Professional Documents
Culture Documents
hi. =)
Thanks
Anyway...
Im Chris
My Credentials?
Pain in the arse Loudmouth Hacker Punk Tells lies (professionally) Is called all sorts of bad words.. That I will likely say throughout this talk Cant code well Talks $hit Drinks a LOT Is an overall J3rk
-me
LARES
Electronic
EP Convergance Attacks on physical systems that are network enabled
Physical
Lockpicking Direct Attack
PS Convergance Tailgaiting Impersonation
Social
In Person Social Engineering Phone Conversation Social Profiling
Steal It !
So
2,644 incidents were reported (Up 117.3% from 2011) 267,000,000 records exposed Over 150,000,000 in ONE incident 84.7% of the records exposed came from business 45% of incidents included public releases of passwords
Persians vs Scythians
ROME vs Britons
Mongolians vs Tanguts
Vs.
El Empecinado Aka
Environment
Defender
Attacker
ENCRYPTION
Own the box/steal the keys Keylog GPU Cracking is fun TO the cloud!! Attack 3rd party crypt
Roll your own crypto Use other data streams (mDNS, Airdrop, BITS,DNS, HTTP,SIP) Go to the phones.. (Translate to 16 octave audio and exfil over fax) Hopefully you saw Steffen Wendzels talk if not, go find em
AV/Anti-
Clearthelog.rb rm Run scripty log cleaners in your tools *MSF,CORE,CANVAS all have **so do most exploit kits (yeay china)
Of the 6 Top Firewalls How many can effectively block TCP ports?
-Source NSS Labs Firewall Group test :Section: TCP Split Handshake
WHAT DO WE DO?
STEP 0
EDUCATION
Defense = capability (awareness + knowledge) +experience Capability =(Knowledge + Awareness) Can we defend against an attack? Experience over all ability to understand/plan/execute/and remain on task during the event
**ps this is not math just conceptual. Most companies out there couldnt put actual ACURATE values on controls or any of the areas above if they even tried. Crawl,walk,run
Patching
Reduce Complexity
The more sophisticated the technology, the more vulnerable it is to primitive attack. People often overlook the obvious Dr. WHO
Now what?
Move to Cloud
Install moar AV WAF
Multiply that by the # of bugs found in code that can stop a service
Vulnerability Assessments?
Process
Steal It !
5 4 3 2 1
At ANY time
+ 0day development
At ANY time
+ Physical Attacks
+ Individual attacks
+ Indirect attacks
Direct Attacks