it intrusion it intrusion finfisher product suite it
play

IT INTRUSION IT INTRUSION FinFisher Product Suite IT INTRUSION IT - PowerPoint PPT Presentation

Mar 13, 2023 •246 likes •638 views

IT INTRUSION IT INTRUSION FinFisher Product Suite IT INTRUSION IT INTRUSION FinFisher Product Suite FinFisher Product Suite FinFisher Product Suite Usage Usage Information Gathering Information Gathering PC Surveillance

  1. IT INTRUSION IT INTRUSION FinFisher Product Suite IT INTRUSION IT INTRUSION – FinFisher Product Suite FinFisher Product Suite FinFisher Product Suite

  2. Usage Usage • Information Gathering Information Gathering • PC Surveillance • Hacking • Information Exploitation • Information Interception 2

  3. Components Components • FinFisher USB Suite • FinFisher Remote Hacking Kit • FinSpy • FinSpy • FinFly • FinTraining • FinAudit Fi A dit • New Products - 2008 3

  4. FinFisher USB Suite FinFisher USB Suite • Suite to locally extract information from target systems with little or no user target systems with little or no user interaction • Data analysis/Report generation at Head • Data analysis/Report generation at Head- quarters 4

  5. Components Components • FinFisher USB Suite – FinFisher HQ – FinFisher 1 – FinFisher 2 – FinFisher 3 • FinFisher Remote Hacking Kit • FinFisher Remote Hacking Kit • FinSpy • FinFly • FinTraining • FinTraining • FinAudit • New Products - 2008 5

  6. FinFisher HQ FinFisher HQ • Graphical User Interface for FinFisher 1 and 2 • Used to configure operational options U d t fig ti l ti • Generates certificates for encryption • Deciphers and imports data from dongles • Generates reports from gathered data p g • Updates FinFisher 1 and 2 systems 6

  7. FinFisher HQ FinFisher HQ 7

  8. Components Components • FinFisher USB Suite – FinFisher HQ FinFisher HQ – FinFisher 1 – FinFisher 2 Fi Fi h 2 – FinFisher 3 • FinFisher Remote Hacking Kit • FinSpy py • FinFly • FinTraining Fi T i i • FinAudit • New Products - 2008 8

  9. FinFisher FinFisher 1 1 • U3 USB Dongle • Executes on insertion with little or no user intervention • Obtains system and account information for: Obtains system and account information for: • Windows Accounts • E-Mail Accounts (Microsoft Outlook / Express ) E Mail Accounts (Microsoft Outlook / Express, …) • Instant Messenger Accounts (MSN, Yahoo, ICQ, …) • System Details (Product Keys Hotfixes ) System Details (Product Keys, Hotfixes, …) • Network Information (Open Ports, Cookies, History, …) • All gathered data is asymmetrically enciphered • Bypasses installed Anti Virus/Anti Spyware • Bypasses installed Anti-Virus/Anti-Spyware software 9

  10. FinFisher FinFisher 1 1 10

  11. Components Components • FinFisher USB Suite – FinFisher HQ FinFisher HQ – FinFisher 1 – FinFisher 2 Fi Fi h 2 – FinFisher 3 • FinFisher Remote Hacking Kit • FinSpy py • FinFly • FinTraining Fi T i i • FinAudit • New Products - 2008 11

  12. FinFisher 2 FinFisher 2 • U3 USB Dongle • Executes on insertion with little or no user intervention • Gets a copy of all locally stored E-Mails from Gets a copy of all locally stored E Mails from the target system • Obtains specific files by file extension (e g all • Obtains specific files by file-extension (e.g. all .doc and .xls files) • All gathered data is asymmetrically enciphered All h d d i i ll i h d • Bypasses installed Anti-Virus/Anti-Spyware software 12

  13. FinFisher FinFisher 2 2 13

  14. Components Components • FinFisher USB Suite – FinFisher HQ FinFisher HQ – FinFisher 1 – FinFisher 2 Fi Fi h 2 – FinFisher 3 • FinFisher Remote Hacking Kit • FinSpy py • FinFly • FinTraining Fi T i i • FinAudit • New Products - 2008 14

  15. FinFisher FinFisher 3 3 • 2 Bootable CD-Roms: 1. Removes password for selected Windows user account 2. Securely wipes local hard-disks 15

  16. Components Components • FinFisher USB Suite • FinFisher Remote Hacking Kit • FinSpy • FinSpy • FinFly • FinTraining • FinAudit Fi A dit • New Products - 2008 16

  17. FinFisher Remote Hacking Kit FinFisher Remote Hacking Kit • Used for remote information gathering • Provides up-to-date hacking environment P id t d t h ki i t • Can target public servers and personal g p p computers 17

  18. FinFisher Remote Hacking Kit FinFisher Remote Hacking Kit • Ruggedized notebook • FinTrack operating system Fi T k ti t • Various scripts for automating attack p g procedures • All major up-to-date hacking tools 18

  19. FinFisher Remote Hacking Kit FinFisher Remote Hacking Kit • High-power Wireless LAN adapter • Bluetooth adapter with antenna plug Bl t th d t ith t l • Directional/Omni-directional antenna • 500 GB USB disk containing Rainbow Tables, default password lists, etc. • USB-to-Ethernet adapter • USB to Ethernet adapter • PS/2 and USB Keylogger • Other 19

  20. Components Components • FinFisher USB Suite • FinFisher Remote Hacking Kit • FinSpy • FinSpy • FinFly • FinTraining • FinAudit Fi A dit • New Products - 2008 20

  21. FinSpy FinSpy • Professional Trojan Horse • Monitor and remotely access one or multiple systems • Presence on target system is hidden • All communication is hidden and enciphered • Components: – FinSpy Client – FinSpy Server – FinSpy Target – FinSpy USB-U3 Dongle (Target) – FinSpy Antidote 21

  22. FinSpy FinSpy • Features: – Custom Executables – Bypasses Anti-Virus/Anti-Spyware Software – Location Tracing – Scheduled Operations – Key Logging y gg g – Password Gathering – Webcam/Microphone Access p – Communication Sniffing: • Skype yp • Instant Messengers (ICQ, Yahoo, …) – Other Other 22

  23. Components Components • FinFisher USB Suite • FinFisher Remote Hacking Kit • FinSpy • FinSpy • FinFly • FinTraining • FinAudit Fi A dit • New Products - 2008 23

  24. FinFly FinFly • Used to infect executables while downloading • Components: – Transparent HTTP Proxy – EXE Loader • Proxy attaches Trojan Horse software to downloaded executables on-the-fly • Loader removes attached software from downloaded executable after installation • Can be used on local networks (e.g. Wireless LANs) • ISP Version to come in 2008 ISP V i i 2008 24

  25. Components Components • FinFisher USB Suite • FinFisher Remote Hacking Kit • FinSpy • FinSpy • FinFly • FinTraining • FinAudit Fi A dit • New Products - 2008 25

  26. FinTraining: Basic Hacking Courses FinTraining: Basic Hacking Courses • 1 or 2 week basic hacking overview • Covers various common hacking techniques • Practical examples, demonstrations and exercises • Topics include: – Footprinting/Scanning/Enumeration ootp t g Sca g u e at o – Networks – Exploits – Exploits – Wireless LANs – Bluetooth Bl t th – Other 26

  27. FinTraining Advanced: Exploiting Software FinTraining Advanced: Exploiting Software • 1 week course 1 k • Covers bugs in software and exploiting these these • Practical examples, demonstrations and exercises exercises • Topics include: – Software Bugs Software Bugs – Exploit Archives/Frameworks – Shellcode Shellcode – Finding Bugs – Customizing Exploits Customizing Exploits – Other 27

  28. FinTraining Advanced: Rootkits FinTraining Advanced: Rootkits • 1 week course • Covers RootKit and Trojan horse techniques • Practical examples, demonstrations and exercises • Topics include: – Analysis – Usage Usage – Detection – Development Development – Other 28

  29. FinTraining Advanced: Hacking VoIP FinTraining Advanced: Hacking VoIP • 1 week course • Covers Voice-over-IP eavesdropping and various attack techniques • Practical examples, demonstrations and exercises • Topics include: – RTP Sniffing – RTP Insertion RTP Insertion – SIP Account Brute-Forcing – SIP Account Cracking SIP Account Cracking – Other 29

  30. FinTraining Advanced: Wireless Hacking FinTraining Advanced: Wireless Hacking • 1 week course • Covers Wireless LANs, Bluetooth and Wireless Keyboards • Practical examples, demonstrations and exercises • Topics include: – Wireless LAN WEP/WPA Cracking – Bluetooth Link-Key Cracking Bluetooth Link Key Cracking – Wireless Keyboard Sniffing – Other Other 30

  31. FinTraining Advanced: Covert Comms FinTraining Advanced: Covert Comms • 1 week course • Covers steganography, encryption, network and application protocols • Practical examples, demonstrations and exercises • Topics include: – Hiding data in objects – Hiding data in streams Hiding data in streams – Hiding VoIP communication – Other Other 31

  32. FinTraining Advanced: More FinTraining Advanced: More • More topics upon request • Courses are customized according to customers needs and skill-set 32

  33. Components Components • FinFisher USB Suite • FinFisher Remote Hacking Kit • FinSpy • FinSpy • FinFly • FinTraining • FinAudit Fi A dit • New Products - 2008 33

  34. FinAudit FinAudit • 1 or 2 week penetration test • Security check of networks, systems and software • Helps analyzing various attack vectors and fi di finding vulnerabilities l bili i • Prevents data disclosure and intrusion • Finalizing report and consulting services 34

  35. Components Components • FinFisher USB Suite • FinFisher Remote Hacking Kit • FinSpy • FinSpy • FinFly • FinTraining • FinAudit Fi A dit • New Products - 2008 35

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Press intrusion. Identifying similar words with different connotations What is press intrusion?

Press intrusion. Identifying similar words with different connotations What is press intrusion?

Topic 12: Press intrusion. Identifying similar words with different connotations What is press intrusion? Press intrusion is an issue which has many stances, often depending on whether you are a member of the press or have been on the receiving

602 views • 9 slides
Styles of Intrusion Detection Misuse intrusion detection Try to detect things known to be

Styles of Intrusion Detection Misuse intrusion detection Try to detect things known to be

Styles of Intrusion Detection Misuse intrusion detection Try to detect things known to be bad Anomaly intrusion detection Try to detect deviations from normal behavior Specification intrusion detection Try to detect

627 views • 15 slides
Intrusion Detection Principles Basics Models of Intrusion Detection

Intrusion Detection Principles Basics Models of Intrusion Detection

Intrusion Detection Principles Basics Models of Intrusion Detection Architecture of an IDS Architecture of an IDS Organization Incident Response Slide #22-1 FEARLESS engineering Principles of Intrusion Detection

744 views • 40 slides
Intrusion Detection System Amir Hossein Payberah payberah@yahoo.com 1 Contents Intrusion

Intrusion Detection System Amir Hossein Payberah payberah@yahoo.com 1 Contents Intrusion

Intrusion Detection System Amir Hossein Payberah payberah@yahoo.com 1 Contents Intrusion Detection Systems Tripwire Snort 2 IDS (Definition) Intrusion Detection is the process of monitoring the events occurring in a computer

571 views • 30 slides
Chapter 25: Intrusion Detection Principles Basics Models of Intrusion Detection

Chapter 25: Intrusion Detection Principles Basics Models of Intrusion Detection

Chapter 25: Intrusion Detection Principles Basics Models of Intrusion Detection Architecture of an IDS Organization Incident Response June 2, 2005 ECS 235, Computer and Information Slide #1 Security Principles of

1.38k views • 104 slides
THE VAPOR INTRUSION PATHWAY DANIEL G. GREENE, CPG MISCONCEPTIONS MISCONCEPTIONS VAPOR INTRUSION

THE VAPOR INTRUSION PATHWAY DANIEL G. GREENE, CPG MISCONCEPTIONS MISCONCEPTIONS VAPOR INTRUSION

engineers | scientists | architects | constructors THE VAPOR INTRUSION PATHWAY DANIEL G. GREENE, CPG MISCONCEPTIONS MISCONCEPTIONS VAPOR INTRUSION The migration of volatile chemical from the subsurface into overlying building (USEPA 2002)

585 views • 31 slides
Intrusion Detection W enke Lee Com puter Science Departm ent Colum bia University Intrusion and

Intrusion Detection W enke Lee Com puter Science Departm ent Colum bia University Intrusion and

Intrusion Detection W enke Lee Com puter Science Departm ent Colum bia University Intrusion and Computer Security Com puter security: confidentiality, integrity, and availability Intrusion: actions to com prom ise security W hy

1.09k views • 63 slides
Customizing and Evolving Intrusion Detection A static, globally useful intrusion detection

Customizing and Evolving Intrusion Detection A static, globally useful intrusion detection

Customizing and Evolving Intrusion Detection A static, globally useful intrusion detection solution is impossible Good behavior on one system is bad behavior on another Behaviors change and new vulnerabilities are discovered

700 views • 23 slides
Outline Introduction Intrusion Detection Characteristics of intrusion detection CS 236

Outline Introduction Intrusion Detection Characteristics of intrusion detection CS 236

Outline Introduction Intrusion Detection Characteristics of intrusion detection CS 236 systems Computer Software Some sample intrusion detection March 12, 2007 systems Lecture 14 Lecture 14 Page 1 Page 2 CS 236, Winter 2007

537 views • 10 slides
Outline Introduction Intrusion Detection Characteristics of intrusion detection CS 239

Outline Introduction Intrusion Detection Characteristics of intrusion detection CS 239

Outline Introduction Intrusion Detection Characteristics of intrusion detection CS 239 systems Computer Software Some sample intrusion detection March 9, 2005 systems Lecture 15 Lecture 15 Page 1 Page 2 CS 239, Winter 2005

602 views • 12 slides
Signature Based Intrusion Detection Systems Philip Chan CS 598 MCC Spring 2013 Intrusion

Signature Based Intrusion Detection Systems Philip Chan CS 598 MCC Spring 2013 Intrusion

Signature Based Intrusion Detection Systems Philip Chan CS 598 MCC Spring 2013 Intrusion Detection Systems Detect malicious Raise alarms activities/attacks Alert administrators Hacking/ unauthorized access Trigger defense

217 views • 21 slides
Intrusion Detection Intrusion Detection October 23, 2020 Administrative Administrative

Intrusion Detection Intrusion Detection October 23, 2020 Administrative Administrative

Intrusion Detection Intrusion Detection October 23, 2020 Administrative Administrative submittal instructions submittal instructions answer the lab assignments questions in written report form, as a text, pdf, or Word document

504 views • 21 slides
Overview Intrusion Detection Systems Intrusion Detection Concepts and Practices Dealing

Overview Intrusion Detection Systems Intrusion Detection Concepts and Practices Dealing

Overview Intrusion Detection Systems Intrusion Detection Concepts and Practices Dealing with Intruders Detecting Intruders Principles of Intrusions and IDS The IDS Taxonomy Chapter 13 Using Rules and Thresholds for

297 views • 7 slides
Vadose Zone Profiling g to Better Understand Processes Related to Vapor Intrusion Related to Vapor

Vadose Zone Profiling g to Better Understand Processes Related to Vapor Intrusion Related to Vapor

Vapor Intrusion 2010 Sept. 29-30 Chicago Vadose Zone Profiling g to Better Understand Processes Related to Vapor Intrusion Related to Vapor Intrusion Daniel B. Carr, P.E., P.G., Laurent C. Levy, Ph.D., P.E., Allan H. Horneman, D.E.S. Effect

574 views • 14 slides
Intrusion Prevention and Detection in Grid computing - The ALICE Case 21st International

Intrusion Prevention and Detection in Grid computing - The ALICE Case 21st International

Intrusion Prevention and Detection in Grid computing - The ALICE Case 21st International Conference on Computing in High Energy and Nuclear Physics Outline: Introduction Threat model Intrusion prevention Intrusion detection

420 views • 16 slides
Intrusion Detection Systems CS 236 On-Line MS Program Networks and Systems Security Peter

Intrusion Detection Systems CS 236 On-Line MS Program Networks and Systems Security Peter

Intrusion Detection Systems CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Lecture 11 Page 1 CS 236 Online Outline Introduction Characteristics of intrusion detection systems Some sample intrusion detection

143 views • 12 slides
Cross Case Analysis of Elementary Engineering Task John He ff ernan Problem Statement

Cross Case Analysis of Elementary Engineering Task John He ff ernan Problem Statement

Cross Case Analysis of Elementary Engineering Task John He ff ernan Problem Statement Increasing academic focus resulting in loss of designerly play including engineering ( Zhao, 2012 ) . High need for diverse STEM workforce ( Brophy, Portsmore,

740 views • 50 slides
Vola A guide to using the Vola Event Management and Timing So6ware for 16-17 season Race Results

Vola A guide to using the Vola Event Management and Timing So6ware for 16-17 season Race Results

Vola A guide to using the Vola Event Management and Timing So6ware for 16-17 season Race Results Software h t t p : / / u s s a . o r g / g l o b a l / u s s a - r a c e - a n d - e v e n t - s c o r i n g - s o f t w a r e Downloading Vola Ski

1.41k views • 89 slides
RF E xposur e Pr oc e dur e s Pr e se nte r : Jake Novic ky T CB Wor kshop Nove mbe r

RF E xposur e Pr oc e dur e s Pr e se nte r : Jake Novic ky T CB Wor kshop Nove mbe r

RF E xposur e Pr oc e dur e s Pr e se nte r : Jake Novic ky T CB Wor kshop Nove mbe r 2019 F e de ra l Co mmunic a tio ns Co mmissio n Offic e o f E ng ine e ring a nd T e c hno lo g y L a b o ra to ry Divisio n (E d ito

503 views • 16 slides
Mobile Auto Godfrey Nolan RIIS LLC Agenda o Intro o The next big thing o So many options o Apple

Mobile Auto Godfrey Nolan RIIS LLC Agenda o Intro o The next big thing o So many options o Apple

Mobile Auto Godfrey Nolan RIIS LLC Agenda o Intro o The next big thing o So many options o Apple Carplay o Android Auto o Caveats o Getting to market o Even more options o Predictions RIIS LLC Intro Apple Carplay RIIS LLC Intro Apple

853 views • 59 slides
Bruny Island Battery Trial Installer information session Agenda What are we doing and why?

Bruny Island Battery Trial Installer information session Agenda What are we doing and why?

Bruny Island Battery Trial Installer information session Agenda What are we doing and why? The subsidy and tech spec The process Critical things to discuss Subsidy Minimum customer contribution = $2,000 $3,200/kW battery

331 views • 11 slides
Accessible Ajax on Rails Jarkko Laine with Geoffrey Grosenbach r.resources :categories do |cat|

Accessible Ajax on Rails Jarkko Laine with Geoffrey Grosenbach r.resources :categories do |cat|

Accessible Ajax on Rails Jarkko Laine with Geoffrey Grosenbach r.resources :categories do |cat| cat.resources :products cat.resources :companies cat.resources :subcategories do |sub| sub.resources :products sub.resources :companies end

1.12k views • 87 slides
D-Star Repeater K5LET DV & DVAP ! D-Star ! Dongle Users Reflectors Local RF ! Users

D-Star Repeater K5LET DV & DVAP ! D-Star ! Dongle Users Reflectors Local RF ! Users

D-Star Repeater K5LET DV & DVAP ! D-Star ! Dongle Users Reflectors Local RF ! Users Patterson ! DSL Modem ! Internet 6 Mbps Patterson ! Dynamic ! Home ! (WAN) Computers Patterson ! 192.168.1.xxx Router 192.168.1.253 ! Duplexer (DMZ)

763 views • 9 slides
Osbourn Dorsey Saryia C The doorstop Osbourn My inventor invented a doorstop and doorknob. He

Osbourn Dorsey Saryia C The doorstop Osbourn My inventor invented a doorstop and doorknob. He

Osbourn Dorsey Saryia C The doorstop Osbourn My inventor invented a doorstop and doorknob. He obtained a patent for his work in 1878. He wanted to be famous for inventing the doorstop and doorknob. Osbourn My inventor invented a

610 views • 10 slides

More recommend