Derbycon 2013 - Seeing Red in Your Future?
This talk is designed to complement the “Fifty Shades of Red” talk tomorrow, and provide context for organizations who either think about engaging in a red team test, or have been doing red teaming and want to see more value out of it. In this talk we’ll cover some of the basic elements of what red teaming is, and specifically how it benefits an organization engaging in such a practice. Red teaming by itself is a high-interaction test. Unlike many other tests (namely penetration testing, compliance engagements, vulnerability assessments and other IT related practices), red team is not limited to the technical scope of the organization’s security infrastructure. As such, it is imperative to be able to extract as much value out of a red team engagement as possible, and see return on that investment in as many different areas of the organization as possible. Based on years of experience in conducting red team tests, training and helping organizations improve their security through red teaming, these insights will be applicable to everyone who is seeing red in their future (and you all should in order to really address security in an organization that has people working in it and not just machines).
"Cyber" security - all good, no need to worry?Iftach Ian Amit
This document discusses cyber security risks and incidents over time. It notes that 52% of all incidents are from businesses, with government, medical, and education each accounting for around 15-20% of incidents. The majority (57%) of incidents are caused by outside actors, while 20% are from insider threats and 10% are accidental insider incidents. The number of reported data loss incidents has increased significantly over time from just over 100 in 2004 to over 1600 in 2013. The document advocates returning to basic risk management practices, including prioritizing remediation based on risk, impact, costs, and addressing the most critical gaps in assets, processes, technologies and threats based on priority. It warns against overspending on products and focusing
This document discusses the importance of application logs for security purposes. It notes that while network, system and other logs have improved, application logs are still often lacking crucial context about user actions and application state. To effectively investigate issues, security analysts need a unified view of all log data, including details applications have about user sessions, access and functionality used. The document urges application developers to make more of this type of contextual log data available to defenders to help connect dots between different system components and entities.
This document discusses cyber security risks in the financial and healthcare industries and their impact on homeland security. It covers three parts: examples of information disclosure vulnerabilities in access points; connecting these vulnerabilities to critical infrastructure protection and homeland security; and arguing that an asset-centric rather than product-centric approach is needed to address industry-specific security challenges.
Hacking involves a single target and shallow attacks using common tools and techniques, motivated by financial or political goals. Cyber attacks are part of cyber warfare involving strategic targets across physical, social, intelligence and electronic domains using custom tools in a coordinated campaign. Cyber defenses require a strategic defense in depth approach across all domains with awareness training, unlike typical IT security products. Hacking is an individual battle while cyber attacks are part of a larger warfare strategy.
This document discusses best practices for securely storing passwords. It notes that passwords are often stored insecurely, such as in plain text. To securely store passwords, it recommends encrypting them using cryptographic hash functions with salts. Specifically, it advises using functions such as SHA-2, bcrypt, and scrypt, which can include salts and be slowed down through key stretching to make passwords very difficult to hack or crack. Following these guidelines helps protect users and companies by securing password data.
The document discusses the roles and techniques of red teams and blue teams, with the red team focusing on simulating real threats through activities like social engineering and identifying vulnerabilities, while the blue team aims to assess risks, minimize damage from attacks, and apply lessons learned to strengthen processes, people, and technology. It provides examples of tactics for each team and emphasizes the importance of collaboration between red and blue teams to continuously improve an organization's security.
Risk metric frameworks cover most of the elements that organizations deal with from an operational perspective. We have identified a gap in those, in which social media activities are not represented well (albeit being the highest growing attack vector). In this talk we’ll present a social media risk metric framework that allows organizations to measure and track both individuals as well as 3rd party entities risk to the organization.
"Cyber" security - all good, no need to worry?Iftach Ian Amit
This document discusses cyber security risks and incidents over time. It notes that 52% of all incidents are from businesses, with government, medical, and education each accounting for around 15-20% of incidents. The majority (57%) of incidents are caused by outside actors, while 20% are from insider threats and 10% are accidental insider incidents. The number of reported data loss incidents has increased significantly over time from just over 100 in 2004 to over 1600 in 2013. The document advocates returning to basic risk management practices, including prioritizing remediation based on risk, impact, costs, and addressing the most critical gaps in assets, processes, technologies and threats based on priority. It warns against overspending on products and focusing
This document discusses the importance of application logs for security purposes. It notes that while network, system and other logs have improved, application logs are still often lacking crucial context about user actions and application state. To effectively investigate issues, security analysts need a unified view of all log data, including details applications have about user sessions, access and functionality used. The document urges application developers to make more of this type of contextual log data available to defenders to help connect dots between different system components and entities.
This document discusses cyber security risks in the financial and healthcare industries and their impact on homeland security. It covers three parts: examples of information disclosure vulnerabilities in access points; connecting these vulnerabilities to critical infrastructure protection and homeland security; and arguing that an asset-centric rather than product-centric approach is needed to address industry-specific security challenges.
Hacking involves a single target and shallow attacks using common tools and techniques, motivated by financial or political goals. Cyber attacks are part of cyber warfare involving strategic targets across physical, social, intelligence and electronic domains using custom tools in a coordinated campaign. Cyber defenses require a strategic defense in depth approach across all domains with awareness training, unlike typical IT security products. Hacking is an individual battle while cyber attacks are part of a larger warfare strategy.
This document discusses best practices for securely storing passwords. It notes that passwords are often stored insecurely, such as in plain text. To securely store passwords, it recommends encrypting them using cryptographic hash functions with salts. Specifically, it advises using functions such as SHA-2, bcrypt, and scrypt, which can include salts and be slowed down through key stretching to make passwords very difficult to hack or crack. Following these guidelines helps protect users and companies by securing password data.
The document discusses the roles and techniques of red teams and blue teams, with the red team focusing on simulating real threats through activities like social engineering and identifying vulnerabilities, while the blue team aims to assess risks, minimize damage from attacks, and apply lessons learned to strengthen processes, people, and technology. It provides examples of tactics for each team and emphasizes the importance of collaboration between red and blue teams to continuously improve an organization's security.
Risk metric frameworks cover most of the elements that organizations deal with from an operational perspective. We have identified a gap in those, in which social media activities are not represented well (albeit being the highest growing attack vector). In this talk we’ll present a social media risk metric framework that allows organizations to measure and track both individuals as well as 3rd party entities risk to the organization.
1. The document discusses a red team engagement conducted by Nettitude for a large stock exchange to test the security of its real-time trading system.
2. Through targeted phishing, the red team was able to compromise the workstation of a database administrator and gain access to information and systems related to the trading platform.
3. A detection and response assessment found that the blue team failed to detect several of the red team's actions during the simulated attack.
Data Driven Disruption - Why Marketing and Advertising in WA lags - ADMA WA 2...Coert Du Plessis (杜康)
WA is in a state of rapid transformation with the changes in Energy, Resources and support industries. At ADMA WA's 2015 annual conference, we explored why disruptive data activity in Marketing and Advertising is lagging the East Coast and Global stage
The document provides an overview of Vittorio Viarengo's career journey from Italy to Silicon Valley, highlighting key lessons learned along the way in developing innovative products and high-performance teams. It discusses founding his first company ViVi Software in the 1990s, the company's acquisition by BEA Systems, and his subsequent roles at BEA and Oracle developing middleware platforms. The document outlines lessons on identifying opportunities, embracing change, hiring the right people, executing with focus and passion, and recognizing technology cycles.
The document provides an overview of Vittorio Viarengo's career journey from Italy to Silicon Valley, highlighting key lessons learned along the way in developing innovative products and high-performance teams. It discusses founding his first company ViVi Software in the 1990s, the acquisition by BEA Systems, and working at BEA and Oracle developing middleware products. The document emphasizes the importance of identifying opportunities, embracing change, mentors, risk-taking, customer focus, execution, hiring the right people, and managing vision/goals.
The document outlines a growth wheel process for teams to identify opportunities for business growth. The process involves gathering ideas, ranking ideas using a prioritization framework, outlining minimum viable experiments, executing the experiment plans, analyzing data to determine wins or fails, and communicating results. The overall goal is for teams to generate ideas to fix problems, test solutions through quick experiments, and use data to guide further work and identify the most effective growth strategies.
Sans community night - purple is the new blackNVISO
More and more organizations are looking into this new concept of « purple teaming ». As with a lot of things in infosec, the ideas behind this new term are not new, as they’ve been around for a while. How can we make red and blue teams work better together, resulting in an increased added value for the organization? During this talk, Erik Van Buggenhout & Michel Coene will answer some of the following questions:
-What is purple teaming?
-Do I need to create a third team next to my red and blue team?
-How do I deliver a valuable engagement? What approach can I use?
-What kind of people do I need in my purple team ?
-What tools are available?
…
Adaptive Go-To-Market Plan for a Business DNA Search Engine: VisionaryD SoftwareRod King, Ph.D.
The document presents VisionaryD, a proposed business DNA search engine and collaboration platform. It would allow users to search for, organize, and sell business DNA information to rapidly improve business model agility. The strategic plan outlines developing the platform in stages from idea to prototype to pilot to full scale. It also details VisionaryD's customer development strategy of growing from direct competitors to indirect competitors to non-competitors/complementors. The goal is to help users search for and organize business DNA information to simplify business processes.
Kanban India 2023 | Mike Burrows | Between Spaces Scopes and Scales What the ...LeanKanbanIndia
This document summarizes Mike Burrows' model of the deliberately adaptive organization. The model presents an organization as having three overlapping spaces - delivery, discovery, and renewal - which are managed through adaptive strategizing, mutual trust building, and relationships across multiple scales. The document discusses how this model can help organizations deal with common problems like structures with poor fit, managing the wrong things in the wrong places, dealing poorly with surprise, and failures of context that disappoint customers.
To build an effective security operations center (SOC), you must first understand what type of SOC you need by considering its capabilities, organization, staffing hours, and environment. Key planning areas include defining hours of availability, whether to use an MSSP, priority capabilities, and the technology environment. Budget and technology are also important to consider, but only after establishing goals. An effective SOC requires the right mix of processes, people, and technologies tailored to your organization's unique needs.
This document provides an overview of blue teaming tactics and strategies. It discusses how blue teams can identify weaknesses, document risks and consequences, and participate in remediation efforts. Some key responsibilities of blue teams include patching systems, monitoring networks, and responding to security incidents. The document also outlines several tactics for blue teams, such as establishing essential monitoring and response procedures, hardening systems according to checklists, and conducting security tests and exercises. The goal of blue teams is to stay ahead of attackers and continuously improve the security posture of their organization.
To the extent the employer brand is internalized, new employees are likely to be more committed to achieving the goals of the organization, more committed to the organization in general and less likely to withdraw from the organization.
No more security empires - The ciso as an individual contributorPriyanka Aash
The staffing model for many mid-sized security programs is typically based on a highly centralized security team. While that provides a high degree of control, it can create inefficiencies and a lack of ownership relative to implementation of the program. This session will share the presenter’s experience as a CISO with no direct reports, leveraging people and budgets across the entire company.
(Source : RSA Conference USA 2017)
FITI Workshop_Marketing and Strategy for StartupsAlbert Weng
Title: Course 5_Marketing & Strategy for Startups
Organizer: FITI, a gov-led startup program in Taiwan
Date: 2021/06/05
Format: online live course & workshop (Google Meet)
Attendees: teams from Top 15 of the FITI 2021-01 group
The document discusses data mining and the gender gap as a fundamental issue for metrics. Data mining models and patterns can help resolve this issue. Achieving gender equality and empowering women and girls is Sustainable Development Goal number 5. Experience with data mining techniques like clusters and patterns can provide insights from data to information and knowledge. However, visual counting large numbers is risky due to production patterns with variability and ambiguity.
Using IOCs to Design and Control Threat Activities During a Red Team EngagementJoe Vest
The term Red Team or Red Teaming has become more prevalent in the security industry. Both commercial and government organizations conduct "Red Team Exercises". What does this mean? What is a Red Team engagement? How is it different that other security tests? Isn't current penetration and vulnerability security testing enough?
Red Teaming share many of the fundamentals of other security testing types, yet focuses on specific scenarios and goals that are used to evaluate and measure an organization's overall security defense posture.
Organizations spend a great deal of time and money on the security of their systems. Red Teams have a unique goal of testing an organization's ability to detect, respond to, and recover from an attack. When properly conducted, Red Team activities can significantly contribute to the improvement an organization's security controls, help hone defensive capabilities, and measure the effectiveness of security operations.
This presentation introduces the Red Teaming concept of IOC management, how a Red Team operator can use specific IOCs to blend in to a target, and how to design specific scenarios to test a Blue Team's defensive posture.
The document discusses strategies for maximizing home-field advantage in cybersecurity defense. It argues that defenders should flip the perspective of red team attackers by mapping assets and security issues, correlating internal and external threat data over time, and taking proactive measures like counterintelligence operations. Examples given include infiltrating hacker communities to booby-trap tools and using attackers' own tools against them. The presentation calls on vendors to develop integrative security products and defenders to own their security data and intelligence in order to focus defenses on real risks rather than compliance.
Gs503 vcf lecture 7 innovation finance i 300315Stephen Ong
This document discusses financing innovation through R&D and the use of Monte Carlo simulation and real options analysis. It begins by looking at typical sources of R&D funding in the US and definitions of basic research, applied research, and development. It then discusses challenges in financing long-term projects like pharmaceutical R&D. Strategic alliances and licensing are presented as major sources of funding for small biotech companies. The document introduces tools like event trees, decision trees, and Monte Carlo simulation that can be used to evaluate projects with uncertainty. It explains how these tools relate to venture capital valuation of companies with significant R&D components.
This document discusses techniques for footprinting, which is the initial information gathering stage of a cyber attack. It describes passive and active forms of footprinting, and lists many resources an attacker can use like search engines, website scraping tools, and people search sites to collect technical details, organizational structure, and personal information about a target before launching any attacks. Specific techniques mentioned include using DNS records, web server metadata, social media profiles, job postings, and analyzing source code for technical clues. The goal of footprinting is to understand as much as possible about a target before engaging in further hacking activities.
This document provides an overview of a presentation on advanced analytics, big data, and being a data scientist. The presentation agenda includes an introduction to data science, why the presenter became a data scientist, definitions of data science, data science skillsets, the data science process for one-off projects versus production pipelines, various data science tools, and a question and answer section. The document outlines each section in detail with examples.
2010.08 Applied Threat Modeling: Live (Hutton/Miller)Allison Miller
Alex Hutton & Allison Miller review their research and application of threat modeling. This version was presented at SOURCE Barcelona (2010), a previous version was presented at Black Hat.
Quantitative Risk Analysis Workshop - focused on working with business risk and factoring in cyber elements, and how to optimize the application of controls for the most effective risk management.
This document discusses DevSecOps at Cimpress, an online printing company. It outlines some of the challenges of their worldwide and decentralized operations with varying technology stacks. Their approach involves threat modeling to identify threats, assets, and controls. They create security assertions based on the threat model and assure test case coverage. The focus is on integrating security into development in a way that is not burdensome to developers. The expected deliverables include automated unit test coverage and tool scans to address the threat model.
1. The document discusses a red team engagement conducted by Nettitude for a large stock exchange to test the security of its real-time trading system.
2. Through targeted phishing, the red team was able to compromise the workstation of a database administrator and gain access to information and systems related to the trading platform.
3. A detection and response assessment found that the blue team failed to detect several of the red team's actions during the simulated attack.
Data Driven Disruption - Why Marketing and Advertising in WA lags - ADMA WA 2...Coert Du Plessis (杜康)
WA is in a state of rapid transformation with the changes in Energy, Resources and support industries. At ADMA WA's 2015 annual conference, we explored why disruptive data activity in Marketing and Advertising is lagging the East Coast and Global stage
The document provides an overview of Vittorio Viarengo's career journey from Italy to Silicon Valley, highlighting key lessons learned along the way in developing innovative products and high-performance teams. It discusses founding his first company ViVi Software in the 1990s, the company's acquisition by BEA Systems, and his subsequent roles at BEA and Oracle developing middleware platforms. The document outlines lessons on identifying opportunities, embracing change, hiring the right people, executing with focus and passion, and recognizing technology cycles.
The document provides an overview of Vittorio Viarengo's career journey from Italy to Silicon Valley, highlighting key lessons learned along the way in developing innovative products and high-performance teams. It discusses founding his first company ViVi Software in the 1990s, the acquisition by BEA Systems, and working at BEA and Oracle developing middleware products. The document emphasizes the importance of identifying opportunities, embracing change, mentors, risk-taking, customer focus, execution, hiring the right people, and managing vision/goals.
The document outlines a growth wheel process for teams to identify opportunities for business growth. The process involves gathering ideas, ranking ideas using a prioritization framework, outlining minimum viable experiments, executing the experiment plans, analyzing data to determine wins or fails, and communicating results. The overall goal is for teams to generate ideas to fix problems, test solutions through quick experiments, and use data to guide further work and identify the most effective growth strategies.
Sans community night - purple is the new blackNVISO
More and more organizations are looking into this new concept of « purple teaming ». As with a lot of things in infosec, the ideas behind this new term are not new, as they’ve been around for a while. How can we make red and blue teams work better together, resulting in an increased added value for the organization? During this talk, Erik Van Buggenhout & Michel Coene will answer some of the following questions:
-What is purple teaming?
-Do I need to create a third team next to my red and blue team?
-How do I deliver a valuable engagement? What approach can I use?
-What kind of people do I need in my purple team ?
-What tools are available?
…
Adaptive Go-To-Market Plan for a Business DNA Search Engine: VisionaryD SoftwareRod King, Ph.D.
The document presents VisionaryD, a proposed business DNA search engine and collaboration platform. It would allow users to search for, organize, and sell business DNA information to rapidly improve business model agility. The strategic plan outlines developing the platform in stages from idea to prototype to pilot to full scale. It also details VisionaryD's customer development strategy of growing from direct competitors to indirect competitors to non-competitors/complementors. The goal is to help users search for and organize business DNA information to simplify business processes.
Kanban India 2023 | Mike Burrows | Between Spaces Scopes and Scales What the ...LeanKanbanIndia
This document summarizes Mike Burrows' model of the deliberately adaptive organization. The model presents an organization as having three overlapping spaces - delivery, discovery, and renewal - which are managed through adaptive strategizing, mutual trust building, and relationships across multiple scales. The document discusses how this model can help organizations deal with common problems like structures with poor fit, managing the wrong things in the wrong places, dealing poorly with surprise, and failures of context that disappoint customers.
To build an effective security operations center (SOC), you must first understand what type of SOC you need by considering its capabilities, organization, staffing hours, and environment. Key planning areas include defining hours of availability, whether to use an MSSP, priority capabilities, and the technology environment. Budget and technology are also important to consider, but only after establishing goals. An effective SOC requires the right mix of processes, people, and technologies tailored to your organization's unique needs.
This document provides an overview of blue teaming tactics and strategies. It discusses how blue teams can identify weaknesses, document risks and consequences, and participate in remediation efforts. Some key responsibilities of blue teams include patching systems, monitoring networks, and responding to security incidents. The document also outlines several tactics for blue teams, such as establishing essential monitoring and response procedures, hardening systems according to checklists, and conducting security tests and exercises. The goal of blue teams is to stay ahead of attackers and continuously improve the security posture of their organization.
To the extent the employer brand is internalized, new employees are likely to be more committed to achieving the goals of the organization, more committed to the organization in general and less likely to withdraw from the organization.
No more security empires - The ciso as an individual contributorPriyanka Aash
The staffing model for many mid-sized security programs is typically based on a highly centralized security team. While that provides a high degree of control, it can create inefficiencies and a lack of ownership relative to implementation of the program. This session will share the presenter’s experience as a CISO with no direct reports, leveraging people and budgets across the entire company.
(Source : RSA Conference USA 2017)
FITI Workshop_Marketing and Strategy for StartupsAlbert Weng
Title: Course 5_Marketing & Strategy for Startups
Organizer: FITI, a gov-led startup program in Taiwan
Date: 2021/06/05
Format: online live course & workshop (Google Meet)
Attendees: teams from Top 15 of the FITI 2021-01 group
The document discusses data mining and the gender gap as a fundamental issue for metrics. Data mining models and patterns can help resolve this issue. Achieving gender equality and empowering women and girls is Sustainable Development Goal number 5. Experience with data mining techniques like clusters and patterns can provide insights from data to information and knowledge. However, visual counting large numbers is risky due to production patterns with variability and ambiguity.
Using IOCs to Design and Control Threat Activities During a Red Team EngagementJoe Vest
The term Red Team or Red Teaming has become more prevalent in the security industry. Both commercial and government organizations conduct "Red Team Exercises". What does this mean? What is a Red Team engagement? How is it different that other security tests? Isn't current penetration and vulnerability security testing enough?
Red Teaming share many of the fundamentals of other security testing types, yet focuses on specific scenarios and goals that are used to evaluate and measure an organization's overall security defense posture.
Organizations spend a great deal of time and money on the security of their systems. Red Teams have a unique goal of testing an organization's ability to detect, respond to, and recover from an attack. When properly conducted, Red Team activities can significantly contribute to the improvement an organization's security controls, help hone defensive capabilities, and measure the effectiveness of security operations.
This presentation introduces the Red Teaming concept of IOC management, how a Red Team operator can use specific IOCs to blend in to a target, and how to design specific scenarios to test a Blue Team's defensive posture.
The document discusses strategies for maximizing home-field advantage in cybersecurity defense. It argues that defenders should flip the perspective of red team attackers by mapping assets and security issues, correlating internal and external threat data over time, and taking proactive measures like counterintelligence operations. Examples given include infiltrating hacker communities to booby-trap tools and using attackers' own tools against them. The presentation calls on vendors to develop integrative security products and defenders to own their security data and intelligence in order to focus defenses on real risks rather than compliance.
Gs503 vcf lecture 7 innovation finance i 300315Stephen Ong
This document discusses financing innovation through R&D and the use of Monte Carlo simulation and real options analysis. It begins by looking at typical sources of R&D funding in the US and definitions of basic research, applied research, and development. It then discusses challenges in financing long-term projects like pharmaceutical R&D. Strategic alliances and licensing are presented as major sources of funding for small biotech companies. The document introduces tools like event trees, decision trees, and Monte Carlo simulation that can be used to evaluate projects with uncertainty. It explains how these tools relate to venture capital valuation of companies with significant R&D components.
This document discusses techniques for footprinting, which is the initial information gathering stage of a cyber attack. It describes passive and active forms of footprinting, and lists many resources an attacker can use like search engines, website scraping tools, and people search sites to collect technical details, organizational structure, and personal information about a target before launching any attacks. Specific techniques mentioned include using DNS records, web server metadata, social media profiles, job postings, and analyzing source code for technical clues. The goal of footprinting is to understand as much as possible about a target before engaging in further hacking activities.
This document provides an overview of a presentation on advanced analytics, big data, and being a data scientist. The presentation agenda includes an introduction to data science, why the presenter became a data scientist, definitions of data science, data science skillsets, the data science process for one-off projects versus production pipelines, various data science tools, and a question and answer section. The document outlines each section in detail with examples.
2010.08 Applied Threat Modeling: Live (Hutton/Miller)Allison Miller
Alex Hutton & Allison Miller review their research and application of threat modeling. This version was presented at SOURCE Barcelona (2010), a previous version was presented at Black Hat.
Quantitative Risk Analysis Workshop - focused on working with business risk and factoring in cyber elements, and how to optimize the application of controls for the most effective risk management.
This document discusses DevSecOps at Cimpress, an online printing company. It outlines some of the challenges of their worldwide and decentralized operations with varying technology stacks. Their approach involves threat modeling to identify threats, assets, and controls. They create security assertions based on the threat model and assure test case coverage. The focus is on integrating security into development in a way that is not burdensome to developers. The expected deliverables include automated unit test coverage and tool scans to address the threat model.
This document provides an introduction to bitcoin, including what it is, how it works, advantages, disadvantages, weaknesses, history, data, mining process over time, physical representations, and future possibilities. Bitcoin is described as a decentralized digital currency based on cryptography, without a central authority. Transactions are confirmed by miners who are rewarded with new bitcoins. Key aspects covered include how users can send and receive bitcoins, security issues, increasing difficulty of mining over time, and the currency's value and adoption over its history.
A presentation on the state of cyber security, current threats and opportunities at the national level.
An overview of current readiness analysis for countries, along-with a recommended strategic approach to developing capabilities and partnerships locally, regionally, and globally.
Second Life is a free online virtual world where users can generate content. Users can exchange the virtual currency, Linden Dollars, for real money. Key industries include real estate, adult entertainment, and fashion. Some users exploit the system by creating weapons to annoy others or using third-party viewers to crash clients and copy content illegally. In response, Linden Lab banned over 10,000 users and tightened policies around virtual weapons and third-party viewers.
This document discusses cheating in games and the techniques used. It covers reasons for cheating such as fun, profit, and gaining knowledge. It also discusses common cheating methods like bots, trainers, patching, and hooking. It provides examples of how to hook into the Windows API and examples of anti-cheating techniques used by game developers. Overall, the document is about cheating techniques in games and the ongoing challenge for developers to create uncheatable games.
Pushing in, leaving a present, and pulling out slowly without anyone noticingIftach Ian Amit
The document appears to be a presentation about infiltration techniques for cyber attacks. It discusses exploiting technical vulnerabilities like web, email and remote access software. It also covers gaining access through social engineering, like sending malicious links and files to trick users. The presentation emphasizes targeting individuals within an organization and using common tools like ZeuS or SpyEye malware to acquire sensitive data from infected systems.
The document discusses mesh networks, which are wireless networks formed by connecting nodes without centralized administration. It describes the topology and attributes of mesh networks, including that they are self-organizing, self-healing, and scalable. It then provides examples of several existing mesh networks around the world and discusses some of the technical and community challenges in building mesh networks.
HTML5 introduces new features that can be exploited if not implemented securely. Storage mechanisms like local storage, session storage, and IndexedDB can be used to steal sensitive user data if not set with the proper security flags. Cross-origin resource sharing and cross-document messaging allow communication between domains but need controls to prevent CSRF and information disclosure. New HTML5 features provide opportunities for old attacks like XSS through new vectors like autofocus. Developers must implement security best practices to prevent exploitation of HTML5 capabilities.
The document is a presentation by Iftach Ian Amit on data exfiltration techniques. It discusses infiltrating target networks through both technical exploits and social engineering. It then covers targeting specific data for acquisition using tools like ZeuS or SpyEye. Finally, it outlines various methods for exfiltrating the acquired data covertly, such as using SSL encryption, avoiding detection by DLP and IPS systems, and encoding the data.
The document discusses how the Linux dynamic loader and LD_PRELOAD environment variable can be exploited to intercept and modify the behavior of shared library functions at runtime. It provides examples of how this technique could be used to implement a man-in-the-middle attack on OpenSSH authentication, log passwords, and extend the functionality of system programs like 'cat'. While powerful for debugging, this approach also has security disadvantages as it requires access to the executable and works only on exported symbols.
An intoroduction to the IS-IS IGP routing protocolIftach Ian Amit
The document provides an overview of the Intermediate System to Intermediate System (IS-IS) routing protocol. It describes key IS-IS concepts like neighbor discovery using hello messages, flooding of link state packets (LSPs) to share routing information, synchronization of the link state database, and running shortest path first (SPF) calculations to determine optimal routes. Pseudo-nodes and designated routers are used on broadcast networks to represent the entire network topology. Sequence numbers, checksums, and hold timers ensure freshness and accuracy of routing data.
The document describes the Turtles Project, which implements nested virtualization on x86 CPUs. The key aspects are:
1) It runs multiple guest hypervisors (KVM, VMware, Linux, Windows) simultaneously on a single x86 CPU using nested virtualization, which is not directly supported in hardware.
2) It addresses the challenges of nested virtualization through techniques like multi-dimensional paging to map multiple virtual-to-physical address spaces, and multi-level device assignment to allow direct device access across multiple hypervisor layers.
3) Micro-optimizations are used to reduce the performance overhead of moving between hypervisor layers, such as minimizing data copying during VM exits. Experiments show each additional level of
japanese language course in delhi near meheyfairies7
Next is the Nihon Language Academy in East Delhi, renowned for its comprehensive curriculum and interactive teaching methods. They boast a faculty of experienced educators with a blend of both Indian and Japanese nationals. The academy provides extensive support for JLPT exam preparation along with personalized tutoring sessions if needed. Nihon Language Academy also arranges exchange programs with partner institutes in Japan, which provides students an opportunity to experience Japanese culture and language first-hand.
SATTA MATKA DPBOSS KALYAN MATKA RESULTS KALYAN CHART KALYAN MATKA MATKA RESULT KALYAN MATKA TIPS SATTA MATKA MATKA COM MATKA PANA JODI TODAY BATTA SATKA MATKA PATTI JODI NUMBER MATKA RESULTS MATKA CHART MATKA JODI SATTA COM INDIA SATTA MATKA MATKA TIPS MATKA WAPKA ALL MATKA RESULT LIVE ONLINE MATKA RESULT KALYAN MATKA RESULT DPBOSS MATKA 143 MAIN MATKA KALYAN MATKA RESULTS KALYAN CHART
[To download this presentation, visit:
https://www.oeconsulting.com.sg/training-presentations]
Unlock the full potential of the MECE (Mutually Exclusive, Collectively Exhaustive) Principle with this comprehensive PowerPoint deck. Designed to enhance your analytical skills and strategic decision-making, this presentation guides you through the fundamental concepts, advanced techniques, and practical applications of the MECE framework, ensuring you can apply it effectively in various business contexts.
The MECE Principle, developed by Barbara Minto, an ex-consultant at McKinsey, is a foundational tool for structured thinking. Minto is also renowned for the Minto Pyramid Principle, which emphasizes the importance of logical structuring in writing and presenting ideas. This presentation includes a clear explanation of the MECE principle and its significance. It offers a detailed exploration of MECE concepts and categories, highlighting how to create mutually exclusive and collectively exhaustive segments. You will learn to combine MECE with other powerful business frameworks like SWOT, Porter's Five Forces, and BCG Matrix. Discover sophisticated methods for applying MECE in complex scenarios and enhancing your problem-solving abilities. The deck also provides a step-by-step guide to performing thorough and structured MECE analyses, ensuring no aspect is overlooked. Insider tips are included to help you avoid common mistakes and optimize your MECE applications.
The presentation features illustrative examples from various industries to show MECE in action, providing practical insights and inspiration. It includes engaging group activities designed for the practice of the MECE principle, fostering collaborative learning and application. Key takeaways and success factors for mastering the MECE principle and applying it in your professional work are also covered.
The MECE Principle presentation is meticulously designed to provide you with all the tools and knowledge you need to master the MECE principle. Whether you're a business analyst, manager, or strategist, this presentation will empower you to deliver insightful and actionable analysis, drive better decision-making, and achieve outstanding results.
LEARNING OBJECTIVES:
1. Understand the MECE Principle
2. Improve Analytical Skills
3. Apply MECE Framework
4. Enhance Decision-Making
5. Optimize Resource Allocation
6. Facilitate Strategic Planning
SATTA MATKA SATTA FAST RESULT KALYAN TOP MATKA RESULT KALYAN SATTA MATKA FAST RESULT MILAN RATAN RAJDHANI MAIN BAZAR MATKA FAST TIPS RESULT MATKA CHART JODI CHART PANEL CHART FREE FIX GAME SATTAMATKA ! MATKA MOBI SATTA 143 spboss.in TOP NO1 RESULT FULL RATE MATKA ONLINE GAME PLAY BY APP SPBOSS
Adani Group Requests For Additional Land For Its Dharavi Redevelopment Projec...Adani case
It will bring about growth and development not only in Maharashtra but also in our country as a whole, which will experience prosperity. The project will also give the Adani Group an opportunity to rise above the controversies that have been ongoing since the Adani CBI Investigation.
SATTA MATKA DPBOSS KALYAN MATKA RESULTS KALYAN CHART KALYAN MATKA MATKA RESULT KALYAN MATKA TIPS SATTA MATKA MATKA COM MATKA PANA JODI TODAY BATTA SATKA MATKA PATTI JODI NUMBER MATKA RESULTS MATKA CHART MATKA JODI SATTA COM INDIA SATTA MATKA MATKA TIPS MATKA WAPKA ALL MATKA RESULT LIVE ONLINE MATKA RESULT KALYAN MATKA RESULT DPBOSS MATKA 143 MAIN MATKA KALYAN MATKA RESULTS KALYAN CHART
KALYAN CHART SATTA MATKA DPBOSS KALYAN MATKA RESULTS KALYAN MATKA MATKA RESULT KALYAN MATKA TIPS SATTA MATKA MATKA COM MATKA PANA JODI TODAY BATTA SATKA MATKA PATTI JODI NUMBER MATKA RESULTS MATKA CHART MATKA JODI SATTA COM INDIA SATTA MATKA MATKA TIPS MATKA WAPKA ALL MATKA RESULT LIVE ONLINE MATKA RESULT KALYAN MATKA RESULT DPBOSS MATKA 143 MAIN MATKA KALYAN MATKA RESULTS KALYAN CHART
L'indice de performance des ports à conteneurs de l'année 2023SPATPortToamasina
Une évaluation comparable de la performance basée sur le temps d'escale des navires
L'objectif de l'ICPP est d'identifier les domaines d'amélioration qui peuvent en fin de compte bénéficier à toutes les parties concernées, des compagnies maritimes aux gouvernements nationaux en passant par les consommateurs. Il est conçu pour servir de point de référence aux principaux acteurs de l'économie mondiale, notamment les autorités et les opérateurs portuaires, les gouvernements nationaux, les organisations supranationales, les agences de développement, les divers intérêts maritimes et d'autres acteurs publics et privés du commerce, de la logistique et des services de la chaîne d'approvisionnement.
Le développement de l'ICPP repose sur le temps total passé par les porte-conteneurs dans les ports, de la manière expliquée dans les sections suivantes du rapport, et comme dans les itérations précédentes de l'ICPP. Cette quatrième itération utilise des données pour l'année civile complète 2023. Elle poursuit le changement introduit l'année dernière en n'incluant que les ports qui ont eu un minimum de 24 escales valides au cours de la période de 12 mois de l'étude. Le nombre de ports inclus dans l'ICPP 2023 est de 405.
Comme dans les éditions précédentes de l'ICPP, la production du classement fait appel à deux approches méthodologiques différentes : une approche administrative, ou technique, une méthodologie pragmatique reflétant les connaissances et le jugement des experts ; et une approche statistique, utilisant l'analyse factorielle (AF), ou plus précisément la factorisation matricielle. L'utilisation de ces deux approches vise à garantir que le classement des performances des ports à conteneurs reflète le plus fidèlement possible les performances réelles des ports, tout en étant statistiquement robuste.
Easy Earnings Through Refer and Earn Apps Without KYC.pptxFx Lotus
Learn how to make extra money with refer and earn apps that don’t require KYC. Find out the advantages, top apps, and strategies to boost your earnings quickly and easily.
➒➌➎➏➑➐➋➑➐➐ Satta Matka Dpboss Matka Guessing Indian Matka KALYAN MATKA | MATKA RESULT | KALYAN MATKA TIPS | SATTA MATKA | MATKA.COM | MATKA PANA JODI TODAY | BATTA SATKA | MATKA PATTI JODI NUMBER | MATKA RESULTS | MATKA CHART | MATKA JODI | SATTA COM | FULL RATE GAME | MATKA GAME | MATKA WAPKA | ALL MATKA RESULT LIVE ONLINE | MATKA RESULT | KALYAN MATKA RESULT | DPBOSS MATKA 143 | MAIN MATKA
SATTA MATKA DPBOSS KALYAN MATKA RESULTS KALYAN CHART KALYAN MATKA MATKA RESULT KALYAN MATKA TIPS SATTA MATKA MATKA COM MATKA PANA JODI TODAY BATTA SATKA MATKA PATTI JODI NUMBER MATKA RESULTS MATKA CHART MATKA JODI SATTA COM INDIA SATTA MATKA MATKA TIPS MATKA WAPKA ALL MATKA RESULT LIVE ONLINE MATKA RESULT KALYAN MATKA RESULT DPBOSS MATKA 143 MAIN MATKA KALYAN MATKA RESULTS KALYAN CHART
Enhancing Adoption of AI in Agri-food: IntroductionCor Verdouw
Introduction to the Panel on: Pathways and Challenges: AI-Driven Technology in Agri-Food, AI4Food, University of Guelph
“Enhancing Adoption of AI in Agri-food: a Path Forward”, 18 June 2024
Discover the Beauty and Functionality of The Expert Remodeling Serviceobriengroupinc04
Unlock your kitchen's true potential with expert remodeling services from O'Brien Group Inc. Transform your space into a functional, modern, and luxurious haven with their experienced professionals. From layout reconfiguration to high-end upgrades, they deliver stunning results tailored to your style and needs. Visit obriengroupinc.com to elevate your kitchen's beauty and functionality today.
High-Quality IPTV Monthly Subscription for $15advik4387
Experience high-quality entertainment with our IPTV monthly subscription for just $15. Access a vast array of live TV channels, movies, and on-demand shows with crystal-clear streaming. Our reliable service ensures smooth, uninterrupted viewing at an unbeatable price. Perfect for those seeking premium content without breaking the bank. Start streaming today!
https://rb.gy/f409dk
13. Agenda
Preparing for a red team (map)
Locate business critical assets (identify)
Getting buy-in (recruit)
Defining goals (target)
Finding a team (assemble)
Define scenarios and RoE (scope)
Establish white/blue team (monitor)
Hang on tight (execute)
Analyze (pre-report)
Identify areas of improvement (gap)
Create plan for remediation (fix)
16. Agenda
Preparing for a red team (map)
Locate business critical assets (identify)
Getting buy-in (recruit)
Defining goals (target)
Finding a team (assemble)
Define scenarios and RoE (scope)
Establish white/blue team (monitor)
Hang on tight (execute)
Analyze (pre-report)
Identify areas of improvement (gap)
Create plan for remediation (fix)
21. Agenda
Preparing for a red team (map)
Locate business critical assets (identify)
Getting buy-in (recruit)
Defining goals (target)
Finding a team (assemble)
Define scenarios and RoE (scope)
Establish white/blue team (monitor)
Hang on tight (execute)
Analyze (pre-report)
Identify areas of improvement (gap)
Create plan for remediation (fix)
24. Agenda
Preparing for a red team (map)
Locate business critical assets (identify)
Getting buy-in (recruit)
Defining goals (target)
Finding a team (assemble)
Define scenarios and RoE (scope)
Establish white/blue team (monitor)
Hang on tight (execute)
Analyze (pre-report)
Identify areas of improvement (gap)
Create plan for remediation (fix)
29. How do I look from the outside?
Legal
Research & Development
30. How do I look from the outside?
Legal
Research & Development
Procurement
31. How do I look from the outside?
Legal
Research & Development
Procurement
Information Sources
32. How do I look from the outside?
Legal
Research & Development
Procurement
Information Sources
Supply Chain
33. How do I look from the outside?
Legal
Research & Development
Procurement
Information Sources
Supply Chain
Human Resources
34. How do I look from the outside?
Legal
Research & Development
Procurement
Information Sources
Supply Chain
Human Resources
Sales
35. How do I look from the outside?
Legal
Research & Development
Procurement
Information Sources
Supply Chain
Human Resources
Sales
Financials
36. Agenda
Preparing for a red team (map)
Locate business critical assets (identify)
Getting buy-in (recruit)
Defining goals (target)
Finding a team (assemble)
Define scenarios and RoE (scope)
Establish white/blue team (monitor)
Hang on tight (execute)
Analyze (pre-report)
Identify areas of improvement (gap)
Create plan for remediation (fix)
47. Agenda
Preparing for a red team (map)
Locate business critical assets (identify)
Getting buy-in (recruit)
Defining goals (target)
Finding a team (assemble)
Define scenarios and RoE (scope)
Establish white/blue team (monitor)
Hang on tight (execute)
Analyze (pre-report)
Identify areas of improvement (gap)
Create plan for remediation (fix)
59. Agenda
Preparing for a red team (map)
Locate business critical assets (identify)
Getting buy-in (recruit)
Defining goals (target)
Finding a team (assemble)
Define scenarios and RoE (scope)
Establish white/blue team (monitor)
Hang on tight (execute)
Analyze (pre-report)
Identify areas of improvement (gap)
Create plan for remediation (fix)
61. Agenda
Preparing for a red team (map)
Locate business critical assets (identify)
Getting buy-in (recruit)
Defining goals (target)
Finding a team (assemble)
Define scenarios and RoE (scope)
Establish white/blue team (monitor)
Hang on tight (execute)
Analyze (pre-report)
Identify areas of improvement (gap)
Create plan for remediation (fix)
67. Agenda
Preparing for a red team (map)
Locate business critical assets (identify)
Getting buy-in (recruit)
Defining goals (target)
Finding a team (assemble)
Define scenarios and RoE (scope)
Establish white/blue team (monitor)
Hang on tight (execute)
Analyze (pre-report)
Identify areas of improvement (gap)
Create plan for remediation (fix)
78. Agenda
Preparing for a red team (map)
Locate business critical assets (identify)
Getting buy-in (recruit)
Defining goals (target)
Finding a team (assemble)
Define scenarios and RoE (scope)
Establish white/blue team (monitor)
Hang on tight (execute)
Analyze (pre-report)
Identify areas of improvement (gap)
Create plan for remediation (fix)
84. Example 1: Dumpster Diving Olympics
•Personnel training
•Process changes
•Technical controls
85. Example 1: Dumpster Diving Olympics
•Personnel training
•Process changes
•Technical controls
•Change management
86. Example 1: Dumpster Diving Olympics
•Personnel training
•Process changes
•Technical controls
•Change management
•R&D practices
87. Example 1: Dumpster Diving Olympics
•Personnel training
•Process changes
•Technical controls
•Change management
•R&D practices
•3rd party sw security
88. Example 1: Dumpster Diving Olympics
•Personnel training
•Process changes
•Technical controls
•Change management
•R&D practices
•3rd party sw security
•Physical security routines
89. Agenda
Preparing for a red team (map)
Locate business critical assets (identify)
Getting buy-in (recruit)
Defining goals (target)
Finding a team (assemble)
Define scenarios and RoE (scope)
Establish white/blue team (monitor)
Hang on tight (execute)
Analyze (pre-report)
Identify areas of improvement (gap)
Create plan for remediation (fix)
91. Example 2: Incident Response from Hell
Process:
Incident response kicks in on any malware with a
signature from the past week, or with a generic/
heuristic detection.
In meantime, malware (APT!?) is left to run (actually
ok...)
Problem:
High number of incidents in a short time can create a
queue. Queue is predictable if IR analysis consists of
C&C traffic as well :-)
Queue can be exploited...
93. Example 3: Eager Sales
Organization is a security contractor (build big guns).
94. Example 3: Eager Sales
Organization is a security contractor (build big guns).
R&D, production, testing, management, sales, all in the
same location (HQ).
95. Example 3: Eager Sales
Organization is a security contractor (build big guns).
R&D, production, testing, management, sales, all in the
same location (HQ).
Sales are global, controlled from HQ.
96. Example 3: Eager Sales
Organization is a security contractor (build big guns).
R&D, production, testing, management, sales, all in the
same location (HQ).
Sales are global, controlled from HQ.
Extreme perimeter security, high-end physical security.
97. Example 3: Eager Sales
Organization is a security contractor (build big guns).
R&D, production, testing, management, sales, all in the
same location (HQ).
Sales are global, controlled from HQ.
Extreme perimeter security, high-end physical security.
Sales... few targeted emails, reverse shell home. Network
is done. DA on production machines (mfg.), sales
ledgers, major diplomatic incident potential...
98. Example 3: Eager Sales
Organization is a security contractor (build big guns).
R&D, production, testing, management, sales, all in the
same location (HQ).
Sales are global, controlled from HQ.
Extreme perimeter security, high-end physical security.
Sales... few targeted emails, reverse shell home. Network
is done. DA on production machines (mfg.), sales
ledgers, major diplomatic incident potential...
Process breakdown from physical security (USB
drops), through separation of duties, network
segmentation, egress data management.
99. Preparing for a red team (map)
Locate business critical assets (identify)
Getting buy-in (recruit)
Defining goals (target)
Finding a team (assemble)
Define scenarios and RoE (scope)
Establish white/blue team (monitor)
Hang on tight (execute)
Analyze (pre-report)
Identify areas of improvement (gap)
Create plan for remediation (fix)