cyber uc meeting 63
play

Cyber@UC Meeting 63 Contributing to the Website If Youre New! - PowerPoint PPT Presentation

Nov 25, 2023 •333 likes •491 views

Cyber@UC Meeting 63 Contributing to the Website If Youre New! Join our Slack: ucyber.slack.com SIGN IN! (Slackbot will post the link in #general every Wed@6:30) Feel free to get involved with one of our committees: Content

  1. Cyber@UC Meeting 63 Contributing to the Website

  2. If You’re New! ● Join our Slack: ucyber.slack.com SIGN IN! (Slackbot will post the link in #general every Wed@6:30) ● Feel free to get involved with one of our committees: ● Content Finance Public Affairs Outreach Recruitment ● Ongoing Projects: RAPIDS Lab! ○

  3. Announcements ● Our desktop PCs are now dwarves We will have a table at FELD Fest and UC Mainstreet event ● We’ve been asked to give a lecture this Fall semester ● ● Lab server room should be cleaned by next Tuesday ● CiNPA Security Meetup next Thursday ○ Physical Security Night ○ 225 Pictoria Drive, Springdale, Ohio 45246 ○ 6:30pm

  4. Public Affairs Useful videos and weekly livestreams on YouTube : youtube.com/channel/UCWcJuk7A_1nDj4m-cHWvIFw Follow us for club updates and cybersecurity news: Twitter: @CyberAtUC ● Facebook: @CyberAtUC ● ● Instagram: @CyberAtUC For more info: cyberatuc.org

  5. Weekly Content

  6. Drupal Symfony Flaw ● Vulnerability in Symfony HttpFoundation makes Drupal 8 vulnerable to Symfony is a popular web app framework ● Vulnerability rises from legacy and risky HTTP headers ● ● ‘X-Original-URL’ and ‘X-Rewrite-URL’ HTTP headers allowed for potential bypass of access restrictions Both Symfony and Drupal have released patches ● Similar vulnerabilities found in Zend Feed and Diactoros libraries ● https://thehackernews.com/2018/08/symfony-drupal-hack.html

  7. Facebook Fizz ● Library designed for helping developers implement TLS 1.3 protocol with all security and performance configurations Article includes some descriptions on what TLS is and benefits of 1.3 ● ● Now open source on GitHub, link in the article ● Transfers data securely at 10% faster speeds https://thehackernews.com/2018/08/fizz-tls-ssl-library.html

  8. WhatsApp Vulnerabilities ● Discovered by Israeli security firm CheckPoint Exploits vulnerability in WhatsApp’s security protocols to change message ● content ● Flaw in mobile app connection to WhatsApp web and decryption of end-to-end messages using protobuf2 protocol Can only be exploited by a user already a part of the group conversation ● Attack types: ● ○ Change correspondant’s replay, change sender identity, and send private message with public replies ● WhatsApp has decided that this is insignificant and decided not to patch https://thehackernews.com/2018/08/whatsapp-modify-chat-fake-news.html

  9. New Method of Hacking WPA/WPA2 ● Discovered by Jens ‘Atom’ Steube, lead developer of hashcat tool Relies on using PMKID, Pairwise Master Key Identifier, to get Pre-shared key, ● PSK ● Previous WPA hacks have relied on waiting for a user to login, this method does not Discovered when reviewing WPA3 security standard ● Using a tool, like hcxdumptool, PMKID is requested and dumped as a pcap ● ● The pcap is then made into a hashformat acceptable by hashcat ● Use Hashcat to obtain WPA PSK password https://thehackernews.com/2018/08/how-to-hack-wifi-password.html

  10. Recommended Reading https://www.welivesecurity.com/2018/07/26/fake-banking-apps-google-play-leak- stolen-credit-card-data/ https://krebsonsecurity.com/2018/08/reddit-breach-highlights-limits-of-sms-base d-authentication/ https://www.welivesecurity.com/2018/08/02/reddit-reveals-breach-staffs-2fa/ https://thehackernews.com/2018/08/ccleaner-software-download.html https://thehackernews.com/2018/08/android-9-pie.html

  11. Recommended Reading (continued) https://thehackernews.com/2018/08/snapchat-hack-source-code.html https://krebsonsecurity.com/2018/08/florida-man-arrested-in-sim-swap-conspira cy/ https://krebsonsecurity.com/2018/08/credit-card-issuer-tcm-bank-leaked-applica nt-data-for-16-months/ https://thehackernews.com/2018/08/fin7-carbanak-cobalt-hackers.html https://thehackernews.com/2018/08/mikrotik-router-hacking.html

  12. Recommended Reading (Apple WannaCry) https://www.welivesecurity.com/2018/08/07/apple-chip-wannacryptor-shutdown s/ https://thehackernews.com/2018/08/tsmc-iphone-computer-virus.html https://thehackernews.com/2018/08/tsmc-wannacry-ransomware-attack.html

  13. Contributing to the website

  14. Getting started ● Make a GitLab account gitlab.com ○ ● Request org access ○ gitlab.com/cyberatuc Install dependencies and clone the repo ● ○ gitlab.com/cyberatuc/cyberatuc.org#readme Hayden's master guide: cyberatuc.org/guides/website ● Jekyll docs: jekyllrb.com ●

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Cyber@UC; Meeting 28 Cyber Kill Chain If Youre New! Join our Slack ucyber.slack.com

Cyber@UC; Meeting 28 Cyber Kill Chain If Youre New! Join our Slack ucyber.slack.com

Cyber@UC; Meeting 28 Cyber Kill Chain If Youre New! Join our Slack ucyber.slack.com Follow us on Twitter @UCyb3r and Facebook UC.yber; University of Cincinnati OWASP Chapter Feel free to get involved with one of our committees:

430 views • 23 slides
NSF Activities in Cyber Trust NSF Activities in Cyber Trust NSF Activities in Cyber Trust For

NSF Activities in Cyber Trust NSF Activities in Cyber Trust NSF Activities in Cyber Trust For

NSF Activities in Cyber Trust NSF Activities in Cyber Trust NSF Activities in Cyber Trust For ACM CCS I ndustry/ Govt Track Oct. 26, 2004 Carl Landwehr ( clandweh@nsf.gov ) Cyber Trust Coordinator National Science Foundation What s the

439 views • 17 slides
CYBER CYBER-SAFETY CYBER CYBER SAFETY SAFETY SAFETY BASICS BASICS Engineering Staff College

CYBER CYBER-SAFETY CYBER CYBER SAFETY SAFETY SAFETY BASICS BASICS Engineering Staff College

3/29/2012 CYBER CYBER-SAFETY CYBER CYBER SAFETY SAFETY SAFETY BASICS BASICS Engineering Staff College of India I N T R O D U C T I O N What is Cyber-safety Consequences Threats of Inaction Cyber-safety? Cyber-safety Cyber-safety at

215 views • 7 slides
What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is

What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is

R egional C yber C rime U nit DC Louise Gibson Prepare, Prevent & Protect What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is enhanced in scale or Crimes that can only be committed solely reach by use

316 views • 9 slides
Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework Reporting Objectives Executive Summary Information Assess Current Cyber Security Posture Measure Progress Toward Improvement Assess

634 views • 5 slides
The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities?

The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities?

The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities? What is the FBIs Cyber Structure? HQ Division Dedicated Cyber squads in all 56 field offices, including satellite locations overseas.

1.54k views • 14 slides
Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber

Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber

Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber Dependent crime examples of these offences are Distributed Denial of Service attack (DDOS), Account Compromise (hacking), Malware (virus) and

237 views • 7 slides
FEMA Region III Cyber Security Program Maryland Cyber Security Workshop (January 16, 2019)

FEMA Region III Cyber Security Program Maryland Cyber Security Workshop (January 16, 2019)

FEMA Region III Cyber Security Program Maryland Cyber Security Workshop (January 16, 2019) (Presented again at the October 16, 2018, meeting of the Maryland Cybersecurity Council and published with permission.) Overview Current Landscape

560 views • 23 slides
Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK

Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK

Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK businesses and how to remain safe What help is available Further reading Setting the scene 21.2bn The cost of fraud to the

304 views • 19 slides
Mark Fernandes Principal, Cyber Risk Services + FUTURE OF CYBER CYB CYBER SINGU GULAR ARIT

Mark Fernandes Principal, Cyber Risk Services + FUTURE OF CYBER CYB CYBER SINGU GULAR ARIT

Mark Fernandes Principal, Cyber Risk Services + FUTURE OF CYBER CYB CYBER SINGU GULAR ARIT ITY How cyber is becoming a key aspect of the ubiquity generation. CYBER SUMMIT More to come 3 2018 Deloitte Cyber Risk Services 4 2018

514 views • 19 slides
Latest in Cyber Security November 7, 2013 TCIPG Annual Meeting Douglas Maughan Division

Latest in Cyber Security November 7, 2013 TCIPG Annual Meeting Douglas Maughan Division

Homeland Security Advanced Research Projects Agency A View from Washington: The Latest in Cyber Security November 7, 2013 TCIPG Annual Meeting Douglas Maughan Division Director http://www.dhs.gov/cyber-research Presentation Outline

794 views • 32 slides
CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY

CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY

CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY HAPPEN London June 2019 INTRODUCTION Cyber Security The activity or process, ability or capability, or state whereby information and

735 views • 24 slides
Cy Cyber ber La Lay of the he La Land nd What the Numbers Tell Us Cyber r Lay of f the

Cy Cyber ber La Lay of the he La Land nd What the Numbers Tell Us Cyber r Lay of f the

Cy Cyber ber La Lay of the he La Land nd What the Numbers Tell Us Cyber r Lay of f the Land: : Wh What t the Numbe mbers rs Tell l Us Visit www.advisenltd.com at the end of this webinar to download: Copy of these slides

722 views • 31 slides
Cyber@UC Meeting 35 Exploit ALL the vulnerabilities! If Youre New! Join our Slack

Cyber@UC Meeting 35 Exploit ALL the vulnerabilities! If Youre New! Join our Slack

Cyber@UC Meeting 35 Exploit ALL the vulnerabilities! If Youre New! Join our Slack ucyber.slack.com Follow us on Twitter @UCyb3r and Facebook UC.yber; University of Cincinnati OWASP Chapter Feel free to get involved with one of

563 views • 11 slides
Cyber@UC Meeting 59 Actually Doing Star Night! If Youre New! Join our Slack:

Cyber@UC Meeting 59 Actually Doing Star Night! If Youre New! Join our Slack:

Cyber@UC Meeting 59 Actually Doing Star Night! If Youre New! Join our Slack: ucyber.slack.com SIGN IN! (Slackbot will post the link in #general) Feel free to get involved with one of our committees: Content Finance Public

525 views • 23 slides
Cyber@UC Meeting 67 Bash and OverTheWire If Youre New! Join our Slack:

Cyber@UC Meeting 67 Bash and OverTheWire If Youre New! Join our Slack:

Cyber@UC Meeting 67 Bash and OverTheWire If Youre New! Join our Slack: cyberatuc.slack.com (URL changed!) SIGN IN! (Slackbot will post the link in #general every Wed@6:30) Feel free to get involved with one of our committees:

594 views • 16 slides
Microscope Slide Holder (10 slides fl at) R Robert VIEW IN BROWSER updated 22. 3. 2020 |

Microscope Slide Holder (10 slides fl at) R Robert VIEW IN BROWSER updated 22. 3. 2020 |

Microscope Slide Holder (10 slides fl at) R Robert VIEW IN BROWSER updated 22. 3. 2020 | published 22. 3. 2020 Summary Inspired by the recent push by Prusa research to design and manufacture useful items in the fi ght against coronavirus, I

239 views • 3 slides
Developer Centered Security MOHAMMAD TAHAEI , KAMI VANIEA, NAOMI SAPHRA

Developer Centered Security MOHAMMAD TAHAEI , KAMI VANIEA, NAOMI SAPHRA

Technology Usability Lab in Privacy and Security Developer Centered Security MOHAMMAD TAHAEI , KAMI VANIEA, NAOMI SAPHRA {FIRSTNAME.LASTNAME}@ED.AC.UK End users requirement of usability is starting to be acknowledged as a serious market

490 views • 23 slides
Federal Computer Security Managers Forum Quarterly Meeting October 28, 2020 Administrative

Federal Computer Security Managers Forum Quarterly Meeting October 28, 2020 Administrative

Federal Computer Security Managers Forum Quarterly Meeting October 28, 2020 Administrative Reminders This meeting is NOT recorded. Slides will be available within 7 business days, with speaker permission. CEU Form is available:

624 views • 9 slides
Towards Privacy Policy Conceptual Modeling Katsiaryna Krasnashchok Majd Mustapha Anas Al Bassit

Towards Privacy Policy Conceptual Modeling Katsiaryna Krasnashchok Majd Mustapha Anas Al Bassit

Towards Privacy Policy Conceptual Modeling Katsiaryna Krasnashchok Majd Mustapha Anas Al Bassit Sabri Skhiri Katsiaryna Krasnashchok, R&D Engineer @EURA NOVA 1 EURA NOVA A R&D-fueled consultancy company Customers challenges WE

497 views • 47 slides
Message-Passing Programming with MPI Message-Passing Concepts Overview This lecture will

Message-Passing Programming with MPI Message-Passing Concepts Overview This lecture will

Message-Passing Programming with MPI Message-Passing Concepts Overview This lecture will cover message passing model SPMD communication modes collective communications Programming Models Message-Passing Serial Programming

406 views • 28 slides
Cryptography, quantum computing, and evolutionary computation Thijs Laarhoven mail@thijs.com

Cryptography, quantum computing, and evolutionary computation Thijs Laarhoven mail@thijs.com

Cryptography, quantum computing, and evolutionary computation Thijs Laarhoven mail@thijs.com http://www.thijs.com/ CFMAI 2019, Bangkok, Thailand (December 13, 2019) Cryptography History Cryptography Classical cryptography Some operations

371 views • 36 slides
Formal Security Analysis of Cryptographic Protocol Code

Formal Security Analysis of Cryptographic Protocol Code

Formal Security Analysis of Cryptographic Protocol Code Karthikeyan Bhargavan INRIA Karthikeyan.Bhargavan@inria.fr IIT Delhi, Fall 2010 Lecture 7: Using

393 views • 38 slides
Shared Memory Programming with OpenMP Lecture 3: Parallel Regions Parallel region directive

Shared Memory Programming with OpenMP Lecture 3: Parallel Regions Parallel region directive

Shared Memory Programming with OpenMP Lecture 3: Parallel Regions Parallel region directive Code within a parallel region is executed by all threads. Syntax: Fortran: !$OMP PARALLEL block !$OMP END PARALLEL C/C++: #pragma omp

321 views • 15 slides

More recommend