Year of pawnage - Ian trump

FIND ALL THE BAD THINGS
PV Setup Documentation
1) Hotel Internet comes into the WAN port of the Router. It should receive a
dynamic address.
2) Eth3 on the Router runs to Eth0 (Management Port) on the Packet Viper.
3) Eth4 on the Router runs to Eth2 (Bridge Port) on the Packet Viper.
4) Eth3 (Bridge Port) on the Packet Viper runs to the Access Point.
5) Users can connect to the WAP and the PV should report their traffic.
SSID: VIPER_DEMO
Password: There is none
PV Management Address: 10.0.0.5
http://10.0.0.5:47880
OR
https://10.0.0.5:47881
Username: Octopi
Password: Vampire9731!
Router Management Address: 10.0.0.1
Username: Octopi
AP Management Address: 10.0.0.20
Username: Octopi
Countries that are blocked by the PV:
Russia, China, Mongolia, Ukraine, Antarctica, and Kazakhstan.
Examples of websites that are blocked:
news.cn mail.ru

GFI MAX TAKES ON SECURITY & WINS!
Presented By: Ian Trump
9 September 2014
SSID: VIPER_DEMO Orlando, Florida

INTRODUCTION
A Little Bit About Us

Introduction:
Consultant with 17 years of experience in IT security and information technology
Project work for global companies has helped them secure their enterprise networks from current and
future cyber attacks. Security blogger, cyber security educator for the Canadian Armed Forces
Board member of (IC)2 and editorial review board member for The EDP Audit, Control, and Security
Newsletter
1989 to 1992, Canadian Forces (CF), Military Intelligence Branch
2002 to 2007, CF Military Police Reserves
2007 to 2013, Retired from CF Public Affairs
Lead Architect for Canadian Cyber Defence Challenge
Pen Test Team Leader, COBIT Auditor, Drinking Buddy
SELF IMPORTANT BLOW HARD, WHERE IS YOUR BOOK?
“I have a dysfunctional relationship
with many things, including the
Internet. The Internet appears to
be both the source of criminal and
foreign intelligence service attacks
and the repository of information
on how to detect and mitigate
those attacks.” – Ian Trump, 2014

AGENDA
1. Intro Stuff
2. CMHR Stuff
3. DEFCON 2014 Stuff
4. FUN FACT Stuff
5. SECURITY MARKET Stuff
6. THROAT PUNCH Stuff
7. EPIC PAWNAGE Stuff
8. HACKED PC Stuff
9. CANADIAN THREAT LANDSCAPE Stuff
10. CASE STUDY 1 Stuff
11. GFI MAX PEN TEST W/NMAP Stuff
12. WHO DAT? WHO DAT? G-F-F-I
13. CASE STUDY 2 Stuff
14. GFI MAX IDS Stuff
15. PACKET VIPER & TOOL Stuff
16. TAYLOR SWIFT & FUTURE Stuff
17. FIX THE Stuff
18. TIP YOUR WAITRES & TRY THE VEAL Stuff
THE ONLY COOL THING SO FAR WAS THE LAST SLIDE

"In Pennsylvania if
the Chinese or
Russians hack
you, you try to put
them in Jail.
In Canada, if the
Chinese hack you,
you apologize for
having poor
security.” – Ian
Trump, 2014
SOME PEOPLE DON’T LIKE US CANADIANS VERY MUCH

DEFCON 2014.
- America Reboots!
- Digital Pearl Harbour Cyber Apocalypse Mythology
- Do Research that Matters
- Were Going to Hack both the System and the Technology
- Learn to speak “Cyber”
- Economic Loss in IT = Jobs
- Customers are demanding privacy!
- American Companies have noticed
- Words are Important.
DRINK ALL THE THINGS HACK ALL THE THINGS #Liverdamage

Fun Facts
- Cost of Cyber Crime and Cyber Espionage in US $100 Billion per year.
- Cost of Cyber Crime and Cyber Espionage world wide is $425 Billion per
year.
Advanced Persistent Threat (APT):
- Coordinated cyber activities of criminals and state level entities
- Objective of stealing information, compromising information systems
- Criminal organizations monetise all aspects of illicit access
- Foreign Intelligence Services gather Intellectual Property
- APT tries to stay embedded for as long as possible
- APT generally only resorts to destruction upon detection
SOMETIMES YOUR USERS ARE THE APT

Your Customer Pain is My Security Business Gain
Managed Security Services Market (CPE, Cloud/Hosted and Hybrid) – Global
Industry Analysis, Size, Share, Growth, Trends, and Forecast, 2013–2019
Managed security services market could be worth more than $24 billion by
2019, up from roughly $9 billion in 2012.
Researchers also predicted the managed security services market will expand
at a compound annual growth rate (CAGR) of 15.4 percent between 2013 and
2019.
DO NOT ASK ABOUT SQL INJECTION ATTACKS

Gartner Report 2014:
- Security spending gets boost from mobile, social and cloud
- Worldwide spending will increase by almost 8 percent this year
- Worldwide spending on information security will top US$71 billion this year, an
increase of 7. % over 2013
- Data loss prevention segment recording the fastest growth at 18.9 percent
- In 2015, roughly 10 percent of overall IT security enterprise capabilities will be
delivered as a cloud service
- Small and medium sized companies will rely on hosted security services to an
even greater extent
- Unfortunately, many organizations continue to lack staff with the appropriate
security skills. To keep up with hackers, more than half of organizations will by
2018 rely on security services firms that specialize in data protection, risk and
infrastructure management
GET DRUNK @ BLACKHAT WITH CUTE GARTNER ANALYST

Disposing of Counterarguments
It’s all hype and scaremongering!
• 15 Aug 2012, “Cutting Sword of Justice” launches cyber attack on Saudi Aramco estimated 30,000
workstations are infected
• The virus erased data on three-quarters of Aramco’s corporate PCs — documents, spreadsheets, e-mails,
files — replacing all of it with an image of a burning American flag
• $630 Million estimated loss
Hacking has been around for years, IT did not collapse!
• Acts of vandalism have evolved
• The intent now is to steal, demolish or in some other way monetize a specific organizations’ data
We are not important enough to attract an attack!
• True - for an organization that has no employees, no customers, no trade secrets and no money
• Everyone else is a target
Nothing can be done!
• Make the attack difficult
• Use risk analysis to protect the most important assets
• Accept the fact IT security is a enterprise wide responsibility
SAND + HEAD = HEAD IN SAND

2014 Year of Epic Carnage due to Pwnage
EBay this year’s biggest hack so far.
In May, eBay revealed that hackers
had managed to steal personal
records of 233 million users.
Montana State Health Department
revealed that a data breach may have
affected more than 1 million people.
The hack actually happened in July
last year, but it wasn’t discovered until
May this year, with the identity of the
intruders, and the extent of the
damage done, still unclear.
I WANT ALL THE DATA
P. F Chang, The chain restaurant
suffered a huge data breach last
month that compromised
customer payment information.
Thousands of newly stolen credit
and debit cards went up for sale
online on June 9th.
Evernote was taken down
with a Distributed Denial of
Service (DDoS)
Domino’s Pizza
Hacking group Rex Mundi held
Domino’s Pizza to ransom over
600,000 Belgian and French
customer records.
Being firmly in the
cross-hairs of a
computer hacker
helped put a bullet
into Target's fourth
quarter net earnings
which fell almost 46
percent due to an
estimated $450 million
lost when hackers
stole data from
millions of Target
customers.
CodeSpaces.com closed its doors 19
Jun 2014, following a security breach
that began with a distributed denial-of-service
(DDoS) attack, and ended 12
hours later after an attempt to extort
money from the company.

MY OTHER COMPUTER IS YOUR WORK COMPUTER

Canadian Cyber Crime Threat Landscape
The number of C&C servers on Canadian soil increased 83% and moved Canada to the
number eight spot on the current 2013 global cybercrime list.
Canada is currently fourth on the global cybercrime list for hosted phishing sites.
Foreign cybercriminals are setting up virtual bases in Canada to command espionage attacks.
Canada hosted the third largest volume of servers communicating with the type of highly
sophisticated malware responsible for stealing valuable corporate data.
OVH Canada – DEFCON IP, DNS, ASN (BGP) & Sub Domains 512K Old Router Limit
A NEW LOW BAR IN BUSINESS ETHICS = HOSTING COMPANIES
Dedicated Infrastructure for your
Cyber Crime Business

Case Study: Rolling Into Broken
470 End Points, 40 Servers, 80 POS in US and Canada, 300+ Employees,
1000’s of Customers
Targeted Phishing Email from similar domain “arctiicglacier.ca” <- Threat Track FTW
Managed Anti-Virus(MAV)
- Remotely uninstall the current Anti-Virus, old Team Viewer and install our GFI agent. MAV
started finding multiple infections across their network.
- Symantec Enterprise End Point Sucks. <- US CERT Says so too!
Monitoring Installation Templates
- Using the install template settings , we created a custom template to install specific checks
and services.
- Performance issues identified, expired user id’s for services “Blame GFI”
THEY MAKE ICE FROM A SECRET RECIPE

One-Click installer
- Manual – sucks for large #, Good for punishing staff/interns/new guy
- Group policy MSI – AD seems broken most of the time
- One-click installer – Scheduled task Using a batch script and admin
cred’s
Team Viewer Licensing
- Old Team Viewer Installs - DIAF
MAV Dies
- Occasionally malware nuked MAV.
- Developed a script to manually update the MAV definitions.
- Downloaded Malware Bytes - just like everyone else does.
SO, INTELLECTUAL PROPERTY THEFT IS UNLIKELY

@echo ON
IF exist c:windowsMAX.txt exit ELSE (
rem cd ~
rem cd C:Program Files (x86)Advanced Monitoring Agent
rem call unins000.exe /SILENT
rem cd ..
rem RD /S /Q "C:Program Files (x86)Advanced Monitoring Agent”
rem pause
rem wmic product where name="Advanced Monitoring Agent GP" call uninstall /NOINTERACTIVE
rem pause
wmic product where name="Symantec Endpoint Protection" call uninstall /NOINTERACTIVE
rem pause
wmic product where name="TeamViewer 7 Host (MSI Wrapper)" call uninstall /NOINTERACTIVE
rem pause
rem call agi-corp-dc-s-1NETLOGONauto.exe
wmic product call install true, "" , "agi-corp-dc-s-
1NETLOGONAGENT_AG_WPG_SCRIPT_INST_V9_4_0_GPagent.msi" /NOINTERACTIVE
cd ~
cd C:
echo SEP uninstall, TV7 uninstall, Max install > c:windowsMAX.txt
rem pause
rem shutdown /r /f
)

Security At Law Firms
Two Octo - Customers
- Obsessed with confidentiality
- Law firms have security requirements (Law Society, State Bar, etc.)
- GFI Managed Online backup (MOB)
- Try to remove Internet facing unencrypted services!
Proprietary Software (Java applet) #justsaynotojava
One piece of software that the business regularly uses ex. “Land Titles”
GFI Patch Management has to ignore java updates through patch manager
Desktop & Server Security
MAV
Web Content Filtering not just for workstations
Regular Pen Test and IDS Customization with Dash Board Alerts
Q: HOW DO YOU SAVE A DROWING INFO SEC PROFESSIONAL? A: TAKE YOUR FOOT OFF HIS HEAD

Use Case: Web Content Filtering
Lawyers do a lot of research
- Research on the web is dangerous
- Downloading Torrents is dangerous
- PDF’s and pictures of Cats are the heralds of the apocalypse & they ride upon the
world wide web.
DATE TOTAL REQUESTS MALICIOUS SITE REQUESTS BLOCKED REQUESTS
12-Aug-2014 44 0 0
11-Aug-2014 320 0 0
07-Aug-2014 27 0 0
06-Aug-2014 1557 35 38
05-Aug-2014 38 0 0
04-Aug-2014 32 0 0
03-Aug-2014 33 0 0
02-Aug-2014 32 0 0
01-Aug-2014 31 0 0
31-Jul-2014 232 0 0
30-Jul-2014 3257 1518 1518
29-Jul-2014 1144 1 7
28-Jul-2014 98 0 0
27-Jul-2014 101 0 0
26-Jul-2014 92 0 0
TOTAL 7038 1554 1563
FILTER ALL THE THINGS

Auto Nmap Pen Test
Used to flag changes in ports on your customers IPs
- The Windows Task Scheduler set to run
- An NMAP script to check for differences in the ports and to create
- Windows Event Log entries. By throwing up flags in your application
- GFI to do a DSC of your Event Logs and notify you when the suspect IDs
How is the NMAP Script setup?
- When the scan runs it has two different outputs old scan and the new
scan.
- After the scan is completed, the script will compare the two files and look
for new ports.
- If any changes have been found, an Event will be created (Different
Event ID for each client), and GFI MAX will notify you of this change.
VNC & RDP OPEN TO THE INTERNET = PWNAGE

Code Stuff
Automating a Pen Test with Nmap (Nmap_scan.bat)
cd c:program files (x86)nmapoctopitech_scans
call "c:program files (x86)nmapoctopitech_scansportscan.bat”
call "c:program files (x86)nmapoctopitech_scanscomparescan.bat”
set /p var=< scan_log.txt
if defined var (eventcreate /l application /t warning /id 501 /d "nmap port scanning
found new open ports") else (echo no new open ports found)
Port_scan.bat
d c:program files (x86)nmapoctopitech_scans
del old_nmap_scan.xml
rename new_nmap_scan.xml old_nmap_scan.xml
nmap -p- -oX new_nmap_scan.xml -iL Target_IP.txt
NMAP MAY TELL YOU YOUR STUPID

Comparescan.bat
cd c:program files (x86)nmapoctopitech_scans
ndiff old_nmap_scan.xml new_nmap_scan.xml > compare_scan.txt
find /v "+" compare_scan.txt | find "open" > scan_log.txt
Notes:
Target_IP.txt <-Put in all your external Customer IP Addresses
Ron’s Violent Nmap for Pen Testers
Nmap TCP & UDP (this is slow - up to 24 hours)
./nmap -PN -oA output/companyname --open --log-errors -p- -d2
--min-parallelism=16 --min-hostgroup=16 -T4 -sT -iL hosts.txt
--script=reverse-index
./nmap -PN -oA output/companyname --log-errors --open -p- -d2
--min-parallelism=16 --min-hostgroup=16 -T4 -sU -iL hosts.txt
Nmap Detailed scan, fairly safe:
./nmap -sTU -PN -oA output/companyname --open --log-errors -p[list
open ports here] -d2 --min-parallelism=16 --min-hostgroup=16 -T4 -sT
-iL ipaddresses.txt --script="safe or default"
BREAK ALL THE THINGS
Nmap Detailed scan, this can break
stuff
./nmap -sTU -PN -oA output/companyname --open --
log-errors -p[list
open ports here] -d2 --min-parallelism=16 --min-hostgroup=
16 -T4 -sT
-iL hosts.txt --script="all and not broadcast and not
*fuzz* and not
*slow* and not *brute* and not *qscan* and not
http-unsafe-output-escaping and not http-stored-xss"

Scan All The Things = Security Win!
- Scan AG 80+ addresses and find out what
ports and associated services were open
- Relayed that information back to the client
and made them aware of the situation
- Remediated and provided guidance on ACL’s
for Firewall configuration
- Automated monitoring of clients Internet
facing IPs for newly closed or opened ports
Note: Be sure to use the Daily Safety Check as
opposed the 24x7 check. This way you will have
more time to see the errors on the dashboard.
FIREWALLS ARE LIKE 6 YEAR OLDS THEY NEED RULES

Epic War Ferrets in Battle Wagon!
BREAK TIME
"Who Dat? Who Dat? G-F-F-I”
https://www.youtube.com/watch?v=bHr7itw
VsMc

Case Study 2: Center for Christian Studies
- IT Jenga, pulling one block can cause the whole thing to collapse.
- Reconnaissance is key
- Deploy GFI agent, you can see exactly what is going on (shit show)
- Nmap the Internal and external network
- Use your Brain! (Layer 0 and Layer 1 Problems)
- Use Wifi Explorer to manage channels!
Deploy GFI MAX
- Server was completely bogged down
- 2008 SBS is the Devil!
- XP Workstations were missing hundreds of patches
- Open ports on the Internet!
Architect Solutions
- Office 365 (Remove SharePoint & Exchange from Server)
- Server AD, DNS, DHCP (Remove WSUS & SQL from Server)
- QNAP NAS (Integrate AD File Shares)
- UPS All the things!
- Get authorised! (ISP, Printer Lease Company, Etc.)
- MOB (Off Site Backup), Web Content Filter (Especially on the Server)
THERE IS BROKEN & THEN THERE IS SUPER BROKEN

Case Study 2: Securing The Network
- No open unencrypted ports
- Keep Patched and Updated
- No Local Admin Permissions
- Monitor all the things! (SNMP, Ping, Services (Internal and External))
- Event Log Checks & Count all the things!
@echo on
del old_dll_count.txt
del old_exe_count.txt
rem pause
rename dll_count.txt old_dll_count.txt
rename exe_count.txt old_exe_count.txt
rem pause
dir c: /s /b | find /c /i ".dll" > dll_count.txt
dir c: /s /b | find /c /i ".exe" > exe_count.txt
rem pause
set /p OldDllCount= < old_dll_count.txt
set /p NewDllCount= < dll_count.txt
set /p OldExeCount= < old_exe_count.txt
set /p NewExeCount= < exe_count.txt
rem pause
if %NewDllCount% NEQ %OldDllCount% (eventcreate /l APPLICATION /t WARNING /id 510 /d "New Dynamic Link Library
found!”)
if %NewExeCount% NEQ %OldExeCount% (eventcreate /l APPLICATION /t WARNING /id 511 /d "New Executible found!”)
rem pause
EXTRA DLL’s & EXE’s ARE NOT COOL

Count All The Things!
[Redacted] as the example.
- Summary file shows where the change happened in the old file; in this case
there where new executable was added between “Rental Unit Condition
Report.exe.doc” and “Autorun.exe”.
"28/08/2014 0:00:57.16"
Comparing files old_exe_total.txt and EXE_TOTAL.TXT
***** old_exe_total.txt
52: c:DataSharedNancy- Blank DocumentsRE DeptRental UnitsRental
Unit Conditon Report.exe.doc
53: c:maximizerSvrShareUtilitiesMax12_EntreAutorun.exe
***** EXE_TOTAL.TXT
52: c:DataSharedNancy- Blank DocumentsRE DeptRental UnitsRental
Unit Conditon Report.exe.doc
53: c:DataUsersjenniferjre-7u40-windows-i586.exe
54: c:maximizerSvrShareUtilitiesMax12_EntreAutorun.exe
*****
EASY THING TO CHECK BRAH

Building an IDS out of GFI MAX
- It takes some effort to build all the event log checks
- 2003 OS, 2008 OS and 2008 R2 OS generate different event code codes
AUDIT ALL THE THINGS!
<- Setup Account Lockout
Pro Tip: Make sure your Logs
Are set to Overwrite as
Required.
<- Setup Audit Policy

Building an IDS out of GFI MAX for Windows Server 2003
2003 Server Security Event Reference Guide:
http://technet.microsoft.com/library/cc163121.aspx#EKH
517 The audit log was cleared.
520 The system time was changed.
529 Logon failure. A logon attempt was made with an unknown user name or a known user name with a bad password.
530 Logon failure. A logon attempt was made outside the allowed time.
531 Logon failure. A logon attempt was made using a disabled account.
532 Logon failure. A logon attempt was made using an expired account.
533 Logon failure. A logon attempt was made by a user who is not allowed to log on at the specified computer.
534 Logon failure. The user attempted to log on with a password type that is not allowed.
535 Logon failure. The password for the specified account has expired.
536 Logon failure. The Net Logon service is not active.
537 Logon failure. The logon attempt failed for other reasons.
539 Logon failure. The account was locked out at the time the logon attempt was made.
550 Notification message that could indicate a possible denial-of-service (DoS) attack.
552 A user successfully logged on to a computer with explicit credentials while already logged on as a different user.
630 A user account was deleted.
634 A global group was deleted.
638 A local group was deleted.
643 A domain policy was modified.
644 A user account was automatically locked.
647 A computer account was deleted.
653 A security-disabled global group was created.
655 A member was added to a security-disabled global group.
663 A security-disabled universal group was created.
665 A member was added to a security-disabled universal group.
685 Name of an account was changed.
EVENT LOG 666 BEAST ATTACK DETECTED #airguitar!

Building an IDS out of GFI MAX for Windows Server 2008 R2
& Windows 7
2008 R2 & Windows 7 Server Security Event Reference Guide:
https://support.microsoft.com/kb/977519/en-us
5144 A network share object was deleted. 4954 Group Policy settings for Windows Firewall were changed, and the new settings were applied.
5143 A network share object was modified. 4950 A Windows Firewall setting was changed.
5142 A network share object was added. 4948 A change was made to the Windows Firewall exception list. A rule was deleted.
5141 A directory service object was deleted. 4947 A change was made to the Windows Firewall exception list. A rule was modified.
5035 The Windows Firewall Driver failed to start. 4946 A change was made to the Windows Firewall exception list. A rule was added.
5034 The Windows Firewall Driver was stopped. 4780 The ACL was set on accounts which are members of administrators groups.
5025 The Windows Firewall service was stopped. 4761 A member was added to a security-disabled universal group.
4801 The workstation was unlocked. 4751 A member was added to a security-disabled global group.
4800 The workstation was locked. 4746 A member was added to a security-disabled local group.
4781 The name of an account was changed: 4724 An attempt was made to reset an account's password.
4767 A user account was unlocked. 4723 An attempt was made to change an account's password.
4759 A security-disabled universal group was created. 4648 A logon was attempted using explicit credentials.
4749 A security-disabled global group was created. 4719 System audit policy was changed.
4744 A security-disabled local group was created. 4707 A trust to a domain was removed.
4743 A computer account was deleted. 4706 A new trust was created to a domain.
4741 A computer account was created. 4702 A scheduled task was updated.
4740 A user account was locked out. 4698 A scheduled task was created.
4738 A user account was changed. 4649 A replay attack was detected.
4726 A user account was deleted. 4625 An account failed to log on.
4725 A user account was disabled. 4616 The system time was changed.
4722 A user account was enabled. 4720 A user account was created.
EVENT 1337 CULT OF THE DEAD COW PWNS YOU

PACKET VIPER DEMO
- PacketViper is a bi-directional, Point and Click, Intelligent Geo IP Threat Prevention
& Detection Filter.
- Geo-IP filtering allows your network to choose places in the world from which it will
accept or deny network traffic.
- Kelsey Lucas email: kelsey.lucas@packetviper.com
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing
tool for finding vulnerabilities in web applications. It is designed to be used
by people with a wide range of security experience and as such is ideal for
developers and functional testers who are new to penetration testing.
“Simply the best open-source application vulnerability scanner”
“There is no right and wrong. There's only fun and boring.” – The Plague

Security Tools for the #hardcore
http://www.informatica64.com/forensicfoca/
FOCA (Fingerprinting Organizations with Collected Archives)
Downloads all documents that have been posted on a Web site
Extracts the metadata, or the information generated about the document itself.
Can reveal who created the document, e-mail address, internal IP, Latitude and
Longitude of images, (Internet Protocol) addresses and much more.
Vulnerability scanning for auditors and security analysts. Nessus features
high-speed asset discovery, patch and configuration auditing, asset
profiling, sensitive data discovery, patch management integration, multi-scanner
control and vulnerability analysis.
“Kid, don't threaten me. There are worse things than death, and uh, I can do all of them.” – The Plague

@Pontobunce
You know when your boyfriend
figures out he screwed up and
then he does something really
nice to make up for it?
Windows 9.
@SwiftOnSecurity
Cloud-based systems utilized by all types of hostile forces
Large scale DDOS Attacks upwards of 100GB/Sec +
Critical infrastructure attacks/ POS infrastructure Attacks
Exploitation of world events to amplify kinetic effects
IPV6, Cellular, Wireless and 64 Bit malware Advanced
Persistent Threats
Cross-platform attacks combining mobile devices with
traditional infrastructure targets
New nation states and organizations developing offensive
cyber warfare capability
Reduction in kill chain exposure
Advanced malware frameworks which perform
reconnaissance, exploitation, exfiltration and data
destruction attacks TAYLOR SWIFT INFO SEC THOUGHT LEADER using plug-in modules – Flame, Duque

…and the winner for biggest APT to US Interests is: US Justice Department
Microsoft was ordered on July 31 to comply with a U.S. Department of Justice
warrant to produce emails stored at the company's data center in Ireland.
Potentially sets a precedent: Any company with operations in the United States
must comply with valid warrants for data, even if the content is stored overseas.
FedEx has possession, custody or control of millions of packages every day, but
the US government cannot force FedEx to turn over any of those packages with
a subpoena. In order to seize a package in the US, the government needs a
warrant. And even with a warrant, the government has no power to force FedEx
to turn over packages that are outside the US.
The U.S. Department of Homeland Security on July 5 arrested Roman
Valerevich Seleznev, the son of a Russian lawmaker, for what it said were crimes
carried out from 2009 to 2011. Roman Seleznev was apprehended in an airport
in the Maldives 8 July 2014, the Russian Foreign Ministry said.
THE LONG LONG LONG ARM OF ‘MERICA

CDC & HACKERSPACES ARE LIKE BATMAN
Create, educate and mentor emerging cyber defense talent.
Provide resources and ethical guidance.
Teach responsible disclosure of vulnerabilities.
Provide expert level resources and collective learning opportunities.
Facilitate hands on learning with virtual environments.
Break things and learn to fix them.
Network in both senses of the word.
LIKE A FAT VERSION OF BATMAN

THANK YOU
Contact Information:
SALES / sales@octopitech.com
“IPV 6 will
revolutionize how we
communicate with the
“Internet of Things”
like your fridge, car
and maybe a toaster
oven because some
jackass, somewhere
decided that putting a
web server into a
toaster oven was a
good idea.” - Ian
Trump, 2014
Special Thanks:
@MisterPhisch, @NullStream, @SpasticRobot, @Phoul @5683Monkey,
@Straithe, @Nateloaf, & Oli
YOU DON’T HAVE TO GO HOME, BUT YOU CANT STAY HERE

Year of pawnage - Ian trump

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (8)

Similar to Year of pawnage - Ian trump

Similar to Year of pawnage - Ian trump (20)

More from MAXfocus

More from MAXfocus (20)

Recently uploaded

Recently uploaded (20)

Year of pawnage - Ian trump

Editor's Notes