond and potentially saving you millions.
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...Alisha Deboer
Cyber terrorists are sophisticated, organized and disruptive to your business. How prepared are you? Explore the landscape of malicious actors most likely to strike your business and what you can do about it.
Save Your Network – Protecting Healthcare Data from Deadly BreachesLancope, Inc.
As recent events have proven, healthcare organizations are especially vulnerable to cyber-attacks due to the amount of valuable data they maintain. With advanced attacks becoming so ubiquitous, how can healthcare organizations protect patient data and avoid becoming the next high-profile victim in the headlines?
The answer lies in network visibility. Healthcare providers and others are invited to join this complimentary webinar to learn how to:
-Cost-effectively transform their network into a sensor grid for detecting sophisticated attacks
-Quickly uncover suspicious behaviors associated with zero-day attacks, APTs, insider threats and other risks that frequently evade conventional defenses
-Protect their reputation by thwarting attacks before they lead to devastating data loss
Did you know 30% of Ecommerce website visitors are unsavory competitors, hackers, and fraudsters?
Fact is, online retailers are particularly susceptible to the effects of advanced bot threats, including competitive tactics like price scraping, product matching, variation tracking and availability targeting. Even worse, security breaches such as transaction fraud and account takeovers endanger the overall security of your website, customer base, and brand.
When aggressive scrapers caused repeated site slowdowns, Brian Gress, Director of IT Systems & Governance at Hayneedle, said enough was enough.
Key takeaways include how to:
- Stop competitors from scraping your prices and monitoring your inventory
- Reduce chargeback fees due to transaction fraud, carding and account hijacking
- Optimize your conversion funnel and enjoy clean analytics and KPIs
- Protect your brand image, reputation and SEO rankings
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat ReportSymantec
The biggest story in 2014 was, of course, the Heartbleed bug, which shook the foundations of Internet security. This wasn’t about criminals being clever; it was about the inherent vulnerabilities of human-built software, and it reminded everyone of the need for vigilance, better implementation, and more diligent website security.
Of course, while Heartbleed hit the headlines, criminals were still hard at work making their own opportunities for exploitation, theft and disruption. 2014 saw criminals grow more professional, sophisticated, and aggressive in their tactics to the detriment of businesses and individuals alike.
[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...CODE BLUE
This presentation provides an analysis of the advanced persistent threat (APT) attacks that have occurred during the past two years on the semiconductor industry. Our research shows that the majority of these attacks were concentrated on the Taiwan semiconductor sector. This is worthy of concern, as Taiwan's semiconductor industry plays a very crucial role in the world. Even a small disruption in the supply chain could have a serious ripple effect throughout the entire industry. Surprisingly, up until now, there has been less coverage on these attacks. In this presentation, we seek to shed light on the threat actors and campaigns of these attacks, where they are collectively referred to as Operation Chimera (a.k.a. Skeleton). Additionally, we provide a brief overview of the current information security status of Taiwan's semiconductor industry.
Between 2018 and 2019, we discovered several attacks on various semiconductor vendors located at the Hsinchu Science-based Industrial Park in Taiwan. As these attacks employed similar attack techniques and tactics, a pattern could be discerned from the malicious activities. From this pattern, we deduced that these attacks, which we dubbed Operation Chimera, were actually conducted by the same threat actor. The main objective of these attacks appeared to be stealing intelligence, specifically documents about IC chips, software development kits (SDKs), IC designs, the source code, etc. If such documents are successfully stolen, the impact can be devastating. The motive behind these attacks likely stems from competitors or even countries seeking to gain a competitive advantage over rivals.
Machine identities and their authentication -- using certificates, digital keys and code signing -- are the safety net under our information economy. Learn how to protect them, with three key concepts. From the RSA 2019 Showcase .
The EU Data Protection Regulation and what it means for your organizationSophos Benelux
Session on what the EU Data Protection Regulation actually means for EU organizations and how you can comply. Presented by Michael Heering at the Online Security Summit Belgium.
Digital Shadows protects organizations from digital risks across the widest range of data sources within the open, deep, and dark web.
Learn more at https://resources.digitalshadows.com/
FBI & Secret Service- Business Email Compromise WorkshopErnest Staats
Compiled some Open source and other tools that I that I have used for BEC/EAC protection, security, & training. I had a great time sitting on the panel with other members.
GDPR is weeks away. Being prepared for a data breach is as important as preventing one. No matter how hard you try to protect your network, your data is already out there – just think about how much data you have transferred to third-party organisations such as pension providers, marketing agencies and training companies etc.
This presentation outlines simple steps that can be taken to ensure that if sensitive data is leaked, marketed or sold on the Dark Web, - no matter where it has originated from - you will be notified instantly, maximising your time to respond and potentially saving you millions.
3rd Party Cyber Security: Manage your ecosystem!NormShield, Inc.
Your partners, vendors and other key 3rd parties have access to your sensitive networks and data. How confident are you that they're managing their cyber security? This short presentation looks at why you need to view information security as an ecosystem and how you can get intelligence on the big picture.
Did you know that today's cyber threat landscape costs companies BILLIONS in damages each year?
We want to help protect your company, employees and customers from the rising threat landscape!
This presentation includes:
• The state of cybersecurity and the threat landscape
• How a threat-focused approach is changing the ability to detect and respond to breaches
• How to develop a security game plan around a proven process
• How to automatically defend your network with Cisco’s Advanced Malware Protection (AMP)
http://www.utgsolutions.com/solutions/security-compliance
An assessment of UK cyber resilience across the commercial sector. The report highlights information disclosure, as used by hackers to construct attack intelligence.
As presented at ITExpo 2017 and the April Peerlyst Tel-Aviv security Meetup.
Can your company afford to ignore VoIP security? With the number of attacks on your telephone services and mobile devices your chance of being attacked and financial liability is at an all time high. This session offers an introductory primer to securing your VoIP PBX. This talk will include explanations about common attacks, how they can find you, and common techniques you can use to defend your company.
How to Simplify Audit Compliance with Unified Security ManagementAlienVault
Maintaining, verifying, and demonstrating compliance with regulatory requirements, whether PCI DSS, HIPAA, GLBA or others, is far from a trivial exercise. Proving compliance with these requirements often translates into a lot of manual and labor-intensive tasks – chasing down discrepancies in asset inventory spreadsheets, remediating critical vulnerabilities, and weeding through log data trying to make sense of it all. In fact, you may need to consult at least a dozen different tools to assemble the security controls and reports you need. Compliance doesn't have to be so hard.
Review this presentation to learn:
- Common audit compliance failures
- A pre-audit checklist to help you plan and prepare
- Core security capabilities needed to demonstrate compliance
- How to simplify compliance with a unified approach to security
Viscount Systems (OTCQB:VSYS), a Canadian manufacturer of advanced physical access control systems combines traditional access control performance with cyber security (true convergence of logical and physical access) to increase security while driving down facility costs to secure offices, hospitals, critical infrastructure, schools, banks, and manufacturing. Our unique offering satisfies new US Federal Government standards for increased protection of facilities from external threats. http://viscount.com/
Organizations are increasingly looking to their Internal Auditors to provide independent assurance about cyber risks and the organization's ability to defend against cyber attacks. With information technology becoming an inherent critical success factor for every business and the emerging cyber threat landscape, every internal auditor needs to equip themselves on IT audit essentials and cyber issues.
In part 14 of our Cyber Security Series you will learn about the current cyber risks and attack methods from Richard Cascarino, including:
Where are we now and Where are we going?
Current Cyberrisks
• Data Breach and Cloud Misconfigurations
• Insecure Application User Interface (API)
• The growing impact of AI and ML
• Malware Attack
• Single factor passwords
• Insider Threat
• Shadow IT Systems
• Crime, espionage and sabotage by rogue nation-states
• IoT
• CCPA and GDPR
• Cyber attacks on utilities and public infrastructure
• Shift in attack vectors
Companies are struggling to deal with the unstoppable growth of cyber-attacks as hackers get faster, sneakier and more creative. The bad news is - no company is immune, no matter how big or small you are. Without a proper understanding of zero-day threats, companies have no way of exposing the gaps of overhyped security solutions.
Zero-day exploit leaves NO opportunity for detection. This presentation will highlight critical insights combating zero-day threats.
Top 5 EC-Council Certifications That You Should Look Into in 2022.pptxinfosec train
The International Council of E-Commerce Consultants (EC-Council) is the largest certifying body for information security experts globally. The EC-Council is a membership-based organization that certifies people in various information security and e-business skills.
https://www.infosectrain.com/courses/computer-hacking-forensics-investigator-chfi-training-certification/
Office 365 Security Features That Nonprofits Should Know and UseTechSoup
When it comes to email, document storage, and online browsing, security should be foremost. Join us for a 30-minute webinar where we will discuss how you can use built-in features of Office 365 to protect your organization. Learn how to protect your systems and keep data in the hands of only those users who need it.
This webinar is intended for organizations that already use Office 365, or those that want to better understand how Office 365 can keep their communications and data secure.
Struse 2015 A funny thing happened on the way to OASIS: standarising STIX +...James Bryce Clark
Thoughts as DHS takes STIX and TAXII through the open standards process - from the WorldBank / OASIS Borderless Cybersecurity conference. Author = Richard Struse
US Government’s Position on FIDO within NSTICFIDO Alliance
FIDO® for Government & Enterprise Webinar – NSTIC at 4: Putting an Ecosystem into Operation
Will feature:
-How governments and enterprises are engaging with FIDO Alliance
-The new wave of innovative authentication solutions FIDO standards enable
-How the US Government is positioning FIDO within the context of NSTIC (National Strategy for Trusted Identities in Cyberspace)
There is a serious misalignment of interests between Application Security vulnerability assessment vendors and their customers. Vendors are incentivized to report everything they possible can, even issues that rarely matter. On the other hand, customers just want the vulnerability reports that are likely to get them hacked. Every finding beyond that is a waste of time, money, and energy, which is precisely what’s happening every day.
Exploring the Psychological Mechanisms used in Ransomware Splash ScreensJeremiah Grossman
The present study examined a selection of 76 ransomware splash screens collected from a variety of sources. These splash screens were analysed according to surface information, including aspects of visual appearance, the use of language, cultural icons, payment and payment types. The results from the current study showed that, whilst there was a wide variation in the construction of ransomware splash screens, there was a good degree of commonality, particularly in terms of the structure and use of key aspects of social engineering used to elicit payment from the victims. There was the emergence of a sub-set of ransomware that, in the context of this report, was termed ‘Cuckoo’ ransomware. This type of attack often purported to be from an official source requesting payment for alleged transgressions.
What the Kidnapping & Ransom Economy Teaches Us About RansomwareJeremiah Grossman
Ransomware is center stage, as campaigns are practically guaranteed financial gain. Cyber-criminals profit hundreds of millions of dollars by selling our data back to us. If you look closely, the ransomware economic dynamics closely follow the real-world kidnapping and ransom industry. We’ll explore the eerie similarities, where ransomware is headed, and strategies we can bring to the fight.
What the Kidnapping & Ransom Economy Teaches Us About RansomwareJeremiah Grossman
Ransomware is center stage, as campaigns are practically guaranteed financial gain. Cyber-criminals profit hundreds of millions of dollars by selling our data back to us. If you look closely, the ransomware economic dynamics closely follow the real-world kidnapping and ransom industry. We’ll explore the eerie similarities, where ransomware is headed, and strategies we can bring to the fight.
In the past two decades of tech booms, busts, and bubbles, two things have not changed - hackers are still nding ways to breach security measures in place, and the endpoint remains the primary target. And now, with cloud and mobile computing, endpoint devices have become the new enterprise security perimeter, so there is even more pressure to lock them down.
Companies are deploying piles of software on the endpoint to secure it - antivirus, anti- malware, desktop rewalls, intrusion detection, vulnerability management, web ltering, anti-spam, and the list goes on. Yet with all of the solutions in place, high pro le companies are still being breached. The recent attacks on large retail and hospitality organizations are prime examples, where hackers successfully used credit-card-stealing-malware targeting payment servers to collect customer credit card information.
Ransomware is Here: Fundamentals Everyone Needs to KnowJeremiah Grossman
If you’re an IT professional, you probably know at least the basics of ransomware. Instead of using malware or an exploit to exfiltrate PII from an enterprise, bad actors instead find valuable data and encrypt it. Unless you happen to have an NSA-caliber data center at your disposal to break the encryption, you must pay your attacker in cold, hard bitcoins—or else wave goodbye to your PII. Those assumptions aren’t wrong, but they also don’t tell the whole picture.
During this event we’ll discuss topics such as:
Why Ransomware is Exploding
The growth of ransomware, as opposed to garden-variety malware, is enormous. Hackers have found that they can directly monetize the data they encrypt, which eliminates the time-consuming process of selling stolen data on the Darknet. In addition, the use of ransomware requires little in the way of technical skill—because attackers don’t need to get root on a victim’s machine.
Who the Real Targets Are
Two years ago, the most newsworthy victims of ransomware were various police departments. This year, everyone is buzzing about hospitals. Is this a deliberate pattern? Probably not. Enterprises are so ill-prepared for ransomware that attackers have a green field to wreak havoc. Until the industry shapes up, bad actors will target ransomware indiscriminately.
Where Ransomware Stumbles
Although ransomware is nearly impossible to dislodge when employed correctly, you may be surprised to find that not all bad actors have the skill to do it. Even if ransomware targets your network, you may learn that your attackers have used extremely weak encryption—or that they’ve encrypted files that are entirely non-critical.
As far as ransomware is concerned, forewarned is forearmed. Once you know how attackers deliver ransomware, who they’re likely to attack, and the weaknesses in the ransomware deployment model, you’ll be able to understand how to protect your enterprise.
This year WhiteHat SecurityTM celebrates its fteenth anniversary, and the eleventh year that we have produced the Web Applications Security Statistics Report. The stats shared in this report are based on the aggregation of all the scanning and remediation data obtained from applications that used the WhiteHat SentinelTM service for application security testing in 2015. As an early pioneer in the Application Security Market, WhiteHat has a large and unique collection of data to work with.
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)Jeremiah Grossman
WhiteHat Security’s Website Security Statistics Report provides a one-of-a-kind perspective on the state of website security and the issues that organizations must address in order to conduct business online safely.
Website security is an ever-moving target. New website launches are common, new code is released constantly, new web technologies are created and adopted every day; as a result, new attack techniques are frequently disclosed that can put every online business at risk. In order to stay protected, enterprises must receive timely information about how they
can most efficiently defend their websites, gain visibility into
the performance of their security programs, and learn how they compare with their industry peers. Obtaining these insights
is crucial in order to stay ahead and truly improve enterprise website security.
To help, WhiteHat Security has been publishing its Website Security Statistics Report since 2006. This report is the only one that focuses exclusively on unknown vulnerabilities in custom web applications, code that is unique to an organization, and found in real-world websites. The underlying data is hundreds of terabytes in size, comprises vulnerability assessment results from tens of thousands of websites across hundreds of the most well- known organizations, and collectively represents the largest and most accurate picture of website security available. Inside this report is information about the most prevalent vulnerabilities, how many get fixed, how long the fixes can take on average, and how every application security program may measurably improve. The report is organized by industry, and is accompanied by WhiteHat Security’s expert analysis and recommendations.
No More Snake Oil: Why InfoSec Needs Security GuaranteesJeremiah Grossman
Ever notice how everything in InfoSec is sold “as is”? No guarantees, no warrantees, no return policies. For some reason in InfoSec, providing customers with a form of financial coverage for their investment is seen as gimmicky, but the tides and times are changing. This talk discusses use cases on why guarantees are a must have and how guarantees benefit customers as well as InfoSec as a whole.
In this report, we put this area of application security understanding to the test by measuring how various web programming languages and development frameworks actually perform in the field. To which classes of attack are they most prone, how often and for how long; and, how do they fare against popular alternatives? Is it really true that the most popular modern languages and frameworks yield similar results in production websites?
By analyzing the vulnerability assessment results of more than 30,000 websites under management with WhiteHat Sentinel, we begin to answer these questions. These answers may enable the application security community to ask better and deeper questions, which will eventually lead to more secure websites. Organizations deploying these technologies can have a closer look at particularly risk-prone areas. Software vendors may focus on areas that are found to be lacking. Developers can increase their familiarity with the strengths and weaknesses of their technology stack. All of this is vitally important because security must be baked into development frameworks and must be virtually transparent. Only then will application security progress be made.
In this report, we put this area of application security understanding to the test by measuring how various web programming languages and development frameworks actually perform in the field. To which classes of attack are they most prone, how often and for how long; and, how do they fare against popular alternatives? Is it really true that the most popular modern languages and frameworks yield similar results in production websites?
By analyzing the vulnerability assessment results of more than 30,000 websites under management with WhiteHat Sentinel, we begin to answer these questions. These answers may enable the application security community to ask better and deeper questions, which will eventually lead to more secure websites. Organizations deploying these technologies can have a closer look at particularly risk-prone areas. Software vendors may focus on areas that are found to be lacking. Developers can increase their familiarity with the strengths and weaknesses of their technology stack. All of this is vitally important because security must be baked into development frameworks and must be virtually transparent. Only then will application security progress be made.
http://blackhat.com/us-13/briefings.html#Grossman
Online advertising networks can be a web hacker’s best friend. For mere pennies per thousand impressions (that means browsers) there are service providers who allow you to broadly distribute arbitrary javascript -- even malicious javascript! You are SUPPOSED to use this “feature” to show ads, to track users, and get clicks, but that doesn’t mean you have to abide. Absolutely nothing prevents spending $10, $100, or more to create a massive javascript-driven browser botnet instantly. The real-world power is spooky cool. We know, because we tested it… in-the-wild.
With a few lines of HTML5 and javascript code we’ll demonstrate just how you can easily commandeer browsers to perform DDoS attacks, participate in email spam campaigns, crack hashes and even help brute-force passwords. Put simply, instruct browsers to make HTTP requests they didn’t intend, even something as well-known as Cross-Site Request Forgery. With CSRF, no zero-days or malware is required. Oh, and there is no patch. The Web is supposed to work this way. Also nice, when the user leaves the page, our code vanishes. No traces. No tracks.
Before leveraging advertising networks, the reason this attack scenario didn’t worry many people is because it has always been difficult to scale up, which is to say, simultaneously control enough browsers (aka botnets) to reach critical mass. Previously, web hackers tried poisoning search engine results, phishing users via email, link spamming Facebook, Twitter and instant messages, Cross-Site Scripting attacks, publishing rigged open proxies, and malicious browser plugins. While all useful methods in certain scenarios, they lack simplicity, invisibility, and most importantly -- scale. That’s what we want! At a moment’s notice, we will show how it is possible to run javascript on an impressively large number of browsers all at once and no one will be the wiser. Today this is possible, and practical.
WhiteHat Security’s Website Security Statistics Report provides a one-of-a-kind perspective on the state of website security and the issues that organizations must address in order to conduct business online safely.
Website security is an ever-moving target. New website launches are common, new code is released constantly, new Web technologies are created and adopted every day; as a result, new attack techniques are frequently disclosed that can put every online business at risk. In order to stay protected, enterprises must receive timely information about how they can most efficiently defend their websites, gain visibility into the performance of their security programs, and learn how they compare with their industry peers. Obtaining these insights is crucial in order to stay ahead and truly improve enterprise website security.
To help, WhiteHat Security has been publishing its Website Security Statistics Report since 2006. This report is the only one that focuses exclusively on unknown vulnerabilities in custom Web applications, code that is unique to an organization, and found in real-world websites. The underlying data is hundreds of terabytes in size, comprises vulnerability assessment results from tens of thousands of websites across hundreds of the most well-known organizations, and collectively represents the largest and most accurate picture of website security available. Inside this report is information about the most prevalent vulnerabilities, how many get fixed, how long the fixes can take on average, and how every application security program may measurably improve. The report is organized by industry, and is accompanied by WhiteHat Security’s expert analysis and recommendations.
Through its Software-as-a-Service (SaaS) offering, WhiteHat Sentinel, WhiteHat Security is uniquely positioned to deliver the depth of knowledge that organizations require to protect their brands, attain compliance, and avert costly breaches.
http://blog.whitehatsec.com/top-ten-web-hacking-techniques-of-2012/
Recorded Webinar: https://www.whitehatsec.com/webinar/whitehat_webinar_march2713.html
Every year the security community produces a stunning amount of new Web hacking techniques that are published in various white papers, blog posts, magazine articles, mailing list emails, conference presentations, etc. Within the thousands of pages are the latest ways to attack websites, Web browsers, Web proxies, and their mobile platform equivilents. Beyond individual vulnerabilities with CVE numbers or system compromises, here we are solely focused on new and creative methods of Web-based attack. Now it its seventh year, The Top Ten Web Hacking Techniques list encourages information sharing, provides a centralized knowledge-base, and recognizes researchers who contribute excellent work. Past Top Tens and the number of new attack techniques discovered in each year:
WhiteHat Security, the Web security company, today released the twelfth installment of the WhiteHat Security Website Security Statistics Report. The report reviewed serious vulnerabilities* in websites during the 2011 calendar year, examining the severity and duration of the most critical vulnerabilities from 7,000 websites across major vertical markets. Among the findings in the report, WhiteHat research suggests that the average number of serious vulnerabilities found per website per year in 2011 was 79, a substantial reduction from 230 in 2010 and down from 1,111 in 2007. Despite the significant improvement in the state of website security, organizational challenges in creating security programs that balance breadth of coverage and depth of testing leave large-scale attack surfaces or small, but very high-risk vulnerabilities open to attackers.
The report examined data from more than 7,000 websites across over 500 organizations that are continually assessed for vulnerabilities by WhiteHat Security’s family of Sentinel Services. This process provides a real-world look at website security across a range of vertical markets, including findings from the energy and non-profit verticals for the first time this year. The metrics provided serve as a foundation for improving enterprise application security online.
Web Breaches in 2011-“This is Becoming Hourly News and Totally Ridiculous"Jeremiah Grossman
In 2011, attitude towards hacks shifted from "It happens," to "It is happening.” A poorly coded website and web application is all that’s needed to wreak havoc – expensive firewall, pervasive anti-virus and multi-factor authentication be damned. But what is possible? What types of attacks and attackers should we be mindful of? This presentation will show the real risks in a post-2011 Internet.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
3. •CEO, Bit Discovery
•20 years in Information Security
•Founder of WhiteHat Security
•Black Belt in Brazilian Jiu-Jitsu
JEREMIAH
GROSSMAN
4. ASSET
ATTACK SURFACE
From the network perspective of an adversary, the
complete asset inventory of an organization including all
actively listening services (open ports) on each asset.
• a domain name, subdomain, or IP addresses and/or
combination thereof, for a device connected to the Internet
or internal network.
• (an asset) may include, but not limited to, web servers,
name servers, IoT devices, or network printers.
5. •Shadow Asset: The specific asset, as defined by a
hostname/IP-address, that’s unknown or uncontrolled by
the organization.
•Shadow Service: Unknown or uncontrolled services (i.e.,
open ports) that are actively listening on an asset.
•Shadow Software: Unknown or uncontrolled software
stack information (i.e., list of installed software and
versions) of a listening service on an asset.
SHADOWS WITHIN
SHADOW-IT
10. •Collect a list all registered IP-ranges and domain names:
Most organizations will not have a ready up-to-date list.
•Find and scan all subdomains: Assets located on-premise,
in the cloud, hosted applications, labelled under of
subsidiaries, physically located across distributed data
centers, and across non-contiguous IP-ranges.
•Collect all meta-data for every asset: software stack,
version info, TLS cert info, programming language, open
ports, IP geo-location, hosting provider, CDN, etc.
•Maintain an up-to-date attack surface map: The asset data
for most organizations change between 1-5% monthly.
THE ATTACK SURFACE
12. Bit Discovery 2020
INTERNET
“COPY” OF THE
• Generated by Bit Discovery and 400 data sources.
• WHOIS databases, domain names, ASN, ports,
service banners, technology stack, website index
page(s), full TLS certificate info, email addresses,
password dumps, etc.
• Each asset has potentially 115 unique data points.
• Each data point updated daily-to-monthly.
• Hundreds of snapshots collected over 5 years.
Largest Data-Set
Of It’s Kind
*missing ~30% of the Internet*
4.5 BILLION DNS
ENTRIES
200+
INTERNET
SNAPSHOTS
515
DATA SOURCES
115
DATA COLUMNS
150
YEARS OF
CPU TIME
14. The total number of Internet-connected assets.
TOTAL ASSETS
SolutionHealth
Parkland Health
Fairmont Behavioral
Ascension Health
Tenet Healthcare
Children's Hospital Colorado
Tahoe Forest
Effingham Health
Trinity Health
SBH Health
Tulsa Bone and Joint
Vibra Healthcare
Community Health
Granville Health
Atrium Health
Call 4 Health
CommonSpirit Health
LifePoint health
Providence Health
0 10,000 20,000 30,000 40,000
2,839
237
39,956
38
1,752
18
36,639
479
25
22
44
5,293
77
80
22,972
1,010
2,271
795
172
15. The total number of registered domain names.
DOMAIN NAMES
SolutionHealth
Parkland Health
Fairmont Behavioral
Ascension Health
Tenet Healthcare
Children's Hospital Colorado
Tahoe Forest
Effingham Health
Trinity Health
SBH Health
Tulsa Bone and Joint
Vibra Healthcare
Community Health
Granville Health
Atrium Health
Call 4 Health
CommonSpirit Health
LifePoint health
Providence Health
0 350 700 1,050 1,400
93
3
1,400
2
53
1
444
44
1
2
3
312
5
2
8
37
128
30
6
16. The percentage of cloud-hosted assets including Amazon Web
Services, Microsoft Azure, Google App Engine, and others.
CLOUD ASSETS
SolutionHealth
Parkland Health
Fairmont Behavioral
Ascension Health
Tenet Healthcare
Children's Hospital Colorado
Tahoe Forest
Effingham Health
Trinity Health
SBH Health
Tulsa Bone and Joint
Vibra Healthcare
Community Health
Granville Health
Atrium Health
Call 4 Health
CommonSpirit Health
LifePoint health
Providence Health
0 13 25 38 50
14.76
19.41
26.66
7.89
5.31
11.11
20.70
11.69
0.00
0.00
0.00
46.91
0.00
0.00
0.06
1.19
6.16
3.52
1.74
17. The percentage of Internet-accessible assets served by a well-known
Content Delivery Network including Akamai, Cloudflare, and Fastly.
CDN ASSETS
SolutionHealth
Parkland Health
Fairmont Behavioral
Ascension Health
Tenet Healthcare
Children's Hospital Colorado
Tahoe Forest
Effingham Health
Trinity Health
SBH Health
Tulsa Bone and Joint
Vibra Healthcare
Community Health
Granville Health
Atrium Health
Call 4 Health
CommonSpirit Health
LifePoint health
Providence Health
0 8 15 23 30
0
0
3
24
0
0
0
0
24
0
0
0
0
0
0
4
1
0
0
18. The number of unique Certificate Authorities seen across the Internet-
accessible assets.
CERTIFICATE AUTHORITIES
SolutionHealth
Parkland Health
Fairmont Behavioral
Ascension Health
Tenet Healthcare
Children's Hospital Colorado
Tahoe Forest
Effingham Health
Trinity Health
SBH Health
Tulsa Bone and Joint
Vibra Healthcare
Community Health
Granville Health
Atrium Health
Call 4 Health
CommonSpirit Health
LifePoint health
Providence Health
0 10 20 30 40
22
4
39
3
18
2
26
12
1
2
2
37
3
6
5
10
29
9
5
19. The number of expired TLS Certificates seen across the Internet-
accessible assets.
EXPIRED TLS CERTS
SolutionHealth
Parkland Health
Fairmont Behavioral
Ascension Health
Tenet Healthcare
Children's Hospital Colorado
Tahoe Forest
Effingham Health
Trinity Health
SBH Health
Tulsa Bone and Joint
Vibra Healthcare
Community Health
Granville Health
Atrium Health
Call 4 Health
CommonSpirit Health
LifePoint health
Providence Health
0 50 100 150 200
77
3
110
0
16
0
110
2
0
0
0
196
0
0
0
21
90
9
5
20. The number of countries hosting Internet-accessible assets.
COUNTRIES
SolutionHealth
Parkland Health
Fairmont Behavioral
Ascension Health
Tenet Healthcare
Children's Hospital Colorado
Tahoe Forest
Effingham Health
Trinity Health
SBH Health
Tulsa Bone and Joint
Vibra Healthcare
Community Health
Granville Health
Atrium Health
Call 4 Health
CommonSpirit Health
LifePoint health
Providence Health
0 4 7 11 14
4
6
14
1
5
1
12
6
2
1
1
8
1
1
3
4
9
3
2
21. The number of Internet-connected assets where the hostname resolves
to non-route-able RFC-1918 internal IP-addresses.
PRIVATE IP-SPACE
SolutionHealth
Parkland Health
Fairmont Behavioral
Ascension Health
Tenet Healthcare
Children's Hospital Colorado
Tahoe Forest
Effingham Health
Trinity Health
SBH Health
Tulsa Bone and Joint
Vibra Healthcare
Community Health
Granville Health
Atrium Health
Call 4 Health
CommonSpirit Health
LifePoint health
Providence Health
0 8 15 23 30
10
0
8
0
2
0
1
0
0
0
0
1
0
0
0
27
8
0
0
22. Extremely popular free and open-source CMS. Wordpress assets
scanned with WPScan, which includes vulnerabilities in plug-ins.
WORDPRESS VULNS
SolutionHealth
Parkland Health
Fairmont Behavioral
Ascension Health
Tenet Healthcare
Children's Hospital Colorado
Tahoe Forest
Effingham Health
Trinity Health
SBH Health
Tulsa Bone and Joint
Vibra Healthcare
Community Health
Granville Health
Atrium Health
Call 4 Health
CommonSpirit Health
LifePoint health
Providence Health
0 45 90 135 180
21
0
172
0
0
0
65
0
0
0
57
0
0
0
0
1
0
0
0
24. Every
security
program
must begin
with an
attack
surface map.
Jeremiah Grossman
CEO, Bit Discovery
• Attack Surface Map
• Multi-factor Authentication
• Email Security
• Routine Backups
• Wire Transfer Verification
• Password Management