If last year’s presentation on the SANS 20 felt like more of a rant than a practical application of elite IT knowledge, Ian Trump’s technical track presentation is going to unleash GFI MAX as a security dashboard like nothing you have seen.
The Octopi team has leveraged network scanning and event log checks, and Ian takes the GFI MAX dashboard to a whole new level. MSP’s can take his code and research and immediately apply it to their practices to secure their customers from cyber threats. Dehydrated from the summer information security conferences, Ian will give you the threat intel you need to be on the lookout for in the months ahead.
Besides all the GFI MAX goodness, being part of a live demo to find APT, and seeing Ian link Human Rights, Market Research, Ice, Law, Iggy Azalea, War Ferrets, Christian Studies, Event Auditing, Security Tools, Taylor Swift and How we can all fix the cyber problem into one epic presentation – well, you don’t want to miss this.
The rise of a generation of new hackers has propelled a boom in successful cyberattacks and data breaches over the last decade. This generation of "modern adversaries" has caused billions of dollars in damages in the last few years, and both the pace and danger of their attacks continue to grow.
This presentation analyzes modern hacker adversaries: who are they, how are they circumventing traditional security systems, and what can the information security industry do to detect and stop these new threats.
Security weekly september 28 october 4, 2021 Roen Branham
Watch the full episode on Youtube: https://youtu.be/Tl3pVMaCN60
Security weekly september 28 october 4, 2021
We review the Cyber Security news events that happened from September 28 - October 4, 2021.
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron ShrabergCODE BLUE
QQ, a Chinese chat service with hundreds of millions of active monthly users, contains numerous groups discussing hacking and fraud tools and techniques. These groups use a unique language to discuss illicit activities, including a mix of Chinese and English characters, emoticons and memes. Assessing data from hundreds of such groups, this case study aims to discuss insights about the tools and techniques being shared. An examination of file names, the content of some files, and the nature of discussions around sharing of the files sheds light on discussions around illicit online activity, identifying rules of engagement and cultural norms for this unique and relatively closed community of online actors.
Despite its widespread usage within China and its exposure to China's well-documented surveillance apparatus, QQ is still rife with discussions themed around illicit hacking behavior as QQ group members share a large number of fraud tools and techniques. This may suggest some degree of permissiveness or "turning a blind eye" on the part of Chinese authorities—who undoubtedly have an aperture into these group’s chat histories. At the same time, creative jargon and subtle communication about fraud schemes likely makes detection challenging as hacking services, malicious file sharing, and cybercrime remain rampant.
Digital businesses are difficult to launch and run even without the challenge of security. And yet, digital business strategies are also being used by hackers to systematically go after lucrative targets. Following up on our release of the 2015 NTT Group Global Threat Intelligence Report, this executive summary highlights key findings from the report that affect today’s digital businesses.
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...Alisha Deboer
Cyber terrorists are sophisticated, organized and disruptive to your business. How prepared are you? Explore the landscape of malicious actors most likely to strike your business and what you can do about it.
[CB20] It is a World Wide Web, but All Politics is Local: Planning to Survive...CODE BLUE
Since the birth of the World Wide Web in 1989, despite the fact that the key function of the Internet is to communicate, share and distribute information without borders, countries have varied in their understanding and policies on how the Internet should work in their jurisdiction; some have codified laws bolstering Internet sovereignty or built firewalls to control online information flows. At the 25th anniversary of the Internet in 2014, the Pew Research Center invited over 1400 technology industry leaders and academics to reflect on the impact of the Internet over the next ten years. The top Internet threat these experts named was that nation-states could increasingly block, filter, segment and Balkanize the Internet for geopolitical, economic, social and security reasons.
In 2020, six years after that Pew report, amidst a global pandemic, growing populist partisanship in many countries, and heightened geopolitical tensions between the world’s largest economies, the splintering of Internet communities seems even more imminent than before, as governments seek to limit the sometimes harmful power of social media speech and Internet companies' encroachments on personal privacy. Is the global trend towards segmentation and Balkanization of the Internet forthcoming? What are its implications for business operations globally in terms of cost, planning, continuity, and liabilities ? How will cyber threats evolve as businesses adjust their operations to adapt to a more-segmented Internet? This talk will address these issues by identifying and characterizing the evidence of the segmentation and Balkanization of the Internet and by providing broad cyber threat and risk profiles for each region and practical mitigation measures to improve business resilience.
The rise of a generation of new hackers has propelled a boom in successful cyberattacks and data breaches over the last decade. This generation of "modern adversaries" has caused billions of dollars in damages in the last few years, and both the pace and danger of their attacks continue to grow.
This presentation analyzes modern hacker adversaries: who are they, how are they circumventing traditional security systems, and what can the information security industry do to detect and stop these new threats.
Security weekly september 28 october 4, 2021 Roen Branham
Watch the full episode on Youtube: https://youtu.be/Tl3pVMaCN60
Security weekly september 28 october 4, 2021
We review the Cyber Security news events that happened from September 28 - October 4, 2021.
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron ShrabergCODE BLUE
QQ, a Chinese chat service with hundreds of millions of active monthly users, contains numerous groups discussing hacking and fraud tools and techniques. These groups use a unique language to discuss illicit activities, including a mix of Chinese and English characters, emoticons and memes. Assessing data from hundreds of such groups, this case study aims to discuss insights about the tools and techniques being shared. An examination of file names, the content of some files, and the nature of discussions around sharing of the files sheds light on discussions around illicit online activity, identifying rules of engagement and cultural norms for this unique and relatively closed community of online actors.
Despite its widespread usage within China and its exposure to China's well-documented surveillance apparatus, QQ is still rife with discussions themed around illicit hacking behavior as QQ group members share a large number of fraud tools and techniques. This may suggest some degree of permissiveness or "turning a blind eye" on the part of Chinese authorities—who undoubtedly have an aperture into these group’s chat histories. At the same time, creative jargon and subtle communication about fraud schemes likely makes detection challenging as hacking services, malicious file sharing, and cybercrime remain rampant.
Digital businesses are difficult to launch and run even without the challenge of security. And yet, digital business strategies are also being used by hackers to systematically go after lucrative targets. Following up on our release of the 2015 NTT Group Global Threat Intelligence Report, this executive summary highlights key findings from the report that affect today’s digital businesses.
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...Alisha Deboer
Cyber terrorists are sophisticated, organized and disruptive to your business. How prepared are you? Explore the landscape of malicious actors most likely to strike your business and what you can do about it.
[CB20] It is a World Wide Web, but All Politics is Local: Planning to Survive...CODE BLUE
Since the birth of the World Wide Web in 1989, despite the fact that the key function of the Internet is to communicate, share and distribute information without borders, countries have varied in their understanding and policies on how the Internet should work in their jurisdiction; some have codified laws bolstering Internet sovereignty or built firewalls to control online information flows. At the 25th anniversary of the Internet in 2014, the Pew Research Center invited over 1400 technology industry leaders and academics to reflect on the impact of the Internet over the next ten years. The top Internet threat these experts named was that nation-states could increasingly block, filter, segment and Balkanize the Internet for geopolitical, economic, social and security reasons.
In 2020, six years after that Pew report, amidst a global pandemic, growing populist partisanship in many countries, and heightened geopolitical tensions between the world’s largest economies, the splintering of Internet communities seems even more imminent than before, as governments seek to limit the sometimes harmful power of social media speech and Internet companies' encroachments on personal privacy. Is the global trend towards segmentation and Balkanization of the Internet forthcoming? What are its implications for business operations globally in terms of cost, planning, continuity, and liabilities ? How will cyber threats evolve as businesses adjust their operations to adapt to a more-segmented Internet? This talk will address these issues by identifying and characterizing the evidence of the segmentation and Balkanization of the Internet and by providing broad cyber threat and risk profiles for each region and practical mitigation measures to improve business resilience.
Two large corporations have been crippled by recent information security breaches. It may not be hard to quantify the losses in terms of lost revenue and profits but what will be hard to quantify are the losses to reputation. Cited as two of the most damaging cyber-attacks on corporate America, this presentation looks at what went wrong and what could have been done to prevent these situations.
All product and company names mentioned herein are for identification and educational purposes only and are the property of, and may be trademarks of, their respective owners.
Cyberwar, cyberwarfare are on everyone's lips but mean nothing as they are least understood and still need to be defined! Yet we have everyone who means something - standing on the rooftops and rattling their swords. The question is = is India ready - this is explored in the presentation. Indian institutions, cyber practices and the way ahead.
The good, the bad and the ugly of the target data breachUlf Mattsson
The landscape of threats to sensitive data is rapidly changing. New technologies bring with them new vulnerabilities, and organizations like Target are failing to react properly to the shifts around them. What's needed is an approach equal to the persistent, advanced attacks companies face every day. The sooner we start adopting the same proactive thinking hackers are using to get at our data, the better we will be able to protect it.
This webinar will cover:
Data security today, the landscape, etc.
Discuss a few recent studies and changing threat landscape
The Target breach and other recent breaches
The effects of new technologies on breaches
Shifting from reactive to proactive thinking
Preparing for future attacks with new techniques
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...Symantec
Internet Security Threat Report 2014 :: Volume 19 :: Appendices
Hardcore data from Symantec’s Internet Security Threat Report.
Real number crunching on Threat Malicious Code, Fraud & Vulnerability trends including
Threat Activity Trends
• Malicious Activity by Source
• Malicious Web-Based Attack Prevalence
• Analysis of Malicious Web Activity by Attack Toolkits
• Analysis of Web-Based Spyware, Adware, and Potentially Unwanted Programs
• Analysis of Web Policy Risks from Inappropriate Use
• Analysis of Website Categories Exploited to Deliver Malicious Code
• Bot-Infected Computers
• Analysis of Mobile Threats
• Quantified Self – A Path to Self-Enlightenment or Just Another Security Nightmare?
• Data Breaches that could lead to Identity Theft
• Threat of the Insider
• Gaming Attacks
• The New Black Market
Malicious Code Trends
• Top Malicious Code Families
• Analysis of Malicious Code Activity by Geography, Industry Sector, and Company Size
• Propagation Mechanisms
• Email-Targeted Spear-Phishing Attacks Intelligence
Spam and Fraud Activity Trends
• Analysis of Spam Activity Trends
• Analysis of Spam Activity by Geography, Industry Sector, and Company Size
• Analysis of Spam Delivered by Botnets
• Significant Spam Tactics
• Analysis of Spam by Categorization
• Phishing Activity Trends
• Analysis of Phishing Activity by Geography, Industry Sector, and Company Size
• New Spam Trend: BGP Hijacking
Vulnerability Trends
• Total Number of Vulnerabilities
• Zero-Day Vulnerabilities
• Web Browser Vulnerabilities
• Web Browser Plug-in Vulnerabilities
• Web Attack Toolkits SCADA Vulnerabilities
The Internet Is a Dog-Eat-Dog World, and Your App Is Clad in Milk-Bone UnderwearBob Wall
Presentation at the 2016 Big Sky Developers' Conference.
Overview of the dismal state of security on the Web, some suggestions for better app development processes to mitigate problems.
Verizon 2014 data breach investigation report and the target breachUlf Mattsson
The landscape of threats to sensitive data is changing. New technologies bring with them new vulnerabilities, and organizations like Target are failing to adapt to the shifts around them.
What’s needed is an approach equal to the persistent, advanced attacks companies face every day. The sooner we start adopting the same proactive thinking hackers are using to get at our data, the better we will be able to protect it.
In this webinar, Protegrity CTO and data security thought leader Ulf Mattsson integrates new information from the Verizon 2014 Data Breach Investigation Report (DBIR) into his analysis on what is driving data breaches today, and how we can prevent them in the future.
KEY TOPICS INCLUDE:
• The changing threat landscape
• The effects of new technologies on breaches
• Analysis of recent breaches, including Target
• Compliance vs. security
• The importance of shifting from reactive to proactive thinking
• Preparing for future attacks with new technology & techniques
This brief presentation gives you a quick overview on how the Cyber Threat Landscape is shaping up in 2017 for individuals and business owners alike. It puts forth some important trends and predictions.
MAX State of the Nation: Recent and Upcoming Releases - Mark PetrieMAXfocus
Too busy with the day to day running of your business to keep abreast of all our recent releases at GFI MAX? Then this session is for you!
In this session we will recap over some recent GFI MAX releases as well as giving you exclusive insights into upcoming products and feature enhancements on the product roadmap. We'll specifically look at:
•What’s coming soon on the 2014 Product Roadmap and a look ahead to
2015
•Enhancements to the Dashboard, user permissions, security, device
discovery, and more
Two large corporations have been crippled by recent information security breaches. It may not be hard to quantify the losses in terms of lost revenue and profits but what will be hard to quantify are the losses to reputation. Cited as two of the most damaging cyber-attacks on corporate America, this presentation looks at what went wrong and what could have been done to prevent these situations.
All product and company names mentioned herein are for identification and educational purposes only and are the property of, and may be trademarks of, their respective owners.
Cyberwar, cyberwarfare are on everyone's lips but mean nothing as they are least understood and still need to be defined! Yet we have everyone who means something - standing on the rooftops and rattling their swords. The question is = is India ready - this is explored in the presentation. Indian institutions, cyber practices and the way ahead.
The good, the bad and the ugly of the target data breachUlf Mattsson
The landscape of threats to sensitive data is rapidly changing. New technologies bring with them new vulnerabilities, and organizations like Target are failing to react properly to the shifts around them. What's needed is an approach equal to the persistent, advanced attacks companies face every day. The sooner we start adopting the same proactive thinking hackers are using to get at our data, the better we will be able to protect it.
This webinar will cover:
Data security today, the landscape, etc.
Discuss a few recent studies and changing threat landscape
The Target breach and other recent breaches
The effects of new technologies on breaches
Shifting from reactive to proactive thinking
Preparing for future attacks with new techniques
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...Symantec
Internet Security Threat Report 2014 :: Volume 19 :: Appendices
Hardcore data from Symantec’s Internet Security Threat Report.
Real number crunching on Threat Malicious Code, Fraud & Vulnerability trends including
Threat Activity Trends
• Malicious Activity by Source
• Malicious Web-Based Attack Prevalence
• Analysis of Malicious Web Activity by Attack Toolkits
• Analysis of Web-Based Spyware, Adware, and Potentially Unwanted Programs
• Analysis of Web Policy Risks from Inappropriate Use
• Analysis of Website Categories Exploited to Deliver Malicious Code
• Bot-Infected Computers
• Analysis of Mobile Threats
• Quantified Self – A Path to Self-Enlightenment or Just Another Security Nightmare?
• Data Breaches that could lead to Identity Theft
• Threat of the Insider
• Gaming Attacks
• The New Black Market
Malicious Code Trends
• Top Malicious Code Families
• Analysis of Malicious Code Activity by Geography, Industry Sector, and Company Size
• Propagation Mechanisms
• Email-Targeted Spear-Phishing Attacks Intelligence
Spam and Fraud Activity Trends
• Analysis of Spam Activity Trends
• Analysis of Spam Activity by Geography, Industry Sector, and Company Size
• Analysis of Spam Delivered by Botnets
• Significant Spam Tactics
• Analysis of Spam by Categorization
• Phishing Activity Trends
• Analysis of Phishing Activity by Geography, Industry Sector, and Company Size
• New Spam Trend: BGP Hijacking
Vulnerability Trends
• Total Number of Vulnerabilities
• Zero-Day Vulnerabilities
• Web Browser Vulnerabilities
• Web Browser Plug-in Vulnerabilities
• Web Attack Toolkits SCADA Vulnerabilities
The Internet Is a Dog-Eat-Dog World, and Your App Is Clad in Milk-Bone UnderwearBob Wall
Presentation at the 2016 Big Sky Developers' Conference.
Overview of the dismal state of security on the Web, some suggestions for better app development processes to mitigate problems.
Verizon 2014 data breach investigation report and the target breachUlf Mattsson
The landscape of threats to sensitive data is changing. New technologies bring with them new vulnerabilities, and organizations like Target are failing to adapt to the shifts around them.
What’s needed is an approach equal to the persistent, advanced attacks companies face every day. The sooner we start adopting the same proactive thinking hackers are using to get at our data, the better we will be able to protect it.
In this webinar, Protegrity CTO and data security thought leader Ulf Mattsson integrates new information from the Verizon 2014 Data Breach Investigation Report (DBIR) into his analysis on what is driving data breaches today, and how we can prevent them in the future.
KEY TOPICS INCLUDE:
• The changing threat landscape
• The effects of new technologies on breaches
• Analysis of recent breaches, including Target
• Compliance vs. security
• The importance of shifting from reactive to proactive thinking
• Preparing for future attacks with new technology & techniques
This brief presentation gives you a quick overview on how the Cyber Threat Landscape is shaping up in 2017 for individuals and business owners alike. It puts forth some important trends and predictions.
MAX State of the Nation: Recent and Upcoming Releases - Mark PetrieMAXfocus
Too busy with the day to day running of your business to keep abreast of all our recent releases at GFI MAX? Then this session is for you!
In this session we will recap over some recent GFI MAX releases as well as giving you exclusive insights into upcoming products and feature enhancements on the product roadmap. We'll specifically look at:
•What’s coming soon on the 2014 Product Roadmap and a look ahead to
2015
•Enhancements to the Dashboard, user permissions, security, device
discovery, and more
Releases are risky. Often homegrown scripts, manual steps, and runbook orchestrations contribute to the risks involved with application releases.Having a controlled release process can strengthen release management by ensuring quality, reducing manual tasks, deploying applications consistently across environments, and more.Development teams, making the changes to meet customers’ needs, realized that they could not keep up with the increased demand. Many of those teams turned to Agile methodologies. Agile methodologies would help developers create a steady stream of features and solve customer’s problems as they arose. Agile solutions allowed developers to make rapid changes. However, organizations were unable to achieve the full benefit of Agile. Legacy deployment processes delayed the release of the applications because they were built for infrequent releases.
Introduction to SlideShare for BusinessesSlideShare
As the global hub of professional content, SlideShare can help you or your business amplify its reach, get discovered by targeted audiences and capture more professional opportunities. Learn why you should use SlideShare for your business
Today we all live and work in the Internet Century, where technology is roiling the business landscape, and the pace of change is only accelerating.
In their new book How Google Works, Google Executive Chairman and ex-CEO Eric Schmidt and former SVP of Products Jonathan Rosenberg share the lessons they learned over the course of a decade running Google.
Covering topics including corporate culture, strategy, talent, decision-making, communication, innovation, and dealing with disruption, the authors illustrate management maxims with numerous insider anecdotes from Google’s history.
In an era when everything is speeding up, the best way for businesses to succeed is to attract smart-creative people and give them an environment where they can thrive at scale. How Google Works is a new book that explains how to do just that.
This is a visual preview of How Google Works. You can pick up a copy of the book at www.howgoogleworks.net
Presentation by Luc de Graeve at the Gordon institute of business science in 2001.
This presentation is about security in e-commerce and is aimed at making people aware of what hackers do, how they do it and the financial implications of their actions. The presentation begins with a few examples of defaced websites and ends with a discussion on risk and assessment.
2014 GRC Conference in West Palm Beach-Moderated by Sonia LunaAviva Spectrum™
Slides from the 2014 GRC Conference Presented by:
Jeff Spivey, CRISC, CPP
Vice President of Strategy, RiskIQ, Inc.
President, Security Risk Management, Inc
Adair Barton, CPA, CISA
Vice President of Internal Audit
Dycom Industries, Inc.
and
David A. Less, CISA, CISM
CIO & SVP
Sunteck, Inc.
A recent presentation given by us (Cybernetic Global Intelligence) on current trends in Cyber Crime and its effect on companies and law firms in Australia.
Why is cyber security a disruption in the digital economyMark Albala
As we enter the digital economy, companies will quickly realize that the differentiator in the digital economy is information and information being a valuable resource is subject to theft, hacking, phishing and a host of other issues which compromise a company’s ability to participate in the digital economy. Cybersecurity misfires compromise the trust of buyers and partners necessary to participate in the digital economy. It is up to every company to ensure that the information shared with them is protected to the best of their ability and proactively notify persons and organizations who entrust their information necessary to transact business (any personal identity information including but not limited to addresses, credit card information, social security numbers, account information, credit information, medical records, etc.) with any potential compromises which can yield harm to them by that information either being used maliciously or shared with others.
The digital economy is different than other versions of commerce because in the digital economy, information is the lifeblood of digital commerce that passes through the hands of many platforms involved in a digital event. Each of these platforms are an opportunity to wreak havoc on your well-intended but incomplete intents to protect the information contained within the network you control. In the digital economy, it is not only the network you control, but the platforms that touch the personal data entrusted to you as a means of enabling digital commerce, and several techniques have begun to emerge to protect personal information contained within your information domain and the domain of platforms participating in digital commerce.
Because the life blood of the digital economy is information, information hacked in the digital economy is akin to shrinkage in the legacy economy. Both are means to directly attack your bottom line, whether it is redirecting customers elsewhere because they don’t trust your privacy program, ransomware which makes your site or one of your partner platform sites dangerous to use or some other reason which challenges your ability to participate in the digital economy. Shrinking the potential market share because of information safety and security challenges is a disruption, making cyber-security a disruptive activity, particularly if it is not dealt with swiftly.
If your cyber-security program is focused entirely on protecting the information housed in your four walls, you have exposed yourself to problems you will have difficulty in identifying both the source and the entry point of these issues.
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Rishi Singh
Presentation on the 2015-2016 State of Cybersecurity and Third Party Vendor Risk Management, presented by Matt Pascussi and Rishi Singh.
This presentation was sponsored by TekSystems.
Info Session on Cybersecurity & Cybersecurity Study JamsGDSCCVR
In an era where digital threats are ever-evolving, understanding the fundamentals of cybersecurity is crucial.
Highlights of the Event:
💡 Google Cybersecurity Certification Scholarship.
🎭 Cloning and Phishing Demystified
🚨 Unravelling the Depths of Database Breaches
🛡️ Digital safety 101
🧼 Self-Check for Cyber Hygiene
⏺️ Event Details:
Date: 18th December 2023
Time: 6:00 PM to 7:00 PM
Venue: Online
What Makes Web Applications Desirable For HackersJaime Manteiga
For years’ unethical hackers have preferred Web Applications as the favorite pattern of attack. In this webinar, we will take a look inside the mind of an attacker — including uncovering their motivation and hacking techniques. Web Applications become compromised all the time; additionally, organizations seem to be repeating mistakes when it comes to application security. This webinar will serve as a baseline to establish appropriate web information security controls and mitigation strategies by thinking like an unethical hacker.
https://www.venkon.us/
Introduction to the Current Threat LandscapeMelbourne IT
Do you know what threats are lurking in the shadows? Have you been compromised without even knowing about it? Most companies don't even know if their business has been subjected to attacks and even worse, may have lost sensitive data without knowing about it until it’s too late.
The latest vulnerabilities highlight the extent and depth that hackers are adopting to steal your content or destroy trust in your brand. Our industry experts joining us for the presentation have a wealth of experience in robust security strategies and will be discussing the current online threat landscape, the most prominent approaches to security breaches and what you need to consider to protect your online presence from any potential malicious attacks.
About Melbourne IT:
Melbourne IT Enterprise Services designs, builds and operates custom cloud solutions for Australia’s leading enterprises. Its expert staff help enterprises solve business challenges and build cultures that enable organisations to use technology investments efficiently to improve long-term value. With more than 15 years’ experience in delivering managed outcomes to Australian enterprises, Melbourne IT has been long associated with enabling success. Its certified cloud, consulting, and security experts repeatedly deliver results. Many of the brands you already know and trust rely on Melbourne IT. For more information, visit www.melbourneitenterprise.com.au
Data is big, data is valuable and data is trouble. In 2014, the Breach Level Index recorded that over one billion records had been breached, an increase of 78% over 2013. And 2015 is seeing similar levels – the first 2 quarters of the year each seeing a loss of almost 340 million records.
By United Security Providers
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA RegulationPECB
This session discusses the top cyber threats for 2020 world-wide, where our presenters will discuss the top security priorities in their states for cybersecurity, followed by a Q/A session at the end of the presentation.
What topics are hot for Chief Security Officers in 2020? Which cyber threats are demanding the most attention for top government cybersecurity leaders? What projects are the U.S. states of Washington and Illinois applying resources to address security priorities? Where next with privacy legislation and implementation of regulations likes the California Consumer Privacy Act (CCPA)?
The webinar covers:
• Top security predictions for 2020 from global security vendors – along with CISO reactions and feedback
• Security trends (in specific areas such as ransomware) seen at the end of 2019 and in the first weeks of 2020
• CISO project priorities from Washington State and the State of Illinois
• Panel discussion of privacy actions and CCPA implementation nationwide
Date: February 19, 2019
Recorded webinar: https://youtu.be/QN35YHEA_4E
Delivering Security Within the MAX Remote Management Platform - Todd HaughlandMAXfocus
Security is every customers top concern and can be a real worry for MSPs - unless they use the MAX RemoteManagement Platform of course.
Here we’ll look at how to provide the most comprehensive and robust security solution for your customers covering all aspect of security from Web Protection and Antivirus to Server and Workstation Monitoring and of course Patch Management.
Soon you’ll stop worrying about security on each and every device you manage - and start to relax while MAX takes care of the work for you.
For this we’ll look at:
•Web Protection
•Managed Antivirus
•Hacker Checks
•Patching Deployments.
Maximise Your Reputation in the Marketplace Jason KingMAXfocus
One of the biggest factors in determining how your target market perceives your business relates to the performance of your salespeople.
In this session we will discuss:
How to maintain existing business relationships so that your clients ignore approaches from your competitors
How to effectively prospect for new business without having to cold call
How to prepare and present compelling business proposals (not quotes)
Improvements in these key areas will significantly improve your reputation in the marketplace.
Consolidating your Services Portfolio with GFI MAX - Jason Parsons and Steve ...MAXfocus
Wyvern Business Systems had a problem. They were billing their clients for support monthly, antivirus quarterly, spam protection yearly. The invoices coming in from various suppliers weren’t much clearer. Engineers didn’t know which clients were using what services from which supplier. Accounts didn’t know which supplier invoices should go against which customer revenue. The poor clients were being flooded with invoices. What a mess.
In response, over the past two years, Wyvern have gone through the process of consolidating and improving their service portfolio using GFI MAX. The outcome of this has been beneficial to both the business and their clients.
Wyvern can now offer enhanced, cost-effective solutions to their customers. The business has also been able to simplify their internal practices and have benefited from all the features of MAX, from effortless cloud based management to clear costs and billing.
Jason and Steve from Wyvern would like to share this experience with other GFI MAX customers, of which they are sure have had or are going through similar scenarios.
Managed Services in 2014: Pricing and Positioning - Dave SobelMAXfocus
Managed Services in 2014 has grown and changed. Cloud and mobility change the model from strictly device management to a complex eco-system of management. Through analysis of the latest market data, Dave Sobel, GFI MAX’s Director of Partner Community, will show proven techniques for building a pipeline of interested customers ready to invest in their IT and deliver annuity revenue at higher margin. Discussion will include go-to-market techniques and pricing models for a variety of managed services, from traditional to backup to mobile.
Delivering Security with the MAX RemoteManagement Platform - Paul FenwickMAXfocus
Security is every customers top concern and can be a real worry for MSPs - unless they use the MAX RemoteManagement Platform of course.
Here we’ll look at how to provide the most comprehensive and robust security solution for your customers covering all aspect of security from Web Protection and Antivirus to Server and Workstation Monitoring and of course Patch Management.
Soon you’ll stop worrying about security on each and every device you manage - and start to relax while MAX takes care of the work for you.
For this we’ll look at:
Web Protection
Managed Antivirus
Hacker Checks
Patching Deployments.
Scripting and Automation within the MAX Platform Ernest ByrdMAXfocus
Enhance what the GFI MAX RemoteManagement Dashboard can do with user-defined custom scripts or through our built in library, allowing you to monitor VMWare host server health, exchange store size and queue length. Create your own scripts, or use those generously shared by industry peers on our designated FixitScripts website.
In this session we will cover:
•Building Scripts
•Using Scripts in the Library
•Script Types
•Using “Ones from the Internet”
Lessons from the Trenches Selling and Marketing Best Practices Terry HeddenMAXfocus
Would you like to grow your managed IT services business revenue over 35,000% in 6 years? If so, this session is for you! A 12 year veteran that leveraged bootstrap marketing to build his Managed IT service business shares his ‘secret sauce’ to building his business to help you grow yours. This session focuses on practical, cost-effective, high impact marketing programs and sales strategies designed to quickly identify and CLOSE a steady stream of Managed IT and Cloud clients. His program is applicable to firms of all sizes looking to grow cloud and managed services-oriented recurring revenue.
Recruit & Retain Top Talent - Michael SchmditmannMAXfocus
Breakout 1.1 - Room 1: Recruit & Retain Top Talent - Gain a Competitive Advantage - Michael S.
Hiring great salespeople and engineers has always been a challenge. As you migrate to new business models for cloud and services sales, it might be even harder to find employees with the needed skills.
This session will show you how to hire and retain game-changing talent.
•Attract Quality Candidates
•How to Screen Effectively
•Avoid Critical Hiring Mistakes
Once hired, are your employees set to succeed? Do they have an exciting career path that incents them to improve their skills and value to your organization?
Hiring and retaining multi-million dollar salespeople and great engineers is simple but not easy. Learn the winning formula in this fast-paced, entertaining session.
This session is led by John Gaillard and Mike Schmidtmann, who work with Solution Providers across the country to grow their businesses and improve profits.
Getting from $400k to $4m - the Four Biggest Operational Challenges - Gordan TanMAXfocus
Everyone knows it takes a lot of blood, sweat and tears to grow a managed service business and some are more successful than others. Gordon Tan, owner of R & G Technologies and founder of Client Heartbeat knows this more than most having grown his business from a one man operator, to a four million dollar IT services business. In this not to be missed session, he shares real world insights and practical examples into his four biggest operational challenges over the course of this growth and how he overcame them.
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisGlobus
JASMIN is the UK’s high-performance data analysis platform for environmental science, operated by STFC on behalf of the UK Natural Environment Research Council (NERC). In addition to its role in hosting the CEDA Archive (NERC’s long-term repository for climate, atmospheric science & Earth observation data in the UK), JASMIN provides a collaborative platform to a community of around 2,000 scientists in the UK and beyond, providing nearly 400 environmental science projects with working space, compute resources and tools to facilitate their work. High-performance data transfer into and out of JASMIN has always been a key feature, with many scientists bringing model outputs from supercomputers elsewhere in the UK, to analyse against observational or other model data in the CEDA Archive. A growing number of JASMIN users are now realising the benefits of using the Globus service to provide reliable and efficient data movement and other tasks in this and other contexts. Further use cases involve long-distance (intercontinental) transfers to and from JASMIN, and collecting results from a mobile atmospheric radar system, pushing data to JASMIN via a lightweight Globus deployment. We provide details of how Globus fits into our current infrastructure, our experience of the recent migration to GCSv5.4, and of our interest in developing use of the wider ecosystem of Globus services for the benefit of our user community.
Why React Native as a Strategic Advantage for Startup Innovation.pdfayushiqss
Do you know that React Native is being increasingly adopted by startups as well as big companies in the mobile app development industry? Big names like Facebook, Instagram, and Pinterest have already integrated this robust open-source framework.
In fact, according to a report by Statista, the number of React Native developers has been steadily increasing over the years, reaching an estimated 1.9 million by the end of 2024. This means that the demand for this framework in the job market has been growing making it a valuable skill.
But what makes React Native so popular for mobile application development? It offers excellent cross-platform capabilities among other benefits. This way, with React Native, developers can write code once and run it on both iOS and Android devices thus saving time and resources leading to shorter development cycles hence faster time-to-market for your app.
Let’s take the example of a startup, which wanted to release their app on both iOS and Android at once. Through the use of React Native they managed to create an app and bring it into the market within a very short period. This helped them gain an advantage over their competitors because they had access to a large user base who were able to generate revenue quickly for them.
top nidhi software solution freedownloadvrstrong314
This presentation emphasizes the importance of data security and legal compliance for Nidhi companies in India. It highlights how online Nidhi software solutions, like Vector Nidhi Software, offer advanced features tailored to these needs. Key aspects include encryption, access controls, and audit trails to ensure data security. The software complies with regulatory guidelines from the MCA and RBI and adheres to Nidhi Rules, 2014. With customizable, user-friendly interfaces and real-time features, these Nidhi software solutions enhance efficiency, support growth, and provide exceptional member services. The presentation concludes with contact information for further inquiries.
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamtakuyayamamoto1800
In this slide, we show the simulation example and the way to compile this solver.
In this solver, the Helmholtz equation can be solved by helmholtzFoam. Also, the Helmholtz equation with uniformly dispersed bubbles can be simulated by helmholtzBubbleFoam.
How to Position Your Globus Data Portal for Success Ten Good PracticesGlobus
Science gateways allow science and engineering communities to access shared data, software, computing services, and instruments. Science gateways have gained a lot of traction in the last twenty years, as evidenced by projects such as the Science Gateways Community Institute (SGCI) and the Center of Excellence on Science Gateways (SGX3) in the US, The Australian Research Data Commons (ARDC) and its platforms in Australia, and the projects around Virtual Research Environments in Europe. A few mature frameworks have evolved with their different strengths and foci and have been taken up by a larger community such as the Globus Data Portal, Hubzero, Tapis, and Galaxy. However, even when gateways are built on successful frameworks, they continue to face the challenges of ongoing maintenance costs and how to meet the ever-expanding needs of the community they serve with enhanced features. It is not uncommon that gateways with compelling use cases are nonetheless unable to get past the prototype phase and become a full production service, or if they do, they don't survive more than a couple of years. While there is no guaranteed pathway to success, it seems likely that for any gateway there is a need for a strong community and/or solid funding streams to create and sustain its success. With over twenty years of examples to draw from, this presentation goes into detail for ten factors common to successful and enduring gateways that effectively serve as best practices for any new or developing gateway.
How Does XfilesPro Ensure Security While Sharing Documents in Salesforce?XfilesPro
Worried about document security while sharing them in Salesforce? Fret no more! Here are the top-notch security standards XfilesPro upholds to ensure strong security for your Salesforce documents while sharing with internal or external people.
To learn more, read the blog: https://www.xfilespro.com/how-does-xfilespro-make-document-sharing-secure-and-seamless-in-salesforce/
SOCRadar Research Team: Latest Activities of IntelBrokerSOCRadar
The European Union Agency for Law Enforcement Cooperation (Europol) has suffered an alleged data breach after a notorious threat actor claimed to have exfiltrated data from its systems. Infamous data leaker IntelBroker posted on the even more infamous BreachForums hacking forum, saying that Europol suffered a data breach this month.
The alleged breach affected Europol agencies CCSE, EC3, Europol Platform for Experts, Law Enforcement Forum, and SIRIUS. Infiltration of these entities can disrupt ongoing investigations and compromise sensitive intelligence shared among international law enforcement agencies.
However, this is neither the first nor the last activity of IntekBroker. We have compiled for you what happened in the last few days. To track such hacker activities on dark web sources like hacker forums, private Telegram channels, and other hidden platforms where cyber threats often originate, you can check SOCRadar’s Dark Web News.
Stay Informed on Threat Actors’ Activity on the Dark Web with SOCRadar!
Experience our free, in-depth three-part Tendenci Platform Corporate Membership Management workshop series! In Session 1 on May 14th, 2024, we began with an Introduction and Setup, mastering the configuration of your Corporate Membership Module settings to establish membership types, applications, and more. Then, on May 16th, 2024, in Session 2, we focused on binding individual members to a Corporate Membership and Corporate Reps, teaching you how to add individual members and assign Corporate Representatives to manage dues, renewals, and associated members. Finally, on May 28th, 2024, in Session 3, we covered questions and concerns, addressing any queries or issues you may have.
For more Tendenci AMS events, check out www.tendenci.com/events
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Globus
Large Language Models (LLMs) are currently the center of attention in the tech world, particularly for their potential to advance research. In this presentation, we'll explore a straightforward and effective method for quickly initiating inference runs on supercomputers using the vLLM tool with Globus Compute, specifically on the Polaris system at ALCF. We'll begin by briefly discussing the popularity and applications of LLMs in various fields. Following this, we will introduce the vLLM tool, and explain how it integrates with Globus Compute to efficiently manage LLM operations on Polaris. Attendees will learn the practical aspects of setting up and remotely triggering LLMs from local machines, focusing on ease of use and efficiency. This talk is ideal for researchers and practitioners looking to leverage the power of LLMs in their work, offering a clear guide to harnessing supercomputing resources for quick and effective LLM inference.
Your Digital Assistant.
Making complex approach simple. Straightforward process saves time. No more waiting to connect with people that matter to you. Safety first is not a cliché - Securely protect information in cloud storage to prevent any third party from accessing data.
Would you rather make your visitors feel burdened by making them wait? Or choose VizMan for a stress-free experience? VizMan is an automated visitor management system that works for any industries not limited to factories, societies, government institutes, and warehouses. A new age contactless way of logging information of visitors, employees, packages, and vehicles. VizMan is a digital logbook so it deters unnecessary use of paper or space since there is no requirement of bundles of registers that is left to collect dust in a corner of a room. Visitor’s essential details, helps in scheduling meetings for visitors and employees, and assists in supervising the attendance of the employees. With VizMan, visitors don’t need to wait for hours in long queues. VizMan handles visitors with the value they deserve because we know time is important to you.
Feasible Features
One Subscription, Four Modules – Admin, Employee, Receptionist, and Gatekeeper ensures confidentiality and prevents data from being manipulated
User Friendly – can be easily used on Android, iOS, and Web Interface
Multiple Accessibility – Log in through any device from any place at any time
One app for all industries – a Visitor Management System that works for any organisation.
Stress-free Sign-up
Visitor is registered and checked-in by the Receptionist
Host gets a notification, where they opt to Approve the meeting
Host notifies the Receptionist of the end of the meeting
Visitor is checked-out by the Receptionist
Host enters notes and remarks of the meeting
Customizable Components
Scheduling Meetings – Host can invite visitors for meetings and also approve, reject and reschedule meetings
Single/Bulk invites – Invitations can be sent individually to a visitor or collectively to many visitors
VIP Visitors – Additional security of data for VIP visitors to avoid misuse of information
Courier Management – Keeps a check on deliveries like commodities being delivered in and out of establishments
Alerts & Notifications – Get notified on SMS, email, and application
Parking Management – Manage availability of parking space
Individual log-in – Every user has their own log-in id
Visitor/Meeting Analytics – Evaluate notes and remarks of the meeting stored in the system
Visitor Management System is a secure and user friendly database manager that records, filters, tracks the visitors to your organization.
"Secure Your Premises with VizMan (VMS) – Get It Now"
Enhancing Research Orchestration Capabilities at ORNL.pdfGlobus
Cross-facility research orchestration comes with ever-changing constraints regarding the availability and suitability of various compute and data resources. In short, a flexible data and processing fabric is needed to enable the dynamic redirection of data and compute tasks throughout the lifecycle of an experiment. In this talk, we illustrate how we easily leveraged Globus services to instrument the ACE research testbed at the Oak Ridge Leadership Computing Facility with flexible data and task orchestration capabilities.
Developing Distributed High-performance Computing Capabilities of an Open Sci...Globus
COVID-19 had an unprecedented impact on scientific collaboration. The pandemic and its broad response from the scientific community has forged new relationships among public health practitioners, mathematical modelers, and scientific computing specialists, while revealing critical gaps in exploiting advanced computing systems to support urgent decision making. Informed by our team’s work in applying high-performance computing in support of public health decision makers during the COVID-19 pandemic, we present how Globus technologies are enabling the development of an open science platform for robust epidemic analysis, with the goal of collaborative, secure, distributed, on-demand, and fast time-to-solution analyses to support public health.
Designing for Privacy in Amazon Web ServicesKrzysztofKkol1
Data privacy is one of the most critical issues that businesses face. This presentation shares insights on the principles and best practices for ensuring the resilience and security of your workload.
Drawing on a real-life project from the HR industry, the various challenges will be demonstrated: data protection, self-healing, business continuity, security, and transparency of data processing. This systematized approach allowed to create a secure AWS cloud infrastructure that not only met strict compliance rules but also exceeded the client's expectations.
Accelerate Enterprise Software Engineering with PlatformlessWSO2
Key takeaways:
Challenges of building platforms and the benefits of platformless.
Key principles of platformless, including API-first, cloud-native middleware, platform engineering, and developer experience.
How Choreo enables the platformless experience.
How key concepts like application architecture, domain-driven design, zero trust, and cell-based architecture are inherently a part of Choreo.
Demo of an end-to-end app built and deployed on Choreo.
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns
Unlocking Business Potential: Tailored Technology Solutions by Prosigns
Discover how Prosigns, a leading technology solutions provider, partners with businesses to drive innovation and success. Our presentation showcases our comprehensive range of services, including custom software development, web and mobile app development, AI & ML solutions, blockchain integration, DevOps services, and Microsoft Dynamics 365 support.
Custom Software Development: Prosigns specializes in creating bespoke software solutions that cater to your unique business needs. Our team of experts works closely with you to understand your requirements and deliver tailor-made software that enhances efficiency and drives growth.
Web and Mobile App Development: From responsive websites to intuitive mobile applications, Prosigns develops cutting-edge solutions that engage users and deliver seamless experiences across devices.
AI & ML Solutions: Harnessing the power of Artificial Intelligence and Machine Learning, Prosigns provides smart solutions that automate processes, provide valuable insights, and drive informed decision-making.
Blockchain Integration: Prosigns offers comprehensive blockchain solutions, including development, integration, and consulting services, enabling businesses to leverage blockchain technology for enhanced security, transparency, and efficiency.
DevOps Services: Prosigns' DevOps services streamline development and operations processes, ensuring faster and more reliable software delivery through automation and continuous integration.
Microsoft Dynamics 365 Support: Prosigns provides comprehensive support and maintenance services for Microsoft Dynamics 365, ensuring your system is always up-to-date, secure, and running smoothly.
Learn how our collaborative approach and dedication to excellence help businesses achieve their goals and stay ahead in today's digital landscape. From concept to deployment, Prosigns is your trusted partner for transforming ideas into reality and unlocking the full potential of your business.
Join us on a journey of innovation and growth. Let's partner for success with Prosigns.
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus
As part of the DOE Integrated Research Infrastructure (IRI) program, NERSC at Lawrence Berkeley National Lab and ALCF at Argonne National Lab are working closely with General Atomics on accelerating the computing requirements of the DIII-D experiment. As part of the work the team is investigating ways to speedup the time to solution for many different parts of the DIII-D workflow including how they run jobs on HPC systems. One of these routes is looking at Globus Compute as a way to replace the current method for managing tasks and we describe a brief proof of concept showing how Globus Compute could help to schedule jobs and be a tool to connect compute at different facilities.
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTier1 app
Even though at surface level ‘java.lang.OutOfMemoryError’ appears as one single error; underlyingly there are 9 types of OutOfMemoryError. Each type of OutOfMemoryError has different causes, diagnosis approaches and solutions. This session equips you with the knowledge, tools, and techniques needed to troubleshoot and conquer OutOfMemoryError in all its forms, ensuring smoother, more efficient Java applications.
1. FIND ALL THE BAD THINGS
PV Setup Documentation
1) Hotel Internet comes into the WAN port of the Router. It should receive a
dynamic address.
2) Eth3 on the Router runs to Eth0 (Management Port) on the Packet Viper.
3) Eth4 on the Router runs to Eth2 (Bridge Port) on the Packet Viper.
4) Eth3 (Bridge Port) on the Packet Viper runs to the Access Point.
5) Users can connect to the WAP and the PV should report their traffic.
SSID: VIPER_DEMO
Password: There is none
PV Management Address: 10.0.0.5
http://10.0.0.5:47880
OR
https://10.0.0.5:47881
Username: Octopi
Password: Vampire9731!
Router Management Address: 10.0.0.1
Username: Octopi
Password: Vampire9731!
AP Management Address: 10.0.0.20
Username: Octopi
Password: Vampire9731!
Countries that are blocked by the PV:
Russia, China, Mongolia, Ukraine, Antarctica, and Kazakhstan.
Examples of websites that are blocked:
news.cn mail.ru
2. GFI MAX TAKES ON SECURITY & WINS!
Presented By: Ian Trump
9 September 2014
SSID: VIPER_DEMO Orlando, Florida
4. Introduction:
Consultant with 17 years of experience in IT security and information technology
Project work for global companies has helped them secure their enterprise networks from current and
future cyber attacks. Security blogger, cyber security educator for the Canadian Armed Forces
Board member of (IC)2 and editorial review board member for The EDP Audit, Control, and Security
Newsletter
1989 to 1992, Canadian Forces (CF), Military Intelligence Branch
2002 to 2007, CF Military Police Reserves
2007 to 2013, Retired from CF Public Affairs
Lead Architect for Canadian Cyber Defence Challenge
Pen Test Team Leader, COBIT Auditor, Drinking Buddy
SELF IMPORTANT BLOW HARD, WHERE IS YOUR BOOK?
“I have a dysfunctional relationship
with many things, including the
Internet. The Internet appears to
be both the source of criminal and
foreign intelligence service attacks
and the repository of information
on how to detect and mitigate
those attacks.” – Ian Trump, 2014
5. AGENDA
1. Intro Stuff
2. CMHR Stuff
3. DEFCON 2014 Stuff
4. FUN FACT Stuff
5. SECURITY MARKET Stuff
6. THROAT PUNCH Stuff
7. EPIC PAWNAGE Stuff
8. HACKED PC Stuff
9. CANADIAN THREAT LANDSCAPE Stuff
10. CASE STUDY 1 Stuff
11. GFI MAX PEN TEST W/NMAP Stuff
12. WHO DAT? WHO DAT? G-F-F-I
13. CASE STUDY 2 Stuff
14. GFI MAX IDS Stuff
15. PACKET VIPER & TOOL Stuff
16. TAYLOR SWIFT & FUTURE Stuff
17. FIX THE Stuff
18. TIP YOUR WAITRES & TRY THE VEAL Stuff
THE ONLY COOL THING SO FAR WAS THE LAST SLIDE
6. "In Pennsylvania if
the Chinese or
Russians hack
you, you try to put
them in Jail.
In Canada, if the
Chinese hack you,
you apologize for
having poor
security.” – Ian
Trump, 2014
SOME PEOPLE DON’T LIKE US CANADIANS VERY MUCH
7. DEFCON 2014.
- America Reboots!
- Digital Pearl Harbour Cyber Apocalypse Mythology
- Do Research that Matters
- Were Going to Hack both the System and the Technology
- Learn to speak “Cyber”
- Economic Loss in IT = Jobs
- Customers are demanding privacy!
- American Companies have noticed
- Words are Important.
DRINK ALL THE THINGS HACK ALL THE THINGS #Liverdamage
8. Fun Facts
- Cost of Cyber Crime and Cyber Espionage in US $100 Billion per year.
- Cost of Cyber Crime and Cyber Espionage world wide is $425 Billion per
year.
Advanced Persistent Threat (APT):
- Coordinated cyber activities of criminals and state level entities
- Objective of stealing information, compromising information systems
- Criminal organizations monetise all aspects of illicit access
- Foreign Intelligence Services gather Intellectual Property
- APT tries to stay embedded for as long as possible
- APT generally only resorts to destruction upon detection
SOMETIMES YOUR USERS ARE THE APT
9. Your Customer Pain is My Security Business Gain
Managed Security Services Market (CPE, Cloud/Hosted and Hybrid) – Global
Industry Analysis, Size, Share, Growth, Trends, and Forecast, 2013–2019
Managed security services market could be worth more than $24 billion by
2019, up from roughly $9 billion in 2012.
Researchers also predicted the managed security services market will expand
at a compound annual growth rate (CAGR) of 15.4 percent between 2013 and
2019.
DO NOT ASK ABOUT SQL INJECTION ATTACKS
10. Gartner Report 2014:
- Security spending gets boost from mobile, social and cloud
- Worldwide spending will increase by almost 8 percent this year
- Worldwide spending on information security will top US$71 billion this year, an
increase of 7. % over 2013
- Data loss prevention segment recording the fastest growth at 18.9 percent
- In 2015, roughly 10 percent of overall IT security enterprise capabilities will be
delivered as a cloud service
- Small and medium sized companies will rely on hosted security services to an
even greater extent
- Unfortunately, many organizations continue to lack staff with the appropriate
security skills. To keep up with hackers, more than half of organizations will by
2018 rely on security services firms that specialize in data protection, risk and
infrastructure management
GET DRUNK @ BLACKHAT WITH CUTE GARTNER ANALYST
11. Disposing of Counterarguments
It’s all hype and scaremongering!
• 15 Aug 2012, “Cutting Sword of Justice” launches cyber attack on Saudi Aramco estimated 30,000
workstations are infected
• The virus erased data on three-quarters of Aramco’s corporate PCs — documents, spreadsheets, e-mails,
files — replacing all of it with an image of a burning American flag
• $630 Million estimated loss
Hacking has been around for years, IT did not collapse!
• Acts of vandalism have evolved
• The intent now is to steal, demolish or in some other way monetize a specific organizations’ data
We are not important enough to attract an attack!
• True - for an organization that has no employees, no customers, no trade secrets and no money
• Everyone else is a target
Nothing can be done!
• Make the attack difficult
• Use risk analysis to protect the most important assets
• Accept the fact IT security is a enterprise wide responsibility
SAND + HEAD = HEAD IN SAND
12. 2014 Year of Epic Carnage due to Pwnage
EBay this year’s biggest hack so far.
In May, eBay revealed that hackers
had managed to steal personal
records of 233 million users.
Montana State Health Department
revealed that a data breach may have
affected more than 1 million people.
The hack actually happened in July
last year, but it wasn’t discovered until
May this year, with the identity of the
intruders, and the extent of the
damage done, still unclear.
I WANT ALL THE DATA
P. F Chang, The chain restaurant
suffered a huge data breach last
month that compromised
customer payment information.
Thousands of newly stolen credit
and debit cards went up for sale
online on June 9th.
Evernote was taken down
with a Distributed Denial of
Service (DDoS)
Domino’s Pizza
Hacking group Rex Mundi held
Domino’s Pizza to ransom over
600,000 Belgian and French
customer records.
Being firmly in the
cross-hairs of a
computer hacker
helped put a bullet
into Target's fourth
quarter net earnings
which fell almost 46
percent due to an
estimated $450 million
lost when hackers
stole data from
millions of Target
customers.
CodeSpaces.com closed its doors 19
Jun 2014, following a security breach
that began with a distributed denial-of-service
(DDoS) attack, and ended 12
hours later after an attempt to extort
money from the company.
14. Canadian Cyber Crime Threat Landscape
The number of C&C servers on Canadian soil increased 83% and moved Canada to the
number eight spot on the current 2013 global cybercrime list.
Canada is currently fourth on the global cybercrime list for hosted phishing sites.
Foreign cybercriminals are setting up virtual bases in Canada to command espionage attacks.
Canada hosted the third largest volume of servers communicating with the type of highly
sophisticated malware responsible for stealing valuable corporate data.
OVH Canada – DEFCON IP, DNS, ASN (BGP) & Sub Domains 512K Old Router Limit
A NEW LOW BAR IN BUSINESS ETHICS = HOSTING COMPANIES
Dedicated Infrastructure for your
Cyber Crime Business
15. Case Study: Rolling Into Broken
470 End Points, 40 Servers, 80 POS in US and Canada, 300+ Employees,
1000’s of Customers
Targeted Phishing Email from similar domain “arctiicglacier.ca” <- Threat Track FTW
Managed Anti-Virus(MAV)
- Remotely uninstall the current Anti-Virus, old Team Viewer and install our GFI agent. MAV
started finding multiple infections across their network.
- Symantec Enterprise End Point Sucks. <- US CERT Says so too!
Monitoring Installation Templates
- Using the install template settings , we created a custom template to install specific checks
and services.
- Performance issues identified, expired user id’s for services “Blame GFI”
THEY MAKE ICE FROM A SECRET RECIPE
16. Case Study: Rolling Into Broken
One-Click installer
- Manual – sucks for large #, Good for punishing staff/interns/new guy
- Group policy MSI – AD seems broken most of the time
- One-click installer – Scheduled task Using a batch script and admin
cred’s
Team Viewer Licensing
- Old Team Viewer Installs - DIAF
MAV Dies
- Occasionally malware nuked MAV.
- Developed a script to manually update the MAV definitions.
- Downloaded Malware Bytes - just like everyone else does.
SO, INTELLECTUAL PROPERTY THEFT IS UNLIKELY
17. Case Study: Rolling Into Broken
@echo ON
IF exist c:windowsMAX.txt exit ELSE (
rem cd ~
rem cd C:Program Files (x86)Advanced Monitoring Agent
rem call unins000.exe /SILENT
rem cd ..
rem RD /S /Q "C:Program Files (x86)Advanced Monitoring Agent”
rem pause
rem wmic product where name="Advanced Monitoring Agent GP" call uninstall /NOINTERACTIVE
rem pause
wmic product where name="Symantec Endpoint Protection" call uninstall /NOINTERACTIVE
rem pause
wmic product where name="TeamViewer 7 Host (MSI Wrapper)" call uninstall /NOINTERACTIVE
rem pause
rem call agi-corp-dc-s-1NETLOGONauto.exe
wmic product call install true, "" , "agi-corp-dc-s-
1NETLOGONAGENT_AG_WPG_SCRIPT_INST_V9_4_0_GPagent.msi" /NOINTERACTIVE
cd ~
cd C:
echo SEP uninstall, TV7 uninstall, Max install > c:windowsMAX.txt
rem pause
rem shutdown /r /f
)
18. Security At Law Firms
Two Octo - Customers
- Obsessed with confidentiality
- Law firms have security requirements (Law Society, State Bar, etc.)
- GFI Managed Online backup (MOB)
- Try to remove Internet facing unencrypted services!
Proprietary Software (Java applet) #justsaynotojava
One piece of software that the business regularly uses ex. “Land Titles”
GFI Patch Management has to ignore java updates through patch manager
Desktop & Server Security
MAV
Web Content Filtering not just for workstations
Regular Pen Test and IDS Customization with Dash Board Alerts
Q: HOW DO YOU SAVE A DROWING INFO SEC PROFESSIONAL? A: TAKE YOUR FOOT OFF HIS HEAD
19. Use Case: Web Content Filtering
Lawyers do a lot of research
- Research on the web is dangerous
- Downloading Torrents is dangerous
- PDF’s and pictures of Cats are the heralds of the apocalypse & they ride upon the
world wide web.
DATE TOTAL REQUESTS MALICIOUS SITE REQUESTS BLOCKED REQUESTS
12-Aug-2014 44 0 0
11-Aug-2014 320 0 0
07-Aug-2014 27 0 0
06-Aug-2014 1557 35 38
05-Aug-2014 38 0 0
04-Aug-2014 32 0 0
03-Aug-2014 33 0 0
02-Aug-2014 32 0 0
01-Aug-2014 31 0 0
31-Jul-2014 232 0 0
30-Jul-2014 3257 1518 1518
29-Jul-2014 1144 1 7
28-Jul-2014 98 0 0
27-Jul-2014 101 0 0
26-Jul-2014 92 0 0
TOTAL 7038 1554 1563
FILTER ALL THE THINGS
20. Auto Nmap Pen Test
Used to flag changes in ports on your customers IPs
- The Windows Task Scheduler set to run
- An NMAP script to check for differences in the ports and to create
- Windows Event Log entries. By throwing up flags in your application
- GFI to do a DSC of your Event Logs and notify you when the suspect IDs
How is the NMAP Script setup?
- When the scan runs it has two different outputs old scan and the new
scan.
- After the scan is completed, the script will compare the two files and look
for new ports.
- If any changes have been found, an Event will be created (Different
Event ID for each client), and GFI MAX will notify you of this change.
VNC & RDP OPEN TO THE INTERNET = PWNAGE
21. Code Stuff
Automating a Pen Test with Nmap (Nmap_scan.bat)
cd c:program files (x86)nmapoctopitech_scans
call "c:program files (x86)nmapoctopitech_scansportscan.bat”
call "c:program files (x86)nmapoctopitech_scanscomparescan.bat”
set /p var=< scan_log.txt
if defined var (eventcreate /l application /t warning /id 501 /d "nmap port scanning
found new open ports") else (echo no new open ports found)
Port_scan.bat
d c:program files (x86)nmapoctopitech_scans
del old_nmap_scan.xml
rename new_nmap_scan.xml old_nmap_scan.xml
nmap -p- -oX new_nmap_scan.xml -iL Target_IP.txt
NMAP MAY TELL YOU YOUR STUPID
22. Comparescan.bat
cd c:program files (x86)nmapoctopitech_scans
ndiff old_nmap_scan.xml new_nmap_scan.xml > compare_scan.txt
find /v "+" compare_scan.txt | find "open" > scan_log.txt
Notes:
Target_IP.txt <-Put in all your external Customer IP Addresses
Ron’s Violent Nmap for Pen Testers
Nmap TCP & UDP (this is slow - up to 24 hours)
./nmap -PN -oA output/companyname --open --log-errors -p- -d2
--min-parallelism=16 --min-hostgroup=16 -T4 -sT -iL hosts.txt
--script=reverse-index
./nmap -PN -oA output/companyname --log-errors --open -p- -d2
--min-parallelism=16 --min-hostgroup=16 -T4 -sU -iL hosts.txt
Nmap Detailed scan, fairly safe:
./nmap -sTU -PN -oA output/companyname --open --log-errors -p[list
open ports here] -d2 --min-parallelism=16 --min-hostgroup=16 -T4 -sT
-iL ipaddresses.txt --script="safe or default"
BREAK ALL THE THINGS
Nmap Detailed scan, this can break
stuff
./nmap -sTU -PN -oA output/companyname --open --
log-errors -p[list
open ports here] -d2 --min-parallelism=16 --min-hostgroup=
16 -T4 -sT
-iL hosts.txt --script="all and not broadcast and not
*fuzz* and not
*slow* and not *brute* and not *qscan* and not
http-unsafe-output-escaping and not http-stored-xss"
23. Scan All The Things = Security Win!
- Scan AG 80+ addresses and find out what
ports and associated services were open
- Relayed that information back to the client
and made them aware of the situation
- Remediated and provided guidance on ACL’s
for Firewall configuration
- Automated monitoring of clients Internet
facing IPs for newly closed or opened ports
Note: Be sure to use the Daily Safety Check as
opposed the 24x7 check. This way you will have
more time to see the errors on the dashboard.
FIREWALLS ARE LIKE 6 YEAR OLDS THEY NEED RULES
24. Epic War Ferrets in Battle Wagon!
BREAK TIME
"Who Dat? Who Dat? G-F-F-I”
https://www.youtube.com/watch?v=bHr7itw
VsMc
25. Case Study 2: Center for Christian Studies
- IT Jenga, pulling one block can cause the whole thing to collapse.
- Reconnaissance is key
- Deploy GFI agent, you can see exactly what is going on (shit show)
- Nmap the Internal and external network
- Use your Brain! (Layer 0 and Layer 1 Problems)
- Use Wifi Explorer to manage channels!
Deploy GFI MAX
- Server was completely bogged down
- 2008 SBS is the Devil!
- XP Workstations were missing hundreds of patches
- Open ports on the Internet!
Architect Solutions
- Office 365 (Remove SharePoint & Exchange from Server)
- Server AD, DNS, DHCP (Remove WSUS & SQL from Server)
- QNAP NAS (Integrate AD File Shares)
- UPS All the things!
- Get authorised! (ISP, Printer Lease Company, Etc.)
- MOB (Off Site Backup), Web Content Filter (Especially on the Server)
THERE IS BROKEN & THEN THERE IS SUPER BROKEN
26. Case Study 2: Securing The Network
- No open unencrypted ports
- Keep Patched and Updated
- No Local Admin Permissions
- Monitor all the things! (SNMP, Ping, Services (Internal and External))
- Event Log Checks & Count all the things!
@echo on
del old_dll_count.txt
del old_exe_count.txt
rem pause
rename dll_count.txt old_dll_count.txt
rename exe_count.txt old_exe_count.txt
rem pause
dir c: /s /b | find /c /i ".dll" > dll_count.txt
dir c: /s /b | find /c /i ".exe" > exe_count.txt
rem pause
set /p OldDllCount= < old_dll_count.txt
set /p NewDllCount= < dll_count.txt
set /p OldExeCount= < old_exe_count.txt
set /p NewExeCount= < exe_count.txt
rem pause
if %NewDllCount% NEQ %OldDllCount% (eventcreate /l APPLICATION /t WARNING /id 510 /d "New Dynamic Link Library
found!”)
if %NewExeCount% NEQ %OldExeCount% (eventcreate /l APPLICATION /t WARNING /id 511 /d "New Executible found!”)
rem pause
EXTRA DLL’s & EXE’s ARE NOT COOL
27. Count All The Things!
[Redacted] as the example.
- Summary file shows where the change happened in the old file; in this case
there where new executable was added between “Rental Unit Condition
Report.exe.doc” and “Autorun.exe”.
"28/08/2014 0:00:57.16"
Comparing files old_exe_total.txt and EXE_TOTAL.TXT
***** old_exe_total.txt
52: c:DataSharedNancy- Blank DocumentsRE DeptRental UnitsRental
Unit Conditon Report.exe.doc
53: c:maximizerSvrShareUtilitiesMax12_EntreAutorun.exe
***** EXE_TOTAL.TXT
52: c:DataSharedNancy- Blank DocumentsRE DeptRental UnitsRental
Unit Conditon Report.exe.doc
53: c:DataUsersjenniferjre-7u40-windows-i586.exe
54: c:maximizerSvrShareUtilitiesMax12_EntreAutorun.exe
*****
EASY THING TO CHECK BRAH
28. Building an IDS out of GFI MAX
- It takes some effort to build all the event log checks
- 2003 OS, 2008 OS and 2008 R2 OS generate different event code codes
AUDIT ALL THE THINGS!
<- Setup Account Lockout
Pro Tip: Make sure your Logs
Are set to Overwrite as
Required.
<- Setup Audit Policy
29. Building an IDS out of GFI MAX for Windows Server 2003
2003 Server Security Event Reference Guide:
http://technet.microsoft.com/library/cc163121.aspx#EKH
517 The audit log was cleared.
520 The system time was changed.
529 Logon failure. A logon attempt was made with an unknown user name or a known user name with a bad password.
530 Logon failure. A logon attempt was made outside the allowed time.
531 Logon failure. A logon attempt was made using a disabled account.
532 Logon failure. A logon attempt was made using an expired account.
533 Logon failure. A logon attempt was made by a user who is not allowed to log on at the specified computer.
534 Logon failure. The user attempted to log on with a password type that is not allowed.
535 Logon failure. The password for the specified account has expired.
536 Logon failure. The Net Logon service is not active.
537 Logon failure. The logon attempt failed for other reasons.
539 Logon failure. The account was locked out at the time the logon attempt was made.
550 Notification message that could indicate a possible denial-of-service (DoS) attack.
552 A user successfully logged on to a computer with explicit credentials while already logged on as a different user.
630 A user account was deleted.
634 A global group was deleted.
638 A local group was deleted.
643 A domain policy was modified.
644 A user account was automatically locked.
647 A computer account was deleted.
653 A security-disabled global group was created.
655 A member was added to a security-disabled global group.
663 A security-disabled universal group was created.
665 A member was added to a security-disabled universal group.
685 Name of an account was changed.
EVENT LOG 666 BEAST ATTACK DETECTED #airguitar!
30. Building an IDS out of GFI MAX for Windows Server 2008 R2
& Windows 7
2008 R2 & Windows 7 Server Security Event Reference Guide:
https://support.microsoft.com/kb/977519/en-us
5144 A network share object was deleted. 4954 Group Policy settings for Windows Firewall were changed, and the new settings were applied.
5143 A network share object was modified. 4950 A Windows Firewall setting was changed.
5142 A network share object was added. 4948 A change was made to the Windows Firewall exception list. A rule was deleted.
5141 A directory service object was deleted. 4947 A change was made to the Windows Firewall exception list. A rule was modified.
5035 The Windows Firewall Driver failed to start. 4946 A change was made to the Windows Firewall exception list. A rule was added.
5034 The Windows Firewall Driver was stopped. 4780 The ACL was set on accounts which are members of administrators groups.
5025 The Windows Firewall service was stopped. 4761 A member was added to a security-disabled universal group.
4801 The workstation was unlocked. 4751 A member was added to a security-disabled global group.
4800 The workstation was locked. 4746 A member was added to a security-disabled local group.
4781 The name of an account was changed: 4724 An attempt was made to reset an account's password.
4767 A user account was unlocked. 4723 An attempt was made to change an account's password.
4759 A security-disabled universal group was created. 4648 A logon was attempted using explicit credentials.
4749 A security-disabled global group was created. 4719 System audit policy was changed.
4744 A security-disabled local group was created. 4707 A trust to a domain was removed.
4743 A computer account was deleted. 4706 A new trust was created to a domain.
4741 A computer account was created. 4702 A scheduled task was updated.
4740 A user account was locked out. 4698 A scheduled task was created.
4738 A user account was changed. 4649 A replay attack was detected.
4726 A user account was deleted. 4625 An account failed to log on.
4725 A user account was disabled. 4616 The system time was changed.
4722 A user account was enabled. 4720 A user account was created.
EVENT 1337 CULT OF THE DEAD COW PWNS YOU
31. PACKET VIPER DEMO
- PacketViper is a bi-directional, Point and Click, Intelligent Geo IP Threat Prevention
& Detection Filter.
- Geo-IP filtering allows your network to choose places in the world from which it will
accept or deny network traffic.
- Kelsey Lucas email: kelsey.lucas@packetviper.com
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing
tool for finding vulnerabilities in web applications. It is designed to be used
by people with a wide range of security experience and as such is ideal for
developers and functional testers who are new to penetration testing.
“Simply the best open-source application vulnerability scanner”
“There is no right and wrong. There's only fun and boring.” – The Plague
32. Security Tools for the #hardcore
http://www.informatica64.com/forensicfoca/
FOCA (Fingerprinting Organizations with Collected Archives)
Downloads all documents that have been posted on a Web site
Extracts the metadata, or the information generated about the document itself.
Can reveal who created the document, e-mail address, internal IP, Latitude and
Longitude of images, (Internet Protocol) addresses and much more.
Vulnerability scanning for auditors and security analysts. Nessus features
high-speed asset discovery, patch and configuration auditing, asset
profiling, sensitive data discovery, patch management integration, multi-scanner
control and vulnerability analysis.
“Kid, don't threaten me. There are worse things than death, and uh, I can do all of them.” – The Plague
33. @Pontobunce
You know when your boyfriend
figures out he screwed up and
then he does something really
nice to make up for it?
Windows 9.
@SwiftOnSecurity
Cloud-based systems utilized by all types of hostile forces
Large scale DDOS Attacks upwards of 100GB/Sec +
Critical infrastructure attacks/ POS infrastructure Attacks
Exploitation of world events to amplify kinetic effects
IPV6, Cellular, Wireless and 64 Bit malware Advanced
Persistent Threats
Cross-platform attacks combining mobile devices with
traditional infrastructure targets
New nation states and organizations developing offensive
cyber warfare capability
Reduction in kill chain exposure
Advanced malware frameworks which perform
reconnaissance, exploitation, exfiltration and data
destruction attacks TAYLOR SWIFT INFO SEC THOUGHT LEADER using plug-in modules – Flame, Duque
34. …and the winner for biggest APT to US Interests is: US Justice Department
Microsoft was ordered on July 31 to comply with a U.S. Department of Justice
warrant to produce emails stored at the company's data center in Ireland.
Potentially sets a precedent: Any company with operations in the United States
must comply with valid warrants for data, even if the content is stored overseas.
FedEx has possession, custody or control of millions of packages every day, but
the US government cannot force FedEx to turn over any of those packages with
a subpoena. In order to seize a package in the US, the government needs a
warrant. And even with a warrant, the government has no power to force FedEx
to turn over packages that are outside the US.
The U.S. Department of Homeland Security on July 5 arrested Roman
Valerevich Seleznev, the son of a Russian lawmaker, for what it said were crimes
carried out from 2009 to 2011. Roman Seleznev was apprehended in an airport
in the Maldives 8 July 2014, the Russian Foreign Ministry said.
THE LONG LONG LONG ARM OF ‘MERICA
35. CDC & HACKERSPACES ARE LIKE BATMAN
Create, educate and mentor emerging cyber defense talent.
Provide resources and ethical guidance.
Teach responsible disclosure of vulnerabilities.
Provide expert level resources and collective learning opportunities.
Facilitate hands on learning with virtual environments.
Break things and learn to fix them.
Network in both senses of the word.
LIKE A FAT VERSION OF BATMAN
36. THANK YOU
Contact Information:
SALES / sales@octopitech.com
“IPV 6 will
revolutionize how we
communicate with the
“Internet of Things”
like your fridge, car
and maybe a toaster
oven because some
jackass, somewhere
decided that putting a
web server into a
toaster oven was a
good idea.” - Ian
Trump, 2014
Special Thanks:
@MisterPhisch, @NullStream, @SpasticRobot, @Phoul @5683Monkey,
@Straithe, @Nateloaf, & Oli
YOU DON’T HAVE TO GO HOME, BUT YOU CANT STAY HERE