SlideShare a Scribd company logo

How to hack. Cyprus meetup

Ivan Novikov
Ivan Novikov

What exactly security auditors are doing. All is here :)

Technology
1 of 20
Download to read offline
How to hack Security meetup, Limassol, 05/15/18 Ivan Novikov (@d0znpp)
200+ $1M 10+ 1 //(medium|twitter).com/@d0znpp security audits since 2009 total bug bounties and rewards researches and discovers e-book SSRF bible
“Gartner Says Worldwide Information Security Spending Will Grow 7.9 Percent to Reach $81.6 Billion in 2016” 2015 $75 B 2016 $81.6 B This bullet definitely costs more than $156.6 B It’s not a silver… Or the weight is about 269’400 tons
One simple question
How it works?
Why? Two important things since the 30s No documentation (because of the Apple and UX) ● Try to find documentation for Chrome :) ● How to understand that it’s the bug but not a backdoor Closed source software (because of the Intel et al.) ● What’s does “Intel inside” really mean?
Layer cake How many layers do you know? I spent last 10 year for the security and don't sure that know about all of them
Computer science
Information security
What exactly we are doing Perimeter discovery Vulnerability discovery Exploitation Post-exploitation Risk analysis
Perimeter discovery NOC Vulnerability discovery QA engineer Exploitation Developer Post-exploitation DevOps Risk analysis Manager What exactly we are doing
Main aspects Perimeter. Just know your perimeter 3rd party components and software. Just know your requirements Test coverage and test plan Monitoring Incident response
Case #1. Gaming platform (10+ games under the roof) A hacker found SQL injection because on gaming forum The forum was connected to main players database Hackers started to ‘;INSERT INTO stuff SET (<userid>, <rare-stuff-id>, … Then they sold a lot of stuff for 30% price Crash the entire game economy No users report (all of them were happy)
Case #2. E-commerce platform, #1 local market player The point was to ship order with no payment somewhere From the website to corporate network Research how it’s going on inside with shipments Hack the printer and just print an order on it Staff there will use paper to deliver order ;)
Case #3. Internet bank Client-side vector like really Digital signatures everywhere Stored XSS (Cross Site Scripting) in a news feed JavaScript inject to send transactions when token installed on the client side Use the same JS to hide these transactions from the web page ;)
Case #4. Payment system, a secured one We tried to hack smth but were failed Perimeter discovery process identified IoT devices inside corporate AS (thanks BGP) Found security cameras which protects private space (home of one of the co-founder) Hacked DVR device (Digital Video Recorded) inside home network Found VPN from there to corporate network Hacked power device in a datacenter to avoid isolation
Case #5. Hack them all!
Thanks! Follow me: @d0znpp Twitter, Medium, Facebook, Telegram, Snapchat https://www.forbes.com/sites/forbestechcouncil/people/ivannovikov/
How to hack. Cyprus meetup

Recommended

Vishwadeep Presentation On NSA PRISM Spying
Vishwadeep Presentation On NSA PRISM SpyingVishwadeep Presentation On NSA PRISM Spying
Vishwadeep Presentation On NSA PRISM Spying
Vishwadeep Badgujar
 
OSINT with Practical: Real Life Examples
OSINT with Practical: Real Life ExamplesOSINT with Practical: Real Life Examples
OSINT with Practical: Real Life Examples
SyedAmoz
 
NCSO
NCSONCSO
NCSO
Avraham Lerner
 
Advanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsAdvanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU Investigators
Sloan Carne
 
Digital Breadcrums: Investigating Internet Crime with Open Source Intelligenc...
Digital Breadcrums: Investigating Internet Crime with Open Source Intelligenc...Digital Breadcrums: Investigating Internet Crime with Open Source Intelligenc...
Digital Breadcrums: Investigating Internet Crime with Open Source Intelligenc...
Nicholas Tancredi
 
Weaponizing OSINT – Hacker Halted 2019 – Michael James
Weaponizing OSINT – Hacker Halted 2019 – Michael James Weaponizing OSINT – Hacker Halted 2019 – Michael James
Weaponizing OSINT – Hacker Halted 2019 – Michael James
EC-Council
 
How We Got Here: A History of Computer Security And Its Design
How We Got Here: A History of Computer Security And Its DesignHow We Got Here: A History of Computer Security And Its Design
How We Got Here: A History of Computer Security And Its Design
UXPALA
 
Forensic Science Informatics P3 M3 D3
Forensic Science Informatics P3 M3 D3Forensic Science Informatics P3 M3 D3
Forensic Science Informatics P3 M3 D3
Steve Bishop
 

Recommended

Vishwadeep Presentation On NSA PRISM Spying
Vishwadeep Presentation On NSA PRISM SpyingVishwadeep Presentation On NSA PRISM Spying
Vishwadeep Presentation On NSA PRISM Spying
Vishwadeep Badgujar
 
OSINT with Practical: Real Life Examples
OSINT with Practical: Real Life ExamplesOSINT with Practical: Real Life Examples
OSINT with Practical: Real Life Examples
SyedAmoz
 
NCSO
NCSONCSO
NCSO
Avraham Lerner
 
Advanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsAdvanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU Investigators
Sloan Carne
 
Digital Breadcrums: Investigating Internet Crime with Open Source Intelligenc...
Digital Breadcrums: Investigating Internet Crime with Open Source Intelligenc...Digital Breadcrums: Investigating Internet Crime with Open Source Intelligenc...
Digital Breadcrums: Investigating Internet Crime with Open Source Intelligenc...
Nicholas Tancredi
 
Weaponizing OSINT – Hacker Halted 2019 – Michael James
Weaponizing OSINT – Hacker Halted 2019 – Michael James Weaponizing OSINT – Hacker Halted 2019 – Michael James
Weaponizing OSINT – Hacker Halted 2019 – Michael James
EC-Council
 
How We Got Here: A History of Computer Security And Its Design
How We Got Here: A History of Computer Security And Its DesignHow We Got Here: A History of Computer Security And Its Design
How We Got Here: A History of Computer Security And Its Design
UXPALA
 
Forensic Science Informatics P3 M3 D3
Forensic Science Informatics P3 M3 D3Forensic Science Informatics P3 M3 D3
Forensic Science Informatics P3 M3 D3
Steve Bishop
 
Security
SecuritySecurity
Security
Bob Cherry
 
Abusing "Accepted Risk" With 3rd Party C2 - HackMiamiCon5
Abusing "Accepted Risk" With 3rd Party C2 - HackMiamiCon5Abusing "Accepted Risk" With 3rd Party C2 - HackMiamiCon5
Abusing "Accepted Risk" With 3rd Party C2 - HackMiamiCon5
sixdub
 
News Bytes by Jaskaran Narula - Null Meet Bhopal
News Bytes by Jaskaran Narula - Null Meet Bhopal News Bytes by Jaskaran Narula - Null Meet Bhopal
News Bytes by Jaskaran Narula - Null Meet Bhopal
Jaskaran Narula
 
AI: The New Player in Cybersecurity (Nov. 08, 2023)
AI: The New Player in Cybersecurity (Nov. 08, 2023)AI: The New Player in Cybersecurity (Nov. 08, 2023)
AI: The New Player in Cybersecurity (Nov. 08, 2023)
Takeshi Takahashi
 
Smart Bombs: Mobile Vulnerability and Exploitation
Smart Bombs: Mobile Vulnerability and ExploitationSmart Bombs: Mobile Vulnerability and Exploitation
Smart Bombs: Mobile Vulnerability and Exploitation
Tom Eston
 
Getting users to care about security
Getting users to care about securityGetting users to care about security
Getting users to care about security
Alison Gianotto
 
How to prevent cyber terrorism taragana
How to prevent cyber terrorism taraganaHow to prevent cyber terrorism taragana
How to prevent cyber terrorism taragana
Gilles Sgro
 
Lecture about network and host security to NII students
Lecture about network and host security to NII studentsLecture about network and host security to NII students
Lecture about network and host security to NII students
Akiumi Hasegawa
 
DSS @ Digital ERA 2014 - Security in the digital world
DSS @ Digital ERA 2014 - Security in the digital worldDSS @ Digital ERA 2014 - Security in the digital world
DSS @ Digital ERA 2014 - Security in the digital world
Andris Soroka
 
The difference between a duck
The difference between a duckThe difference between a duck
The difference between a duck
SensePost
 
E security and payment 2013-1
E security and payment 2013-1E security and payment 2013-1
E security and payment 2013-1
Abdelfatah hegazy
 
CrowdSec A-Round Fundraising Deck
CrowdSec A-Round Fundraising DeckCrowdSec A-Round Fundraising Deck
CrowdSec A-Round Fundraising Deck
CrowdSec
 
Broken by design (Danny Fullerton)
Broken by design (Danny Fullerton)Broken by design (Danny Fullerton)
Broken by design (Danny Fullerton)
Hackfest Communication
 
Year of pawnage - Ian trump
Year of pawnage - Ian trumpYear of pawnage - Ian trump
Year of pawnage - Ian trump
MAXfocus
 
Threat report h1_2013
Threat report h1_2013Threat report h1_2013
Threat report h1_2013
Комсс Файквэе
 
A Steganography-based Covert Keylogger
A Steganography-based Covert KeyloggerA Steganography-based Covert Keylogger
A Steganography-based Covert Keylogger
CSCJournals
 
03.fnc corporate protect workshop new
03.fnc corporate protect workshop new03.fnc corporate protect workshop new
03.fnc corporate protect workshop new
forensicsnation
 
FNC Corporate Protect
FNC Corporate ProtectFNC Corporate Protect
FNC Corporate Protect
forensicsnation
 
FNC Corporate Protect Workshop
FNC Corporate Protect WorkshopFNC Corporate Protect Workshop
FNC Corporate Protect Workshop
forensicsnation
 
The Internet of Things: We've Got to Chat
The Internet of Things: We've Got to ChatThe Internet of Things: We've Got to Chat
The Internet of Things: We've Got to Chat
Duo Security
 
Where is my silver bullet?!
Where is my silver bullet?!Where is my silver bullet?!
Where is my silver bullet?!
Ivan Novikov
 
OpenSSL rands (fork-safe)
OpenSSL rands (fork-safe)OpenSSL rands (fork-safe)
OpenSSL rands (fork-safe)
Ivan Novikov
 

More Related Content

Similar to How to hack. Cyprus meetup

Getting users to care about security
Getting users to care about securityGetting users to care about security
Getting users to care about security
Alison Gianotto
 
How to prevent cyber terrorism taragana
How to prevent cyber terrorism taraganaHow to prevent cyber terrorism taragana
How to prevent cyber terrorism taragana
Gilles Sgro
 
DSS @ Digital ERA 2014 - Security in the digital world
DSS @ Digital ERA 2014 - Security in the digital worldDSS @ Digital ERA 2014 - Security in the digital world
DSS @ Digital ERA 2014 - Security in the digital world
Andris Soroka
 
E security and payment 2013-1
E security and payment 2013-1E security and payment 2013-1
E security and payment 2013-1
Abdelfatah hegazy
 
Year of pawnage - Ian trump
Year of pawnage - Ian trumpYear of pawnage - Ian trump
Year of pawnage - Ian trump
MAXfocus
 
A Steganography-based Covert Keylogger
A Steganography-based Covert KeyloggerA Steganography-based Covert Keylogger
A Steganography-based Covert Keylogger
CSCJournals
 
03.fnc corporate protect workshop new
03.fnc corporate protect workshop new03.fnc corporate protect workshop new
03.fnc corporate protect workshop new
forensicsnation
 
FNC Corporate Protect Workshop
FNC Corporate Protect WorkshopFNC Corporate Protect Workshop
FNC Corporate Protect Workshop
forensicsnation
 

Similar to How to hack. Cyprus meetup (20)

Security
SecuritySecurity
Security
 
Abusing "Accepted Risk" With 3rd Party C2 - HackMiamiCon5
Abusing "Accepted Risk" With 3rd Party C2 - HackMiamiCon5Abusing "Accepted Risk" With 3rd Party C2 - HackMiamiCon5
Abusing "Accepted Risk" With 3rd Party C2 - HackMiamiCon5
 
News Bytes by Jaskaran Narula - Null Meet Bhopal
News Bytes by Jaskaran Narula - Null Meet Bhopal News Bytes by Jaskaran Narula - Null Meet Bhopal
News Bytes by Jaskaran Narula - Null Meet Bhopal
 
AI: The New Player in Cybersecurity (Nov. 08, 2023)
AI: The New Player in Cybersecurity (Nov. 08, 2023)AI: The New Player in Cybersecurity (Nov. 08, 2023)
AI: The New Player in Cybersecurity (Nov. 08, 2023)
 
Smart Bombs: Mobile Vulnerability and Exploitation
Smart Bombs: Mobile Vulnerability and ExploitationSmart Bombs: Mobile Vulnerability and Exploitation
Smart Bombs: Mobile Vulnerability and Exploitation
 
Getting users to care about security
Getting users to care about securityGetting users to care about security
Getting users to care about security
 
How to prevent cyber terrorism taragana
How to prevent cyber terrorism taraganaHow to prevent cyber terrorism taragana
How to prevent cyber terrorism taragana
 
Lecture about network and host security to NII students
Lecture about network and host security to NII studentsLecture about network and host security to NII students
Lecture about network and host security to NII students
 
DSS @ Digital ERA 2014 - Security in the digital world
DSS @ Digital ERA 2014 - Security in the digital worldDSS @ Digital ERA 2014 - Security in the digital world
DSS @ Digital ERA 2014 - Security in the digital world
 
The difference between a duck
The difference between a duckThe difference between a duck
The difference between a duck
 
E security and payment 2013-1
E security and payment 2013-1E security and payment 2013-1
E security and payment 2013-1
 
CrowdSec A-Round Fundraising Deck
CrowdSec A-Round Fundraising DeckCrowdSec A-Round Fundraising Deck
CrowdSec A-Round Fundraising Deck
 
Broken by design (Danny Fullerton)
Broken by design (Danny Fullerton)Broken by design (Danny Fullerton)
Broken by design (Danny Fullerton)
 
Year of pawnage - Ian trump
Year of pawnage - Ian trumpYear of pawnage - Ian trump
Year of pawnage - Ian trump
 
Threat report h1_2013
Threat report h1_2013Threat report h1_2013
Threat report h1_2013
 
A Steganography-based Covert Keylogger
A Steganography-based Covert KeyloggerA Steganography-based Covert Keylogger
A Steganography-based Covert Keylogger
 
03.fnc corporate protect workshop new
03.fnc corporate protect workshop new03.fnc corporate protect workshop new
03.fnc corporate protect workshop new
 
FNC Corporate Protect
FNC Corporate ProtectFNC Corporate Protect
FNC Corporate Protect
 
FNC Corporate Protect Workshop
FNC Corporate Protect WorkshopFNC Corporate Protect Workshop
FNC Corporate Protect Workshop
 
The Internet of Things: We've Got to Chat
The Internet of Things: We've Got to ChatThe Internet of Things: We've Got to Chat
The Internet of Things: We've Got to Chat
 

More from Ivan Novikov

Where is my silver bullet?!
Where is my silver bullet?!Where is my silver bullet?!
Where is my silver bullet?!
Ivan Novikov
 
Data normalization weaknesses
Data normalization weaknessesData normalization weaknesses
Data normalization weaknesses
Ivan Novikov
 
Distributed computing in browsers as client side attack
Distributed computing in browsers as client side attackDistributed computing in browsers as client side attack
Distributed computing in browsers as client side attack
Ivan Novikov
 
Yandex rewards. ONsec experience
Yandex rewards. ONsec experienceYandex rewards. ONsec experience
Yandex rewards. ONsec experience
Ivan Novikov
 

More from Ivan Novikov (7)

Where is my silver bullet?!
Where is my silver bullet?!Where is my silver bullet?!
Where is my silver bullet?!
 
OpenSSL rands (fork-safe)
OpenSSL rands (fork-safe)OpenSSL rands (fork-safe)
OpenSSL rands (fork-safe)
 
Data normalization weaknesses
Data normalization weaknessesData normalization weaknesses
Data normalization weaknesses
 
Lie to Me: Bypassing Modern Web Application Firewalls
Lie to Me: Bypassing Modern Web Application FirewallsLie to Me: Bypassing Modern Web Application Firewalls
Lie to Me: Bypassing Modern Web Application Firewalls
 
Distributed computing in browsers as client side attack
Distributed computing in browsers as client side attackDistributed computing in browsers as client side attack
Distributed computing in browsers as client side attack
 
Yandex rewards. ONsec experience
Yandex rewards. ONsec experienceYandex rewards. ONsec experience
Yandex rewards. ONsec experience
 
SSRF workshop
SSRF workshop SSRF workshop
SSRF workshop
 

Recently uploaded

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Recently uploaded (20)

WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 

How to hack. Cyprus meetup

  • 1. How to hack Security meetup, Limassol, 05/15/18 Ivan Novikov (@d0znpp)
  • 2. 200+ $1M 10+ 1 //(medium|twitter).com/@d0znpp security audits since 2009 total bug bounties and rewards researches and discovers e-book SSRF bible
  • 3. “Gartner Says Worldwide Information Security Spending Will Grow 7.9 Percent to Reach $81.6 Billion in 2016” 2015 $75 B 2016 $81.6 B This bullet definitely costs more than $156.6 B It’s not a silver… Or the weight is about 269’400 tons
  • 6. Why? Two important things since the 30s No documentation (because of the Apple and UX) ● Try to find documentation for Chrome :) ● How to understand that it’s the bug but not a backdoor Closed source software (because of the Intel et al.) ● What’s does “Intel inside” really mean?
  • 7. Layer cake How many layers do you know? I spent last 10 year for the security and don't sure that know about all of them
  • 10. What exactly we are doing Perimeter discovery Vulnerability discovery Exploitation Post-exploitation Risk analysis
  • 11. Perimeter discovery NOC Vulnerability discovery QA engineer Exploitation Developer Post-exploitation DevOps Risk analysis Manager What exactly we are doing
  • 12.
  • 13. Main aspects Perimeter. Just know your perimeter 3rd party components and software. Just know your requirements Test coverage and test plan Monitoring Incident response
  • 14. Case #1. Gaming platform (10+ games under the roof) A hacker found SQL injection because on gaming forum The forum was connected to main players database Hackers started to ‘;INSERT INTO stuff SET (<userid>, <rare-stuff-id>, … Then they sold a lot of stuff for 30% price Crash the entire game economy No users report (all of them were happy)
  • 15. Case #2. E-commerce platform, #1 local market player The point was to ship order with no payment somewhere From the website to corporate network Research how it’s going on inside with shipments Hack the printer and just print an order on it Staff there will use paper to deliver order ;)
  • 16. Case #3. Internet bank Client-side vector like really Digital signatures everywhere Stored XSS (Cross Site Scripting) in a news feed JavaScript inject to send transactions when token installed on the client side Use the same JS to hide these transactions from the web page ;)
  • 17. Case #4. Payment system, a secured one We tried to hack smth but were failed Perimeter discovery process identified IoT devices inside corporate AS (thanks BGP) Found security cameras which protects private space (home of one of the co-founder) Hacked DVR device (Digital Video Recorded) inside home network Found VPN from there to corporate network Hacked power device in a datacenter to avoid isolation
  • 18. Case #5. Hack them all!
  • 19. Thanks! Follow me: @d0znpp Twitter, Medium, Facebook, Telegram, Snapchat https://www.forbes.com/sites/forbestechcouncil/people/ivannovikov/