10 Ways Credit Unions Get PWNED
|
|
- Piers Chase
- 6 years ago
- Views:
Transcription
1 10 Ways Credit Unions Get PWNED NASCUS 2017 Investment advisory services are offered through CliftonLarsonAllen Wealth Advisors, LLC, an SEC-registered investment advisor.
2 Intro I am going to share with you: whoami 10 Ways CUs get PWNED Phishing and Remote Access Lateral Movement and Privilege Escalation Include mitigation strategies for each
3 whoami David Anderson Farm kid turned hacker Worked in IT for 6 years Penetration tester for 5 years Yes, I am older than 18
4 10 Ways CUs Get PWNED The same thing.over and over.
5 10 Ways CUs Get PWNED 1. Users clicking links
6 10 Ways CUs Get PWNED 2. Users clicking links
7 10 Ways CUs Get PWNED 3. Users clicking links
8 10 Ways CUs Get PWNED 4. Users clicking links
9 10 Ways CUs Get PWNED 5. Users clicking links
10 10 Ways CUs Get PWNED 6. Users clicking links
11 10 Ways CUs Get PWNED 7. Users clicking links
12 10 Ways CUs Get PWNED 8. Users clicking links
13 10 Ways CUs Get PWNED 9. Users clicking links
14 10 Ways CUs Get PWNED 10. Users opening attachments
15 QUESTIONS
16 Thank you! David Anderson, OSCP Manager, Information Security, Direct: CLAconnect.com linkedin.com/company/ cliftonlarsonallen facebook.com/ cliftonlarsonallen twitter.com/claconnect
17 Phishing and Remote Access Poor Filtering I am the king of Nigeria
18 Poor Filtering By default, many spam filters don t prevent spoofing of your own domain SPF checks typically occur on the SMTP Envelope FROM address, NOT the Message FROM address
19 Poor Filtering Connected to mail.cogentco.com (38.9.X.X). MAIL FROM: 250 OK RCPT TO: 250 Accepted SMTP Envelope DATA 354 Enter message, ending with "." on a line by itself FROM: <ElonMusk@tesla.com> TO: <david.anderson@claconnect.com> Subject: Free Tesla Car SMTP Message
20 Poor Filtering - Mitigation Configure spam filter to look at both the Envelope FROM field and Message FROM field If it contains your domain, block Implement SPF Also look into DKIM and DMARC Apply extra scrutiny to s that come from domain without a SPF record
21 PowerShell That s one powerful shell
22 PowerShell Windows scripting environment built on.net Comes pre-installed Attackers don t have to worry about AV Able to perform many different tasks that command prompt couldn t
23 PowerShell Search for systems where you have local administrator access Search for where domain administrators are logged in Can download items from a URL Can inject malicious code straight into memory
24 PowerShell - Mitigation Upgrade to PowerShell v5 Remove PowerShell v2 Enable Script Block Logging Enable Script Transcription Configure Constrained Language Mode Prevents advanced features, such as.net execution, Windows API calls, and COM access
25 OWA Attacks I can read your
26 OWA Attacks Exchange supports multiple ways to access mailbox Outlook Anywhere, MAPI, EWS These services are subject to brute force attacks Tools such as MailSniper, Metasploit Targets weak passwords (Winter2016)
27 OWA Attacks Many organizations expose OWA to the Internet without requiring 2FA With access to mailbox Find sensitive information (VPN info, PII, passwords) Impersonate employee in phishing attack Create new Outlook Rule
28
29 OWA Attacks - Mitigation Implement 2FA Be careful, not all 2FA solutions apply to all services Implement strong password policy Require passphrases Implement password filter Configure usernames differently than addresses Log and monitor Logon attempts Outlook Rules
30 Office Macros Welcome back to the 1990s
31 Office Macros Macros allow attackers to access any applications/features that are installed or available on the user s workstation Utilizing PowerShell, attackers can execute malicious code easily
32 Office Macros
33 Office Macros
34 Office Macros - Mitigation Use Group Policy to disable macros Most users don t need them Office 2016 has new GPO for documents originating from the Internet Teach users who utilize Macros the dangers of opening unknown documents Prevent users from receiving Word Docs Block Docs coming through , Websites
35 Office Macros - Mitigation
36 .HTA Payloads Thank you for choosing IE for your browser needs :)
37 .HTA Payloads HTA > HTML Applications Allows attacker to run malicious applications on end user s system Needs to be opened with Internet Explorer.HTA files get launched by trusted Microsoft application - mshta.exe
38 .HTA Payloads From Microsoft - HTAs are not subject to the same security constraints as webpages. The end result is that an HTA runs like any executable (.exe) file written in C++ or Visual Basic.
39 .HTA Payloads <script> a=new ActiveXObject("WScript.Shell"); a.run( calc.exe, 0);window.close(); </script>
40 .HTA Payloads
41 .HTA Payloads
42 .HTA Payloads - Mitigation Block mshta.exe from running on systems Web filter/content filter block.hta extension
43 Domain Fronting I dare you to block Azure/AWS/Cloudflare
44 Domain Fronting Utilizes Content Delivery Networks (CDNs) to hide malicious servers Malware delivery C2 communication There are many well known/reputable providers Microsoft Azure Amazon AWS Cloudflare
45 Domain Fronting
46 Domain Fronting Connect to awsstatic.com Legitimate AWS Domain Highly trusted --HTTP Header-- GET / HTTP/1.1 Host: <guid>.cloudfront.net
47 Domain Fronting - Mitigation This one is hard to detect/prevent Monitor web traffic through proxy Utilize SSL stripping Look for oddities over period of time Block these IP ranges if there is not business need
48 Lateral Movement and Privilege Escalation DA Hunter Hunting your admins
49 DA Hunter PowerShell scripts automating the discovery of: Computers on network Who is logged into each computer Who are the administrators Does the current user have admin rights on the target
50 DA Hunter VERBOSE: No Local Admin on OR-TIG VERBOSE: bob has local admin access on D0543 VERBOSE: bob has local admin access on D0467 VERBOSE: No Local Admin on EMS-104 VERBOSE: alice (DA) is logged in!
51 DA Hunter Win 7 through Win 10 (excluding latest update) Allows any user to enumerate logged in users We are looking for admin rights in order to compromise additional user accounts Continue the process over and over until we find a system with a DA logged in and we have local admin access on
52 DA Hunter - Mitigation Latest update to Windows 10 allows the ability to deny user enumeration through GPO/Registry Windows Version Who can query local users Can be change < Windows 10 Any domain users No Windows 10 Any domain user Yes (only registry) Windows 10 Anniversary Only local administrators Yes (registry or GPO) Network Access: Restrict clients allowed to make remote calls to SAM
53 DA Hunter - Mitigation PowerShell script NetCease.ps1 Prevents user enumeration if not an administrator Download from TechNet site Works on Win7/2008 and newer
54 Kerberoast I like my passwords medium-rare
55 Kerberoast Abuses Windows implementation of Kerberos Service accounts that utilize Kerberos authentication are stored in AD as Service Principal Names (SPNs) SQL IIS FTP NTLM password hash of service account is stored in PAC file which any authenticated user can request
56 Kerberoast Multiple free tools can extract these hashes Hash format is supported by Hashcat and JtR Example Hash: $krb5tgs$23$*hps$domain.local$mssqlsvc/sqlserv er1.domain.local~1433*$9cb4e5bcb96cb64f... Service accounts often are not changed frequently and have fairly simple passwords
57 Kerberoast - Mitigation Ensure service account passwords are: Long Complex Changed periodically Monitor logons for service accounts
58 Mimikatz Passwords for all
59 Mimikatz Tool designed to manipulate Windows credentials Extract NTLM hashes Extract clear text passwords Forge Kerberos tickets Pull AD hashes Etc. Windows manages credentials in LSASS.exe process User needs to have admin rights for most of the features to work
60 Mimikatz - Mitigation Don t give users admin rights!!! Win7/8 and Win2008/20012 KB Update to Improve Credentials Protection and Management Windows will no longer store password in clear text Win8.1 and Win2012R2 Enable LSA Protection Not bullet proof but more difficult and easier to detect
61 Password Storage You think your password is safe?
62 Password Storage We commonly look for insecure storage of passwords Spreadsheets Text files Password managers Just found Keypass password for an IT person in a text file in home directory These are easy to find, need to ensure they are properly secured
63 Password Storage - Mitigation If you use password managers MUST enable 2FA Computers that access the password database should be highly locked down Know they are not bullet proof E.g. Certificates can be easy to steal
64 QUESTIONS
65 Thank you! David Anderson, OSCP Manager, Information Security, Direct: CLAconnect.com linkedin.com/company/ cliftonlarsonallen facebook.com/ cliftonlarsonallen twitter.com/claconnect
Ethical Hackers Perspective Things that Make a Hacker's Job Easy
WEALTH ADVISORY OUTSOURCING AUDIT, TAX, AND CONSULTING Investment advisory services are offered through CliftonLarsonAllen Wealth Advisors, LLC, an SEC-registered investment advisor Ethical Hackers Perspective
More informationBeyond the Theoretical: A Deep Dive Into Phishing CUNA Technology Conference
Beyond the Theoretical: A Deep Dive Into Email Phishing 2016 CUNA Technology Conference Agenda Introduction to email SMTP service How attackers can spoof email Review most popular types of phishing emails
More informationActive Directory Attacks and Detection
Active Directory Attacks and Detection #Whoami Working as an Information Security Executive Blog : www.akijosberryblog.wordpress.com You can follow me on Twitter: @AkiJos This talk is Based on Tim Madin
More informationALL ROADS LEAD TO DOMAIN ADMIN BREACH TO CDE A SECTOR CONFERENCE PRESENTATION OCTOBER 2016
BREACH TO CDE ALL ROADS LEAD TO DOMAIN ADMIN A SECTOR CONFERENCE PRESENTATION OCTOBER 2016 Introduction Yannick Bedard Security Consultant Network Penetration Testing SpiderLabs, Trustwave email: ybedard.infosec@gmail.com
More informationPENETRATION TESTING EXTREME VERSION 1
PENETRATION TESTING EXTREME VERSION 1 The world s most advanced network penetration testing course elearnsecurity has been chosen by students in over 140 countries in the world and by leading organizations
More informationJoe Stocker, CISSP, MCITP, VTSP Patriot Consulting
Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting Microsoft Cloud Evangelist at Patriot Consulting Principal Systems Architect with 17 Years of experience Technical certifications: MCSE, MCITP Office
More informationA Process is No One: Hunting for Token Manipulation. Jared Atkinson & Robby Winchester
Jared Atkinson Robert Winchester A Process is No One: Hunting for Token Manipulation Jared Atkinson & Robby Winchester @jaredcatkinson Adversary Detection Technical Lead @ SpecterOps Developer: PowerForensics
More informationKerberos Constrained Delegation Authentication for SEG V2. VMware Workspace ONE UEM 1810
Kerberos Constrained Delegation Authentication for SEG V2 VMware Workspace ONE UEM 1810 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you
More informationCOPYRIGHTED MATERIAL. Contents. Part I: The Basics in Depth 1. Chapter 1: Windows Attacks 3. Chapter 2: Conventional and Unconventional Defenses 51
Acknowledgments Introduction Part I: The Basics in Depth 1 Chapter 1: Windows Attacks 3 Attack Classes 3 Automated versus Dedicated Attacker 4 Remote versus Local 7 Types of Attacks 8 Dedicated Manual
More informationActive Directory Attacks and Detection Part -II
Active Directory Attacks and Detection Part -II #Whoami Working as an Information Security Executive Blog : www.akijosberryblog.wordpress.com You can follow me on Twitter: @AkiJos Key Takeaways How to
More informationModern Realities of Securing Active Directory & the Need for AI
Modern Realities of Securing Active Directory & the Need for AI Our Mission: Hacking Anything to Secure Everything 7 Feb 2019 Presenters: Dustin Heywood (EvilMog), Senior Managing Consultant, X-Force Red
More informationAttacking and Defending Active Directory July, 2017
Attacking and Defending Active Directory July, 2017 About: Adam Steed - @aboy 20 years of experience in IAM, working for financial, websites, and healthcare organizations Associate Director Protiviti Security
More informationOWASP Top 10 Risks. Many thanks to Dave Wichers & OWASP
OWASP Top 10 Risks Dean.Bushmiller@ExpandingSecurity.com Many thanks to Dave Wichers & OWASP My Mom I got on the email and did a google on my boy My boy works in this Internet thing He makes cyber cafes
More information7 EASY ATTACKS AGAINST ACTIVE DIRECTORY
NEW TITLE: 7 EASY ATTACKS AGAINST ACTIVE DIRECTORY And How to Prevent Them Through Good Practices and a Little Group Policy ABOUT ME Kevin McBride Security Specialist at Meridian Credit Union 12 years
More informationActive Directory Attacks and Detection
Active Directory Attacks and Detection #Whoami Working as an Information Security Executive Blog : www.akijosberryblog.wordpress.com You can follow me on Twitter: @AkiJos Lab Setup AJLAB.COM: 2 Domain
More informationRemote social engineering techniques involving Microsoft Universal Naming Convention (UNC) function.
10 March 2016 Remote social engineering techniques involving Microsoft Universal Naming Convention (UNC) function. Presented by Neil Lines Who am I? Neil Lines - Pen Tester Involved in a range of security
More informationWorkspace ONE UEM Certificate Authentication for EAS with ADCS. VMware Workspace ONE UEM 1902
Workspace ONE UEM Certificate Authentication for EAS with ADCS VMware Workspace ONE UEM 1902 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/
More informationOne-Click to OWA Track 3. William Martin
One-Click to OWA Track 3 William Martin (@QuickBreach) > whoami William Martin OSCP Penetration Tester Supervisor at RSM US LLP in Charlotte, NC First time presenting at DEFCON Twitter: @QuickBreach >
More informationHacking Our Way to Better Security: Lessons from a Web Application Penetration Test. Tyler Rasmussen Mercer Engineer Research Center
Hacking Our Way to Better Security: Lessons from a Web Application Penetration Test Tyler Rasmussen Mercer Engineer Research Center About Me Cybersecurity Engineering Intern @ MERC Senior IT/Cybersecurity
More informationProvide you with a quick introduction to web application security Increase you awareness and knowledge of security in general Show you that any
OWASP Top 10 Provide you with a quick introduction to web application security Increase you awareness and knowledge of security in general Show you that any tester can (and should) do security testing
More informationCopyright
1 Security Test EXTRA Workshop : ANSWER THESE QUESTIONS 1. What do you consider to be the biggest security issues with mobile phones? 2. How seriously are consumers and companies taking these threats?
More informationWHITEPAPER ATTIVO NETWORKS THREATDEFEND PLATFORM AND THE MITRE ATT&CK MATRIX
WHITEPAPER ATTIVO NETWORKS THREATDEFEND PLATFORM AND THE MITRE ATT&CK MATRIX 1 INTRODUCTION The MITRE Corporation Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK ) Matrix provides a model
More informationPremediation. The Art of Proactive Remediation. Matthew McWhirt, Senior Manager Manfred Erjak, Principal Consultant OCTOBER 1 4, 2018 WASHINGTON, D.C.
Premediation The Art of Proactive Remediation Matthew McWhirt, Senior Manager Manfred Erjak, Principal Consultant OCTOBER 1 4, 2018 WASHINGTON, D.C. Overview Case Study Remediation Overview Premediation
More informationBecoming the Adversary
SESSION ID: CIN-R06 Becoming the Adversary Tyrone Erasmus Managing Security Consultant MWR InfoSecurity @metall0id /usr/bin/whoami Most public research == Android Something different today 2 Overview Introduction
More informationEndpoint Security - what-if analysis 1
Endpoint Security - what-if analysis 1 07/23/2017 Threat Model Threats Threat Source Risk Status Date Created File Manipulation File System Medium Accessing, Modifying or Executing Executable Files File
More informationPhishing Stories. Shaun Jones
Phishing Stories Shaun Jones Agenda What is Phishing? Phishing Story I Intranets are actually pretty useful Phishing Story II Why do I need two factor auth Phishing Story III Everybody gets shells! What
More informationKerberos Constrained Delegation Authentication for SEG V2. VMware Workspace ONE UEM 1811
Kerberos Constrained Delegation Authentication for SEG V2 VMware Workspace ONE UEM 1811 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you
More informationPyramid 2018 Kerberos Guide Guidelines and best practices for how deploy Pyramid 2018 with Kerberos
Pyramid 2018 Kerberos Guide Guidelines and best practices for how deploy Pyramid 2018 with Kerberos Contents Overview... 3 Warning... 3 Prerequisites... 3 Operating System... 3 Pyramid 2018... 3 Delegation
More information(System) Integrity attacks System Abuse, Malicious File upload, SQL Injection
Pattern Recognition and Applications Lab (System) Integrity attacks System Abuse, Malicious File upload, SQL Injection Igino Corona igino.corona (at) diee.unica.it Computer Security April 9, 2018 Department
More informationWeb insecurity Security strategies General security Listing of server-side risks Language specific security. Web Security.
Web Security Web Programming Uta Priss ZELL, Ostfalia University 2013 Web Programming Web Security Slide 1/25 Outline Web insecurity Security strategies General security Listing of server-side risks Language
More informationDetecting Lateral Movement in APTs ~Analysis Approach on Windows Event Logs~ June 17, 2016 Shingo ABE ICS security Response Group JPCERT/CC
Detecting Lateral Movement in APTs ~Analysis Approach on Windows Event Logs~ June 17, 2016 Shingo ABE ICS security Response Group JPCERT/CC Agenda Introduction to JPCERT/CC About system-wide intrusions
More informationPass-the-Hash Attacks
Pass-the-Hash Attacks Mgr. Michael Grafnetter www.dsinternals.com Agenda PtH Attack Anatomy Mitigation Proactive Reactive Windows 10 + Windows Server 2016 Microsoft Advanced Threat Analytics PtH Attack
More informationA YEAR OF PURPLE. By Ryan Shepherd
A YEAR OF PURPLE By Ryan Shepherd WHOAMI DETECTION and RESPONSE Investigator for Countercept Threat Hunter PURPLE Team Consultant Offensive Security Certified Professional (OSCP) Crest Registered Intrusion
More informationConfiguring Request Authentication and Authorization
CHAPTER 15 Configuring Request Authentication and Authorization Request authentication and authorization is a means to manage employee use of the Internet and restrict access to online content. This chapter
More informationWEB SECURITY WORKSHOP TEXSAW Presented by Solomon Boyd and Jiayang Wang
WEB SECURITY WORKSHOP TEXSAW 2014 Presented by Solomon Boyd and Jiayang Wang Introduction and Background Targets Web Applications Web Pages Databases Goals Steal data Gain access to system Bypass authentication
More informationCompTIA. PT0-001 EXAM CompTIA PenTest+ Certification Exam Product: Demo. m/
Page No 1 https://www.dumpsplanet.com m/ CompTIA PT0-001 EXAM CompTIA PenTest+ Certification Exam Product: Demo For More Information: PT0-001-dumps Page No 2 Question: 1 During a penetration test, a tester
More informationExtract of Summary and Key details of Symantec.cloud Health check Report
SYMANTEC.CLOUD EXAMPLE HEALTH CHECK SUMMARY REPORT COMPUTER SECURITY TECHNOLOGY LTD. 8-9 Lovat lane, London, London. EC3R 8DW. Tel: 0207 621 9740. Email: info@cstl.com WWW.CSTL.COM Customer: - REDACTED
More informationComputers Gone Rogue. Abusing Computer Accounts to Gain Control in an Active Directory Environment. Marina Simakov & Itai Grady
Computers Gone Rogue Abusing Computer Accounts to Gain Control in an Active Directory Environment Marina Simakov & Itai Grady Motivation Credentials are a high value target for attackers No need for 0-day
More informationDeploy and Configure Microsoft LAPS. Step by step guide and useful tips
Deploy and Configure Microsoft LAPS Step by step guide and useful tips 2 Table of Contents Challenges today... 3 What is LAPS... 4 Emphasis and Tips... 5 How LAPS Work... 6 Components... 6 Prepare, Deploy
More informationBojan Ždrnja, CISSP, GCIA, GCIH, GWAPT INFIGO IS
Laterally pwning Windows Bojan Ždrnja, CISSP, GCIA, GCIH, GWAPT Bojan.Zdrnja@infigo.hr INFIGO IS http://www.infigo.hr Who am I? Senior information security consultant at INFIGO IS Penetration testing (all
More informationWeb Application Security. Philippe Bogaerts
Web Application Security Philippe Bogaerts OWASP TOP 10 3 Aim of the OWASP Top 10 educate developers, designers, architects and organizations about the consequences of the most common web application security
More informationWhen the admin fails on security Christoph Falta ITSECX
When the admin fails on security Christoph Falta ITSECX 2012 09.11.2012 What s this all about? Point out common vulnerabilities in a windows environmnet Point out attack scenarios that leverage these vulnerabilities
More informationSecuring Office 365 with Okta
Securing Office 365 with Okta Index Background Terms & Definitions Introduction Office 365 Authentication Methods Securing Federated Office 365 Using Okta Known Email Clients that Support Modern Authentication
More informationWindows Hash Reinjection Using GSECDUMP and MSVCTL By Deron Grzetich
Windows Hash Reinjection Using GSECDUMP and MSVCTL By Deron Grzetich Intro The objective of this exercise is to prove that gsecdump and msvctl actually work as prescribed. These tools can be used to reinject
More informationCONTENTS IN DETAIL. FOREWORD by HD Moore ACKNOWLEDGMENTS INTRODUCTION 1 THE ABSOLUTE BASICS OF PENETRATION TESTING 1 2 METASPLOIT BASICS 7
CONTENTS IN DETAIL FOREWORD by HD Moore xiii PREFACE xvii ACKNOWLEDGMENTS xix Special Thanks... xx INTRODUCTION xxi Why Do A Penetration Test?... xxii Why Metasploit?... xxii A Brief History of Metasploit...
More informationSecurity and Privacy
E-mail Security and Privacy Department of Computer Science Montclair State University Course : CMPT 320 Internet/Intranet Security Semester : Fall 2008 Student Instructor : Alex Chen : Dr. Stefan Robila
More information10 FOCUS AREAS FOR BREACH PREVENTION
10 FOCUS AREAS FOR BREACH PREVENTION Keith Turpin Chief Information Security Officer Universal Weather and Aviation Why It Matters Loss of Personally Identifiable Information (PII) Loss of Intellectual
More informationPCI DSS Compliance. White Paper Parallels Remote Application Server
PCI DSS Compliance White Paper Parallels Remote Application Server Table of Contents Introduction... 3 What Is PCI DSS?... 3 Why Businesses Need to Be PCI DSS Compliant... 3 What Is Parallels RAS?... 3
More informationComputer Forensics: Investigating Network Intrusions and Cyber Crime, 2nd Edition. Chapter 3 Investigating Web Attacks
Computer Forensics: Investigating Network Intrusions and Cyber Crime, 2nd Edition Chapter 3 Investigating Web Attacks Objectives After completing this chapter, you should be able to: Recognize the indications
More informationCombating Common Web App Authentication Threats
Security PS Combating Common Web App Authentication Threats Bruce K. Marshall, CISSP, NSA-IAM Senior Security Consultant bmarshall@securityps.com Key Topics Key Presentation Topics Understanding Web App
More informationIntroduction. The Safe-T Solution
Secure Application Access Product Brief Contents Introduction 2 The Safe-T Solution 3 How It Works 3 Capabilities 4 Benefits 5 Feature List 6 6 Introduction As the world becomes much more digital and global,
More informationEthical Hacking and Countermeasures: Web Applications, Second Edition. Chapter 3 Web Application Vulnerabilities
Ethical Hacking and Countermeasures: Web Chapter 3 Web Application Vulnerabilities Objectives After completing this chapter, you should be able to: Understand the architecture of Web applications Understand
More informationWhy bother? Causes of data breaches OWASP. Top ten attacks. Now what? Do it yourself Questions?
Jeroen van Beek 1 Why bother? Causes of data breaches OWASP Top ten attacks Now what? Do it yourself Questions? 2 In many cases the web application stores: Credit card details Personal information Passwords
More informationUsing Trustwave SEG Cloud with Exchange Online
.trust Using Trustwave SEG Cloud with Exchange Online Table of Contents About This Document 1 1 Trustwave SEG Cloud for Anti-Malware with Exchange Online 2 2 Networking and DNS Setup 2 3 Provisioning Trustwave
More informationPrivileged Identity App Launcher and Session Recording
Privileged Identity App Launcher and Session Recording 2018 Bomgar Corporation. All rights reserved worldwide. BOMGAR and the BOMGAR logo are trademarks of Bomgar Corporation; other trademarks shown are
More informationWeb Application & Web Server Vulnerabilities Assessment Pankaj Sharma
Web Application & Web Server Vulnerabilities Assessment Pankaj Sharma Indian Computer Emergency Response Team ( CERT - IN ) Department Of Information Technology 1 Agenda Introduction What are Web Applications?
More information10 Active Directory Misconfigurations That Lead to Total Compromise Austin, TX 201 W 5th St.
10 Active Directory Misconfigurations That Lead to Total Compromise hello@javelin-networks.com +1-888-867-5179 Austin, TX 201 W 5th St. 1. Group Policy Preferences Visible Passwords Group Policy Preferences
More informationEMS MASTER CALENDAR Installation Guide
EMS MASTER CALENDAR Installation Guide V44.1 Last Updated: May 2018 EMS Software emssoftware.com/help 800.440.3994 2018 EMS Software, LLC. All Rights Reserved. Table of Contents CHAPTER 1: Introduction
More informationBEST PRACTICES FOR PERSONAL Security
BEST PRACTICES FOR PERSONAL Email Security Sometimes it feels that the world of email and internet communication is fraught with dangers: malware, viruses, cyber attacks and so on. There are some simple
More informationClick Studios. Passwordstate. Remote Session Launcher. Installation Instructions
Passwordstate Remote Session Launcher Installation Instructions This document and the information controlled therein is the property of Click Studios. It must not be reproduced in whole/part, or otherwise
More informationAdvanced Service Design. vrealize Automation 6.2
vrealize Automation 6.2 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have comments about this documentation, submit your feedback to
More informationMODERN DESKTOP SECURITY
MODERN DESKTOP SECURITY I M GOING TO BE HONEST. WE RE IN THE FIGHT OF OUR DIGITAL LIVES, AND WE ARE NOT WINNING! M I C H A E L M C C A U L, C H A I R M A N, U S H O M E L A N D S E C U R I T Y C O M M
More informationMicrosoft Unified Access Gateway 2010
RSA SecurID Ready Implementation Guide Partner Information Last Modified: March 26, 2013 Product Information Partner Name Web Site Product Name Version & Platform Product Description Microsoft www.microsoft.com
More informationSophos UTM Web Application Firewall For: Microsoft Exchange Services
How to configure: Sophos UTM Web Application Firewall For: Microsoft Exchange Services This guide explains how to configure your Sophos UTM 9.3+ to allow access to the relevant Microsoft Exchange services
More informationINTEGRATION TO MICROSOFT EXCHANGE Installation Guide
INTEGRATION TO MICROSOFT EXCHANGE Installation Guide V44.1 Last Updated: March 5, 2018 EMS Software emssoftware.com/help 800.440.3994 2018 EMS Software, LLC. All Rights Reserved. Table of Contents CHAPTER
More informationWeb Application Attacks
Web Application Attacks What can an attacker do and just how hard is it? By Damon P. Cortesi IOActive, Inc. Comprehensive Computer Security Services www.ioactive.com cortesi:~
More informationP2_L12 Web Security Page 1
P2_L12 Web Security Page 1 Reference: Computer Security by Stallings and Brown, Chapter (not specified) The web is an extension of our computing environment, because most of our daily tasks involve interaction
More informationSobering statistics. The frequency and sophistication of cybersecurity attacks are getting worse.
Sobering statistics The frequency and sophistication of cybersecurity attacks are getting worse. 146 >63% $500B $3.8M The median # of days that attackers reside within a victim s network before detection
More informationAdvanced Security Measures for Clients and Servers
Advanced Security Measures for Clients and Servers Wayne Harris MCSE Senior Consultant Certified Security Solutions Importance of Active Directory Security Active Directory creates a more secure network
More informationUseful Hacking Series
Useful Hacking Series Welcome to the Useful Hacking Series, in this series of 20 Episodes our world-renowned penetration tester/international speaker will share with you the top useful tips used during
More informationSecure Coding, some simple steps help. OWASP EU Tour 2013
Secure Coding, some simple steps help. OWASP EU Tour 2013 About Me Steven van der Baan - Dutch - 7Safe, part of PA Consulting Group - Developer - Pentester - Consultant - CISSP, OSCP It's amazing how
More informationCompetitive Matrix - IRONSCALES vs Alternatives
Competitive Matrix - IRONSCALES vs Alternatives Traditional Awareness and Training Features IRONSCALES SEG PhishMe Wombat Knowbe4 Sans Institute Simulation & Training Compliance PCI/DSS, HIPAA, GLBA to
More informationPhishing. Eugene Davis UAH Information Security Club April 11, 2013
Phishing Eugene Davis UAH Information Security Club April 11, 2013 Overview A social engineering attack in which the attacker impersonates a trusted entity Attacker attempts to retrieve privileged information
More informationWindows Server Security Guide
Windows Server Security Guide August 2017 Contents Windows Server 2016 Security Guide... 3 Why is Windows Server 2016 security important?... 3 How does Windows Server 2016 help prevent and detect compromise?...
More informationMcAfee Certified Assessment Specialist Network
McAfee MA0-150 McAfee Certified Assessment Specialist Network Version: 4.0 Topic 1, Volume A QUESTION NO: 1 An attacker has compromised a Linux/Unix host and discovers a suspicious file called "password"
More informationBank Infrastructure - Video - 1
Bank Infrastructure - 1 05/09/2017 Threats Threat Source Risk Status Date Created Account Footprinting Web Browser Targeted Malware Web Browser Man in the browser Web Browser Identity Spoofing - Impersonation
More informationIMPLEMENTING MICROSOFT CREDENTIAL GUARD FOR ISO 27001, PCI, AND FEDRAMP
IMPLEMENTING MICROSOFT CREDENTIAL GUARD FOR ISO 27001, PCI, AND FEDRAMP North America Latin America Europe 877.224.8077 info@coalfire.com coalfire.com Coalfire sm and CoalfireOne sm are registered service
More informationMicrosoft Exchange Proxy Settings Outlook 2010 Gpo
Microsoft Exchange Proxy Settings Outlook 2010 Gpo Cloud App Encryption supports Microsoft Outlook 2010 and 2013 for Windows. accounts for each user in Microsoft Office 365 and the Outlook proxy settings
More informationدوره تست نفوذ. Ver.1.2 شما میتوانید آنلاین در این دوره ثبت نام بلافاصله از آن استفاده کنید. Information Gathering. Bash scripting
Ver.1.2 Information Gathering Bash scripting Information gathering (passive) شما میتوانید آنلاین در این دوره ثبت نام کنید و بلافاصله از آن استفاده کنید. دیدن نمونه آموزش هاي دوره تست نفوذ Google operators
More informationPerslink Security. Perslink Security. Eleonora Petridou Pascal Cuylaerts. System And Network Engineering University of Amsterdam.
Eleonora Petridou Pascal Cuylaerts System And Network Engineering University of Amsterdam June 30, 2011 Outline Research question About Perslink Approach Manual inspection Automated tests Vulnerabilities
More informationSPOOFING. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006
SPOOFING Information Security in Systems & Networks Public Development Program Sanjay Goel University at Albany, SUNY Fall 2006 1 Learning Objectives Students should be able to: Determine relevance of
More informationPolicy Settings for Windows Server 2003 (including SP1) and Windows XP (including SP2)
Web 2 Policy Settings for (including SP1) and XP (including SP2) This document was written by Conan Kezema. and XP together introduce more than 270 new administrative template policy settings for you to
More informationTHREAT MODELING IN SOCIAL NETWORKS. Molulaqhooa Maoyi Rotondwa Ratshidaho Sanele Macanda
THREAT MODELING IN SOCIAL NETWORKS Molulaqhooa Maoyi Rotondwa Ratshidaho Sanele Macanda INTRODUCTION Social Networks popular web service. 62% adults worldwide use social media 65% of world top companies
More informationDoes Windows 10 Have Privacy Issues? February 11, Joel Ewing
Does Windows 10 Have Privacy Issues? February 11, 2019 Joel Ewing Joel C. Ewing, Feb 2019 Permission for non-profit distribution and derivative works granted to The Bella Vista Computer Club Windows 10
More informationThe 3 Pillars of SharePoint Security
The 3 Pillars of SharePoint Security Liam Cleary CEO/Owner SharePlicity Jeff Melnick Systems Engineer Netwrix Corporation AGENDA The Problem Attack Vectors Intranet, Extranet and Public Facing Proactive
More informationAdministering ToutApp Exchange Reply Tracking
Administering ToutApp Exchange Reply Tracking This document will walk you through everything you need to know about ToutApp s support for tracking replies to your Touted emails when using Microsoft s Exchange
More informationAguascalientes Local Chapter. Kickoff
Aguascalientes Local Chapter Kickoff juan.gama@owasp.org About Us Chapter Leader Juan Gama Application Security Engineer @ Aspect Security 9+ years in Appsec, Testing, Development Maintainer of OWASP Benchmark
More informationCan HTTP Strict Transport Security Meaningfully Help Secure the Web? nicolle neulist June 2, 2012 Security B-Sides Detroit
Can HTTP Strict Transport Security Meaningfully Help Secure the Web? nicolle neulist June 2, 2012 Security B-Sides Detroit 1 2 o hai. 3 Why Think About HTTP Strict Transport Security? Roadmap what is HSTS?
More information[Outlook Configuration Guide]
Prepared By: Sandeep Das Approved By: Effective From: October, 03, 2011 REVISION HISTORY S. N. Release Date Description Author Highlights 1 3 rd October 2011 First Release Sandeep Das First Release Copyright
More informationBlackBerry UEM Configuration Guide
BlackBerry UEM Configuration Guide 12.9 2018-11-05Z 2 Contents Getting started... 7 Configuring BlackBerry UEM for the first time... 7 Configuration tasks for managing BlackBerry OS devices... 9 Administrator
More informationRisk Assessment and other Defensive Security Measures
Risk Assessment and other Defensive Security Measures Tom Schauer Principal CISA, CISM, CISSP, CEH, CRISC, CTGA CliftonLarsonAllen - Information Security Services Group Investment advisory services are
More informationWatchGuard XCS and Outlook Web Access 2013
WatchGuard XCS and Outlook Web Access 2013 The Secure WebMail proxy provides a highly secure mechanism for accessing Microsoft OWA (Outlook Web Access). OWA uses a very similar interface to Outlook and
More information1 About Web Security. What is application security? So what can happen? see [?]
1 About Web Security What is application security? see [?] So what can happen? 1 taken from [?] first half of 2013 Let s focus on application security risks Risk = vulnerability + impact New App: http://www-03.ibm.com/security/xforce/xfisi
More informationProtect Your Application with Secure Coding Practices. Barrie Dempster & Jason Foy JAM306 February 6, 2013
Protect Your Application with Secure Coding Practices Barrie Dempster & Jason Foy JAM306 February 6, 2013 BlackBerry Security Team Approximately 120 people work within the BlackBerry Security Team Security
More informationPenetration testing of corporate information systems: statistics and findings
Penetration testing of corporate information systems: 2019 Contents Introduction... 2 Executive summary... 2 Source data... 3 Overall results...4 External pentesting: results... 5 Internal pentesting:
More informationLateral Movement Defcon 26. Walter Mauricio
Lateral Movement 101 @ Defcon 26 Walter Cuestas @wcu35745 Mauricio Velazco @mvelazco About Workshop goals Lab Environment Hands-on exercises & CTF #Whoarewe Walter Cuestas (@wcu35745) Mauricio Velazco
More informationStorageZones Controller 3.4
StorageZones Controller 3.4 Mar 09, 2016 For a link to documentation for the most current release, see StorageZones Controller. To download the latest version, see https://www.citrix.com/downloads/sharefile/.
More informationOpening Intranets to attacks by using Internet Explorer
Opening Intranets to attacks by using Internet Explorer Author: Cesar Cerrudo (cesar>.at..dot.
More informationWelcome to the OWASP TOP 10
Welcome to the OWASP TOP 10 Secure Development for Java Developers Dominik Schadow 03/20/2012 BASEL BERN LAUSANNE ZÜRICH DÜSSELDORF FRANKFURT A.M. FREIBURG I.BR. HAMBURG MÜNCHEN STUTTGART WIEN 1 AGENDA
More informationINCIDENT HANDLING & RESPONSE PROFESSIONAL VERSION 1
INCIDENT HANDLING & RESPONSE PROFESSIONAL VERSION 1 The most practical and comprehensive training course on incident handling & response elearnsecurity has been chosen by students in over 140 countries
More information