IPv6-Experte Joe Klein gab uns einen Überblick über den aktuellen Status der IPv6-Sicherheit, typische IPv6-Angriffspunkte, Auswirkungen von Technologien wie Cloud und Blockchain sowie Herausforderungen für effektive IoT-Sicherheitsmassnahmen (Internet of Things). Vor allem im Internet der Dinge, wenn es um Gesundheitsversorgung, selbstfahrende Autos, Flugzeugcockpits, Dämme, Kernkraftwerke und ähnliche kritische Infrastrukturen geht, ist es von entscheidender Bedeutung, dass Sicherheit gewährleistet werden kann.
Corporate Espionage without the Hassle of Committing FeloniesJohn Bambenek
Thotcon Presentation by John Bambenek on how some security solutions are leaking sensitive data to the internet making it easy to spy on individuals and companies without breaking any laws.
Slide yang kupresentasikan di PyCon 2019 (Surabaya, 23/11/2019)
Red-Teaming is a simulation of real world hacking against organization. It has little to no limit of time, location, and method to attack. Only results matter. This talk gives insight about how “hacker” works and how python can be used for sophisticated series of attack.
IoT Malware: Comprehensive Survey, Analysis Framework and Case StudiesPriyanka Aash
Computer malware in all its forms is nearly as old as the first PCs running commodity OSes, dating back at least 30 years. However, the number and the variety of "computing devices" dramatically increased during the last several years. Therefore, the focus of malware authors and operators slowly but steadily started shifting or expanding towards Internet of Things (IoT) malware.
Unfortunately, at present there is no publicly available comprehensive study and methodology that collects, analyses, measures, and presents the (meta-)data related to IoT malware in a systematic and a holistic manner. In most cases, if not all, the resources on the topic are available as blog posts, sparse technical reports, or Systematization of Knowledge (SoK) papers deeply focused on a particular IoT malware strain (e.g., Mirai). Some other times those resources are already unavailable, or can become unavailable or restricted at any time. Moreover, many of such resources contain errors (e.g., wrong CVEs), omissions (e.g., hashes), limited perspectives (e.g., network behaviour only), or otherwise present incomplete or inaccurate analysis. Hence, all these factors leave unattended the main challenges of analysing, tracking, detecting, and defending against IoT malware in a systematic, effective and efficient way.
This work attempts to bridge this gap. We start with mostly manual collection, archival, meta-information extraction and cross-validation of more than 637 unique resources related to IoT malware families. These resources relate to 60 1 IoT malware families, and include 260 resources related to 48 unique vulnerabilities used in the disclosed or detected IoT malware attacks. We then use the extracted information to establish as accurately as possible the timeline of events related to each IoT malware family and relevant vulnerabilities, and to outline important insights and statistics. For example, our analysis shows that the mean and median CVSS scores of all analyzed vulnerabilities employed by the IoT malware families are quite modest yet: 6.9 and 7.1 for CVSSv2, and 7.5 and 7.5 for CVSSv3 respectively. Moreover, the public knowledge to defend against or prevent those vulnerabilities could have been used, on average, at least 90 days before the first malware samples were submitted for analysis. Finally, to help validate our work as well as to motivate its continuous growth and improvement by the research community, we open-source our datasets and release our IoT malware analysis framework and our IoT malware analysis framework.
Corporate Espionage without the Hassle of Committing FeloniesJohn Bambenek
Thotcon Presentation by John Bambenek on how some security solutions are leaking sensitive data to the internet making it easy to spy on individuals and companies without breaking any laws.
Slide yang kupresentasikan di PyCon 2019 (Surabaya, 23/11/2019)
Red-Teaming is a simulation of real world hacking against organization. It has little to no limit of time, location, and method to attack. Only results matter. This talk gives insight about how “hacker” works and how python can be used for sophisticated series of attack.
IoT Malware: Comprehensive Survey, Analysis Framework and Case StudiesPriyanka Aash
Computer malware in all its forms is nearly as old as the first PCs running commodity OSes, dating back at least 30 years. However, the number and the variety of "computing devices" dramatically increased during the last several years. Therefore, the focus of malware authors and operators slowly but steadily started shifting or expanding towards Internet of Things (IoT) malware.
Unfortunately, at present there is no publicly available comprehensive study and methodology that collects, analyses, measures, and presents the (meta-)data related to IoT malware in a systematic and a holistic manner. In most cases, if not all, the resources on the topic are available as blog posts, sparse technical reports, or Systematization of Knowledge (SoK) papers deeply focused on a particular IoT malware strain (e.g., Mirai). Some other times those resources are already unavailable, or can become unavailable or restricted at any time. Moreover, many of such resources contain errors (e.g., wrong CVEs), omissions (e.g., hashes), limited perspectives (e.g., network behaviour only), or otherwise present incomplete or inaccurate analysis. Hence, all these factors leave unattended the main challenges of analysing, tracking, detecting, and defending against IoT malware in a systematic, effective and efficient way.
This work attempts to bridge this gap. We start with mostly manual collection, archival, meta-information extraction and cross-validation of more than 637 unique resources related to IoT malware families. These resources relate to 60 1 IoT malware families, and include 260 resources related to 48 unique vulnerabilities used in the disclosed or detected IoT malware attacks. We then use the extracted information to establish as accurately as possible the timeline of events related to each IoT malware family and relevant vulnerabilities, and to outline important insights and statistics. For example, our analysis shows that the mean and median CVSS scores of all analyzed vulnerabilities employed by the IoT malware families are quite modest yet: 6.9 and 7.1 for CVSSv2, and 7.5 and 7.5 for CVSSv3 respectively. Moreover, the public knowledge to defend against or prevent those vulnerabilities could have been used, on average, at least 90 days before the first malware samples were submitted for analysis. Finally, to help validate our work as well as to motivate its continuous growth and improvement by the research community, we open-source our datasets and release our IoT malware analysis framework and our IoT malware analysis framework.
IoT offers a plethora of new protocols and frequencies over which communication travels. Protocols and services such as SSDP, P25, Zigbee, Z-Wave, WiFi and more provide countless ways to exfiltrate data or infiltrate the network. Through real-world examples, sample code and demos, presenters will bring to light these threats and new methods for detecting aberrant behavior emanating to/from these devices.
Learning Objectives:
1: Gain a better understanding of the many IoT protocols, frequencies and services.
2: Learn how IoT communications can be exploited to exfiltrate your network.
3: Obtain a list of techniques for detecting these aberrant IoT behaviors.
(Source: RSA Conference USA 2018)
npm packages are awesome, but also introduce risk.
This presentation explains how packages may introduce known vulnerabilities into your application, explains their impact, and most importantly, shows how to protect yourself.
The few slides were complemented by running several vulnerability exploits against the vulnerable demo app Goof from here: https://github.com/Snyk/goof
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standardsSecuRing
The presentation focuses on the whole process of security testing and present it by analogies to the web applications which are quite well-known. It covers the whole SDLC and show the similarities and differences in the arsenal of vulnerabilities, security tools and standards between the smart contracts and web applications on each step. Even though there exist a lot of great security projects for smart contracts, we do not have single, widely accepted security standard (such as ASVS in web apps world). That is why we introduce SCSVS (Smart Contract Security Verification Standard), a open-source 13-part checklist created to standardize the security of smart contracts for developers, architects, security reviewers and vendors.
This session will provide insight into highly disruptive breaches that MANDIANT investigated over the past year. It describes how threat actors have destroyed system infrastructure and taken companies offline for weeks. The threat actors are split into two categories for this talk and focused on the SHAMOON cases. I will also talk about highlights from Incident Response cases of 2017. Financially motivated vs Non Financially motivated. I will talk about how recent attacks with SHAMOON differ - their motives compared to financially motivated threat actors. Highlights from a couple of 2017 IRs - Overview of TTPs of the important State Sponsored Attacks seen in 2017.
We often hear about hackers and hacking in the media in a pejorative way. It's time to reclaim the word! The Urban Dictionary defines hacking as:
"To program a computer in a clever, virtuosic, and wizardly manner. Ordinary computer jockeys merely write programs; hacking is the domain of digital poets. Hacking is a subtle and arguably mystical art, equal parts wit and technical ability, that is rarely appreciated by non-hackers."
What are we talking about here? Hackers built the Internet and the World-Wide Web. Hackers wrote the Linux kernel, which now powers over 900m Android devices worldwide. In this talk for Software Aliiance Wales I look at what it means to be a hacker, and how to develop your hacking skills.
Over the past year, Intel Security has actively participated with global law enforcement agencies in take-down operations to shut down cybercrime infrastructure, associated malware and the cybercriminals themselves. This session will deconstruct emerging attack campaigns and techniques, examine pragmatic defense strategies and discuss what to expect in the future.
The SOC analyst training program is meticulously designed by the subject matter experts at Infosec Train. The training program offers a deep insight into the SOC operations and workflows. It is an excellent opportunity for aspiring and current SOC analysts (L1/L2/L3) to level up their skills to mitigate business risks by effectively handling and responding to security threats.
https://www.infosectrain.com/courses/soc-analyst-expert-training/
The SOC analyst training program is meticulously designed by the subject matter experts at Infosec Train. The training program offers a deep insight into the SOC operations and workflows. It is an excellent opportunity for aspiring and current SOC analysts (L1/L2/L3) to level up their skills to mitigate business risks by effectively handling and responding to security threats.
https://www.infosectrain.com/courses/soc-analyst-expert-training/
Jon Noble. Jon will give a brief overview of why you should consider security as part of your CloudStack deployment, why your approach to security needs to be different than in a traditional environment, and also talk about some of the motives behind the attacks – why they attack you and what they do once they have compromised a system.
IoT offers a plethora of new protocols and frequencies over which communication travels. Protocols and services such as SSDP, P25, Zigbee, Z-Wave, WiFi and more provide countless ways to exfiltrate data or infiltrate the network. Through real-world examples, sample code and demos, presenters will bring to light these threats and new methods for detecting aberrant behavior emanating to/from these devices.
Learning Objectives:
1: Gain a better understanding of the many IoT protocols, frequencies and services.
2: Learn how IoT communications can be exploited to exfiltrate your network.
3: Obtain a list of techniques for detecting these aberrant IoT behaviors.
(Source: RSA Conference USA 2018)
npm packages are awesome, but also introduce risk.
This presentation explains how packages may introduce known vulnerabilities into your application, explains their impact, and most importantly, shows how to protect yourself.
The few slides were complemented by running several vulnerability exploits against the vulnerable demo app Goof from here: https://github.com/Snyk/goof
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standardsSecuRing
The presentation focuses on the whole process of security testing and present it by analogies to the web applications which are quite well-known. It covers the whole SDLC and show the similarities and differences in the arsenal of vulnerabilities, security tools and standards between the smart contracts and web applications on each step. Even though there exist a lot of great security projects for smart contracts, we do not have single, widely accepted security standard (such as ASVS in web apps world). That is why we introduce SCSVS (Smart Contract Security Verification Standard), a open-source 13-part checklist created to standardize the security of smart contracts for developers, architects, security reviewers and vendors.
This session will provide insight into highly disruptive breaches that MANDIANT investigated over the past year. It describes how threat actors have destroyed system infrastructure and taken companies offline for weeks. The threat actors are split into two categories for this talk and focused on the SHAMOON cases. I will also talk about highlights from Incident Response cases of 2017. Financially motivated vs Non Financially motivated. I will talk about how recent attacks with SHAMOON differ - their motives compared to financially motivated threat actors. Highlights from a couple of 2017 IRs - Overview of TTPs of the important State Sponsored Attacks seen in 2017.
We often hear about hackers and hacking in the media in a pejorative way. It's time to reclaim the word! The Urban Dictionary defines hacking as:
"To program a computer in a clever, virtuosic, and wizardly manner. Ordinary computer jockeys merely write programs; hacking is the domain of digital poets. Hacking is a subtle and arguably mystical art, equal parts wit and technical ability, that is rarely appreciated by non-hackers."
What are we talking about here? Hackers built the Internet and the World-Wide Web. Hackers wrote the Linux kernel, which now powers over 900m Android devices worldwide. In this talk for Software Aliiance Wales I look at what it means to be a hacker, and how to develop your hacking skills.
Over the past year, Intel Security has actively participated with global law enforcement agencies in take-down operations to shut down cybercrime infrastructure, associated malware and the cybercriminals themselves. This session will deconstruct emerging attack campaigns and techniques, examine pragmatic defense strategies and discuss what to expect in the future.
The SOC analyst training program is meticulously designed by the subject matter experts at Infosec Train. The training program offers a deep insight into the SOC operations and workflows. It is an excellent opportunity for aspiring and current SOC analysts (L1/L2/L3) to level up their skills to mitigate business risks by effectively handling and responding to security threats.
https://www.infosectrain.com/courses/soc-analyst-expert-training/
The SOC analyst training program is meticulously designed by the subject matter experts at Infosec Train. The training program offers a deep insight into the SOC operations and workflows. It is an excellent opportunity for aspiring and current SOC analysts (L1/L2/L3) to level up their skills to mitigate business risks by effectively handling and responding to security threats.
https://www.infosectrain.com/courses/soc-analyst-expert-training/
Jon Noble. Jon will give a brief overview of why you should consider security as part of your CloudStack deployment, why your approach to security needs to be different than in a traditional environment, and also talk about some of the motives behind the attacks – why they attack you and what they do once they have compromised a system.
The Offensive Cyber Security Certification will upgrade your skills to become a pentester, exploit developer. You will learn multiple offensive approaches to access infrastructure, environment, and information, performing risk analysis and mitigation, compliance, and much more with this program.
https://www.infosectrain.com/courses/offensive-cyber-security-engineer-training/
The Offensive Cyber Security Certification will upgrade your skills to become a pentester, exploit developer. You will learn multiple offensive approaches to access infrastructure, environment, and information, performing risk analysis and mitigation, compliance, and much more with this program.
The Offensive Cyber Security Certification will upgrade your skills to become a pentester, exploit developer. You will learn multiple offensive approaches to access infrastructure, environment, and information, performing risk analysis and mitigation, compliance, and much more with this program.
https://www.infosectrain.com/courses/offensive-cyber-security-engineer-training/
I'm take picture from here and there by goggling not mentioning all source please let me know if anyone has any objection. This presentation was presented in IUT CTF G3t R00t
Defcon through the_eyes_of_the_attacker_2018_slidesMarina Krotofil
Through the Eyes of the Attacker: Designing Embedded Systems Exploits for Industrial Control Systems
In 2017 a malware framework dubbed TRITON (also referred to as TRISIS or HatMan) was discovered targeting a petrochemical plant in Saudi Arabia. TRITON was designed to compromise the Schneider Electric Triconex line of Safety Instrumented Systems (SIS), potentially in order to cause physical damage. TRITON is the most complex publicly known ICS attack framework to date and the first publicly known one to target safety controllers. While the functionality of the malware is understood, little is known about the complexity of developing such an implant. The goal of this talk is to provide the audience with a “through the eyes of the attacker” experience in designing advanced embedded systems exploits & implants for Industrial Control Systems (ICS). Attendees will learn about the background of the TRITON incident, the process of reverse-engineering and exploiting ICS devices and developing implants and OT payloads as part of a cyber-physical attack and will be provided with details on real-world ICS vulnerabilities and implant strategies.
In the first part of the talk we will provide an introduction to ICS attacks in general and the TRITON incident in particular. We will outline the danger of TRITON being repurposed by copycats and estimate the complexity and development cost of such offensive ICS capabilities.
In the second and third parts of the talk we will discuss the process of exploiting ICS devices to achieve code execution and developing ICS implants and OT payloads. We will discuss real-world ICS vulnerabilities and present several implant scenarios such as arbitrary code execution backdoors (as used in TRITON), pin configuration attacks, protocol handler hooking to spoof monitored signal values, suppressing interrupts & alarm functionality, preventing implant removal and control logic restoration and achieving cross-boot persistence. We will discuss several possible OT payload scenarios and how these could be implemented on ICS devices such as the Triconex safety controllers.
In the final part of the talk we'll wrap up our assessment of the complexity & cost of developing offensive ICS capabilities such as the TRITON attack and offer recommendations to defenders and ICS vendors.
Automated Malware Analysis and Cyber Security IntelligenceJason Choi
This presentation is an introduction to Cuckoo Sandbox, an automated a malware analysis system, and Intelligence to use this tool, at Department of Scientific Criminal Investigation in SungKyunKwan University in Korea.
Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud ThreatsSBWebinars
Research shows that 25% of organizations have cryptojacking activity in their AWS, Azure, and GCP environments. Is yours one of them? While S3 buckets continue to dominate headlines, cryptojacking and other threats lay quietly behind the scenes. Learn about the latest cloud threats and arm yourself with effective countermeasures.
Task Force on IoT Security
About CISO Platform
Largest DDOS Attack Against DYN
How can we minimize the risk?
IoT Architectural Layers
Components of an IoT Node
TALK Cybersecurity Summit 2017: Kevin Hofstra of Metova CyberCENTSDawn Yankeelov
The Chief Technology Officer for Metova CyberCents presented on "Training the Next Generation Cyber Warrior: An Emulated, Realistic and Risk-Free Cyber Battlespace" at the TALK Cybersecurity Summit 2017.
Becoming Agile von Christian Botta – Personal Swiss Vortrag 2019Digicomp Academy AG
Agil ist ein Buzzword, viele wissen aber nicht, was wirklich dahintersteckt. In diesem Vortrag erfahren Sie, warum es weder hilft, mal schnell Scrum einzuführen, die Inneneinrichtung eines Büros zu verändern oder einen Tischkicker aufzustellen. Sehen Sie, warum wir uns in der VUCA-Welt anders bewegen müssen und warum Themen wie Kreativität, Haltung und ein geänderter Mindset die Grundvoraussetzung für agiles Arbeiten sind.
Christian Botta war 15 Jahre als Projektmanager und Führungskraft in der IT beschäftigt. 2015 gründete er gemeinsam mit Daniel Reinold die Firma Visual Braindump, mit dem Ziel, die Themen Visualisierung und Management näher zusammenzubringen. Mit Visual Braindump verheiratete er seine beiden Leidenschaften: Zeichnen und Projektmanagement. Heute ist er als Trainer, Coach und Speaker für Projektmanagement, Design Thinking und visuelles Denken unterwegs – sowohl in Präsenztrainings für Digicomp als auch in Videotrainings bei LinkedIn. Ein weiteres Standbein ist die visuelle Begleitung von Veranstaltungen mit Hilfe von Graphic Facilitation bzw. Graphic Recording. Botta schreibt darüber hinaus regelmässig auf dem Visual Braindump Blog und für das Projektmagazin und Capterra.
Sein Buch: Business Visualisierung - ein Reiseführer für Neugierige und Visionäre
https://digicomp.ch/landingpages/personalswiss
Swiss IPv6 Council – Case Study - Deployment von IPv6 in einer Container Plat...Digicomp Academy AG
Die Implementierung mit IPv6 in Container Plattformen wie Docker, Kubernets oder OpenShift bietet einige Möglichkeiten, aber auch Herausforderungen. In seinem Vortrag erklärt Aarno Aukia den aktuellen Stand der IPv6-Implementierung dieser Technologien.
Roger basler meetup_digitale-geschaeftsmodelle-entwickeln_handoutDigicomp Academy AG
Die 7 Phasen des Digital Business Modelling
Wie schaffe ich den digitalen Wandel im Business-Modell? Im Referat zeigt Roger Basler anhand von 7 Phasen, wie der Wandel erfolgreich vollzogen werden kann.
Roger basler meetup_21082018_work-smarter-not-harder_handoutDigicomp Academy AG
Work Smarter Not Harder
Meetup: Work Smart – Digital Collaboration im Unternehmen
Lernen Sie das Potenzial mit der Verwendung von möglichen Smart-Work-Tools innerhalb Ihres Unternehmens kennen und seien Sie für die wichtigsten Anwendungsfälle gerüstet, um den Kulturwandel innerhalb Ihrer Organisation voranzutreiben.
Professor Richard H. Thaler hat Ende 2017 den Wirtschaftsnobelpreis für seine Forschung unter dem Begriff «Nudge - die psychologischen Faktoren, die hinter wirtschaftlichen Entscheidungen stehen» erhalten.
Der Kommunikations- und Marketingexperte Maurice Codourey der Neurokommunikationsagentur UNIT X zeigt eigene Experimente im Spitalwesen und internationale Best Practices.
Responsive Organisation auf Basis der Holacracy – nur ein Hype oder die Zukunft?Digicomp Academy AG
Experte Artur Tomczak zeigte anhand von Praxisbeispielen der verschiedenen responsiven Frameworks auf, wie die nächsten Schritte Richtung Holacracy konkret aussehen könnten.
Kein Command & Control, sondern Servant-Leadership. Flache Hierarchien, intrinsische Motivation, Kundenfokus – jede Firma möchte heutzutage agil sein. Offen bleibt jedoch meistens folgende Frage: «Was bedeutet das für unsere Führungskräfte?»
Gewinnen Sie Menschen und Ziele - Referat von Andi OdermattDigicomp Academy AG
Sachliche Argumente funktionieren im Alltag oft nicht. Erst wer einmal erkannt hat, dass und wie er auf der irrationalen Ebene punkten muss, dem eröffnen sich neue Möglichkeiten bei seinen Mitmenschen
Querdenken mit Kreativitätsmethoden – XING ExpertendialogDigicomp Academy AG
Kreatives Chaos ist Quatsch. Kreativität kann hoch systematisch sein und dabei maximal originell. Querdenken macht gute Laune und holt selbst die Neue-Ideen-Belächler, Kreativitätsbekämpfer und Ideen-Kopierer bei ihrer produktiven Laune ab.
Am vergangenen XING Expertendialog zeigte Referent Jiri Scherer von Denkmotor, wie das Ausbrechen aus Denkmustern funktioniert und warum jede Kreativitätsmethode einen roten Punkt hat.
Die digitale Transformation wirkt sich nicht nur auf Prozesse, sondern insbesondere auch auf ganze Geschäftsmodelle von Unternehmen aus.
Roger Basler zeigt in seinem Referat auf, was ein digitales Geschäftsmodell ist und welche Schritte ein Unternehmen tätigen muss, um sich dorthin zu entwickeln. Zentral dabei ist, dass nicht einfach ein bestehendes Geschäftsmodell digitalisiert wird, sondern Unternehmen anfangen im neuen Kundennutzen und Kundenverhalten zu denken.
Gerne stellen wir Ihnen die Slides von Roger Basler zur Verfügung:
Swiss IPv6 Council: The Cisco-Journey to an IPv6-only BuildingDigicomp Academy AG
Die monatlichen Anlässe in Zusammenarbeit mit dem Swiss IPv6 Council behandeln verschiedene technische Themenbereiche von IPv6.
Ist Dual-Stack ein guter Weg? Was sind Erfahrungen mit reinen IPv6-Netzwerken? Viele Unternehmen kämpfen mit diesen Fragen. Genau aus diesem Grund hat Cisco in San Jose einen reinen IPv6-Campus eingerichtet und sucht Antworten auf solche Fragen.
In seinem Referat präsentierte Khalid Jawaid die Bemühungen zur Einführung von IPv6 in einem einzelnen Campusgebäude und die Hürden, die dies mit sich bringt. Im Weiteren sprach er über die Herausforderungen, die sich aus der Erstellung des Business Case im Jahr 2010 und der Bereitstellung von mehr als 400 Remote-Standorten und den daraus gezogenen Lehren ergaben.
Die Inputs von Khalid Jawaid haben bei vielen Teilnehmern neue Perspektiven und Ideen für die Einführung von IPv6 geweckt.
Gerne stellen wir Ihnen die Slides von Manuel Schweizer zur Verfügung:
Vielleicht haben Sie schon einmal ein Zugbillett mit der SBB-App gekauft, per Smartphone eine Doodle-Umfrage verschickt oder in Google Docs eine Textdatei erstellt. Haben Sie sich dabei jemals gefragt, was diese Apps so erfolgreich macht?
Simon Raess, Gründer & Design Strategist bei Ginetta, weiss es. Er war massgeblich an der Kreation genau dieser Produkte beteiligt. Mit seiner Digitalagentur hat er zahlreichen Firmen – darunter Swisscom, Twint und Helsana – zum Erfolg in der digitalen Geschäftswelt verholfen.
In seiner Präsentation am Xing LearningZ vom 4. Juli 2017 zeigte Simon Raess, wie gutes UX Design nicht nur dafür sorgt, dass Webistes und Apps schön aussehen, sondern wie es digitale Produkte auch nachhaltig erfolgreich macht. Sehr spannend war auch der Einblick in die systematische Arbeitsweise, welche zu benutzerfreundlichem Design führt.
Design Thinking ist in aller Munde. Aber was ist Design Thinking denn nun genau? Lernen Sie in dieser Session die agile Innovationsmethode der Stanford University anhand eines kleinen Praxisbeispiels kennen. Tauchen Sie ein in die Welt der Kunden, generieren Sie Lösungsansätze und Prototypen. Ein interaktiver Kurzworkshop mit vielen Erkenntnissen.
Dieser Event des Swiss IPv6 Council befasste sich mit dem spannenden Case der ETH Zürich. Dort sind die IPV4-Adressen schon seit Jahren knapp.
Derk Valenkamp, Gruppenleiter der ID-Datennetze der ETH Zürich, zeigte auf, was er und sein Team seit 2007 unternommen haben. So mussten und müssen daher immer mehr NAT/PAT-Lösungen implementiert werden, die aus betrieblicher und Sicherheitssicht grosse Anforderungen an das Logging stellen. Damit die Netzwerkanforderungen auch langfristig das Wachstum der ETH Zürich und deren IT erfüllen können, wird schon seit Jahren auf IPv6 gesetzt. Besonders spannend für die engagierten Teilnehmer waren auch die Stolpersteine und Hürden, welche Derk Valenkamp aufgezeigt hat.
Gerne stellen wir Ihnen die Slides von Derk Valenkamp zur Verfügung.
Berät Sie bald ein Bot über die neusten Winterschuhe, weil Ihr Handy festgestellt hat, dass Sie zu kalte Zehen haben, wonach eine Drohne das Schuhwerk an Ihren über GPS georteten Standort fliegt?
Roger Basler ging in seinem Referat vom 2. Mai 2017 auf Trends und einige bereits existierende Pilot-Versuche ein. Seine Einschätzung der Wahrscheinlichkeit des Impacts dieser Trends auf unser Online-Shopping-Verhalten soll nicht in erster Linie die Wahrheit widerspiegeln, sondern die Basis für eine gute Diskussion und den Erfahrungsaustausch untereinander legen.
Zahlen Battle: klassische werbung vs.online-werbung-somexcloudDigicomp Academy AG
Zahlen & Fakten zur Entwicklung des Werbemarkts Schweiz: Michael Göldi (Digital Focus) & Michel Bächtiger (Media Focus) kreuzen die Klinge und klären die Frage aller Fragen: klassische Werbung oder Online-Werbung? Mögen die besseren Daten-Fakten gewinnen!
Zeit für ein Privacy-Programm. Datenschutz-Entwicklung in Europa (GDPR) und das neue Datenschutzgesetz in der Schweiz: Was bedeutet das für mein Unternehmen?
In diesem Referat zeigten wir Ihnen auf, was die Entwicklung des Datenschutzes in Europa für uns bedeutet und was auf die Schweiz zukommt.
Im Mai 2018 tritt die EU Datenschutz-Grundverordnung (GDPR – general data protection regulation) in Kraft. Über die enthaltenen Neuerungen wurden bereits in verschiedenen Veranstaltungen berichtet. An diesem Referat gaben wir Ihnen als Erstes eine kurze Zusammenfassung der Geschehnisse zur Orientierung.
Möglichkeiten der Online-Werbung - Referat von Matteo SchürchDigicomp Academy AG
MÖGLICHKEITEN DER ONLINE
WERBUNG
Es gibt wenige Bereiche, die derart kreativ neue Trends erfinden wie Digital Advertising. Vor einem Jahr hätte wohl kaum jemand gedacht, dass eine Augmented Reality App bis zu 10 Millionen Franken pro Tag an Werbeumsatz generieren kann.
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesSanjeev Rampal
Talk presented at Kubernetes Community Day, New York, May 2024.
Technical summary of Multi-Cluster Kubernetes Networking architectures with focus on 4 key topics.
1) Key patterns for Multi-cluster architectures
2) Architectural comparison of several OSS/ CNCF projects to address these patterns
3) Evolution trends for the APIs of these projects
4) Some design recommendations & guidelines for adopting/ deploying these solutions.
1.Wireless Communication System_Wireless communication is a broad term that i...JeyaPerumal1
Wireless communication involves the transmission of information over a distance without the help of wires, cables or any other forms of electrical conductors.
Wireless communication is a broad term that incorporates all procedures and forms of connecting and communicating between two or more devices using a wireless signal through wireless communication technologies and devices.
Features of Wireless Communication
The evolution of wireless technology has brought many advancements with its effective features.
The transmitted distance can be anywhere between a few meters (for example, a television's remote control) and thousands of kilometers (for example, radio communication).
Wireless communication can be used for cellular telephony, wireless access to the internet, wireless home networking, and so on.
ER(Entity Relationship) Diagram for online shopping - TAEHimani415946
https://bit.ly/3KACoyV
The ER diagram for the project is the foundation for the building of the database of the project. The properties, datatypes, and attributes are defined by the ER diagram.
This 7-second Brain Wave Ritual Attracts Money To You.!nirahealhty
Discover the power of a simple 7-second brain wave ritual that can attract wealth and abundance into your life. By tapping into specific brain frequencies, this technique helps you manifest financial success effortlessly. Ready to transform your financial future? Try this powerful ritual and start attracting money today!
guildmasters guide to ravnica Dungeons & Dragons 5...
IPv6 Security Talk mit Joe Klein
1. Joe Klein, CISSP
Cybersecurity Fellow, IPv6 Forum
Consultant, Researcher & Trainer, Longboat, LLC
May 2018
Observations from
the lab, field &
executive suite
1
2. About me: Joe Klein <many certs>
• Spoken at: DefCon, Black Hat, Torcon, SecTor, Security
Days, Hackers on Planet Earth, SANS, IEEE, IoT,…
• Roles: Photographer, Electronics Engineer, Robotics
Engineer, Entrepreneur, CEO, CTO, CSO, ISP, Security
Architect, Developer, Pentester, Incident Handler, Professor,
Policy Writer, Auditor, Assure, Firewall/Network Engineer,
Integrator, Data Scientist, ML experimenter, Threat Intel,
Computer Scientist, Hacker
• Timeline:
• 70’s: Electronics, Radios, Gamer, Magic, Mainframe &
Micro Computers, First ‘Hack’
• 80’s: BBS’s, Game Hacker, Robots, Unix/c/FORTH/Basic/
COBOL/LISP/c++, DEC, SNA Networks, Internet
connected, CyberForensics, Routers/Switches
• 90’s: ISP, IPv6, Penetrations Testing, Network Defender,
Web Developer, Teaching Internet/Web Dev, IETF
• 2000’s: CSO, Linux, Audits, Assessments, Car/IOT/
Building Controls, SCADA Hacking, Teaching
Cybersecurity + SANS, Patents, International Speaking
• 2010’s: DARPA, Policies, Startup, Honeypots, Deception
Networks, IPv6 Fellow, GoLang, IEEE, Sprint Triathlon
Recent Focus: Attacked Forced Time Scoped D&D
2
4. Observation 1 - Establish your IPv6 Standard for all Procurement!
• Why?
• Establish a baseline of technology standards, during technology refresh
• Ensure you are ready to move to IPv6, without big purchases!
• How?
1. Can the Product vender support IPv6? “Eating their own dog Food!”
• Internet Facing Services (Dual Stack) https://ip6.nl/#
• IPv6 only clients behind 6xlt & NAT64/DNS64 https://nat64check.ipv6-
lab.net/v6score
4
5. Observation 1 - Establish your IPv6 standard for all Procurement!
• How?
1. The Supplier's Declaration of Conformity (SDOC)
• Product suppliers declare product capabilities to buyers, as advertised
• Buyer is responsible for providing specifications
• Seller is responsible to fix, if it does not meet specifications
• https://www-x.antd.nist.gov/usgv6/sdoc.html
5
7. What does IPv6 compliant mean to me?
IPv6 Standard 86 (RFC 8200) First Order Dependencies
Current IPv6 Standard
Changes to Path MTU
References from
Newer standards (12)
Updates to
older standards (29)
7
8. IPv6 Standard 86 (RFC 8200)
First & Second Order Path MTU Dependencies
• October 1989 - Updated - Requirements for Internet Hosts -- Communication Layers
• November 1990 - Path MTU Discovery
• November 1996 - Path MTU Discovery for IP version 6 - Obsoleted by 8201 July 2017
• November 1997 - Key words for use in RFCs to Indicate Requirement Levels
• September 2000 - TCP Problems with Path MTU Discovery
• March 2006 - Datagram Congestion Control Protocol (DCCP)
• March 2006 - Internet Control Message Protocol (ICMPv6) for the Internet Protocol
Version 6 (IPv6) Specification - Obsoletes RFC 2463
• March 2007 - Packetization Layer Path MTU Discovery
• September 2007- Neighbor Discovery for IP version 6 (IPv6)- Obsoletes 2461
• May 2007- Neighbor Discovery for IP version 6 (IPv6)- Obsoletes 2461
• September 2007 - Stream Control Transmission Protocol- Obsoletes 2960. 3309
• December 2007 - Deprecation of Type 0 Routing Headers in IPv6 - Obsoletes 2960
• July 2012 - TCP Options and Maximum Segment Size (MSS)
• March 2015- Network File System (NFS) Version 4 Protocol- Obsoletes 3530
• May 2016- RFC Streams, Headers, and Boilerplates - Obsoletes 5741
• March 2017 - UDP Usage Guideline - Obsoletes 5405
• March 2017 - Path MTU Discovery for IP version 6 - Obsoletes 1981
IPv6 Standard
July 2017
Updates to
older standards (17))8
14. Defender's Dilemma
“The intruder only needs to exploit one of the victims in order to
compromise the enterprise.”
Intruder's Dilemma
“The defender only needs to detect one of the indicators of the intruder’s
presence in order
to initiate incident response within the enterprise.”
Reference: https://taosecurity.blogspot.com/2009/05/defenders-dilemma-and-intruders-dilemma.html
14
15. The Intruder Game
Tactic - Technical goal of the intruder
Technique - How intruder achieves the goal
The Intruder Chooses Time and Goal, Not You!
The Defender Choose Confidence level of the Detection!
15
16. How do I Remove the Noise to Find the Attackers and increase
confidence levels?
Reduce False Positives and Negatives!
16
17. Defenders Game: ATT&CK: Deconstructs the Lifecycle
Freely available, curated knowledge based on
observed adversary behavior
Higher fidelity on right-of-exploit,
post-access phases
Describes behavior and not adversary tools
Built for the “Public Good”
Right of the Boom!
17
18. MITRE Pre-ATT&CK
Adversarial Tactics, Techniques & Common Knowledge
• Blacklist IP, Hash Domains are fungible, quickly replaceable
• Pre-compromise activities are largely executed outside the
enterprise’s field of view
• Data Brokers (Free and for pay),
• Websites (Partners, Yours, Government),
• Search Engines and Bots
• Social Network Bots
Left-of-the-Boom
18
19. MITRE ATT&CK Enterprise
Perimeter Defense
• Items in yellow are the only attributes
detectable by tuned perimeter security
• Items in red, address requirements on hosts
and first hop networks.
• Conclusion:
• Perimeter security has minimal visibility
into attackers insider your environment
• IT slows the attacker, but this is not
measurable
• Tuning the security perimeter security to
detect and alert on pre & post attack items
are critical to catch attackers.
19
22. Open Source - MITRE Resources
• Interactive Attack Navigator:
• ATT&CK Enterprise: https://mitre.github.io/attack-navigator/enterprise/
• ATT&CK Mobile: https://mitre.github.io/attack-navigator/mobile/
• Source Code: https://github.com/mitre/attack-navigator
• Attacker Groups: https://attack.mitre.org/pre-attack/index.php/Groups
• Attacker Group Tactics: https://attack.mitre.org/pre-attack/index.php/Tactics
• Unfetter Project - Discover and analyze gaps in your security posture
• https://nsacyber.github.io/unfetter/ https://github.com/unfetter-discover/unfetter
• Caldera - An automated adversary emulation system (validate alerts)
• https://github.com/mitre/caldera
22
23. I understand there is no way of scanning
the IPv6 Internet, is that true?
23
24. History of Scanning Internet-Facing
IPv6 Devices
• 2^64 or 2^128 - Brute Force - Fails in IPv6!
• May 2005, Marc “van Huser” Heuse, Attacking the
IPv6 Protocol Suite, THC-IPv6 toolkit (1)
• May 2007, Joe Klein, “Scanning and Microsoft
Mobile compromise via 6to4 on SPRINT”,
Responsible Disclosure Notice to Microsoft, Sprint
and US CERT, HOPE 2008 (2)
• March 2008, IETF, RFC 5157, “IPv6 Implications for
Network Scanning” (3)
• May 2012, NMAP for IPv6, version 6 (4)
• March 2016, IETF, RFC 7707, “Network
Reconnaissance in IPv6 Networks” (5)
• December 2018, Joe Klein, “Outbound Initiated
Requests for Passive Scanning of IPv6” (6)
• December 2018, Joe Klein, “Passive IPv6 Scanning
using Certificate Transparency process” (7)
24
25. So we are safe? Attackers have not used IPv6 in the past?
25