hacking
play

Hacking Sean-Philip Oriyano About Me O Over twenty years in IT - PowerPoint PPT Presentation

Mar 07, 2024 •393 likes •680 views

Introduction to Hacking Sean-Philip Oriyano About Me O Over twenty years in IT Security O Author of research articles and six books O CISSP, CNDA, CEH and others O Consultant for US Military and Private corporations Agenda O Elements of

  1. Introduction to Hacking Sean-Philip Oriyano

  2. About Me O Over twenty years in IT Security O Author of research articles and six books O CISSP, CNDA, CEH and others O Consultant for US Military and Private corporations

  3. Agenda O Elements of Information Security O Security Challenges O Effects of Hacking O Who is a Hacker?

  4. What is Security? O Security – A state of well-being of information and infrastructures in which the possibility of successful yet undetected theft, tampering, and disruption of information and services is kept low or tolerable

  5. Points to Ponder… O The Cyber Security Enhancement Act of 2002 mandates life sentences for hackers who recklessly endanger the lives of others O According to research 90 percent companies acknowledge security breaches, but only 34 percent reported the crime O The FBI estimates that 85 to 97 percent of computer intrusions are not even detected

  6. Core Concepts Confidentiality Integrity Availability

  7. Putting it Together Confidentiality Integrity Security Availability

  8. Motivations for Security O Technology improvements O Reaches consumers before maturity O Networks are more common and complex O Users are much more savvy O Budgets have decreased O No or poor training O Improved attacks and smarter attackers

  9. In the News…

  10. Complexity Networks Software Laws Management Users Demands

  11. Intangibles Goodwill Trust Loyalty Money

  12. Polls

  13. Factors Impacting Security Security Convenience

  14. Cost of a Security Incident • Corporate espionage • Identity theft • Lost revenues • Lost of confidence • Lost productivity • Legal action

  15. Today’s Threats Existing weaknesses in technology Misconfiguration Poor policy and planning Human error Human malice Social Networking

  16. Types of Hackers White Suicide Grey Attackers Black

  17. Motivations for Hackers Hacktivism Stalking Terrorism Extortion Espionage Crime Curiosity

  18. What Makes it Possible? Ignorance Carelessness Recklessness Sharing of information Lack of training Smaller staff Social networking

  19. What Does Security Impact? O Security touches many diverse and seemingly unrelated systems • Improving security relies on knowing the “Big picture” • Security is relevant to every system, process and person O Technical O Administrative O Physical Note: In security one must understand the big picture

  20. Penetration Testing and Ethical Hacking O Used to test a target network O Target of Evaluation O Test a network with a client’s permission O Never go outside the project scope O Without paperwork O Emulate an actual attack

  21. Why Pentest? O Legal requirements O Sanity check O Part of a regular audit O Build consumer confidence

  22. Phases of Ethical Hacking Reconnaissance Scanning Gaining Access Maintaining Access Covering Tracks

  23. Approaches to Ethical Hacking Remote network Physical Remote entry access Tools Social Local engineering network Stolen equipment

  24. Ethical Hacking Tests Black Grey White Box Box Box

  25. Steps in Ethical Hacking O Step 1: Talk to your client on the needs of testing O Step 2: Prepare NDA documents and ask the client to sign them O Step 3: Prepare an ethical hacking team and draw up schedule for testing O Step 4: Conduct the test O Step 5: Analyze the results and prepare a report O Step 6: Deliver the report to the client

  26. Should You Pentest? O Not a bad idea O May be a legal requirement O Can help validate systems O Can find holes O Can keep high state of readiness O Can find outdated practices O Yes

  27. What We’ve Covered O Elements of Information Security O Security Challenges O Effects of Hacking O Who is a Hacker?

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

ETHICAL HACKING Daniel Cloherty CAN HACKING BE ETHICAL? What makes hacking ethical?

ETHICAL HACKING Daniel Cloherty CAN HACKING BE ETHICAL? What makes hacking ethical?

ETHICAL HACKING Daniel Cloherty CAN HACKING BE ETHICAL? What makes hacking ethical? Legality VS Ethics State Sanctioned hacking BLACK HAT - Stereotypical Hacker -Stealing data for personal gain -Obviously not ethical -Using

1.17k views • 10 slides
Hacking Reinforcement Learning Guillem Duran Ballester Guillemdb @Miau_DB A tale about hacking

Hacking Reinforcement Learning Guillem Duran Ballester Guillemdb @Miau_DB A tale about hacking

Hacking Reinforcement Learning Guillem Duran Ballester Guillemdb @Miau_DB A tale about hacking AI-Corp Hacking RL 1. Information gathering 2. Scanning 3. Exploitation & privilege escalation 4. Maintaining access & covering tracks

960 views • 62 slides
Hacking SecondLife Michael Thumann Hacking SecondLife by Michael Thumann 2/24/08 1

Hacking SecondLife Michael Thumann Hacking SecondLife by Michael Thumann 2/24/08 1

Hacking SecondLife Michael Thumann Hacking SecondLife by Michael Thumann 2/24/08 1 Disclaimer Everything you are about to see, hear, read and experience is for educational purposes only. No warranties or guarantees implied or

692 views • 47 slides
Drone Hacking Basics Intro to UAS Architectures, Attack Vectors and RF Hacking Matt Koskela June

Drone Hacking Basics Intro to UAS Architectures, Attack Vectors and RF Hacking Matt Koskela June

Drone Hacking Basics Intro to UAS Architectures, Attack Vectors and RF Hacking Matt Koskela June 15, 2017 Outline Drone Architectures RF Basics Information Gathering RF Hacking Tools Exploits & Demos Q&A Why? Wrights Law

485 views • 27 slides
Hacking, Hacktivism, and Counterhacking April 22, 2015 Outline Vocabulary Hacking motivated by

Hacking, Hacktivism, and Counterhacking April 22, 2015 Outline Vocabulary Hacking motivated by

Hacking, Hacktivism, and Counterhacking April 22, 2015 Outline Vocabulary Hacking motivated by benign purposes Hacktivism Counterhacking Case Studies Site defacement Network exploration / Port scanning / SQL injection / . . .

522 views • 18 slides
Hacking Copenhagen ITS World Congress, Copenhagen 2018 Hacking Copenhagen Digitalising (life in)

Hacking Copenhagen ITS World Congress, Copenhagen 2018 Hacking Copenhagen Digitalising (life in)

ECF gratefully acknowledges financial support from the European Commission. Hacking Copenhagen ITS World Congress, Copenhagen 2018 Hacking Copenhagen Digitalising (life in) the city of Copenhagen using bicycles. Bicycle-as-a-Sensor 1.

278 views • 11 slides
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 10 Hacking Web Servers

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 10 Hacking Web Servers

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 10 Hacking Web Servers Objectives After reading this chapter and completing the exercises, you will be able to: Describe Web applications Explain Web application

530 views • 9 slides
Pulp Google Hacking The Next Generation Search Engine Hacking Arsenal 3 August 2011 Black Hat

Pulp Google Hacking The Next Generation Search Engine Hacking Arsenal 3 August 2011 Black Hat

Pulp Google Hacking The Next Generation Search Engine Hacking Arsenal 3 August 2011 Black Hat 2011 Las Vegas, NV Presen sented ed b by: Francis Brown Rob Ragan Stach & Liu, LLC www.stachliu.com Agenda O V E R V I E W

1.07k views • 72 slides
ZIGDIGGITY ZIGBEE HACKING TOOLKIT AUGUST 7-11, 2019 http://zigdiggity.c om NEW ZIGBEE HACKING

ZIGDIGGITY ZIGBEE HACKING TOOLKIT AUGUST 7-11, 2019 http://zigdiggity.c om NEW ZIGBEE HACKING

ZIGDIGGITY ZIGBEE HACKING TOOLKIT AUGUST 7-11, 2019 http://zigdiggity.c om NEW ZIGBEE HACKING TOOLKIT FREE, OPEN-SOURCE WHAT IS ZIGDIGGITY??? + = RaspBee radio + Raspberry Pi ZigDiggity - GitHub Code http://zigdiggity.com BISHOPFOX

617 views • 23 slides
Hacking C# CONTACT@ADAMFURMANEK.PL HTTP://BLOG.ADAMFURMANEK.PL FURMANEKADAM 1 19.08.2020

Hacking C# CONTACT@ADAMFURMANEK.PL HTTP://BLOG.ADAMFURMANEK.PL FURMANEKADAM 1 19.08.2020

Hacking C# CONTACT@ADAMFURMANEK.PL HTTP://BLOG.ADAMFURMANEK.PL FURMANEKADAM 1 19.08.2020 HACKING C# - ADAM FURMANEK About me Experienced with backend, frontend, mobile, desktop, ML, databases. Blogger, public speaker. Author of .NET

481 views • 37 slides
Ethical Hacking Finse 2019 Cyber Security Winter school Universitetet i Oslo Laszlo Erddi

Ethical Hacking Finse 2019 Cyber Security Winter school Universitetet i Oslo Laszlo Erddi

Ethical Hacking Finse 2019 Cyber Security Winter school Universitetet i Oslo Laszlo Erddi From Myself Associate Professor at UiO Teaching Ethical Hacking since 2012 Lecturer of the IN5290 Ethical Hacking at UiO Leader

878 views • 66 slides
Innovation through the www.linkedin.com/pulse/climate-change-healthcare-lucien- hacking

Innovation through the www.linkedin.com/pulse/climate-change-healthcare-lucien- hacking

CLIMATE CHANGE IN HELTHCARE : Driving Innovation through the www.linkedin.com/pulse/climate-change-healthcare-lucien- hacking engelen GIB DE MEDEIROS, PH.D. Digital Hospital Transformation Forum at HIC 2017 Brisbane, Australia HACKING

644 views • 27 slides
Hacking Telco equipment The HLR/HSS Laurent Ghigonis Security researcher at P1 Security Hacking

Hacking Telco equipment The HLR/HSS Laurent Ghigonis Security researcher at P1 Security Hacking

Hacking Telco equipment The HLR/HSS Laurent Ghigonis Security researcher at P1 Security Hacking Telco equipment: The HLR/HSS Laurent Ghigonis P1 Security 2014, Hackito Ergo Sum - Security Conference What are we talking about ? A mobile

724 views • 59 slides
Hacking in Popular Culture Week 2 Frank Chen | Spring 2017 Agenda Administrative Review

Hacking in Popular Culture Week 2 Frank Chen | Spring 2017 Agenda Administrative Review

Mr. Robot, an Emmy Award-winning TV drama starring a vigilante hacker CS 88S Hacking in Popular Culture Week 2 Frank Chen | Spring 2017 Agenda Administrative Review last weeks material Hack Hollywood Hacking: The Good, The

718 views • 45 slides
Hacking Russia: Inside an Hacking Russia: Inside an unprecedented prosecution of organized

Hacking Russia: Inside an Hacking Russia: Inside an unprecedented prosecution of organized

Hacking Russia: Inside an Hacking Russia: Inside an unprecedented prosecution of organized cybercrime Joseph Menn Agenda Agenda Why Russia matters (and differs from China) Why Russia matters (and differs from China) How three hackers got

557 views • 12 slides
Google Hacking against Privacy Emin Islam Tatl tatli@th.informatik.uni-mannheim.de

Google Hacking against Privacy Emin Islam Tatl tatli@th.informatik.uni-mannheim.de

Outline Google Hacking Privacy Searches Countermeasures Future Work Conclusion Google Hacking against Privacy Emin Islam Tatl tatli@th.informatik.uni-mannheim.de Department of Computer Science, University of Mannheim (on leave to the

389 views • 21 slides
CAN ORGANIZATIONS SURVIVE A POLI-CYBER BREACH ? K e y n o t e b y K h a l e d F a t t a l MLi

CAN ORGANIZATIONS SURVIVE A POLI-CYBER BREACH ? K e y n o t e b y K h a l e d F a t t a l MLi

CAN ORGANIZATIONS SURVIVE A POLI-CYBER BREACH ? K e y n o t e b y K h a l e d F a t t a l MLi Group, C h a i r m a n ( @ ) M L i G r p ( d o t ) c o m 1 WHAT IS A POLI-CYBER ? CYBER ATTACKS PERPETRATED OR INSPIRED BY EXTREMIST

520 views • 17 slides
Introduction CS 161: Computer Security Prof. Vern Paxson TAs: Paul Bramsen, Apoorva Dornadula,

Introduction CS 161: Computer Security Prof. Vern Paxson TAs: Paul Bramsen, Apoorva Dornadula,

Introduction CS 161: Computer Security Prof. Vern Paxson TAs: Paul Bramsen, Apoorva Dornadula, David Fifield, Mia Gil Epner, David Hahn, Warren He, Grant Ho, Frank Li, Nathan Malkin, Mitar Milutinovic, Rishabh Poddar, Rebecca Portnoff, Nate Wang

787 views • 44 slides
Database Security Threats and Vulnerabilities John Bissonette Aaron McClure Introduction

Database Security Threats and Vulnerabilities John Bissonette Aaron McClure Introduction

Database Security Threats and Vulnerabilities John Bissonette Aaron McClure Introduction Databases are the crown jewels of a business or organization Security is paramount Vulnerabilities grant attackers keys to the

600 views • 14 slides
The Future Of Hacking possible Bernd Fix, Wau Holland Stiftung And if criminals are the price

The Future Of Hacking possible Bernd Fix, Wau Holland Stiftung And if criminals are the price

The Future Of Hacking possible Bernd Fix, Wau Holland Stiftung And if criminals are the price we must pay for rebels, heretics, and geniuses, I'm willing to pay it. I demand the price to be paid. Are criminals the only possible payment?

418 views • 14 slides
ELC 2013 Security: Best Practices for Embedded Systems John Mehaffey Senior System Architect

ELC 2013 Security: Best Practices for Embedded Systems John Mehaffey Senior System Architect

ELC 2013 Security: Best Practices for Embedded Systems John Mehaffey Senior System Architect Embedded Systems Division mentor.com/embedded Android is a trademark of Google Inc. Use of this trademark is subject to Google Permissions. Linux

544 views • 17 slides
UCyber Meeting 4 Last Week... Discussed Dates of Siemens CDC visit Dominick gave a web

UCyber Meeting 4 Last Week... Discussed Dates of Siemens CDC visit Dominick gave a web

UCyber Meeting 4 Last Week... Discussed Dates of Siemens CDC visit Dominick gave a web development presentation Discussed future topics for meetings Talked about getting involved on our GH github.com/ucyber Moved

330 views • 8 slides
Computer graphics 2: Graduate seminar in computational aesthetics Angus Forbes

Computer graphics 2: Graduate seminar in computational aesthetics Angus Forbes

Computer graphics 2: Graduate seminar in computational aesthetics Angus Forbes evl.uic.edu/creativecoding/cs526 Computer Graphics 2 instructor angus graeme forbes course syllabus http://evl.uic.edu/creativecoding/cs526 lab page

571 views • 45 slides
Welcome to CSE 5/7338 Economics of Information Security Tyler Moore Computer Science &

Welcome to CSE 5/7338 Economics of Information Security Tyler Moore Computer Science &

Notes Welcome to CSE 5/7338 Economics of Information Security Tyler Moore Computer Science & Engineering Department, SMU, Dallas, TX Lecture 1 Logistics Syllabus Motivation Calendar Notes Course website Most info:

229 views • 8 slides

More recommend