Key Threats Melissa (1999), Love Letter (2000) Mainly leveraging social engineering. Key Threats Internet was just growing Mail was on the verge

Similar documents
Windows 8 Deployment Best Practices and Lessons Learned. Martin Weber Technology Solution Professional Microsoft Switzerland GmbH

GSE/Belux Enterprise Systems Security Meeting

Windows 10 Security & Audit

12/5/2013. work-life blur. more mobile. digital generation. multiple devices. tech. fast savvy

Consultant since many years. Mainly working with defense and public sector. MCSE on Windows Server 2000 security ;-)

COPYRIGHTED MATERIAL. Contents. Part I: The Basics in Depth 1. Chapter 1: Windows Attacks 3. Chapter 2: Conventional and Unconventional Defenses 51

CIS 4360 Secure Computer Systems Secured System Boot

Windows Server Security Guide

MODERN DESKTOP SECURITY

WINDOWS 10 ENTERPRISE New Security Features

Windows IoT Security. Jackie Chang Sr. Program Manager

Windows in the enterprise

Sigurnost u Windows 7. Saša Kranjac MCT

TPM v.s. Embedded Board. James Y

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Trusted Computing and O/S Security

CS 356 Operating System Security. Fall 2013

Deploying Secure Boot: Key Creation and Management

Big and Bright - Security

Evolution of Cyber Security. Nasser Kettani Chief Technology Officer Microsoft, Middle East and Africa

Security+ SY0-501 Study Guide Table of Contents

Lecture Embedded System Security Introduction to Trusted Computing

Security Enhancements

INF3510 Information Security Spring Lecture 4 Computer Security. University of Oslo Audun Jøsang

Putting Trust Into The Network Securing Your Network Through Trusted Access Control

Lecture Embedded System Security Introduction to Trusted Computing

Expert Reference Series of White Papers. BitLocker: Is It Really Secure? COURSES.

Security: The Key to Affordable Unmanned Aircraft Systems

Identity & Access Management

How I Learned to Stop Worrying and Love the Internet of Things

HP Manageability Integration Kit HP Client Management Solutions

The Ultimate Windows 10 Hardening Guide: What to Do to Make Hackers Pick Someone Else

Windows ierīces Enterprise infrastruktūrā. Aris Dzērvāns Microsoft

Microsoft UEFI Certification Authority

Windows 10 Pro device opportunity

Advanced Security Measures for Clients and Servers

Bromium: Virtualization-Based Security

Windows 10 and the Enterprise. Craig A. Brown Prepared for: GMIS

MU2b Authentication, Authorization and Accounting Questions Set 2

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

BitLocker Group Policy Settings

Windows 10 Identity and Security

CIS Controls Measures and Metrics for Version 7

SentinelOne Technical Brief

Lecture Embedded System Security Introduction to Trusted Computing

CIS Controls Measures and Metrics for Version 7

Chapter 10: Security. 2. What are the two types of general threats to computer security? Give examples of each.

CompTIA A+ Certification ( ) Study Guide Table of Contents

Updating Your Technology Knowledge of Microsoft Windows XP to Windows 7 Beta

How NOT To Get Hacked

Terra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides taken from Jason Franklin s 712 lecture, Fall 2006)

SentinelOne Technical Brief

Course Outline (version 2)

The next step in IT security after Snowden

TRUSTED SUPPLY CHAIN & REMOTE PROVISIONING WITH THE TRUSTED PLATFORM MODULE

Pass Microsoft Exam

UEFI, SecureBoot, DeviceGuard, TPM a WHB (un)related technologies

Technical Brief Distributed Trusted Computing

MANAGING LOCAL AUTHENTICATION IN WINDOWS

Windows 8 Uefi Bios Update Step By Step Guide Msi Usa

Past, Present, and Future Justin Johnson Senior Principal Firmware Engineer

HP Manageability Integration Kit HP Client Management Solutions


AURA ACADEMY Training With Expertised Faculty Call Us On For Free Demo

Operating system hardening

Featured Articles II Security Research and Development Research and Development of Advanced Security Technology

Applications of Attestation:

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

Trusted Computing and O/S Security. Aggelos Kiayias Justin Neumann

HP Manageability Integration Kit HP Client Management Solutions

CERTIFIED SECURE COMPUTER USER COURSE OUTLINE

Lecture 3 MOBILE PLATFORM SECURITY

Windows 8: Enabling Flexible Workstyles

Ethical Hacking and Prevention

Table of Contents. Table of Figures. 2 Wave Systems Corp. Client User Guide

Ritz Camera Leverages Whitelisting for Picture Perfect Security

Most Common Security Threats (cont.)

CIH

SSG Platform Security Division & IOTG Jan Krueger Product Manager IoT Security Solutions

Critical Hygiene for Preventing Major Breaches

Managing and Maintaining Windows 8

Cisco Secure Boot and Trust Anchor Module Differentiation

Why bother? Default configurations Buffer overflows Authentication mechanisms Reverse engineering Questions?

The Android security jungle: pitfalls, threats and survival tips. Scott

Monthly Security Bulletin Briefing

Manufacturing Tools in the UEFI Secure Boot Environment

Delivering High-mix, High-volume Secure Manufacturing in the Distribution Channel

IC32E - Pre-Instructional Survey

McAfee Embedded Control

Unicorn: Two- Factor Attestation for Data Security

CS System Security 2nd-Half Semester Review

UEFI / Bios was denn das?

Trusted Computing Today: Benefits and Solutions

BUFFERZONE Advanced Endpoint Security

cs642 /introduction computer security adam everspaugh

SECURING DEVICES IN THE INTERNET OF THINGS

CS 290 Host-based Security and Malware. Christopher Kruegel

SecureDoc: Making BitLocker simple, smart and secure for you. Your guide to encryption success

SECURING DEVICES IN THE INTERNET OF THINGS

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY

Transcription:

Key Threats Internet was just growing Mail was on the verge Key Threats Melissa (1999), Love Letter (2000) Mainly leveraging social engineering Key Threats Code Red and Nimda (2001), Blaster (2003), Slammer (2003) 9/11 Mainly exploiting buffer overflows Script kiddies Time from patch to exploit: Several days to weeks Key Threats Zotob (2005) Attacks «moving up the stack» (Summer of Office 0-day) Rootkits Exploitation of Buffer Overflows Script Kiddies Raise of Phishing User running as Admin Key Threats Organized Crime Botnets Identity Theft Conficker (2008) Time from patch to exploit: days Key Threats Organized Crime, potential state actors Sophisticated Targeted Attacks Operation Aurora (2009) Stuxnet (2010) 1995 2001 2004 2007 2009 2012 Windows 95 - Windows XP Logon (Ctrl+Alt+Del) Access Control User Profiles Security Policy Encrypting File System (File Based) Smartcard and PKI Support Windows Update Windows XP SP2 Address Space Layout Randomization (ASLR) Data Execution Prevention (DEP) Security Development Lifecycle (SDL) Auto Update on by Default Firewall on by Default Windows Security Center WPA Support Windows Vista Bitlocker Patchguard Improved ASLR and DEP Full SDL User Account Control Internet Explorer Smart Screen Filter Digital Right Management Firewall improvements Signed Device Driver Requirements TPM Support Windows Integrity Levels Secure by default configuration (Windows features and IE) Windows 7 Improved ASLR and DEP Full SDL Improved IPSec stack Managed Service Accounts Improved User Account Control Enhanced Auditing Internet Explorer Smart Screen Filter AppLocker BitLocker to Go Windows Biometric Service Windows Action Center Windows Defender Windows 8 UEFI (Secure Boot) Firmware Based TPM Trusted Boot (w/elam) Measured Boot and Remote Attestation Support Significant Improvements to ASLR and DEP AppContainer Windows Store Internet Explorer 10 (Plugin-less and Enhanced Protected Modes) Application Reputation moved into Core OS BitLocker: Encrypted Hard Drive and Used Disk Space Only Encryption Support Virtual Smartcard Picture Password, PIN Dynamic Access Control Built-in Anti-Virus 4

Protect and Manage Threats Protect Sensitive Data Protect Access to Resources

Challenges

Universal Extensible Firmware Interface (UEFI) An interface built on top of and replaces some aspects of traditional BIOS Like BIOS it hands control of the pre-boot environment to an OS Architecture-independent Enables device initialization and operation (mouse, pre-os apps, menus) Secure Boot, Encrypted Hard Drives, Network Unlock for BitLocker

Trusted Platform Module 2.0 Enables commercial-grade security via physical and virtual key isolation from OS TPM 1.2 spec: mature standard, years of deployment and hardening Improvements in TPM provisioning lowers deployment barriers Algorithm extensibility Security scenarios are compatible with TPM 1.2 or 2.0 Discrete or Firmware-based (ARM TrustZone ; Intel s Platform Trust Technology (PTT)) * Microsoft refers to the TCG TPM.Next as TPM 2.0.

# Features TPM 1.2/2.0 UEFI 2.3.1 1 BitLocker: Volume Encryption X 2 BitLocker: Volume Network Unlock X X 3 Trusted Boot: Secure Boot X 4 Trusted Boot: ELAM X 5 Measured Boot X 6 Virtual Smart Cards X 7 Certificate Storage (Hardware Bound) X 8 Address Space Layout Randomization (ASLR) X 9 Visual Studio Compiler X 10 More

Training Requirements Design Implementation Verification Release Response

Legacy Boot BIOS OS Loader (Malware) OS Start BIOS Starts any OS Loader, even malware Malware may starts before Windows Modern Boot Native UEFI Verified OS Loader Only OS Start The firmware enforces policy, only starts signed OS loaders OS loader enforces signature verification of Windows components. If fails Trusted Boot triggers remediation. Result - Malware unable to change boot and OS components

UEFI Firmware, Drivers, Applications, and Loaders must be trusted (i.e.: signed) UEFI Database lists trusted and untrusted Keys, CA s, and Image Hashes Secured RollBack feature prevents rollback to insecure version Untrusted (unsigned) Option ROMs (containing firmware) can not run Updates to UEFI Firmware, Drivers, Applications, and Loaders Revocation process for signatures and image hashes UEFI able to execute UEFI firmware integrity check and self-remediate

Windows 7 BIOS OS Loader (Malware) 3 rd Party Drivers (Malware) Anti- Malware Software Start Windows Logon Malware able to hide and remain undetected Systems can be compromised before AM starts Windows 8 Native UEFI Windows 8 OS Loader Windows Core, Kernel, Anti- Malware 3 rd Party Drivers Windows Logon Secures Windows system files (e.g.: kernel) and drivers Starts and protects ELAM based AM software Automatic remediation/self healing if compromised

PIN and Picture Password Both are easy to use sign in option for Touch devices Picture password offers a secure (blog) personal sign-in experience, easy to remember Length PIN Password (a-z) Password (complex) Picture Password 1 10 26 n/a 2,554 2 100 676 n/a 1,581,773 3 1,000 17,576 81,120 1,155,509,083 4 10,000 456,976 4,218,240 5 100,000 11,881,376 182,790,400 6 1,000,000 308,915,776 7,128,825,600 7 10,000,000 8,031,810,176 259,489,251,840 8 100,000,000 208,827,064,576 8,995,627,397,120 Account Lockout Policy - Account lockout threshold + Account lockout duration Security Option Policy - Interactive logon: Machine account lockout threshold

Wired - Kill the Password: Why a String of Characters Can t Protect Us Anymore Mat Honan Email addresses have become universal usernames making them a single point of failure Basic personal info is enough to trick customer service agents into revealing more sensitive information Malicious users use information on one service to gain entry into another Hacked email accounts enables malicious users to reset your pw on other sites (e.g.: Your investment acct) Easy to deploy and cost effective way to enable strong multi-factor authentication Provides a secure, seamless, and always ready experience for end user

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback