This document provides an overview of malware presented by Ammar Hasayen. It discusses different types of malware like viruses, worms, Trojan horses, spyware, ransomware, adware, and zombies. Specific malware behaviors and goals are described like spreading rapidly through file transfers or automatically, stealing user information, encrypting devices for ransom, or overloading systems through distributed denial of service attacks. Prevention tips are also included like avoiding public Wi-Fi, keeping devices locked, not posting on social media while traveling, updating software before trips, and changing passwords upon returning from travel.
An introductory session about Social Engineering presented at ICT Nuggets Forum - Khartoum, organized by Duko team. We talked about what is social engineering? terms related to it? and how attacks can bee carried. We also told a lot of stories about successful social engineering attacks and how much damage they did. Finally we talked about how to protect yourself and your company social engineering attacks.
An introductory session about Social Engineering presented at ICT Nuggets Forum - Khartoum, organized by Duko team. We talked about what is social engineering? terms related to it? and how attacks can bee carried. We also told a lot of stories about successful social engineering attacks and how much damage they did. Finally we talked about how to protect yourself and your company social engineering attacks.
Defending Today's Threats with Tomorrow's Security by Microsoft by Aidan FinnJohn Moran
The way that we work has changed, and the ways that attackers are breaching our systems has evolved too. Security systems that are built on malware scanners and firewalls are easily bypassed by attackers, with the human behind the keyboard often being the vulnerability.
In this webinar you will learn how attacks have evolved, and how Microsoft has released a series of cloud-based next generation security solutions to combat these attacks, protecting valuable company assets, combating zero-day attacks, monitoring usage, and protecting identity.
Topics that will be covered:
-Cloud App Security
-Azure Security Center
-Advance Threat Analytics
-Azure Information Protection
Cybersecurity means protect networks, devices, and data from attacks, damage, or unauthorized access. If you are worried about cyberattacks, then you don’t need to worry. Now Sara technologies are here for your help. We provide cybersecurity services worldwide.
We have experts who have years of experience. They deal with all kinds of cyber-attacks. You can contact us anytime. We are available 24/7. Our experts will help you to recover your data also.
The truth is incidents will happened and systems will get compromised. You need to be an expert on how to handle these incidents. The best way to learn is through experience, such as the Collegiate Cyber Defense Competition.
During this informative session, our focus centered on elucidating various methodologies through which an individual can potentially exploit vulnerabilities within web applications. By engaging with the students from the University of Dodoma, we provided valuable insights into a spectrum of techniques employed when assessing a web application's security resilience. By imparting these multifaceted approaches, our objective was to equip the participants with a comprehensive understanding of potential attack vectors, thereby enhancing their capacity to effectively evaluate and fortify the security posture of web applications.
Brian Henger - Psychological Warfare: How Cyber Criminals Mess With Your Mindcentralohioissa
-The evolution of online advertising tactics
-What cyber criminals find appealing about advertising and profiling
-How advertisers and cyber criminals have worked together in the past
-What psychological tactics are used by cyber criminals in real world attacks
-How to protect yourself from psychological attacks
Cybersecurity means the protection of computer networks and data from unauthorized access. Hackers hack information, and they can use it for any illegal purpose, disturber business, and protect against cybercrime. Cybersecurity is very important for that, so you need a certified cybersecurity service provider, so Sara Technologies is a good option for that we provide services worldwide. We deal with all kinds of cyberattacks and help you to recover your data also.
Cybersecurity Threats Web Developers Must Know.pptxMaster Infotech
To safeguard your websites and applications, educate yourself on all current risks.
Also if you are looking for a safe platform for E-Commerce web design in Arizona, call us at Master Infotech.
Evil User Stories - Improve Your Application SecurityAnne Oikarinen
Evil user stories are a way of addressing security threats in the planning and implementation phase. The idea of evil user stories is simple: First, identify important data and assets in the application you are protecting. Then, identify threat scenarios by completing the sentence “An attacker should not be able to…”.
You can use evil user stories in development by putting them in the backlog and adding mitigations as acceptance criteria. This helps in implementing security together with functionality. In addition, they are a good starting point for test planning and getting testers involved in design.
Securing & Safeguarding Your Library Setup.pptxBrian Pichman
With all the things that go "bump" in the night, nothing worries administrators and even end users more than a security incident. This webinar will focus on building an understanding of IT Security and the tools that can help mitigate risk. Moreover, attendees will leave with a clear understanding of general informational security terms and processes that they can implement in their library same day to help safeguard and better protect their infrastructure and data. Brian Pichman of the Evolve Project will lead us through putting together components for a Security and Risk Plan and how to properly respond to threats and attacks.
UAE Microsoft MVPs - How To become Microsoft MVPAmmar Hasayen
Learn from UAE Microsoft MVPs tips on how to become a Microsoft Most Valuable Professional MVP as they share their personal MVP journeys and diversity of contributions.
How To Become Microsoft MVP in Arabic
https://youtu.be/pxhNIkBMWKU
How To Become Microsoft MVP Blog Post
https://blog.ahasayen.com/you-can-als...
A Typcal Microsoft MVP Journey
https://blog.ahasayen.com/how-to-beco...
How To Start Your Blog - Microsoft MVP Stories
https://blog.ahasayen.com/start-your-...
--------------------------------
Microsoft MVPs in this video:
--------------------------------
Ammar Hasayen @ammarhasayen
MVP Category: Microsoft Cloud and Data center
CISSP | CISM - Microsoft MVP | MCT
Public Speaker
Blogger https://blog.ahasayen.com
Pluralsight Author https://pluralsight.com/authors/ammar...
Book Author https://me.ahasayen.com/m365security
Youtuber http://YoutTube.com/AmmarHasayen
Ahmad Nabil
Website: https://itcalls.net/
From: Egypt
MVP Category: Microsoft Cloud and Data Center
James Toulman
From: United kingdom
MVP Category: Microsoft Azure
Igor Shastitko @iwalker2000
From: Slovakia
MVP Category: Microsoft Azure
Azure Infra Deployment, Management, Security and Automation. Worked at Microsoft for 10 years.
Usama Wahab
From: Pakistan
MVP Category: Microsoft Azure (Since 2011)
CTO @ Evolution | AI, ML, BI, Cloud Practitioner | Speaker | Blogger | Author | Trainer #FinTech
Website: https://Usmanwahabkhan.blogspot.com
Hatim Nagarwala @hatimnagarwala
From: India
MVP Category: Microsoft AI
Technology Lead @appsWave
Microsoft MVP in AI, Speaker, Mentor, Adventurer, Microsoft by beathing heart
Website: http://Hatim.im
Hasan Dimdik @HasanDimdik
From: Turkey
MVP Category: Microsoft Cloud and Data center
Senior Technology Engineer at Emirates NBD | CEH | MCT | MCSE | Speaker and Author
Satheshwaran Manoharan @sattzzz
From: India
MVP Category: Office Apps & Services
Microsoft MVP | Messaging and Virtualization Expert | Publisher of Azure365Pro.com
Website:http://Azure365pro.com
Virtual Data Center VDC - Azure Cloud Reference Architecture CRAAmmar Hasayen
The Virtual Data Center VDC is part of any Cloud Reference Architecture CRA and promotes for a balance between governance and developer agility, separation of duties and more. In this blog, you learn why to architect your data center in Azure with best practices and recommendation from Cloud Security Alliance CSA.
Defending Today's Threats with Tomorrow's Security by Microsoft by Aidan FinnJohn Moran
The way that we work has changed, and the ways that attackers are breaching our systems has evolved too. Security systems that are built on malware scanners and firewalls are easily bypassed by attackers, with the human behind the keyboard often being the vulnerability.
In this webinar you will learn how attacks have evolved, and how Microsoft has released a series of cloud-based next generation security solutions to combat these attacks, protecting valuable company assets, combating zero-day attacks, monitoring usage, and protecting identity.
Topics that will be covered:
-Cloud App Security
-Azure Security Center
-Advance Threat Analytics
-Azure Information Protection
Cybersecurity means protect networks, devices, and data from attacks, damage, or unauthorized access. If you are worried about cyberattacks, then you don’t need to worry. Now Sara technologies are here for your help. We provide cybersecurity services worldwide.
We have experts who have years of experience. They deal with all kinds of cyber-attacks. You can contact us anytime. We are available 24/7. Our experts will help you to recover your data also.
The truth is incidents will happened and systems will get compromised. You need to be an expert on how to handle these incidents. The best way to learn is through experience, such as the Collegiate Cyber Defense Competition.
During this informative session, our focus centered on elucidating various methodologies through which an individual can potentially exploit vulnerabilities within web applications. By engaging with the students from the University of Dodoma, we provided valuable insights into a spectrum of techniques employed when assessing a web application's security resilience. By imparting these multifaceted approaches, our objective was to equip the participants with a comprehensive understanding of potential attack vectors, thereby enhancing their capacity to effectively evaluate and fortify the security posture of web applications.
Brian Henger - Psychological Warfare: How Cyber Criminals Mess With Your Mindcentralohioissa
-The evolution of online advertising tactics
-What cyber criminals find appealing about advertising and profiling
-How advertisers and cyber criminals have worked together in the past
-What psychological tactics are used by cyber criminals in real world attacks
-How to protect yourself from psychological attacks
Cybersecurity means the protection of computer networks and data from unauthorized access. Hackers hack information, and they can use it for any illegal purpose, disturber business, and protect against cybercrime. Cybersecurity is very important for that, so you need a certified cybersecurity service provider, so Sara Technologies is a good option for that we provide services worldwide. We deal with all kinds of cyberattacks and help you to recover your data also.
Cybersecurity Threats Web Developers Must Know.pptxMaster Infotech
To safeguard your websites and applications, educate yourself on all current risks.
Also if you are looking for a safe platform for E-Commerce web design in Arizona, call us at Master Infotech.
Evil User Stories - Improve Your Application SecurityAnne Oikarinen
Evil user stories are a way of addressing security threats in the planning and implementation phase. The idea of evil user stories is simple: First, identify important data and assets in the application you are protecting. Then, identify threat scenarios by completing the sentence “An attacker should not be able to…”.
You can use evil user stories in development by putting them in the backlog and adding mitigations as acceptance criteria. This helps in implementing security together with functionality. In addition, they are a good starting point for test planning and getting testers involved in design.
Securing & Safeguarding Your Library Setup.pptxBrian Pichman
With all the things that go "bump" in the night, nothing worries administrators and even end users more than a security incident. This webinar will focus on building an understanding of IT Security and the tools that can help mitigate risk. Moreover, attendees will leave with a clear understanding of general informational security terms and processes that they can implement in their library same day to help safeguard and better protect their infrastructure and data. Brian Pichman of the Evolve Project will lead us through putting together components for a Security and Risk Plan and how to properly respond to threats and attacks.
Similar to Malware - Why and How I Get Hacked? (20)
UAE Microsoft MVPs - How To become Microsoft MVPAmmar Hasayen
Learn from UAE Microsoft MVPs tips on how to become a Microsoft Most Valuable Professional MVP as they share their personal MVP journeys and diversity of contributions.
How To Become Microsoft MVP in Arabic
https://youtu.be/pxhNIkBMWKU
How To Become Microsoft MVP Blog Post
https://blog.ahasayen.com/you-can-als...
A Typcal Microsoft MVP Journey
https://blog.ahasayen.com/how-to-beco...
How To Start Your Blog - Microsoft MVP Stories
https://blog.ahasayen.com/start-your-...
--------------------------------
Microsoft MVPs in this video:
--------------------------------
Ammar Hasayen @ammarhasayen
MVP Category: Microsoft Cloud and Data center
CISSP | CISM - Microsoft MVP | MCT
Public Speaker
Blogger https://blog.ahasayen.com
Pluralsight Author https://pluralsight.com/authors/ammar...
Book Author https://me.ahasayen.com/m365security
Youtuber http://YoutTube.com/AmmarHasayen
Ahmad Nabil
Website: https://itcalls.net/
From: Egypt
MVP Category: Microsoft Cloud and Data Center
James Toulman
From: United kingdom
MVP Category: Microsoft Azure
Igor Shastitko @iwalker2000
From: Slovakia
MVP Category: Microsoft Azure
Azure Infra Deployment, Management, Security and Automation. Worked at Microsoft for 10 years.
Usama Wahab
From: Pakistan
MVP Category: Microsoft Azure (Since 2011)
CTO @ Evolution | AI, ML, BI, Cloud Practitioner | Speaker | Blogger | Author | Trainer #FinTech
Website: https://Usmanwahabkhan.blogspot.com
Hatim Nagarwala @hatimnagarwala
From: India
MVP Category: Microsoft AI
Technology Lead @appsWave
Microsoft MVP in AI, Speaker, Mentor, Adventurer, Microsoft by beathing heart
Website: http://Hatim.im
Hasan Dimdik @HasanDimdik
From: Turkey
MVP Category: Microsoft Cloud and Data center
Senior Technology Engineer at Emirates NBD | CEH | MCT | MCSE | Speaker and Author
Satheshwaran Manoharan @sattzzz
From: India
MVP Category: Office Apps & Services
Microsoft MVP | Messaging and Virtualization Expert | Publisher of Azure365Pro.com
Website:http://Azure365pro.com
Virtual Data Center VDC - Azure Cloud Reference Architecture CRAAmmar Hasayen
The Virtual Data Center VDC is part of any Cloud Reference Architecture CRA and promotes for a balance between governance and developer agility, separation of duties and more. In this blog, you learn why to architect your data center in Azure with best practices and recommendation from Cloud Security Alliance CSA.
Cloud Reference Architecture - Part 1 FoundationAmmar Hasayen
This presentation covers a practical approach for adopting and migrating on premises systems and applications to the Public Cloud. Based on a clear migration master plan, it helps companies and enterprises to be prepared for Cloud computing, what and how to successfully migrate or deploy systems on Cloud, preparing your IT organization with a sound Cloud Governance model, Security in the Cloud and how to reach the benefits of Cloud computing by automation and optimizing your cost and workloads.
am going to introduce you to Azure Bastion in Microsoft Azure and teach you how to create your first Azure bastion host, connect to a virtual machine and work a virtual machine session.
Watch on YouTube
------------------------
https://youtu.be/8-_JPzdWe1I
In this presentation, you learn
---------------------------------------
- What is Azure Bastion and what is trying to achieve?
- How to create an Azure Bastion host.
- How to connect to a VM using Azure Bastion
- How to work with a virtual machine Session
View the full blog post here with all scripts
https://blog.ahasayen.com/introducing-azure-bastion/
Connect with me
----------------------------
About me: https://me.ahasayen.com
Blog: https://blog.ahasayen.com
Twitter: https://twitter.com/ammarhasayen
LinkedIn: https://www.linkedin.com/in/ammarhasayen
Instagram: https://www.instagram.com/ammarhasayen
SlideShare: https://www.slideshare.net/ammarhasayen
View my Pluralsight course : Implementing Azure AD Privileged Identity Management
https://www.pluralsight.com/courses/microsoft-azure-privileged-identity-management-implementing
Microsoft 365 Certification - How to become Enterprise Administrator ExpertAmmar Hasayen
Learn how to become Microsoft 365 Certified Enterprise Administrator Expert, what exams you should pass, and what is the best certification path for your specific job role and skill sets.
Microsoft is changing their exams and certification program and there are a lot of new set of certifications and exams that can be confusing to understand at first. I am going to save you time and effort and explain it all to you in this presentation.
After completing this presentation, you will have the knowledge necessary to choose your next exams and get your Microsoft 365 Certified Enterprise Administrator Expert badge.
In this presentation you are going to learn:
- Overview about the new Microsoft certification Program
- What are these new Badges (Fundamental, Associate and Expert)
- Which exams to take to get the Microsoft 365 Certified Enterprise Administrator Expert badge?
- Which certifications match you job role and years of experience.
Windows Advance Threats - BSides Amman 2019Ammar Hasayen
Learn how to hack Windows machines and reveal the password of the domain admin by hacking into the memory and Windows Services. This is Level 400 content with a lot of demos and it covers many security technologies like machine learning, post-breach defensive and pre-preach defensive controls.
I presented this session in the first BSides Security conference in Amman-Jordan and I am sharing the slides as requested by the audience.
I am also going to post the full video on my Youtube Channel: http://youtube.com/ammarhasayen , so, don't forget to subscribe.
I would like to hear your feedback on my session, so please connect with me on twitter @ammarhasayen and let me know what do you think.
About me: http://ahasayen.com
Blog: http://blog.ahasayen.com
Social Media (Twiiter, LinkedIn, Instagram): @ammarhasayen
Windows Advanced Threat and Defensive Technique
The workplace is undergoing some fundamental changes. In this video, we will talk about the trends happening in the workplace, demographic changes, the Millennials arrival, and explore how we might be working in the future in a modern workplace.
WATCH THE RECORDING ON YOUTUBE HERE:
ACCESS THE BLOG POST HERE
https://blog.ahasayen.com/the-emerge-of-the-modern-workplace/
CONNECT @AmmarHasayen
How to plan your Modern Workplace Project - SPS Denver October 2018Ammar Hasayen
Join Ammar Hasayen as he speaks at the SharePoint Saturday Denver, Colorado - October 2018 about how big organizations should plan their modern workplace project. Learn how to get executive sponsorship, create clear vision, drive adoption, and adopt a success plan to maximize the impact of the modern workplace.
More at my blog post https://blog.ahasayen.com/speaking-at-sharepoint-saturday-denver-colorado
Secure Modern Workplace With Microsoft 365 Threat ProtectionAmmar Hasayen
Join me as I walk you through alll what Microsoft 365 has to offer to protect your business and organization. I am going to cover every security feature and how it fits in the big picture. Whether you are on-premises organization or migrating to the cloud, there is something for you to look at.
Follow me on twitter @ammarhasayen and connect on Linkedined https://www.linkedin.com/in/ammarhasayen
Here is the full blog post: https://blog.ahasayen.com/secure-modern-workplace-with-microsoft-365-advanced-threat-protection/
Microsoft cloud app security or CASB is a critical component of the Microsoft cloud security stack. It provides a comprehensive solution to give organizations improved visibility into cloud activities, uncover shadow IT, assess risks, enforce polices, investigate suspicious activities and stop threats
https://blog.ahasayen.com/microsoft-cloud-app-security-casb/
Office 365 periodic table in your PowerPoint presentation. This is not a picture, but built piece by piece so you can edit the writing and re-arrange blocks as you wish. [https://blog.ahasayen.com/the-modern-workplace-trends-solutions/]
All rights preserved to Matt Wade [https://techcommunity.microsoft.com/t5/Office-365/New-infographic-Periodic-Table-of-Office-365/td-p/68275]
Migrating your certification authority hashing algorithm from sha 1 to sha-2Ammar Hasayen
A practical guide on how to migrate your certification authority hashing algorithm from SHA-1 to SHA-2, and guidance on cryptographic providers, what makes your CA SHA-2 capable, and step by step guide with screenshots.
What is Strict KDC Validation and what risks does it mitigate? In this blog post, we will uncover how smart cards and digital certificates work with domain controllers (KDC), and how life looks like before introducing Strict KDC validation.
Modern Workplace Architecture Poster with Azure Active Directory , Intune, AIP, OMS, Windows 10, Office 365, Federation services and more. Full blog post here:
https://blog.ahasayen.com/microsoft-cloud-security-approach/
Microsoft EMS Enterprise Mobility and Security Architecture PosterAmmar Hasayen
Microsoft Cloud Security and Mobility Architecture Deep Dive showing Azure Active Directory, EMS, Azure Information Protection AIP, device management, DLP , CASB and more.
Poster. Full blog post:
https://blog.ahasayen.com/microsoft-cloud-security-approach/
Exchange Online Protection EOP full architecture view showing the full EOP inspection pipeline in great details.
Full post can be found https://blog.ahasayen.com/eop-exchange-online-protection-architecture/
Microsoft 365 is a complete, intelligent solution, including Office 365, Windows 10, and Enterprise Mobility + Security, that empowers everyone to be creative and work together, securely.
You can download the actual PowerPoint slides here:
https://1drv.ms/p/s!AoxWYcd83_57g1p93krrgqAm9yJ2
Connect with me on twitter:
https://twitter.com/ammarhasayen
About me: Ammar Hasayen - Microsoft MVP - https://ahasayen.com
Microsoft 365 is a complete, intelligent solution, including Office 365, Windows 10, and Enterprise Mobility + Security, that empowers everyone to be creative and work together, securely.
This table shows the different header value used by Exchange Online Protection or EOP, and what each value means , and whether it is bypassing anti-spam filtering or not.
Blog Post:
https://blog.ahasayen.com/exchange-scl-and-eop-headers/
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
2. AmmarHasayen
• 13 years of experience in
Information Technology
• CCNA, ITIL, MCP,
MCSA,MCSE, MCITP,
MCTS,ISO/IEC 27001
• Publications
• Blog since 2008
• TechNet Gallery
3. AmmarHasayen
• Work at Aramex Int. head
office in Amman
• Leading the Identity,
Collaboration, Security and
Cloud initiative.
• Virtual teams across North
America, Europe, MEA, and
Far East
5. Malware – How and Why
AmmarHasayen
@ammarhasayen
http://ammarhasayen.com
April2014
6. Know your Enemy
• Passive Attacks
• Active Attacks
• Automated Attacks
• Manual Attacks
Active Automated
7. I got Hacked ! So what ?!
• DoS
• Data Destruction
• Data Modification
• Information Disclosure
8. Why in the heck do I get attacked?
• Joy of destruction
• Ruin someone’s day
• Money
• Vendor reputation
• Fame and Prestige
• Angry (employee,..)
• Competition
• Political and War
11. Virus : Break Stuff
• [Key thing to remember]
They need the first click
from the user
• Spread : Slowly (user transfer
of infected file)
• Effect : Destroy files and affect
machine operation
12. Worms: Copy themselves [Massive]
• [Key thing to remember]
Propagate by its own
• Spread : Fast
• Effect : Consume memory and
Networks, bringing things down
13. Trojans Horses : Back door
software that you thought
was going to be one thing,
but turns out to be something bad.
Generally, you receive Trojan horses though emails, infected
webpages, instant message, or downloading services like
games, movies, and apps.
Author : Ammar Hasayen
Twitter: @ammarhasayen
Web: http://ammarhasayen.com
About me : http://ammarhasayen.com/me
Presentation: Public Key Infrastructure for business and non IT people
Version : 1.0
Duration : 30 minutes
Written on 30th December 2013
Author : Ammar Hasayen
Twitter: @ammarhasayen
Web: http://ammarhasayen.com
About me : http://ammarhasayen.com/me
Contact me : me@ammarhasayen.com
Presentation: Public Key Infrastructure for business and non IT people
Version : 1.0
Duration : 30 minutes
Written on 30th December 2013
Note: Feel free to use this presentation at your side.
Author : Ammar Hasayen
Twitter: @ammarhasayen
Web: http://ammarhasayen.com
About me : http://ammarhasayen.com/me
Contact me : me@ammarhasayen.com
Presentation: Public Key Infrastructure for business and non IT people
Version : 1.0
Duration : 30 minutes
Written on 30th December 2013
Note: Feel free to use this presentation at your side.
Do not be afraid if you think that your knowledge of security is not enough, as this is a basic course and it is my job to give you your first step towards better security. Just read and have fun.
I decided to start with the most fundamental stuff “Know your enemy” !! So this slide is about the first thing that you need to know, which is what are the types of Network attacks?
Don’t under estimate this knowledge, as knowing what you are facing is the first step towards protecting your network.
Network attacks can be divided to:
Passive Attacks: simply listening to your network traffic and may capture sensitive information, or scanning your IP ranges without doing an action.
Active Attacks: an attacker is actively going after your protected resources and trying to get access to it, by modifying or injecting traffic.
We can also divide attacks to two categories:
Automated Attacks: Nowadays, we have the automated attacks. The vast majority of attacks that we hear about are automated attacks, where the attacker creates a tool that attacks the network by itself. Those tools can get so intelligence.
To give a simple example, worms are the famous type of automated attacks. Those automated attacks uses vulnerability in a system and use it, so the best way of defense against those automated attacks are patching your systems and to monitor your network for suspicious events.
Manual Attacks: the attacker is actively analyzing your network and act accordingly. Those types of attacks are much rarer and the most dangerous types of attacks.
Some people will go further and divide network attacks to four types even:
Passive Automated: like sniffers that automatically replay an authentication sequence and stroke logger that automatically sends data to the attacker.
Passive Manual: sniffer that only listen to traffic by an attacker, especially wireless network. Nothing to worry about unless it is escalated to another type of attack, which is the most likely.
Active Automated: like worms and distributing attacks where the attacker uses thousands of hosts to target a single network to cause denial of service attack.
Manual Active: this is the most attack that you should worry about, where someone is intentionally targeting you and your organization. Attackers in this case have time, skill, and resources to do the job and hide their attacks. If the attacker is skilled, you may never even know you got attacked.
So which of those attacks we should worry about? It is not the first two, and to some extend not even the third (as you can patch your systems). The attack that worries us is the one where someone adds himself to your payroll.
Don’t get me wrong, all the attacks can cause incredible amounts of damage. An active automated attack in the form of a worm is designed to cause widespread damage, but because it is designed to attack as many systems as possible, it is by necessity generic in nature. The basic principle behind worms is usually to cause maximum amount of harm to the greatest number of people.
What you should do now ?
I think that you need to start worrying about the first two attacks, then do the necessary to protect yourself against the third attack, and finally raise your bars and start working on preventing the chance for a fourth type of attacks(Manual Active).
Denial of Service DoS: the simplest and most obvious type of damage, where the attacker slows down or disrupts completely services of your infrastructure or portion of it. In some cases, this could be crashing or destroying a system or simply flooding your network and IP ranges with so much data that it is incapable of servicing legitimate requests.
In a flooding scenario, it usually comes down to a matter of bandwidth or speed, whoever has the fattest pipe or fastest computers usually wins. In simple automated attack, moving the computers or service IP to different IP address can mitigates the attack.
Do not ever underestimate DoS attack. No matter how much you think your network is secure, an attacker from his home can flood your external IP ranges and brings your whole published services down. Some attackers simply flood your public DNS IP ranges, make them inaccessible for legitimate requests, and thus bringing your whole published services down since everything depend on DNS.
Even more, nowadays DoS attacks are offered as payed service per hour !! So a determined attacker can ask one of those companies that sell this service, to flood your network public IP ranges for certain amount of money! Funny right.
We can see also DoS attacks in the form of distributed DoS attacks. The idea is pretty simple , an attacker tells all the computers on his botnet to contact a specific server or web site repeatedly. Attacker nowadays uses Zombie army and bots. Check out future courses in this academy to know about botnet and Zombie army.
Data Destruction: more serious consequence attack than DoS. In this type of attack, you cannot access your resources because they are destroyed. This can be corrupted database files or operating system. This type of attack can be mitigated by maintaining backup copies of your data.
Information Disclosure: This damage can be more serious than data destruction because your public reputation can be affected. This happened to Microsoft on 2004 when someone posted portions of Microsoft Windows Source code on the Internet. This attack involved portions of intellectual property. Even more, in more sophisticated attack, the victim may not known for years weather any data was disclosed. This is exactly the the objective of government spies, to steal information such that they get an advantage while the enemy is unaware of what is happening.
Think of confidential trade secretes that can be used to undermine market share to cause embarrassment or to obtain access to money.
Some people argue that information disclosure is more serious than data destruction (that can be mitigated by going back to backup). After all, ask victims of identity theft if they would have rather had the criminal destroy their bank data rather than steal them.
this can cause the most serious damage of all. The reason, as in the case of information disclosure is that it is very difficult to detect. Suppose that an attacker added him self to your payroll, how long will it take you to detect that? It depends on the company size. I read once that a big company forces all its employee to come and pickup their paychecks instead of getting them automatically deposited. Apparently, several fake employees were discovered in the process !!!
When Microsoft source code was discovered on the internet, the immediate concern was weather the attackers also been able to insert back door into the source code.
This type of damage can be so serious. Consider for example, what will happen if attackers modified the patient blood type data in a medical database, or tax information in an accounting database.
To learn more about those types of damage, just watch the news or browse the internet for such news, and you will be amazed.
Forget for a moment about attacks and how to protect your network and ask the original question “Why do i get hacked?” and who are those crazy people ? you may also ask your self “Well, i didn’t do something bad to anyone, and i was a good boy”. Knowing the WHY helps you add more logic to the equation.
Many of the people who are causing damage in our networks today are best compared to the people who spray-paint highway overpasses. They are in it for the sheer joy of destruction.
They may not be out to attack you specifically. As long as they ruin some one’s day, that is sufficient. In some cases, they may not actually be after you at all. They may be after the vendor from whom you purchased your software or hardware. By causing damage to you, they discredit the vendor by making it seem as if the vendor’s products are more insecure or cause more problem than some other vendor’s system
The people you really have to worry about are the ones who are directly targeting you. In some cases, they are attacking you actively only because you use some technology that they know how to take advantage of, and taking advantage of will earn them money, fame, or prestige in the community of like-minded deviants.
In other cases, they are after you because you have something they want, like customer accounts for example or angry employees who get fired.
It really doesn’t matter what organization or business you are running. There is always something that is of value to someone else. You need as a security expert to consider what those things are, how much they worth, and how much money to spend protecting them.
Finally, always keep in mind that the value of technology is not the technology itself, it is what you do with it. Technology is replaceable, but the services and data you are using it for are not. If your systems are down, the services they would have rendered while they are down are lost forever.
As I always say : THERE IS ALWAYS SOMEONE OUT THERE WHO ARE REALLY TARGETING YOU.
Funny thing about software: it’s written by humans. Humans are fallible and sometimes they do mistakes. Sometimes those mistakes create strange behavior in programs. And sometimes that strange behavior can be used to create a hole that malware or hackers could use to get into your machine more easily. That hole is otherwise known as a vulnerability.
The strange behavior that can be used to create a hole for hackers or malware to get through generally requires someone to use a particular sequence of actions or text to cause the right (or is that wrong?) conditions. To be usable by malware (or on a larger scale by hackers), it needs to be put into code form, which is also called exploit code.
It is all Malware
The word malware is a combination of two words “malicious” and “software”. Malware is the big umbrella term. It covers viruses, worms and Trojans, and even exploit code. But not vulnerabilities or buggy code, or products whose business practices you don’t necessarily agree with.
The difference between malware and vulnerabilities is like the difference between something and the absence of something. Yeah, okay, that’s a bit confusing. What I mean is malware is a something. You can see it, interact with it, and analyze it. A vulnerability is a weakness in innocent software that a something (like malware or a hacker) can go through.
Virus : Breaks Stuff
It is a type of Malware and it is nothing but a piece of code that is designed to render your PC completely inoperable, while others simply delete or corrupt your files—the general point is that a virus is designed to cause havoc and break stuff.
Often viruses are disguised as games, images, email attachments, website URLs, shared files or links or files in instant messages.
Spread:
Viruses can spread sometimes to other machines, but usually it spread slowly and most of the time, rely on the user to transfer the infected file. You can have viruses in your computer but they are setting there doing nothing until you click on the executable they attach themselves to. So it needs a human action and they don’t propagate by themselves. Infected USB drives are famous way of moving the virus around.
An interesting type of viruses are Macro Viruses. A macro is a piece of code that can be embedded in a data file. In most respects, macro viruses are like all other viruses. The main difference is that they are attached to data files (i.e., documents) rather than executable programs.
Effect:
It infects files and programs and usually destroy files and can also interfere with computer operations by multiplying itself to fill up disk space or randomly access memory space, secretly infecting your computer.
Worm: Copy Themselves <massive effect>
[Key thing to remember] They don’t need the first user click or any action. They can propagate by their own using your network.
Some consider them sub class of viruses but the key difference is that they don’t need the first user click or any action. They can propagate by their own.
It is called warm because they can move around by their own. You can think of them as viruses that are self-contained and go around searching out other machines to infect.
Effect:
Due to the copying nature of a worm and its capability to travel across networks the end result in most cases is that the worm consumes too much system memory (or network bandwidth), causing Web servers, network servers and individual computers to stop responding.
Examples
Some of the most famous worms include the ILOVEYOU worm, transmitted as an email attachment, which cost businesses upwards of 5.5 billion dollars in damage. The Code Red worm defaced 359,000 web sites, SQL Slammer slowed down the entire internet for a brief period of time (75000 infections in the first 10 minutes !), and the Blaster worm would force your PC to reboot repeatedly.
Spread
worms are standalone software and do not require a host program or human help to propagate. It also uses a vulnerability or social engineering to trick the user into spreading them.
Worm rely on network to spread. One example would be for a worm to send a copy of itself to everyone listed in your e-mail address book. Then, the worm replicates and sends itself out to everyone listed in each of the receiver’s address book, and the manifest continues on down the line.
Trojans Horses: Install a Backdoor
In simple words, it is a software that you thought was going to be one thing, but turns out to be something bad.
Do you remember that story you had to read in high school about the big wooden horse that turned out to be full of guys with spears? This is the computer equivalent.
It is a program that either pretends to have, or is described as having, a set of useful or desirable features but actually contains damaging code.
Generally, you receive Trojan horses though emails, infected webpages, instant message, or downloading services like games, movies, and apps. True Trojan horses are not technically viruses, since they do not replicate; however, many viruses and worms use Trojan horse tactics to initially infiltrate a system. So although Trojans are not technically viruses, they can be just as destructive.
Spyware: Steals Your Information
It is malicious computer program that does exactly what its name implies -i.e., spies on you. After downloading itself onto your computer either through an email you opened, website you visited or a program you downloaded, spyware scans your hard drive for personal information and your internet browsing habits.
Some spyware programs contain keyloggers that will record personal data you enter in to websites, such as your log on usernames and passwords, email addresses, browsing history, online buying habits, your computer’s hardware and software configurations, your name, age and sex, as well as sensitive banking and credit information.
Some spyware can interfere with your computer’s system settings, which can result in a slower internet connection.
Since spyware is primarily meant to make money at your expense, it doesn’t usually kill your PC—in fact, many people have spyware running without even realizing it, but generally those that have one spyware application installed also have a dozen more. Once you’ve got that many pieces of software spying on you, your PC is going to become slow.
Scareware: Holds Your PC for Ransom !!
Sometime it is called Ransomware.
Lately a very popular way for Internet criminals to make money. This malware alters your system in such a way that you’re unable to get into it normally. It will then display some kind of screen that demands some form of payment to have the computer unlocked. Access to your computer is literally ransomed by the cyber-criminal.
Sometime the user is tricked into downloading what appears to be an antivirus application, which then proceeds to tell you that your PC is infected with hundreds of viruses, and can only be cleaned if you pay for a full license. Of course, these scareware applications are nothing more than malware that hold your PC hostage until you pay the ransom—in most cases, you can’t or even use the PC.
Ransomware can be Lock Screen type (locks your computer until you pay), or Encryption type, which will encrypt your files with a password until you pay.
The most famous malware of this type is the “FBI MoneyPak”. It will lock your screen saying that you break some copyright laws or visited unauthorized pages, and you need to pay the FBI money to unlock your PC. Really smart !!
The term Bot is a short of robot.
A Bot is nothing than a malware that allows attacker to take control over an affected machine. Home computers are the biggest candidate for such malware type. Multiple infected machines with this type of malware are called Botnet or Zombie Army.
The cybercriminals that control these bots are called botherders or botmasters.
Size and spread
Some botnets might have a few hundred or a couple thousand computers, but others have tens and even hundreds of thousands of zombies at their disposal. Many of these computers are infected without their owners’ knowledge.
A recently discovered attacker has a botnet with 1.5 million infected machines with a rate of 75,000 infected machines in the first 30 minutes!
According to the Symantec Internet Security Threat Report, through the first six months of 2006, there were 4,696,903 active botnet computers.
Attackers may use Skype and other instant messaging (IM) applications to spread malware that transforms computers into zombie computers.
How they get to you
Bots sneak onto a person’s computer in many ways. Bots often spread themselves across the Internet by searching for vulnerable, unprotected computers to infect or an open port. They infect a computer by leaving a Trojan horse program that can be used for future activation. When an infected computer is on the Internet the bot can then start up an IRC client and connect to an IRC server created by the botmaster. Their goal is then to stay hidden until they are instructed to carry out a task.
Attackers find new ways to deliver their programs. Have you ever seen a pop-up ad that included a “No Thanks” button? Hopefully you didn’t click on it — those buttons are often just decoys. Instead of dismissing the annoying pop-up ad, they activate a download of malicious software.
Once the victim receives the program, he has to activate it. In most cases, the user thinks the program is something else. It might appear to be a picture file, an MPEG or some other recognizable file format. When the user chooses to run the program, nothing seems to happen. For some people, this raises alarm bells and they immediately follow up with a flurry of virus and spyware scanner activity. Unfortunately, some users simply think they received a bad file and leave it at that.
Meanwhile, the activated program attaches itself to an element of the user’s operating system so that every time the user turns on his computer, the program becomes active. Attackers don’t always use the same segment of an operating system’s initializing sequence, which makes detection tricky for the average user.
Distributed Denial of Service DDoS is the most common one, where the whole Zombie army will try to bring a published service down by sending millions of requests using Ping of Death, or using ICMP through a reflector (Smurf Attack).
Another technique would be something called (Teardrop) where bots send pieces of an illegitimate packet; the victim system tries to recombine the pieces into a packet and crashes as a result
Mailbomb on the other side is when bots send a massive amount of e-mail, crashing e-mail servers.
Botmasters nowadays will rent their Zombie army to another people for certain amount of money to send spam emails and advertisements or even to do DDoS attacks.
Even worse, botmasters may use botnet to perform some phishing attacks or install key logging programs to steal your credit card information and passwords.
One of the most interesting usage of botnet is to play with internet poll results or performing Click Fraud. Click Fraud refers to the practice of setting up a botnet to repeatedly click on a particular link. Sometimes, crackers will commit Click Fraud by targeting advertisers on their own Web sites. Since Web advertisers usually pay sites a certain amount of money for the number of clicks an ad gets, the botmaster could stand to earn quite a few dollars from fraudulent site visits.
It becomes way dangerous when it comes to Identity theft or unknowingly participate in an attack on an important Web site
More Info here http://ammarhasayen.com/2013/10/28/metamorphic-and-polymorphic-malware-changes-its-shape-like-a-real-virus/