cyber uc meeting 33
play

Cyber@UC Meeting 33 Katoolin, Special Project, and more... If Youre - PowerPoint PPT Presentation

Aug 15, 2022 •212 likes •402 views

Cyber@UC Meeting 33 Katoolin, Special Project, and more... If Youre New! Join our Slack ucyber.slack.com Follow us on Twitter @UCyb3r and Facebook UC.yber; University of Cincinnati OWASP Chapter Feel free to get involved with

  1. Cyber@UC Meeting 33 Katoolin, Special Project, and more...

  2. If You’re New! ● Join our Slack ucyber.slack.com Follow us on Twitter @UCyb3r and Facebook UC.yber; University of Cincinnati ● OWASP Chapter ● Feel free to get involved with one of our committees: Content, Finance, Public Affairs, Outreach, Recruitment Stay updated through our weekly emails and SLACK ●

  3. Announcements ● National Initiative for Cyber Education Conference was this week CharitEweek from Nov. 13th-Nov. 17th ● Red team against Franco’s Class! Nov. 30th - 1st Dec. ● ● P&G is prepping our visit. After they complete the “ War-room”. ● Logo Design SUBMIT IDEAS!

  4. National Initiative for Cyber Education (NICE) Conference summary

  5. Highlights 1. There are 300,000 cyber positions currently unfilled nationwide. 2. UC is well positioned to lead the growth in Cyber 3. There are multiple tracks for cyber careers 4. Cyber@UC may be able to achieve national recognition through High School outreach efforts 5. Cyber talent retention is a big problem 6. There is a CAE NICE challenge to showcase cyber skills 7. Skills required includes both technical and soft skills

  6. Weekly Content

  7. Browser mining (update on malicious mining) ● Previously covered the installation of cryptocurrency miners being installed by attackers Now, thanks to things like coinhive and jsminers, attackers are looking to ● infect websites by injecting code for these api into vulnerable websites ● Typical targets are websites where users tend to visit for several hours at a time Utilize the site visitors computing power ●

  8. United front against cyber attackers ● Windows Defender has a program called Advanced Threat Protection (ATP) Microsoft is now partnering with security companies BitDefener, Lookout, and ● Ziften ● These are just the first companies Microsoft has partnered with, they have plans to add more companies to this list soon These companies are allowing cross platform support for ATP ● Each company will be feeding threat and alert information to each other ● through a Windows Defender ATP console

  9. Keyloggers built-in to keyboards ● 104-key Mantistek GK2 Mechanicl Gaming Keyboard was found to be silently recording key strokes and sending them to a server maintained by the Alibaba Group ● Sent the key information through use of their cloud driver ● Though it was found to record the number of keystrokes, users were not informed of the key logging This could have been a lot more problematic if it had been a full key logger, ● especially since they were transmitting the information as plain text

  10. New Cyberthreat group SowBug ● Now know they have been operating since at least 2015 Target South American and Southeast Asian government bodies and foreign ● policy institutions and steal sensitive data ○ Targeted countries include Argentina, Brazil, Ecuador, Peru, Malaysia They like to use a (RAT) called Felismus to create backdoors into their target ● and can hide or extend its capabilities ● Felismus was first identified late March, and enabled us to identify previous SowBug attacks We know they are well funded because they can infiltrate many targets ● simultaneously

  11. SowBug continued (How they work) ● It isn’t currently clear how they infiltrate a network They use malicious software updates of Windows and Adobe Reader to install ● their malware ● They have also been known to use a tool called Starloader to deploy other malware and tools Instead of compromising the software itself, they give it similar names to ● those used by the software and puts them in the directory where they can be mistaken for legitimate software ● This hiding in plain sight approach has allowed them to remain hidden in systems for long periods of time

  12. Source links https://www.darkreading.com/endpoint/cybercriminals-employ-driveby-cryptocurr ency-mining-/d/d-id/1330353? https://www.darkreading.com/endpoint-security/windows-defender-atp-extended- to-ios-macos-android-linux-/d/d-id/1330357? https://www.microsoft.com/en-us/windowsforbusiness/windows-atp https://thehackernews.com/2017/11/mantistek-keyboard-keylogger.html https://thehackernews.com/2017/11/sowbug-hacking-group.html

  13. Special Cyber Project

  14. Installing Katoolin

  15. Super Easy Commands! 1. sudo apt-get install git 2. sudo git clone https://github.com/LionSec/katoolin.git && cp katoolin/katoolin.py /usr/bin/katoolin 3. chmod +x /usr/bin/katoolin 4. sudo katoolin

  16. Breakout Session Kali Linux Tools

  17. Choose a Tool and Research! ● Nmap ● WafW00f THC Hydra Kismet ● ● Airmon - ng, Airbase - ng, Aircrack - ng Burpsuite ● ● ● Hping3 ● Wireshark ● Recon - ng

  18. Metasploit armitage Recon - ng Thc hydra whois Nslookup Dig WafW00f Fierce Hping3 Airmon - ng, Airbase - ng, Aircrack - ng NMap

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Cyber@UC; Meeting 28 Cyber Kill Chain If Youre New! Join our Slack ucyber.slack.com

Cyber@UC; Meeting 28 Cyber Kill Chain If Youre New! Join our Slack ucyber.slack.com

Cyber@UC; Meeting 28 Cyber Kill Chain If Youre New! Join our Slack ucyber.slack.com Follow us on Twitter @UCyb3r and Facebook UC.yber; University of Cincinnati OWASP Chapter Feel free to get involved with one of our committees:

430 views • 23 slides
NSF Activities in Cyber Trust NSF Activities in Cyber Trust NSF Activities in Cyber Trust For

NSF Activities in Cyber Trust NSF Activities in Cyber Trust NSF Activities in Cyber Trust For

NSF Activities in Cyber Trust NSF Activities in Cyber Trust NSF Activities in Cyber Trust For ACM CCS I ndustry/ Govt Track Oct. 26, 2004 Carl Landwehr ( clandweh@nsf.gov ) Cyber Trust Coordinator National Science Foundation What s the

439 views • 17 slides
CYBER CYBER-SAFETY CYBER CYBER SAFETY SAFETY SAFETY BASICS BASICS Engineering Staff College

CYBER CYBER-SAFETY CYBER CYBER SAFETY SAFETY SAFETY BASICS BASICS Engineering Staff College

3/29/2012 CYBER CYBER-SAFETY CYBER CYBER SAFETY SAFETY SAFETY BASICS BASICS Engineering Staff College of India I N T R O D U C T I O N What is Cyber-safety Consequences Threats of Inaction Cyber-safety? Cyber-safety Cyber-safety at

215 views • 7 slides
What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is

What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is

R egional C yber C rime U nit DC Louise Gibson Prepare, Prevent & Protect What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is enhanced in scale or Crimes that can only be committed solely reach by use

316 views • 9 slides
Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework Reporting Objectives Executive Summary Information Assess Current Cyber Security Posture Measure Progress Toward Improvement Assess

634 views • 5 slides
The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities?

The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities?

The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities? What is the FBIs Cyber Structure? HQ Division Dedicated Cyber squads in all 56 field offices, including satellite locations overseas.

1.54k views • 14 slides
Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber

Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber

Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber Dependent crime examples of these offences are Distributed Denial of Service attack (DDOS), Account Compromise (hacking), Malware (virus) and

237 views • 7 slides
FEMA Region III Cyber Security Program Maryland Cyber Security Workshop (January 16, 2019)

FEMA Region III Cyber Security Program Maryland Cyber Security Workshop (January 16, 2019)

FEMA Region III Cyber Security Program Maryland Cyber Security Workshop (January 16, 2019) (Presented again at the October 16, 2018, meeting of the Maryland Cybersecurity Council and published with permission.) Overview Current Landscape

560 views • 23 slides
Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK

Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK

Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK businesses and how to remain safe What help is available Further reading Setting the scene 21.2bn The cost of fraud to the

304 views • 19 slides
Mark Fernandes Principal, Cyber Risk Services + FUTURE OF CYBER CYB CYBER SINGU GULAR ARIT

Mark Fernandes Principal, Cyber Risk Services + FUTURE OF CYBER CYB CYBER SINGU GULAR ARIT

Mark Fernandes Principal, Cyber Risk Services + FUTURE OF CYBER CYB CYBER SINGU GULAR ARIT ITY How cyber is becoming a key aspect of the ubiquity generation. CYBER SUMMIT More to come 3 2018 Deloitte Cyber Risk Services 4 2018

514 views • 19 slides
Latest in Cyber Security November 7, 2013 TCIPG Annual Meeting Douglas Maughan Division

Latest in Cyber Security November 7, 2013 TCIPG Annual Meeting Douglas Maughan Division

Homeland Security Advanced Research Projects Agency A View from Washington: The Latest in Cyber Security November 7, 2013 TCIPG Annual Meeting Douglas Maughan Division Director http://www.dhs.gov/cyber-research Presentation Outline

794 views • 32 slides
CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY

CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY

CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY HAPPEN London June 2019 INTRODUCTION Cyber Security The activity or process, ability or capability, or state whereby information and

735 views • 24 slides
Cy Cyber ber La Lay of the he La Land nd What the Numbers Tell Us Cyber r Lay of f the

Cy Cyber ber La Lay of the he La Land nd What the Numbers Tell Us Cyber r Lay of f the

Cy Cyber ber La Lay of the he La Land nd What the Numbers Tell Us Cyber r Lay of f the Land: : Wh What t the Numbe mbers rs Tell l Us Visit www.advisenltd.com at the end of this webinar to download: Copy of these slides

722 views • 31 slides
Cyber@UC Meeting 35 Exploit ALL the vulnerabilities! If Youre New! Join our Slack

Cyber@UC Meeting 35 Exploit ALL the vulnerabilities! If Youre New! Join our Slack

Cyber@UC Meeting 35 Exploit ALL the vulnerabilities! If Youre New! Join our Slack ucyber.slack.com Follow us on Twitter @UCyb3r and Facebook UC.yber; University of Cincinnati OWASP Chapter Feel free to get involved with one of

563 views • 11 slides
Cyber@UC Meeting 59 Actually Doing Star Night! If Youre New! Join our Slack:

Cyber@UC Meeting 59 Actually Doing Star Night! If Youre New! Join our Slack:

Cyber@UC Meeting 59 Actually Doing Star Night! If Youre New! Join our Slack: ucyber.slack.com SIGN IN! (Slackbot will post the link in #general) Feel free to get involved with one of our committees: Content Finance Public

525 views • 23 slides
Cyber@UC Meeting 63 Contributing to the Website If Youre New! Join our Slack:

Cyber@UC Meeting 63 Contributing to the Website If Youre New! Join our Slack:

Cyber@UC Meeting 63 Contributing to the Website If Youre New! Join our Slack: ucyber.slack.com SIGN IN! (Slackbot will post the link in #general every Wed@6:30) Feel free to get involved with one of our committees: Content

491 views • 14 slides
Mathematical models of erythrocyte. What they give us for understanding the disorders and ageing

Mathematical models of erythrocyte. What they give us for understanding the disorders and ageing

Mathematical models of erythrocyte. What they give us for understanding the disorders and ageing of this cell Fazly Ataullakhanov Center for Theoretical Problems of Physico-Chemical Pharmacology, National Research Center for Hematology,

578 views • 43 slides
Structure, mechanism, and inhibition of the membrane motor of the ATP synthase inferred from

Structure, mechanism, and inhibition of the membrane motor of the ATP synthase inferred from

Structure, mechanism, and inhibition of the membrane motor of the ATP synthase inferred from quantitative integrative modeling Vanessa Leone ATP synthases uses the electrochemical gradient to catalyze the production of ATP During cell

861 views • 35 slides
Cardiovascular Hospitalizations and Permanent Atrial Fibrillation Compared to Conventional Dual

Cardiovascular Hospitalizations and Permanent Atrial Fibrillation Compared to Conventional Dual

Atrial Antitachycardia Pacing and Managed Ventricular Pacing Reduce the Endpoint Composed by Death, Cardiovascular Hospitalizations and Permanent Atrial Fibrillation Compared to Conventional Dual Chamber Pacing in Bradycardia Patients: Results

192 views • 15 slides
Steering Committee Meeting #2 Tuesday, September 1st 2020 ACTIVE TRANSPORTATION PLAN Welcome!

Steering Committee Meeting #2 Tuesday, September 1st 2020 ACTIVE TRANSPORTATION PLAN Welcome!

Steering Committee Meeting #2 Tuesday, September 1st 2020 ACTIVE TRANSPORTATION PLAN Welcome! The meeting will begin shortly. Please mute your microphone or telephone unless speaking. If using a phone line for audio: Mute the

455 views • 33 slides
Updated mechanism of multidrug ABC transporters from Bacillus subtilis Jean-Michel Jault

Updated mechanism of multidrug ABC transporters from Bacillus subtilis Jean-Michel Jault

10th French-Belgian ABC meeting Brussels, Belgium, October 19-20, 2012 Updated mechanism of multidrug ABC transporters from Bacillus subtilis Jean-Michel Jault (Institut de Biologie Structurale, Grenoble, France) ABC ( A A TP- B B inding

907 views • 25 slides
Disability Progression in MS: Why Bother? What Have We Learned? Clinical trials offer

Disability Progression in MS: Why Bother? What Have We Learned? Clinical trials offer

2/15/2018 Clinical Trials and Long Term Follow-up: Disability Progression in MS: Why Bother? What Have We Learned? Clinical trials offer meticulously curated data Standardized data collection Bruce Cree, MD, PhD, MAS Data undergoes

99 views • 7 slides
CEE 370 Environmental Engineering Principles Lecture #13 Environmental Biology II Metabolism

CEE 370 Environmental Engineering Principles Lecture #13 Environmental Biology II Metabolism

CEE 370 Lecture #13 10/16/2019 Print version Updated: 16 October 2019 CEE 370 Environmental Engineering Principles Lecture #13 Environmental Biology II Metabolism Reading: Mihelcic & Zimmerman, Chapter 5 Davis & Masten, Chapter 3

559 views • 16 slides
Searching and Sampling Take a Walk Through a Network! Antonio Carzaniga Faculty of Informatics

Searching and Sampling Take a Walk Through a Network! Antonio Carzaniga Faculty of Informatics

Searching and Sampling Take a Walk Through a Network! Antonio Carzaniga Faculty of Informatics Universit della Svizzera italiana Mach 4, 2020 Outline Applications The network as a linear transformation Other applications of linear algebra

559 views • 42 slides

More recommend