Mark Arena - Cyber Threat Intelligence #uisgcon9UISGCON
This document discusses cyber threat intelligence and how it can be collected and produced. It defines intelligence as taking data and using knowledge and experience to determine what is factual and probable about past and future events, and communicating this information to decision makers. It provides examples of assessing the probability of threats based on known vulnerabilities and exploits. It also outlines various data sources that can be used to collect intelligence both within an organization and on the open internet. These include network flow data, endpoint monitoring, and searching open sources. It stresses the importance of knowing the motivations and techniques of different attackers in order to effectively defend an organization.
Kimberly Zenz - Financial Options for Cyber Criminals #uisgcon9UISGCON
This document discusses various financial options available to cyber criminals for laundering money obtained through illicit means. It notes that while electronic currencies were initially popular due to perceived anonymity, law enforcement has had success tracking transactions through exchanges and cracking down on leaders like Liberty Reserve. No option is foolproof as international cooperation on anti-money laundering has strengthened. Ultimately, cyber criminals must stay under the radar and accept that risk remains higher than pursuing crimes without this financial element.
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9UISGCON
This document summarizes an IBM Security Systems mid-year 2013 trend and risk report. It discusses how the IBM X-Force monitors the threat landscape and researches new attack techniques to educate customers. It outlines key trends in the first half of 2013 including a rise in targeted attacks exploiting trust relationships, watering hole attacks compromising websites, and attacks on foreign branch sites. Mobile threats like Android malware are also growing. The report concludes with recommendations to prioritize security basics like patching and educate users.
Владимир Стыран - Пентест следующего поколения, который ваша компания не може...UISGCON
This document discusses the differences between penetration testing and vulnerability assessments, and why clients often receive poor quality tests. It notes that penetration tests are meant to be deeply interactive, focusing on achieving specific goals through exploitation, while vulnerability assessments only superficially identify issues. It also explains that clients contribute to poor tests by lacking understanding of the purpose and proper scope of each method, and not performing adequate quality control of testers. The document provides recommendations for how clients can improve tests by learning testing standards, clearly defining objectives, and incentivizing testers to achieve goals through payment structures.
The FBI operates international offices in 78 countries through its International Operations Division to coordinate domestic and foreign investigations and support partner agencies. The document discusses the FBI's Cyber Division which works with cyber agents, cyber action teams, and private/government partners to combat cybercrime threats. Specifically in Ukraine, the FBI works with the SBU and MVD to investigate JabberZeus coders and pursue related spin-off investigations in both countries. The FBI aims to understand, resource, and prosecute cyber threats like account takeovers while informing network defenders.
The document discusses the growing threat of mobile botnets and their potential to infect smartphones on a massive scale. It outlines how existing Android and Symbian botnets have infected over a million devices and describes how future mobile botnets could utilize SMS and other infection methods. The presentation warns that smartphones could become "mini ISPs" if security measures are not improved to prevent botnets from using the devices to broadcast malware. It concludes by emphasizing the need for manufacturers, researchers, and organizations to collaborate on addressing this emerging threat.
Mark Arena - Cyber Threat Intelligence #uisgcon9UISGCON
This document discusses cyber threat intelligence and how it can be collected and produced. It defines intelligence as taking data and using knowledge and experience to determine what is factual and probable about past and future events, and communicating this information to decision makers. It provides examples of assessing the probability of threats based on known vulnerabilities and exploits. It also outlines various data sources that can be used to collect intelligence both within an organization and on the open internet. These include network flow data, endpoint monitoring, and searching open sources. It stresses the importance of knowing the motivations and techniques of different attackers in order to effectively defend an organization.
Kimberly Zenz - Financial Options for Cyber Criminals #uisgcon9UISGCON
This document discusses various financial options available to cyber criminals for laundering money obtained through illicit means. It notes that while electronic currencies were initially popular due to perceived anonymity, law enforcement has had success tracking transactions through exchanges and cracking down on leaders like Liberty Reserve. No option is foolproof as international cooperation on anti-money laundering has strengthened. Ultimately, cyber criminals must stay under the radar and accept that risk remains higher than pursuing crimes without this financial element.
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9UISGCON
This document summarizes an IBM Security Systems mid-year 2013 trend and risk report. It discusses how the IBM X-Force monitors the threat landscape and researches new attack techniques to educate customers. It outlines key trends in the first half of 2013 including a rise in targeted attacks exploiting trust relationships, watering hole attacks compromising websites, and attacks on foreign branch sites. Mobile threats like Android malware are also growing. The report concludes with recommendations to prioritize security basics like patching and educate users.
Владимир Стыран - Пентест следующего поколения, который ваша компания не може...UISGCON
This document discusses the differences between penetration testing and vulnerability assessments, and why clients often receive poor quality tests. It notes that penetration tests are meant to be deeply interactive, focusing on achieving specific goals through exploitation, while vulnerability assessments only superficially identify issues. It also explains that clients contribute to poor tests by lacking understanding of the purpose and proper scope of each method, and not performing adequate quality control of testers. The document provides recommendations for how clients can improve tests by learning testing standards, clearly defining objectives, and incentivizing testers to achieve goals through payment structures.
The FBI operates international offices in 78 countries through its International Operations Division to coordinate domestic and foreign investigations and support partner agencies. The document discusses the FBI's Cyber Division which works with cyber agents, cyber action teams, and private/government partners to combat cybercrime threats. Specifically in Ukraine, the FBI works with the SBU and MVD to investigate JabberZeus coders and pursue related spin-off investigations in both countries. The FBI aims to understand, resource, and prosecute cyber threats like account takeovers while informing network defenders.
The document discusses the growing threat of mobile botnets and their potential to infect smartphones on a massive scale. It outlines how existing Android and Symbian botnets have infected over a million devices and describes how future mobile botnets could utilize SMS and other infection methods. The presentation warns that smartphones could become "mini ISPs" if security measures are not improved to prevent botnets from using the devices to broadcast malware. It concludes by emphasizing the need for manufacturers, researchers, and organizations to collaborate on addressing this emerging threat.