Submit Search
Upload
OWASP Poland Day 2018 - Amir Shladovsky - Crypto-mining
•
0 likes
•
161 views
OWASP
Follow
Presentation delivered by Amir Shladovsky on OWASP Poland Day 2018.
Read less
Read more
Technology
Report
Share
Report
Share
1 of 25
Download now
Download to read offline
Recommended
[OPD 2019] Side-Channels on the Web: Attacks and Defenses
[OPD 2019] Side-Channels on the Web: Attacks and Defenses
OWASP
[Wroclaw #9] The purge - dealing with secrets in Opera Software
[Wroclaw #9] The purge - dealing with secrets in Opera Software
OWASP
Testing Android Security Codemotion Amsterdam edition
Testing Android Security Codemotion Amsterdam edition
Jose Manuel Ortega Candel
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
BlueHat Security Conference
BlueHat v17 || Out of the Truman Show: VM Escape in VMware Gracefully
BlueHat v17 || Out of the Truman Show: VM Escape in VMware Gracefully
BlueHat Security Conference
Breaking the cyber kill chain!
Breaking the cyber kill chain!
Nahidul Kibria
CSW2017 Weston miller csw17_mitigating_native_remote_code_execution
CSW2017 Weston miller csw17_mitigating_native_remote_code_execution
CanSecWest
Hacking intranet websites
Hacking intranet websites
shehab najjar
Recommended
[OPD 2019] Side-Channels on the Web: Attacks and Defenses
[OPD 2019] Side-Channels on the Web: Attacks and Defenses
OWASP
[Wroclaw #9] The purge - dealing with secrets in Opera Software
[Wroclaw #9] The purge - dealing with secrets in Opera Software
OWASP
Testing Android Security Codemotion Amsterdam edition
Testing Android Security Codemotion Amsterdam edition
Jose Manuel Ortega Candel
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
BlueHat Security Conference
BlueHat v17 || Out of the Truman Show: VM Escape in VMware Gracefully
BlueHat v17 || Out of the Truman Show: VM Escape in VMware Gracefully
BlueHat Security Conference
Breaking the cyber kill chain!
Breaking the cyber kill chain!
Nahidul Kibria
CSW2017 Weston miller csw17_mitigating_native_remote_code_execution
CSW2017 Weston miller csw17_mitigating_native_remote_code_execution
CanSecWest
Hacking intranet websites
Hacking intranet websites
shehab najjar
[OPD 2019] Trusted types and the end of DOM XSS
[OPD 2019] Trusted types and the end of DOM XSS
OWASP
CSW2017 Enrico branca What if encrypted communications are not as secure as w...
CSW2017 Enrico branca What if encrypted communications are not as secure as w...
CanSecWest
Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...
Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...
RootedCON
Understanding Windows Access Token Manipulation
Understanding Windows Access Token Manipulation
Justin Bui
Chris Rutter: Avoiding The Security Brick
Chris Rutter: Avoiding The Security Brick
Michael Man
DevDay 2017: Christof Fetzer - SCONE: Secure Linux Container Environments wit...
DevDay 2017: Christof Fetzer - SCONE: Secure Linux Container Environments wit...
DevDay Dresden
SSL Pinning and Bypasses: Android and iOS
SSL Pinning and Bypasses: Android and iOS
Anant Shrivastava
Secure coding in C#
Secure coding in C#
Siddharth Bezalwar
BlueHat v17 || Mitigations for the Masses: From EMET to Windows Defender Exp...
BlueHat v17 || Mitigations for the Masses: From EMET to Windows Defender Exp...
BlueHat Security Conference
BlueHat v17 || Down the Open Source Software Rabbit Hole
BlueHat v17 || Down the Open Source Software Rabbit Hole
BlueHat Security Conference
Securing TodoMVC Using the Web Cryptography API
Securing TodoMVC Using the Web Cryptography API
Kevin Hakanson
Developer's Guide to JavaScript and Web Cryptography
Developer's Guide to JavaScript and Web Cryptography
Kevin Hakanson
Hack any website
Hack any website
sunil kumar
BlueHat v17 || Securing Windows Defender Application Guard
BlueHat v17 || Securing Windows Defender Application Guard
BlueHat Security Conference
Triển khai Modsecurity vào hệ thống NMS - Quan Minh Tâm
Triển khai Modsecurity vào hệ thống NMS - Quan Minh Tâm
Security Bootcamp
The Log4Shell Vulnerability – explained: how to stay secure
The Log4Shell Vulnerability – explained: how to stay secure
Kaspersky
Java script and web cryptography (cf.objective)
Java script and web cryptography (cf.objective)
ColdFusionConference
Avoiding damage, shame and regrets data protection for mobile client-server a...
Avoiding damage, shame and regrets data protection for mobile client-server a...
Stanfy
Tracking vulnerable JARs
Tracking vulnerable JARs
David Jorm
Dmytro Kochergin - "The OWASP TOP 10 - Typical Attacks on Web Applications an...
Dmytro Kochergin - "The OWASP TOP 10 - Typical Attacks on Web Applications an...
LogeekNightUkraine
Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud Threats
Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud Threats
SBWebinars
ISTR 23: Internet Security Threat Report
ISTR 23: Internet Security Threat Report
Symantec Security Response
More Related Content
What's hot
[OPD 2019] Trusted types and the end of DOM XSS
[OPD 2019] Trusted types and the end of DOM XSS
OWASP
CSW2017 Enrico branca What if encrypted communications are not as secure as w...
CSW2017 Enrico branca What if encrypted communications are not as secure as w...
CanSecWest
Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...
Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...
RootedCON
Understanding Windows Access Token Manipulation
Understanding Windows Access Token Manipulation
Justin Bui
Chris Rutter: Avoiding The Security Brick
Chris Rutter: Avoiding The Security Brick
Michael Man
DevDay 2017: Christof Fetzer - SCONE: Secure Linux Container Environments wit...
DevDay 2017: Christof Fetzer - SCONE: Secure Linux Container Environments wit...
DevDay Dresden
SSL Pinning and Bypasses: Android and iOS
SSL Pinning and Bypasses: Android and iOS
Anant Shrivastava
Secure coding in C#
Secure coding in C#
Siddharth Bezalwar
BlueHat v17 || Mitigations for the Masses: From EMET to Windows Defender Exp...
BlueHat v17 || Mitigations for the Masses: From EMET to Windows Defender Exp...
BlueHat Security Conference
BlueHat v17 || Down the Open Source Software Rabbit Hole
BlueHat v17 || Down the Open Source Software Rabbit Hole
BlueHat Security Conference
Securing TodoMVC Using the Web Cryptography API
Securing TodoMVC Using the Web Cryptography API
Kevin Hakanson
Developer's Guide to JavaScript and Web Cryptography
Developer's Guide to JavaScript and Web Cryptography
Kevin Hakanson
Hack any website
Hack any website
sunil kumar
BlueHat v17 || Securing Windows Defender Application Guard
BlueHat v17 || Securing Windows Defender Application Guard
BlueHat Security Conference
Triển khai Modsecurity vào hệ thống NMS - Quan Minh Tâm
Triển khai Modsecurity vào hệ thống NMS - Quan Minh Tâm
Security Bootcamp
The Log4Shell Vulnerability – explained: how to stay secure
The Log4Shell Vulnerability – explained: how to stay secure
Kaspersky
Java script and web cryptography (cf.objective)
Java script and web cryptography (cf.objective)
ColdFusionConference
Avoiding damage, shame and regrets data protection for mobile client-server a...
Avoiding damage, shame and regrets data protection for mobile client-server a...
Stanfy
Tracking vulnerable JARs
Tracking vulnerable JARs
David Jorm
Dmytro Kochergin - "The OWASP TOP 10 - Typical Attacks on Web Applications an...
Dmytro Kochergin - "The OWASP TOP 10 - Typical Attacks on Web Applications an...
LogeekNightUkraine
What's hot
(20)
[OPD 2019] Trusted types and the end of DOM XSS
[OPD 2019] Trusted types and the end of DOM XSS
CSW2017 Enrico branca What if encrypted communications are not as secure as w...
CSW2017 Enrico branca What if encrypted communications are not as secure as w...
Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...
Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...
Understanding Windows Access Token Manipulation
Understanding Windows Access Token Manipulation
Chris Rutter: Avoiding The Security Brick
Chris Rutter: Avoiding The Security Brick
DevDay 2017: Christof Fetzer - SCONE: Secure Linux Container Environments wit...
DevDay 2017: Christof Fetzer - SCONE: Secure Linux Container Environments wit...
SSL Pinning and Bypasses: Android and iOS
SSL Pinning and Bypasses: Android and iOS
Secure coding in C#
Secure coding in C#
BlueHat v17 || Mitigations for the Masses: From EMET to Windows Defender Exp...
BlueHat v17 || Mitigations for the Masses: From EMET to Windows Defender Exp...
BlueHat v17 || Down the Open Source Software Rabbit Hole
BlueHat v17 || Down the Open Source Software Rabbit Hole
Securing TodoMVC Using the Web Cryptography API
Securing TodoMVC Using the Web Cryptography API
Developer's Guide to JavaScript and Web Cryptography
Developer's Guide to JavaScript and Web Cryptography
Hack any website
Hack any website
BlueHat v17 || Securing Windows Defender Application Guard
BlueHat v17 || Securing Windows Defender Application Guard
Triển khai Modsecurity vào hệ thống NMS - Quan Minh Tâm
Triển khai Modsecurity vào hệ thống NMS - Quan Minh Tâm
The Log4Shell Vulnerability – explained: how to stay secure
The Log4Shell Vulnerability – explained: how to stay secure
Java script and web cryptography (cf.objective)
Java script and web cryptography (cf.objective)
Avoiding damage, shame and regrets data protection for mobile client-server a...
Avoiding damage, shame and regrets data protection for mobile client-server a...
Tracking vulnerable JARs
Tracking vulnerable JARs
Dmytro Kochergin - "The OWASP TOP 10 - Typical Attacks on Web Applications an...
Dmytro Kochergin - "The OWASP TOP 10 - Typical Attacks on Web Applications an...
Similar to OWASP Poland Day 2018 - Amir Shladovsky - Crypto-mining
Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud Threats
Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud Threats
SBWebinars
ISTR 23: Internet Security Threat Report
ISTR 23: Internet Security Threat Report
Symantec Security Response
Issa jason dablow
Issa jason dablow
ISSA LA
NETSCOUT Threat Intelligence Report: Findings Summary 1st half of 2018
NETSCOUT Threat Intelligence Report: Findings Summary 1st half of 2018
NETSCOUT
Cybersecurity Awareness Overview.pptx
Cybersecurity Awareness Overview.pptx
sanap6
Cybersecurity Awareness Overview.pptx
Cybersecurity Awareness Overview.pptx
instaeditz009
Detecting Intrusions and Malware - Eric Vanderburg - JurInnov
Detecting Intrusions and Malware - Eric Vanderburg - JurInnov
Eric Vanderburg
Browser isolation (isc)2 may presentation v2
Browser isolation (isc)2 may presentation v2
Wen-Pai Lu
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CanSecWest
Cybersecurity Awareness Overview- BSBXCS402.pptx
Cybersecurity Awareness Overview- BSBXCS402.pptx
itsamuamit11
An Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated, Multi-vector DDoS Attack
Imperva
An Inside Look at a Sophisticated Multi-Vector DDoS Attack
An Inside Look at a Sophisticated Multi-Vector DDoS Attack
Imperva Incapsula
Advanced Threats In The Enterprise
Advanced Threats In The Enterprise
Priyanka Aash
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Lastline, Inc.
Threat Landscape Lessons from IoTs and Honeynets
Threat Landscape Lessons from IoTs and Honeynets
Digital Transformation EXPO Event Series
Cybersecurity Awareness Overview.pptx
Cybersecurity Awareness Overview.pptx
AfsanaMumal2
Evolución de la Ciber Seguridad
Evolución de la Ciber Seguridad
Cristian Garcia G.
Leveraging open banking specifications for rigorous API security – What’s in...
Leveraging open banking specifications for rigorous API security – What’s in...
Rogue Wave Software
Hacking by Pratyush Gupta
Hacking by Pratyush Gupta
Tenet Systems Pvt Ltd
A Profile of the Backoff PoS Malware that Hit 1000+ Retail Businesses
A Profile of the Backoff PoS Malware that Hit 1000+ Retail Businesses
Lastline, Inc.
Similar to OWASP Poland Day 2018 - Amir Shladovsky - Crypto-mining
(20)
Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud Threats
Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud Threats
ISTR 23: Internet Security Threat Report
ISTR 23: Internet Security Threat Report
Issa jason dablow
Issa jason dablow
NETSCOUT Threat Intelligence Report: Findings Summary 1st half of 2018
NETSCOUT Threat Intelligence Report: Findings Summary 1st half of 2018
Cybersecurity Awareness Overview.pptx
Cybersecurity Awareness Overview.pptx
Cybersecurity Awareness Overview.pptx
Cybersecurity Awareness Overview.pptx
Detecting Intrusions and Malware - Eric Vanderburg - JurInnov
Detecting Intrusions and Malware - Eric Vanderburg - JurInnov
Browser isolation (isc)2 may presentation v2
Browser isolation (isc)2 may presentation v2
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
Cybersecurity Awareness Overview- BSBXCS402.pptx
Cybersecurity Awareness Overview- BSBXCS402.pptx
An Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated Multi-Vector DDoS Attack
An Inside Look at a Sophisticated Multi-Vector DDoS Attack
Advanced Threats In The Enterprise
Advanced Threats In The Enterprise
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Threat Landscape Lessons from IoTs and Honeynets
Threat Landscape Lessons from IoTs and Honeynets
Cybersecurity Awareness Overview.pptx
Cybersecurity Awareness Overview.pptx
Evolución de la Ciber Seguridad
Evolución de la Ciber Seguridad
Leveraging open banking specifications for rigorous API security – What’s in...
Leveraging open banking specifications for rigorous API security – What’s in...
Hacking by Pratyush Gupta
Hacking by Pratyush Gupta
A Profile of the Backoff PoS Malware that Hit 1000+ Retail Businesses
A Profile of the Backoff PoS Malware that Hit 1000+ Retail Businesses
More from OWASP
[OPD 2019] Web Apps vs Blockchain dApps
[OPD 2019] Web Apps vs Blockchain dApps
OWASP
[OPD 2019] Threat modeling at scale
[OPD 2019] Threat modeling at scale
OWASP
[OPD 2019] Life after pentest
[OPD 2019] Life after pentest
OWASP
[OPD 2019] .NET Core Security
[OPD 2019] .NET Core Security
OWASP
[OPD 2019] Top 10 Security Facts of 2020
[OPD 2019] Top 10 Security Facts of 2020
OWASP
[OPD 2019] Governance as a missing part of IT security architecture
[OPD 2019] Governance as a missing part of IT security architecture
OWASP
[OPD 2019] Storm Busters: Auditing & Securing AWS Infrastructure
[OPD 2019] Storm Busters: Auditing & Securing AWS Infrastructure
OWASP
[OPD 2019] AST Platform and the importance of multi-layered application secu...
[OPD 2019] AST Platform and the importance of multi-layered application secu...
OWASP
[OPD 2019] Inter-application vulnerabilities
[OPD 2019] Inter-application vulnerabilities
OWASP
[OPD 2019] Automated Defense with Serverless computing
[OPD 2019] Automated Defense with Serverless computing
OWASP
[OPD 2019] Advanced Data Analysis in RegSOC
[OPD 2019] Advanced Data Analysis in RegSOC
OWASP
[OPD 2019] Attacking JWT tokens
[OPD 2019] Attacking JWT tokens
OWASP
[OPD 2019] Rumpkernels meet fuzzing
[OPD 2019] Rumpkernels meet fuzzing
OWASP
[Wroclaw #9] To be or Not To Be - Threat Modeling in Security World
[Wroclaw #9] To be or Not To Be - Threat Modeling in Security World
OWASP
OWASP Poland 13 November 2018 - Martin Knobloch - Building Secure Software
OWASP Poland 13 November 2018 - Martin Knobloch - Building Secure Software
OWASP
OWASP Poland Day 2018 - Damian Rusinek - Outsmarting smart contracts
OWASP Poland Day 2018 - Damian Rusinek - Outsmarting smart contracts
OWASP
OWASP Poland Day 2018 - Frans Rosen - Attacking modern web technologies
OWASP Poland Day 2018 - Frans Rosen - Attacking modern web technologies
OWASP
OWASP Poland Day 2018 - Dani Ramirez - IPMI hacking
OWASP Poland Day 2018 - Dani Ramirez - IPMI hacking
OWASP
OWASP Poland Day 2018 - Pedro Fortuna - Are your Java Script based protection...
OWASP Poland Day 2018 - Pedro Fortuna - Are your Java Script based protection...
OWASP
OWASP Poland Day 2018 - Omer Levi Hevroni - Secure the Pipeline
OWASP Poland Day 2018 - Omer Levi Hevroni - Secure the Pipeline
OWASP
More from OWASP
(20)
[OPD 2019] Web Apps vs Blockchain dApps
[OPD 2019] Web Apps vs Blockchain dApps
[OPD 2019] Threat modeling at scale
[OPD 2019] Threat modeling at scale
[OPD 2019] Life after pentest
[OPD 2019] Life after pentest
[OPD 2019] .NET Core Security
[OPD 2019] .NET Core Security
[OPD 2019] Top 10 Security Facts of 2020
[OPD 2019] Top 10 Security Facts of 2020
[OPD 2019] Governance as a missing part of IT security architecture
[OPD 2019] Governance as a missing part of IT security architecture
[OPD 2019] Storm Busters: Auditing & Securing AWS Infrastructure
[OPD 2019] Storm Busters: Auditing & Securing AWS Infrastructure
[OPD 2019] AST Platform and the importance of multi-layered application secu...
[OPD 2019] AST Platform and the importance of multi-layered application secu...
[OPD 2019] Inter-application vulnerabilities
[OPD 2019] Inter-application vulnerabilities
[OPD 2019] Automated Defense with Serverless computing
[OPD 2019] Automated Defense with Serverless computing
[OPD 2019] Advanced Data Analysis in RegSOC
[OPD 2019] Advanced Data Analysis in RegSOC
[OPD 2019] Attacking JWT tokens
[OPD 2019] Attacking JWT tokens
[OPD 2019] Rumpkernels meet fuzzing
[OPD 2019] Rumpkernels meet fuzzing
[Wroclaw #9] To be or Not To Be - Threat Modeling in Security World
[Wroclaw #9] To be or Not To Be - Threat Modeling in Security World
OWASP Poland 13 November 2018 - Martin Knobloch - Building Secure Software
OWASP Poland 13 November 2018 - Martin Knobloch - Building Secure Software
OWASP Poland Day 2018 - Damian Rusinek - Outsmarting smart contracts
OWASP Poland Day 2018 - Damian Rusinek - Outsmarting smart contracts
OWASP Poland Day 2018 - Frans Rosen - Attacking modern web technologies
OWASP Poland Day 2018 - Frans Rosen - Attacking modern web technologies
OWASP Poland Day 2018 - Dani Ramirez - IPMI hacking
OWASP Poland Day 2018 - Dani Ramirez - IPMI hacking
OWASP Poland Day 2018 - Pedro Fortuna - Are your Java Script based protection...
OWASP Poland Day 2018 - Pedro Fortuna - Are your Java Script based protection...
OWASP Poland Day 2018 - Omer Levi Hevroni - Secure the Pipeline
OWASP Poland Day 2018 - Omer Levi Hevroni - Secure the Pipeline
Recently uploaded
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
BookNet Canada
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
comworks
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
Fwdays
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
BookNet Canada
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Safe Software
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
null - The Open Security Community
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
MarianaLemus7
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
Precisely
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
null - The Open Security Community
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
Neo4j
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Mark Billinghurst
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
Deakin University
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
Slibray Presentation
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
Florian Wilhelm
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
ThousandEyes
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
Pixlogix Infotech
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Alan Dix
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Wonjun Hwang
costume and set research powerpoint presentation
costume and set research powerpoint presentation
phoebematthew05
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
Dubai Multi Commodity Centre
Recently uploaded
(20)
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
costume and set research powerpoint presentation
costume and set research powerpoint presentation
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
OWASP Poland Day 2018 - Amir Shladovsky - Crypto-mining
1.
© 2018 Imperva,
Inc. All rights reserved. How to Protect Your Web Applications from Crypto-mining: The New Force Behind Remote Code Execution Attacks Amir Shladovsky – Threat Research Tech Lead, Imperva W a r s a w , 1 0 . 1 0 . 2 0 1 8 OWASP Poland Day 2018
2.
© 2018 Imperva,
Inc. All rights reserved. Evolution of Web Attacks – Economical Aspects 3 Attack Data theft Network theft Data corruption CPU theft Example SQL injection DDoS botnet Ransomware Crypto-mining Sale strategy 3rd party sale 3rd party sale Direct sale No sale
3.
© 2018 Imperva,
Inc. All rights reserved. Agenda • Remote Code Execution (RCE) vulnerabilities • Payloads and trends • A crypto mining malware (CryptoM 1.0/ 2.0) – The money trail – Crypto currencies • Mitigation • Key takeaways 4
4.
© 2018 Imperva,
Inc. All rights reserved. Remote Code Execution (RCE) Vulnerabilities 5 • Definition • Conditions – Untrusted data + insufficient input validation • Example 1 • Recent development – Serialization/ deserialization • Example 2 Object in memory Object serialized Object in transit Object de- serialized Object in memory
5.
© 2018 Imperva,
Inc. All rights reserved. RCE Vulnerability Statistics 7 Taken from:vulndb.cyberriskanalytics.com RCE
6.
© 2018 Imperva,
Inc. All rights reserved. RCE Attacks – External Resources in Payloads • Reconnaissance • Botnet (DDoS, Other) • Crypto mining malware • Other 8
7.
© 2018 Imperva,
Inc. All rights reserved. A Shift in Payload Trends 9 12% 88% DDoS Bot Crypto-mining Malware 45% 55% 2017 2018
8.
© 2018 Imperva,
Inc. All rights reserved. A Crypto Mining Malware 1.0 • RCE vulnerability as an entry point • Evasion techniques • Main characteristics: – Kills competing processes – Gains persistency – Downloads and runs the malware 10 Exploit RCE vulnerability Run downloader code Infect with Crypto mining malware 1 2 3
9.
© 2018 Imperva,
Inc. All rights reserved. logo6.jpg – Stage 1 11 Eliminate rivalries Eliminate security controls
10.
© 2018 Imperva,
Inc. All rights reserved. logo6.jpg – Stages 2 & 3 12 Gains persistency Obtains dynamic configuration Obtains Miner Runs the Miner Calculates number of cores
11.
© 2018 Imperva,
Inc. All rights reserved. Config_1.json 13 Impact: denial of service Mining pool and wallet Mining algorithm
12.
© 2018 Imperva,
Inc. All rights reserved. Crypto Mining Malware 2.0 / RedisWannaMine • Spreads, internally and externally, in a worm like behavior – Using exposed Redis server to replicate itself. – Using Eternal Blue exploit to propagate over windows platform 14
13.
© 2018 Imperva,
Inc. All rights reserved. What is Redis? • In memory Database (RAM) • Widely used • Technical information: – Port 6379 (over 200K IP publicly open with this port) – No authentication by default (up till version 3.2) 15 www.shodan.io
14.
© 2018 Imperva,
Inc. All rights reserved. EternalBlue • Exploit developed by NSA • Leaked by Shadow Broker hacker group • Exploit a vulnerability in Microsoft implementation of SMB protocol to spread out • Famous by WannaCry ransomware that used EternalBlue to propogate 16
15.
© 2018 Imperva,
Inc. All rights reserved. Redis infection process 17 Download and compile masscan Find open Redis servers using masscan
16.
© 2018 Imperva,
Inc. All rights reserved. Crypto Mining Malware 2.0 Infection Chain Exploit CVE-2017-9805 to run a shell command Drop RedisWannaMine Run a crypto miner Scan vulnerable Redis servers Use Redis vulnerability to drop a crypto miner Scan vulnerable Windows SMB servers Use EternalBlue to drop a crypto miner 18
17.
© 2018 Imperva,
Inc. All rights reserved. Going the Extra Mile - Browsers Infection • Using an open source JavaScript webminer • The attacker initially tries to alter the commonly used index.php file and add to it the malicious JavaScript me0w.js 19
18.
© 2018 Imperva,
Inc. All rights reserved. Going the Extra Mile - Browsers Infection • It also scan for all JavaScript files on the server and, once found, inject the same malicious me0w.js file 20
19.
© 2018 Imperva,
Inc. All rights reserved. Crypto Mining Malware Infection Chain 21 Infection of a single victim Crypto Mining Malware 1.0 Infection of the web application visitors Infection of many victims Spread in a worm like behavior
20.
© 2018 Imperva,
Inc. All rights reserved. The Money Trail • Mining pools - Share resources, split the reward 22
21.
© 2018 Imperva,
Inc. All rights reserved. The Money Trail – other currencies 23 Karbowanec (Karbo) Electroneum
22.
© 2018 Imperva,
Inc. All rights reserved. Why not Bitcoin? • Specific hardware • Anonymity 24
23.
© 2018 Imperva,
Inc. All rights reserved. Mitigation • Monitoring • Secure your code • Patch • Virtual patch 25
24.
© 2018 Imperva,
Inc. All rights reserved. Key Takeaways • Protect your assets • RCE vulnerabilities are a serious security risk that can be the entry point to your network • Almost 90% of downloader RCE attacks contain a crypto-mining malware • Attackers are after your server resources 26
25.
© 2018 Imperva,
Inc. All rights reserved. Any questions? Amir Shladovsky amir.shladovsky@imperva.com @AmirShladovsky
Download now