The IoT Attack Surface
•
2 likes•1,336 views
The document discusses testing the security of Internet of Things (IoT) devices and networks. It outlines that IoT security involves more than just testing individual devices, and identifies 16 distinct attack surfaces for IoT systems based on the OWASP IoT project. Capturing network traffic from IoT devices using a network tap and analyzing it with tools like Caparser can help identify security issues and sensitive data being sent to unknown IP addresses. Thorough IoT security testing requires considering the entire local network ecosystem and interaction between connected devices.
Report
Share
Report
Share
Download to read offline
Recommended
IoT Attack Surfaces -- DEFCON 2015
The document discusses junk hacking and vulnerability research of IoT devices. It notes that many IoT devices have no security and can easily be hacked. It argues that while demonstrating vulnerabilities in everyday devices is interesting, the "junk hacking" trend has become overdone at security conferences. The document advocates moving the discussion beyond just identifying vulnerabilities and toward developing a standardized approach for assessing IoT security across different device types and platforms.
IoT security (Internet of Things)
Internet of Things means every household or handy device which is used to make our world easy and better and connected with IP which transmit some data.
This slide covers IOT description, OWASP Top 10 2014 & its recommendations.
Cyber Security PPT - 2023.pptx
This presentation introduces cybersecurity fundamentals including tools, roles, operating system security, compliance frameworks, network security, and databases. It defines cyber security, discusses security and privacy categories of cyber crimes. It also provides types of cyber attacks and crimes by percentage, advantages of cyber security, and safety tips to prevent cyber crimes. References are included from Wikipedia, antivirus testing organizations, and cybersecurity blogs and forums.
IoT Security
Presentation providing an overview of security, privacy and data protection for the Internet of Things. Presented at IEEE 1451.0 WG.
Owasp osint presentation - by adam nurudini
Open-Source Intelligence (OSINT) is intelligence collected from public available sources
“Open” refers overt, public available sources (as opposed to covert sources)
Its not related to open-source software or public intelligence
This information comes from a variety of sources, including the social media pages of your company and staff. These can be a goldmine of information, revealing information such as the design of ID badges, layout of the buildings and software used on internal systems.
Mobile Forensics
This document provides an overview of mobile device forensics. It discusses how people store personal information on mobile devices and the challenges of investigating these devices. The document covers mobile device characteristics, memory types, identity modules, cellular networks, and investigative tools and methods. These include manual extraction, logical extraction, chip-off acquisition, and preservation techniques like isolation and acquisition of internal memory, SIM cards, and external storage. The objectives are to understand mobile device forensics and the characteristics and challenges involved in acquiring, analyzing, and investigating evidence from mobile devices.
WLAN Attacks and Protection
This document discusses WLAN attacks and protections. It describes common WLAN attacks like man-in-the-middle, denial of service, and rogue access points that threaten confidentiality, integrity, availability, and authentication. Existing solutions like WEP, WPA, WPA2 aim to provide encryption and authentication, but also have vulnerabilities. The document recommends combining WPA2/AES encryption with 802.1x authentication and wireless intrusion detection/prevention systems to secure WLANs at both the frame and RF levels.
Security Testing for IoT Systems
IoT Systems provide powerful, flexible features for IT systems — tracking, monitoring, and other data sharing. Today’s IoT devices utilize microservices and APIs that make them easy to put into production. But securing them isn’t as easy.
This webinar will look at security risks of IoT devices, interfaces, and implementations. We’ll provide practical steps and checklists any DevOps team can use to make their IoT components as secure as possible. We’ll also cover some testing best practices that can be done pre- and post-production to verify security and resilience on an ongoing basis.
Recommended
IoT Attack Surfaces -- DEFCON 2015
The document discusses junk hacking and vulnerability research of IoT devices. It notes that many IoT devices have no security and can easily be hacked. It argues that while demonstrating vulnerabilities in everyday devices is interesting, the "junk hacking" trend has become overdone at security conferences. The document advocates moving the discussion beyond just identifying vulnerabilities and toward developing a standardized approach for assessing IoT security across different device types and platforms.
IoT security (Internet of Things)
Internet of Things means every household or handy device which is used to make our world easy and better and connected with IP which transmit some data.
This slide covers IOT description, OWASP Top 10 2014 & its recommendations.
Cyber Security PPT - 2023.pptx
This presentation introduces cybersecurity fundamentals including tools, roles, operating system security, compliance frameworks, network security, and databases. It defines cyber security, discusses security and privacy categories of cyber crimes. It also provides types of cyber attacks and crimes by percentage, advantages of cyber security, and safety tips to prevent cyber crimes. References are included from Wikipedia, antivirus testing organizations, and cybersecurity blogs and forums.
IoT Security
Presentation providing an overview of security, privacy and data protection for the Internet of Things. Presented at IEEE 1451.0 WG.
Owasp osint presentation - by adam nurudini
Open-Source Intelligence (OSINT) is intelligence collected from public available sources
“Open” refers overt, public available sources (as opposed to covert sources)
Its not related to open-source software or public intelligence
This information comes from a variety of sources, including the social media pages of your company and staff. These can be a goldmine of information, revealing information such as the design of ID badges, layout of the buildings and software used on internal systems.
Mobile Forensics
This document provides an overview of mobile device forensics. It discusses how people store personal information on mobile devices and the challenges of investigating these devices. The document covers mobile device characteristics, memory types, identity modules, cellular networks, and investigative tools and methods. These include manual extraction, logical extraction, chip-off acquisition, and preservation techniques like isolation and acquisition of internal memory, SIM cards, and external storage. The objectives are to understand mobile device forensics and the characteristics and challenges involved in acquiring, analyzing, and investigating evidence from mobile devices.
WLAN Attacks and Protection
This document discusses WLAN attacks and protections. It describes common WLAN attacks like man-in-the-middle, denial of service, and rogue access points that threaten confidentiality, integrity, availability, and authentication. Existing solutions like WEP, WPA, WPA2 aim to provide encryption and authentication, but also have vulnerabilities. The document recommends combining WPA2/AES encryption with 802.1x authentication and wireless intrusion detection/prevention systems to secure WLANs at both the frame and RF levels.
Security Testing for IoT Systems
IoT Systems provide powerful, flexible features for IT systems — tracking, monitoring, and other data sharing. Today’s IoT devices utilize microservices and APIs that make them easy to put into production. But securing them isn’t as easy.
This webinar will look at security risks of IoT devices, interfaces, and implementations. We’ll provide practical steps and checklists any DevOps team can use to make their IoT components as secure as possible. We’ll also cover some testing best practices that can be done pre- and post-production to verify security and resilience on an ongoing basis.
Cybersecurity 1. intro to cybersecurity
Cybersecurity involves protecting individuals, businesses, and critical infrastructure from threats arising from computer and internet use. It addresses both external attacks by remote agents exploiting vulnerabilities, as well as insider threats from valid users. Cybersecurity deals with a range of technical and human factors, as vulnerabilities usually stem from a mix of these. Key concerns include malware, cyber attacks aiming to cause damage or steal data, and accidental incidents that can also lead to losses.
Introduction to penetration testing
this is a simple presentation that will give you a general overview and introduction to penetration testing.
Internet Security
Overview of Internet and network security protocols and architectures.
Network and Internet security is about authenticity, secrecy, privacy, authorization, non-repudiation, data integrity and protection from denial of service (DOS) attacks.
In the early days of the Internet, security was not a concern so most protocols were developed without protection from various kinds of attacks in mind. The Internet is now infested with malware like worms, viruses, trojan horses and killer packets. Unprotected hosts run the risk of being seized by hackers and become part of botnets to launch even more elaborate attacks.
Careful protection of hosts in a network is therefore of paramount importance. Hosts that need not be reachable from the Internet are typically placed in a protected LAN. Hosts with reachability requirements like mail and web servers are placed in a special network zone called DMZ (DeMilitarized Zone).
Firewalls protect the different networks. Firewall functionality ranges from simple port and address filters up to stateful application and deep packet inspection firewalls that provide more protection.
In general, security policies should be as restrictive as reasonable possible. So usually something not explicitly allowed should be classified as forbidden and thus be blocked.
OSINT for Attack and Defense
This document provides an overview of how open-source intelligence (OSINT) techniques can be used both offensively and defensively. It discusses tools like Shodan, Maltego, Google searches, and malware sandboxes that can be leveraged to gather technical information about targets, infrastructure, and indicators of compromise. The document also emphasizes the importance of automation and privacy when conducting OSINT research to enhance attacks or strengthen defenses.
Artificial Intelligence and Machine Learning for Cybersecurity
The talk discusses the application of artificial intelligence and machine learning to enterprise cybersecurity. The topics include self-learning, stochastic cellular automata, adaptive & self-organising systems and recursive Bayesian algorithms. The talk briefly surveys several cybersecurity companies including Darktrace, Logrhythm and Norse Corporation. There is also discussion of the application of AI and neural networks within the Banking sector for "Algorithmic Trading" during the last 10 to 20 years. These techniques are now highly relevant, and even ESSENTIAL, for the provision of real-time enterprise cybersecurity to complement traditional "signature" based anti-virus & firewall based solutions. The talk closes with the presentations for the future of Cybersecurity in 2020, 2025 and 2040 including reference to similar forecasts from both Business & Governments. The talk was given by Dr David Eric Probert at the East-West International Security Conference at the Melia Galgos Hotel in Madrid, Spain on the Tuesday 27th October 2015.
IoT Fundamentals.pdf
This document provides an overview of the book "IoT Fundamentals: Networking Technologies, Protocols, and Use Cases for the Internet of Things" by David Hanes, Gonzalo Salgueiro, Patrick Grossetete, Robert Barton, and Jerome Henry. The book covers core IoT technologies including networking, protocols, and use cases. It is published by Cisco Press and copyrighted in 2017.
Cyber Threat Intelligence.pptx
Cyber threat intelligence aims to help companies understand and address cybersecurity threats. It involves collecting and analyzing information on current and potential cyber attacks from sources like malware analysis and human intelligence. There are three main types of threat intelligence: strategic intelligence for executives, tactical intelligence for IT professionals, and operational intelligence from active attacks. Uncovering threats through cyber threat intelligence can help identify security issues like malware infections and prevent costly data breaches and ransomware attacks. The intelligence gathering process typically involves four phases: planning, data collection, threat analysis, and responding to threats.
Artificial Intelligence and Cybersecurity
AI shows promise to help address challenges in cybersecurity by automating tasks, enhancing human abilities, and detecting complex patterns that humans cannot. However, developing effective AI solutions is difficult and requires expertise in both cybersecurity and data science. When evaluating AI products, organizations should consider factors like data and training requirements, error rates, integration with existing tools and processes, and potential new risks introduced. While AI may help alleviate strain on security teams, its use is still nascent, and human oversight will likely remain important.
Bsides Knoxville - OSINT
This document provides an overview of open source intelligence (OSINT) techniques for pentesters. It defines OSINT as intelligence derived from publicly available online sources and discusses why OSINT is useful for goals like finding usernames, passwords, or locating individuals. It then outlines various sources of online information like search engines, social media, communities, and corporate sites. Finally, it describes tools that can be used to gather OSINT like dig, TheHarvester, and APIs and demonstrates searching techniques through examples.
Data Privatisation, Data Anonymisation, Data Pseudonymisation and Differentia...
This paper describes how technologies such as data pseudonymisation and differential privacy technology enables access to sensitive data and unlocks data opportunities and value while ensuring compliance with data privacy legislation and regulations.
Introduction to penetration testing
Introduction to penetration testing
Summary
What’s Pen-testing ?
Why Perform Pen-testing ?
Pen-testing Methodology.
Real world to Pen-testing
Iot Security
The document discusses Internet of Things (IoT) security challenges and countermeasures. It begins with basics of IoT and sensors, then discusses how IoT connects to the internet. It outlines several approaches to securing IoT, including restricted access, encryption of network and data, managing default APIs, addressing human elements of security, and learning from past exploits. Specific threats like denial of service attacks, man-in-the-middle attacks, and brute force/dictionary attacks are examined. The document concludes that IoT security design must enable open yet secure infrastructure while respecting user privacy through individual policies.
Password craking techniques
The document discusses various techniques for cracking passwords, including dictionary attacks, brute force attacks, and exploiting weaknesses in password hashing algorithms. Default passwords, social engineering through phishing emails, and the use of tools like Cain and Abel, John the Ripper, and THC Hydra are also covered as effective cracking methods. Common password mistakes that can enable cracking are also listed.
Application Security | Application Security Tutorial | Cyber Security Certifi...
This Edureka PPT on "Application Security" will help you understand what application security is and measures taken to improve the security of an application often by finding, fixing and preventing security vulnerabilities.
Following are the topics covered in this PPT:
Introduction to Cybersecurity
What is Application Security?
What is an SQL Injection attack
Demo on SQL Injection
Follow us to never miss an update in the future.
Instagram: https://www.instagram.com/edureka_learning/
Facebook: https://www.facebook.com/edurekaIN/
Twitter: https://twitter.com/edurekain
LinkedIn: https://www.linkedin.com/company/edureka
IT Security
This document discusses computer and internet security. It covers topics like protecting computers and information from unauthorized access, and extending security to systems connected to the internet. It discusses who should be concerned about security, like anyone using computers, mobile devices, the internet, email or social networks. Reasons to care about security include risks of viruses, spyware, phishing scams, and privacy/personal security concerns. It provides basic security tips and guidelines for securing mobile devices, social networks, and protecting location data.
Metasploit framwork
Metasploit framwork is one of the most used framework used for penetration testing. With over 1500+ modules it is the first choice of every pentester.
robust image watermarking
it is used for security purpose using two level dct and wavelet packet denoising .based on digital image processing.the software based on matlab.it is used for high security purpose.
CompTIA Security+ SY0-601 Domain 1
CompTIA Security+ is a worldwide certification that verifies the fundamental skills required to execute basic security activities and build a career in information security. CompTIA Security+ SY0-601 is the latest version of the Security+ certification. The very first security certification that IT professionals can obtain is CompTIA Security+, and it is the best entry-level certification.
https://www.infosectrain.com/blog/comptia-security-sy0-601-domain-1-attacks-threats-and-vulnerabilities/
Threat Intelligence
Threat intelligence is information that informs enterprise defenders of adversarial elements to stop them.
It is information that is relevant to the organization, has business value, and is actionable.
If you having all data and feeds then data alone isn’t intelligence.
#Threat #Intelligence #Forensics #ELK #Forensics #VAPT #SOC #SIEM #Incident #D3pak
Incident Response
The document discusses how to create an effective security response plan to avoid a corporate meltdown. It recommends identifying critical assets and an incident response team with clear roles. The plan should include components like an escalation matrix, formal incident reporting, communication protocols, and regular testing. It emphasizes identifying all response team members, communicating the plan to staff, and updating it over time to address changing security needs and technologies.
Practical IoT Security in the Enterprise
IoT definitions, attack surfaces, and practical guidance on implementing within an enterprise environment.
RSA2015: Securing the Internet of Things
The document discusses Daniel Miessler's presentation on securing the Internet of Things (IoT) using the OWASP IoT Top 10 framework. The presentation covers naming conventions for IoT, a vision of a future with ubiquitous connected objects, current IoT security problems, examples of security failures, and the goals and organization of the OWASP IoT Project for mapping IoT attack surfaces and providing guidance. The framework identifies 10 common risks across IoT interfaces, including insecure web/cloud interfaces, lack of encryption, privacy issues, and insecure software/firmware.
More Related Content
What's hot
Cybersecurity 1. intro to cybersecurity
Cybersecurity involves protecting individuals, businesses, and critical infrastructure from threats arising from computer and internet use. It addresses both external attacks by remote agents exploiting vulnerabilities, as well as insider threats from valid users. Cybersecurity deals with a range of technical and human factors, as vulnerabilities usually stem from a mix of these. Key concerns include malware, cyber attacks aiming to cause damage or steal data, and accidental incidents that can also lead to losses.
Introduction to penetration testing
this is a simple presentation that will give you a general overview and introduction to penetration testing.
Internet Security
Overview of Internet and network security protocols and architectures.
Network and Internet security is about authenticity, secrecy, privacy, authorization, non-repudiation, data integrity and protection from denial of service (DOS) attacks.
In the early days of the Internet, security was not a concern so most protocols were developed without protection from various kinds of attacks in mind. The Internet is now infested with malware like worms, viruses, trojan horses and killer packets. Unprotected hosts run the risk of being seized by hackers and become part of botnets to launch even more elaborate attacks.
Careful protection of hosts in a network is therefore of paramount importance. Hosts that need not be reachable from the Internet are typically placed in a protected LAN. Hosts with reachability requirements like mail and web servers are placed in a special network zone called DMZ (DeMilitarized Zone).
Firewalls protect the different networks. Firewall functionality ranges from simple port and address filters up to stateful application and deep packet inspection firewalls that provide more protection.
In general, security policies should be as restrictive as reasonable possible. So usually something not explicitly allowed should be classified as forbidden and thus be blocked.
OSINT for Attack and Defense
This document provides an overview of how open-source intelligence (OSINT) techniques can be used both offensively and defensively. It discusses tools like Shodan, Maltego, Google searches, and malware sandboxes that can be leveraged to gather technical information about targets, infrastructure, and indicators of compromise. The document also emphasizes the importance of automation and privacy when conducting OSINT research to enhance attacks or strengthen defenses.
Artificial Intelligence and Machine Learning for Cybersecurity
The talk discusses the application of artificial intelligence and machine learning to enterprise cybersecurity. The topics include self-learning, stochastic cellular automata, adaptive & self-organising systems and recursive Bayesian algorithms. The talk briefly surveys several cybersecurity companies including Darktrace, Logrhythm and Norse Corporation. There is also discussion of the application of AI and neural networks within the Banking sector for "Algorithmic Trading" during the last 10 to 20 years. These techniques are now highly relevant, and even ESSENTIAL, for the provision of real-time enterprise cybersecurity to complement traditional "signature" based anti-virus & firewall based solutions. The talk closes with the presentations for the future of Cybersecurity in 2020, 2025 and 2040 including reference to similar forecasts from both Business & Governments. The talk was given by Dr David Eric Probert at the East-West International Security Conference at the Melia Galgos Hotel in Madrid, Spain on the Tuesday 27th October 2015.
IoT Fundamentals.pdf
This document provides an overview of the book "IoT Fundamentals: Networking Technologies, Protocols, and Use Cases for the Internet of Things" by David Hanes, Gonzalo Salgueiro, Patrick Grossetete, Robert Barton, and Jerome Henry. The book covers core IoT technologies including networking, protocols, and use cases. It is published by Cisco Press and copyrighted in 2017.
Cyber Threat Intelligence.pptx
Cyber threat intelligence aims to help companies understand and address cybersecurity threats. It involves collecting and analyzing information on current and potential cyber attacks from sources like malware analysis and human intelligence. There are three main types of threat intelligence: strategic intelligence for executives, tactical intelligence for IT professionals, and operational intelligence from active attacks. Uncovering threats through cyber threat intelligence can help identify security issues like malware infections and prevent costly data breaches and ransomware attacks. The intelligence gathering process typically involves four phases: planning, data collection, threat analysis, and responding to threats.
Artificial Intelligence and Cybersecurity
AI shows promise to help address challenges in cybersecurity by automating tasks, enhancing human abilities, and detecting complex patterns that humans cannot. However, developing effective AI solutions is difficult and requires expertise in both cybersecurity and data science. When evaluating AI products, organizations should consider factors like data and training requirements, error rates, integration with existing tools and processes, and potential new risks introduced. While AI may help alleviate strain on security teams, its use is still nascent, and human oversight will likely remain important.
Bsides Knoxville - OSINT
This document provides an overview of open source intelligence (OSINT) techniques for pentesters. It defines OSINT as intelligence derived from publicly available online sources and discusses why OSINT is useful for goals like finding usernames, passwords, or locating individuals. It then outlines various sources of online information like search engines, social media, communities, and corporate sites. Finally, it describes tools that can be used to gather OSINT like dig, TheHarvester, and APIs and demonstrates searching techniques through examples.
Data Privatisation, Data Anonymisation, Data Pseudonymisation and Differentia...
This paper describes how technologies such as data pseudonymisation and differential privacy technology enables access to sensitive data and unlocks data opportunities and value while ensuring compliance with data privacy legislation and regulations.
Introduction to penetration testing
Introduction to penetration testing
Summary
What’s Pen-testing ?
Why Perform Pen-testing ?
Pen-testing Methodology.
Real world to Pen-testing
Iot Security
The document discusses Internet of Things (IoT) security challenges and countermeasures. It begins with basics of IoT and sensors, then discusses how IoT connects to the internet. It outlines several approaches to securing IoT, including restricted access, encryption of network and data, managing default APIs, addressing human elements of security, and learning from past exploits. Specific threats like denial of service attacks, man-in-the-middle attacks, and brute force/dictionary attacks are examined. The document concludes that IoT security design must enable open yet secure infrastructure while respecting user privacy through individual policies.
Password craking techniques
The document discusses various techniques for cracking passwords, including dictionary attacks, brute force attacks, and exploiting weaknesses in password hashing algorithms. Default passwords, social engineering through phishing emails, and the use of tools like Cain and Abel, John the Ripper, and THC Hydra are also covered as effective cracking methods. Common password mistakes that can enable cracking are also listed.
Application Security | Application Security Tutorial | Cyber Security Certifi...
This Edureka PPT on "Application Security" will help you understand what application security is and measures taken to improve the security of an application often by finding, fixing and preventing security vulnerabilities.
Following are the topics covered in this PPT:
Introduction to Cybersecurity
What is Application Security?
What is an SQL Injection attack
Demo on SQL Injection
Follow us to never miss an update in the future.
Instagram: https://www.instagram.com/edureka_learning/
Facebook: https://www.facebook.com/edurekaIN/
Twitter: https://twitter.com/edurekain
LinkedIn: https://www.linkedin.com/company/edureka
IT Security
This document discusses computer and internet security. It covers topics like protecting computers and information from unauthorized access, and extending security to systems connected to the internet. It discusses who should be concerned about security, like anyone using computers, mobile devices, the internet, email or social networks. Reasons to care about security include risks of viruses, spyware, phishing scams, and privacy/personal security concerns. It provides basic security tips and guidelines for securing mobile devices, social networks, and protecting location data.
Metasploit framwork
Metasploit framwork is one of the most used framework used for penetration testing. With over 1500+ modules it is the first choice of every pentester.
robust image watermarking
it is used for security purpose using two level dct and wavelet packet denoising .based on digital image processing.the software based on matlab.it is used for high security purpose.
CompTIA Security+ SY0-601 Domain 1
CompTIA Security+ is a worldwide certification that verifies the fundamental skills required to execute basic security activities and build a career in information security. CompTIA Security+ SY0-601 is the latest version of the Security+ certification. The very first security certification that IT professionals can obtain is CompTIA Security+, and it is the best entry-level certification.
https://www.infosectrain.com/blog/comptia-security-sy0-601-domain-1-attacks-threats-and-vulnerabilities/
Threat Intelligence
Threat intelligence is information that informs enterprise defenders of adversarial elements to stop them.
It is information that is relevant to the organization, has business value, and is actionable.
If you having all data and feeds then data alone isn’t intelligence.
#Threat #Intelligence #Forensics #ELK #Forensics #VAPT #SOC #SIEM #Incident #D3pak
Incident Response
The document discusses how to create an effective security response plan to avoid a corporate meltdown. It recommends identifying critical assets and an incident response team with clear roles. The plan should include components like an escalation matrix, formal incident reporting, communication protocols, and regular testing. It emphasizes identifying all response team members, communicating the plan to staff, and updating it over time to address changing security needs and technologies.
What's hot (20)
Artificial Intelligence and Machine Learning for Cybersecurity
Artificial Intelligence and Machine Learning for Cybersecurity
Data Privatisation, Data Anonymisation, Data Pseudonymisation and Differentia...
Data Privatisation, Data Anonymisation, Data Pseudonymisation and Differentia...
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...
Similar to The IoT Attack Surface
Practical IoT Security in the Enterprise
IoT definitions, attack surfaces, and practical guidance on implementing within an enterprise environment.
RSA2015: Securing the Internet of Things
The document discusses Daniel Miessler's presentation on securing the Internet of Things (IoT) using the OWASP IoT Top 10 framework. The presentation covers naming conventions for IoT, a vision of a future with ubiquitous connected objects, current IoT security problems, examples of security failures, and the goals and organization of the OWASP IoT Project for mapping IoT attack surfaces and providing guidance. The framework identifies 10 common risks across IoT interfaces, including insecure web/cloud interfaces, lack of encryption, privacy issues, and insecure software/firmware.
[CB20] Cleaning up the mess: discovery, monitoring, analysis, and notificatio...
Tons of insecure IoT devices are out there and ready to be compromised to join next IoT botnet or misused in even more serious threats. Since many of them are unmanaged, the situation does not seem to improve naturally in a short term. This talk will focus on series of efforts on discovery, monitoring, analysis, and notification of these devices trying to clean up "the mess".
Exfiltrating Data through IoT
IoT offers a plethora of new protocols and frequencies over which communication travels. Protocols and services such as SSDP, P25, Zigbee, Z-Wave, WiFi and more provide countless ways to exfiltrate data or infiltrate the network. Through real-world examples, sample code and demos, presenters will bring to light these threats and new methods for detecting aberrant behavior emanating to/from these devices.
Learning Objectives:
1: Gain a better understanding of the many IoT protocols, frequencies and services.
2: Learn how IoT communications can be exploited to exfiltrate your network.
3: Obtain a list of techniques for detecting these aberrant IoT behaviors.
(Source: RSA Conference USA 2018)
DEF CON 27 - D4KRM4TTER MIKE SPICER - I know what you did last summer
This document provides an overview and background of a wireless security researcher known as the WiFiCactus. It summarizes their interests and work analyzing wireless networks at DEFCON and other conferences over the years, including wardriving experiments and building tools to analyze large datasets captured from wireless monitoring. It also shares some findings from analyzing these datasets, such as visualizing the locations of detected devices and instances where APIs or software leaked private information over wireless networks.
Extending Zeek for ICS Defense
This document discusses extending the network security monitoring capabilities of Zeek to analyze industrial control system (ICS) data. It notes that only 3 out of 72 Zeek analyzers currently support ICS protocols. The document then provides examples of how to create new parsers for Zeek by developing a parser for the EthernetIP/CIP protocol, and describes a lab setup used to test the new parser by capturing attacks against a PLC. It concludes by encouraging contributions of new parsers to Zeek to improve ICS monitoring.
IoTNEXT 2016 - SafeNation Track
Task Force on IoT Security
About CISO Platform
Largest DDOS Attack Against DYN
How can we minimize the risk?
IoT Architectural Layers
Components of an IoT Node
Internet of Things - Privacy and Security issues
Yesterday Pierluigi Paganini, CISO Bit4Id and founder Security Affairs, presented at the ISACA Roma & OWASP Italy conference the state of the art for the Internet of Things paradigm. The presentation highlights the security and privacy issues for the Internet of Things, a technology that is changing user’s perception of the technology.
Rajarshi Gupta at AI Frontiers : Security is AI’s biggest challenge, AI is Se...
The progress of AI in the last decade has seemed almost magical. But we will discuss the unique challenges posed by Security and what makes this domain the biggest challenge for AI. Reporting from the frontlines, we will describe the deployment of large-scale production-grade AI systems to combat security breaches, using lessons learned at Avast from defending over 400 million consumers every single day. Topics will cover the recent AI advancements in file-based anti-malware solutions, behavior-based on-device solutions, and network-based IoT security solutions.
Protecting Financial Networks from Cyber Crime
Financial services organizations are prime targets for cyber criminals. They must take extreme care to protect customer data, while also ensuring high levels of network availability to allow for 24/7 access to critical financial information. Additionally, industry consolidation has created large, heterogeneous network environments within large financial institutions, making it difficult to ensure that networks have the necessary visibility and protection to prevent a devastating security breach. By leveraging NetFlow from existing network infrastructure, financial services organizations can achieve comprehensive visibility across even the largest, most complex networks. The ability to quickly detect a wide range of potentially malicious activity helps prevent damaging data breaches and network disruptions. Attend this informational webinar, conducted by Lancope’s Director of Security Research, Tom Cross, to learn: How NetFlow can help quickly uncover both internal and external threats How pervasive network insight can accelerate incident response and forensic investigations How to substantially decrease enterprise risks
Yi-Lang Tsai - Cyber Security, Threat Hunting and Defence Challenge in Taiwan...
TWCSIRT is a full member of FIRST and mainly focuses on the protection of NARLabs, TANet and TWAREN. We are defense cyber-attack from internet and according to government policy to handling incident every day. I am a research fellow with National Center for High-performance Computing and lead cyber security team to operation security operation center to handling incident in Taiwan Academic Network.
In our research project from government, we are deployed the biggest honeynet in Taiwan and used over 6000 IP address to detection malicious network attack come from internet.
We have published our malware knowledge base to sharing malware samples and reports for many researchers, students, research center and sharing our data set for deep tracking about cyber security.
There are many new types of cyber-attack that’s is include ransomware, website mining, DDoS and hybrid malicious attack.
Main Points:
- What’s TWCSIRT Mission and Scope
- How to coordinate in National level with ISAC, CERT and SOC
- Cyber-attack and threat hunting in Taiwan Academic Network
- How to develop cyber security platform for incident handling
- How to do red team and blue team training by CDX
NXP'S-PORTFOLIO-FOR-ADDRESSING-IOT-SECURITY.pdf
NXP's portfolio addresses IoT security across the entire device lifecycle from edge to cloud. [NXP's portfolio includes] secure elements, microcontrollers, application processors, device management software, and solutions that provide security from device procurement through decommissioning. NXP products offer hardware-protected keys, secure boot, tamper resistance, and cryptographic accelerators to establish trust from the edge to the cloud.
Conférence ARBOR ACSS 2018
This document discusses the growing threat of distributed denial of service (DDoS) attacks and strategies for mitigating them. It notes that DDoS attacks are increasing in size and complexity, often leveraging insecure internet of things (IoT) devices and vulnerable services. The document recommends implementing best practices like blocking spoofed IP addresses to prevent reflection attacks, and filtering known threats and vulnerabilities. It presents Arbor's approach of providing visibility, automation and integration to help secure networks and enable business agility in the face of evolving DDoS threats.
Smau Milano 2015 - Stefano Zanero
The document discusses the security issues surrounding the Internet of Things (IoT). It begins with defining the IoT and what types of connected devices exist. It then outlines some of the major security risks like lack of encryption, weak passwords, and poor access control. A few real-world examples are presented where researchers have found vulnerabilities in smart watches, baby monitors, and home security systems. The future concerns discussed include the rapid growth of IoT devices and complexity of the ecosystem leading to more opportunities for attacks if security is not built into devices from the start. Overall the presentation argues that IoT security is a serious issue and significant work is still needed to avert potential cyber-physical threats involving critical infrastructure and safety systems.
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
This document provides a summary of a presentation given by Michael Coden and Pete MacLeod on October 7, 2014 about scaling industrial control system (ICS) cybersecurity. It discusses conducting an inventory of ICS assets at an oil and gas facility, comparing manual vs automated inventory methods. The presentation aims to illustrate how centralized OT cybersecurity automation can improve security, reduce time/costs for inventory and incident response, and help address skills shortages through centralization.
This is Next-Gen
This document discusses Edwin Hubble and his discoveries at the Mt. Wilson Observatory in the early 20th century. It then summarizes some of the major scientific discoveries of the Hubble Space Telescope since its launch in 1990, including determining the age of the universe and existence of dark energy and exoplanets. The document also outlines Sophos' strategy around next-generation cybersecurity technologies like machine learning and deep learning to more quickly identify unknown threats.
Iot presentation
The Internet of things describes physical objects that are embedded with sensors, processing ability, software, and other technologies that connect and exchange data with other devices and systems over the Internet or other communications networks.
MITRE ATT&CKcon 2.0: The World's Most Dangerous ATT&CKers; Robert Lipovsky, ESET
This document discusses advanced persistent threat (APT) groups and their techniques. It provides two case studies of APT groups, including LoJax and Telebots, outlining their architectures and supply chain attacks. Examples of other techniques used by APT groups are also mentioned, such as the use of TeamViewer for remote access. The document closes with a discussion of the impact of Industroyer malware on industrial control systems.
Internet of things - The Present & The Future
The document provides an overview of the Internet of Things (IoT). It defines IoT as connecting "things" like sensors and devices to the internet. It describes the basic IoT architecture including hardware components like microcontrollers, sensors and connectivity modules. It also discusses software requirements like operating systems, communication protocols and front-end technologies to integrate IoT solutions. Finally, it highlights the growth of IoT and examples of IoT products in different domains like smart homes, fitness and more.
Avast @ Machine Learning
This document discusses Avast's work in securing IoT devices through machine learning. It provides an overview of Avast's operations and size, then discusses the growing number of IoT devices and security challenges in securing them. Avast is developing AI-based protections for IoT by monitoring threats at the network level and plans to release a new product called Avast Smart Life. The workshop agenda covers topics like IoT botnets, device identification, and perceptual phishing detection.
Similar to The IoT Attack Surface (20)
[CB20] Cleaning up the mess: discovery, monitoring, analysis, and notificatio...
[CB20] Cleaning up the mess: discovery, monitoring, analysis, and notificatio...
DEF CON 27 - D4KRM4TTER MIKE SPICER - I know what you did last summer
DEF CON 27 - D4KRM4TTER MIKE SPICER - I know what you did last summer
Rajarshi Gupta at AI Frontiers : Security is AI’s biggest challenge, AI is Se...
Rajarshi Gupta at AI Frontiers : Security is AI’s biggest challenge, AI is Se...
Yi-Lang Tsai - Cyber Security, Threat Hunting and Defence Challenge in Taiwan...
Yi-Lang Tsai - Cyber Security, Threat Hunting and Defence Challenge in Taiwan...
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
MITRE ATT&CKcon 2.0: The World's Most Dangerous ATT&CKers; Robert Lipovsky, ESET
MITRE ATT&CKcon 2.0: The World's Most Dangerous ATT&CKers; Robert Lipovsky, ESET
More from Daniel Miessler
The OWASP Game Security Framework
This document presents the OWASP Game Security Framework, which aims to help the gaming industry understand and address security risks. It provides examples of common in-game exploits like item duplication bugs, lag switching, and hidden content discovery. These are mapped to a semantic structure describing the actor, attack surface, vulnerability exploited, attacker goal, negative outcome, and potential defenses. The framework is intended to help capture game bugs, categorize them, and improve testing methodologies. Users are invited to contribute additional examples to help expand the framework. Future work may include developing a video game security testing methodology and continuing to refine the framework.
The Game Security Framework
A framework for understanding both technical and business information security risks to video games and the video game industry.
Evolution of The Application
How applications are transforming in fundamental ways, from being touch based to being voice and API based.
Implementing Inexpensive Honeytrap Techniques
My talk at the IOActive IOAsis on implementing honeytrap techniques throughout the stack without a budget.
Securing Medical Devices Using Adaptive Testing Methodologies
Daniel Miessler presented on using an adaptive testing methodology to secure medical devices. He discussed that the growing attack surface of medical devices outpaces the maturity of testing procedures. An adaptive methodology tests devices based on their attributes and context to create customized and consumable test plans that reduce tester fatigue. Key takeaways included that visibility of attack surfaces is critical, testing plans should be approachable and modular to avoid being disregarded, and understanding surfaces should occur before buying, installing, or implementing devices.
Peak Prevention: Moving from Prevention to Resilience
Daniel Miessler discusses moving from a prevention-focused approach to security to a resilience-focused approach. He argues that, like "peak oil", our ability to continue growing prevention capabilities has limits and we need to find new ways to reduce the impact of incidents that do occur. Miessler advocates preparing for inevitable risks by making data unusable if stolen, insuring against losses, improving response and recovery, and reducing the value of what attackers can access. The goal is shifting from fully preventing incidents to reducing their impact when they do happen.
Adaptive Testing Methodology [ ATM ]
A web service platform for creating customized testing methodology based on the tech stack of the target, and how much time you have to test.
SecLists @ BlackHat Arsenal 2015
SecLists is a security researcher's companion that provides lists of payloads and common vulnerabilities to integrate with penetration testing tools. It has integrations with Burp, Kali, and other security distributions and tools. Contributors can submit new lists and recommendations through a GitHub repository or pull request. SecLists lists have been attributed to expanding the capabilities of Kali, Burp, ZAP, and more by providing polyglots, magic strings, DOM XSS payloads, dangerous functions, SSRF file handlers, and exploitation scripts.
The Real Internet of Things: How Universal Daemonization Will Change Everything
The document discusses how universal "daemonization" of all physical objects through sensors, personal daemons, and APIs will change everything by connecting all objects and enabling constant customization mediated by personal assistants. It outlines how everything from homes, vehicles, devices, infrastructure and more will broadcast attributes and expose functionality through APIs. However, it raises important questions around privacy, security, ownership and control that will need protocols and policies to address as this "Internet of Things" becomes a reality.
Understanding Cross-site Request Forgery
This document provides an overview of cross-site request forgery (CSRF) attacks. It discusses how CSRF works, forcing victims to perform actions on a website without their knowledge. Common defenses like using nonces or CAPTCHAs are described. The document also covers how to validate if an issue is truly a CSRF vulnerability and lists some example attack vectors. Key takeaways emphasize the importance of validating any potential CSRF issue affects state, is sensitive, and has non-unique requests.
More from Daniel Miessler (10)
Securing Medical Devices Using Adaptive Testing Methodologies
Securing Medical Devices Using Adaptive Testing Methodologies
Peak Prevention: Moving from Prevention to Resilience
Peak Prevention: Moving from Prevention to Resilience
The Real Internet of Things: How Universal Daemonization Will Change Everything
The Real Internet of Things: How Universal Daemonization Will Change Everything
Recently uploaded
Programming Foundation Models with DSPy - Meetup Slides
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Best 20 SEO Techniques To Improve Website Visibility In SERP
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
Azure API Management to expose backend services securely
How to use Azure API Management to expose backend service securely
SAP S/4 HANA sourcing and procurement to Public cloud
SAP S4 HANA to Public cloud data object differences
Main news related to the CCS TSI 2023 (2023/1695)
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
Presentation of the OECD Artificial Intelligence Review of Germany
Consult the full report at https://www.oecd.org/digital/oecd-artificial-intelligence-review-of-germany-609808d6-en.htm
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
This case study explores designing a scalable e-commerce platform, covering key requirements, system components, and best practices.
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Simplify your search for a reliable Python development partner! This list presents the top 10 trusted US providers offering comprehensive Python development services, ensuring your project's success from conception to completion.
Building Production Ready Search Pipelines with Spark and Milvus
Spark is the widely used ETL tool for processing, indexing and ingesting data to serving stack for search. Milvus is the production-ready open-source vector database. In this talk we will show how to use Spark to process unstructured data to extract vector representations, and push the vectors to Milvus vector database for search serving.
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays, June 2024 with Maria Copot 20
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks creates AI-boosted business software that helps employees work more efficiently and effectively. Managing data across multiple RDBMS and NoSQL databases was already a challenge at their current scale. To prepare for 10X growth, they knew it was time to rethink their database strategy. Learn how they architected a solution that would simplify scaling while keeping costs under control.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
HCL Notes and Domino License Cost Reduction in the World of DLAU
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
Generating privacy-protected synthetic data using Secludy and Milvus
During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
Predictive maintenance is a proactive approach that anticipates equipment failures before they happen. At the forefront of this innovative strategy is Artificial Intelligence (AI), which brings unprecedented precision and efficiency. AI in predictive maintenance is transforming industries by reducing downtime, minimizing costs, and enhancing productivity.
Skybuffer SAM4U tool for SAP license adoption
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
Folding is a recent technique for building efficient recursive SNARKs. Several elegant folding protocols have been proposed, such as Nova, Supernova, Hypernova, Protostar, and others. However, all of them rely on an additively homomorphic commitment scheme based on discrete log, and are therefore not post-quantum secure. In this work we present LatticeFold, the first lattice-based folding protocol based on the Module SIS problem. This folding protocol naturally leads to an efficient recursive lattice-based SNARK and an efficient PCD scheme. LatticeFold supports folding low-degree relations, such as R1CS, as well as high-degree relations, such as CCS. The key challenge is to construct a secure folding protocol that works with the Ajtai commitment scheme. The difficulty, is ensuring that extracted witnesses are low norm through many rounds of folding. We present a novel technique using the sumcheck protocol to ensure that extracted witnesses are always low norm no matter how many rounds of folding are used. Our evaluation of the final proof system suggests that it is as performant as Hypernova, while providing post-quantum security.
Paper Link: https://eprint.iacr.org/2024/257
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
A Comprehensive Guide to DeFi Development Services in 2024
DeFi represents a paradigm shift in the financial industry. Instead of relying on traditional, centralized institutions like banks, DeFi leverages blockchain technology to create a decentralized network of financial services. This means that financial transactions can occur directly between parties, without intermediaries, using smart contracts on platforms like Ethereum.
In 2024, we are witnessing an explosion of new DeFi projects and protocols, each pushing the boundaries of what’s possible in finance.
In summary, DeFi in 2024 is not just a trend; it’s a revolution that democratizes finance, enhances security and transparency, and fosters continuous innovation. As we proceed through this presentation, we'll explore the various components and services of DeFi in detail, shedding light on how they are transforming the financial landscape.
At Intelisync, we specialize in providing comprehensive DeFi development services tailored to meet the unique needs of our clients. From smart contract development to dApp creation and security audits, we ensure that your DeFi project is built with innovation, security, and scalability in mind. Trust Intelisync to guide you through the intricate landscape of decentralized finance and unlock the full potential of blockchain technology.
Ready to take your DeFi project to the next level? Partner with Intelisync for expert DeFi development services today!
Recently uploaded (20)
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
Azure API Management to expose backend services securely
Azure API Management to expose backend services securely
SAP S/4 HANA sourcing and procurement to Public cloud
SAP S/4 HANA sourcing and procurement to Public cloud
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
The IoT Attack Surface
- 1. the IoT Attack Surface Daniel Miessler April 2017
- 2. the IoT Attack Surface Daniel Miessler April 2017
- 3. What do? 3
- 4. IoT Security != Device Security 4 What they think it is…
- 5. IoT Security != Device Security 5
- 6. IoT Security != Device Security 6
- 7. IoT Security != Device Security 7
- 9. OWASP IoT Security 9 • Attack surfaces • Vulnerabilities • Medical Devices • Firmware Analysis • IoT Event Logging • ICS / SCADA
- 10. OWASP IoT Security 10 • Ecosystem (general) • Device Memory • Device Physical Interfaces • Device Web Interface • Device Firmware • Device Network Services • Administrative Interface • Local Data Storage • Cloud Web Interface • Third-party Backend APIs • Update Mechanism • Mobile Application • Vendor Backend APIs • Ecosystem Communication • Network Traffic • Privacy • Sensors
- 21. Network Focus 21 What they think it is…
- 22. Network Focus 22 What it actually is…
- 24. Get a Tap 24
- 25. Caparser 25 https://github.com/danielmiessler/Caparser • *Capture all internal traffic from an internal ecosystem • *Exercise the product fully • Break the .pcap into its component parts using tshark • Extract any sensitive content from the .pcap. • Associate the sensitive content with where it’s being sent
- 26. tsharks 26 tshark -r diphone.pcap -q -z conv,ip | awk '{print $3}' | grep "^[0-9]" | sort | uniq | awk '{print $1}'
- 27. tsharks 27 tshark -r diphone.pcap -q -z conv,ip | awk '{print $3}' | grep "^[0-9]" | sort | uniq | awk '{print $1}'
- 29. Caparser Next Steps 29 • Define which IPs are known, and which are not • Identify unknown IPs and call them out specifically if sensitive data is sent to them • Run content through Suricata with Emerging Threats Signatures to see if any rules pop
- 30. Takeaways 30 1. IoT testing is more than just the device.
- 31. Takeaways 31 1. IoT testing is more than just the device. 2. 16 discrete attack surfaces, captured in the OWASP IoT Project.
- 32. Takeaways 32 1. IoT testing is more than just the device. 2. 16 discrete attack surfaces, captured in the OWASP IoT Project. 3. The local network ecosystem is a great one to combine and search for low-hanging fruit.
- 33. Takeaways 33 1. IoT testing is more than just the device. 2. 16 discrete attack surfaces, captured in the OWASP IoT Project. 3. The local network ecosystem is a great one to combine and search for low-hanging fruit. 4. Get a tap and use caparser start doing this with every device you are testing —> instant findings. 🔥
- 34. Thanks & Contact 34 Daniel Miessler IOActive @danielmiessler danielmiessler.com/podcast • https://www.owasp.org/index.php/OWASP_Internet_of_Things_Project • https://www.amazon.com/Dualcomm-DCGS-2005L-1000Base-T- Gigabit-Network/dp/B004EWVFAY • https://github.com/danielmiessler/Caparser