The Security Circus MPICT Summer Conference, June, 2011.

Slides:



Advertisements
Similar presentations
Cyber Stalking Cyber Stalking Phishing Hacker 1. Never reveal your home address !!! This rule is especially important for women who are business professionals.
Advertisements

Ethical Hacking: New Web 2.0 Attacks and Defenses HI-TEC 2011.
Black, White, Grey Hat Hackers Not all hackers are bad…which one’s which?
7 Effective Habits when using the Internet Philip O’Kane 1.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
Chapter 8 Chapter 8 Digital Defense: Securing Your Data and Privacy
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
Vs The Illusion of Security. Aaron Barr : “Security Expert” CEO of security company HBGary Federal Provide Security Training Create Malicious Software.
ITIS 6200/8200: Principles of Information Security and Privacy Dr. Weichao Wang.
CAP6135: Malware and Software Vulnerability Analysis Examples of Term Projects Cliff Zou Spring 2012.
Keeping Data Safe Revision Summer How many ways can data be lost? Start a list… Physical Loss or Corruption of data Accidental or Deliberate Unauthorised.
Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.
Threats and ways you can protect your computer. There are a number of security risks that computer users face, some include; Trojans Conficker worms Key.
October The Insider Financial Crime and Identity Theft Hacktivists Piracy Cyber Espionage and Sabotage.
Special Anatomy of an Attack Or Layered Security Failure.
CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.
Anonymous By Kendra Kennedy, Benjamin Fleshman, and Hassan Alsuleiman.
Computer Security and Risks. “If the law doesn't fit reality anymore, law has to be changed. That’s not a new thing. That’s civilization as usual” Gilberto.
Demystifying Backdoor Shells and IRC Bots: The Risk … By : Jonathan.
Juha Siivikko SECURITY IN SOCIAL MEDIA.
ESCCO Data Security Training David Dixon September 2014.
Staying Safe Online Keep your Information Secure.
Internet Security & Safety. What makes up the internet? Protecting and securing your password Protecting your identity What is social networking? Benefits.
 A viruses is a program that can harm or track your computer. E.g. browser hijacker.  When a viruses accesses the computer it can accesses the HDD and.
Passwords. Outline Objective Authentication How/Where Passwords are Used Why Password Development is Important Guidelines for Developing Passwords Summary.
Recruitment and Retention Gerardo Silbert, ACC and Sabreena Andriesz, PCC Nov , 2014.
Phishing scams Phishing is the fraudulent practice of sending s purporting to be from reputable companies in order to induce individuals to reveal.
Ethical Hacking and Network Defense NCTT Winter Workshop January 11, 2006.
 Anonymous is a loosely knit internet activist group mainly focusing on standing up against internet censorship.  The group is completely democratic,
PREPARED BY: SHOUA VANG ABHINAV JUWA CHASE PAUL EASy Security Project Anonymous vs HBGary Inc.
The Security Circus.
SURVEILLANCE The Fears of the Digital Age. Privacy –Identity –Anonymity Logging –Tracking Hacking Censorship State Security/Anti Terror Online The Discussion.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
Anonymous ACG 6415 Conley, Justin Glenn, Cassady Zhang, Fan.
Ethical Hacking: Hacking GMail. Teaching Hacking.
Traditional Security Issues Confidentiality –Prevent unauthorized access or reading of information Integrity –Insure that writing or operations are allowed.
Amanda Reyes Chris Connell Lindsey McQuiston Amanda Reyes Chris Connell Lindsey McQuiston.
NDACo’s Messaging Communications & Publications Tools.
Network Security. Announcements Review Assignment - Assessment 3 (due Tuesday, before class) Assessment 3 – Next Thursday Reminders: Network Design Project.
Premise What if AI hacked social media? What if AI spread hateful messages? What if AI drove humanity apart? This is the Antisocial AI.
Ethical Hacking: Defeating Logon Passwords. 2 Contact Sam Bowne Sam Bowne Computer Networking and Information Technology Computer Networking and Information.
Virus Assignment JESS D. How viruses affect people and businesses  What is a virus? A computer virus is a code or a program that is loaded onto your.
Last revised A.A. Degree CNIT 120: Network Security Fundamentals of Network Security Preparation for Security+ Certification Essential for.
Chris Calderon – February 2016 MIS 534 Information Security Management.
DoS Attacks Phishing Keylogging Computer Laws/Acts.
The Security Circus CNIT 120 Jan 14, Linus Thorvalds.
Ethical Hacking and Network Defense. Contact Information Sam Bowne Sam Bowne Website: samsclass.info Website:
The Security Circus & DoS Attacks. Bio Summary The DoS Circus Layer 4 DDoS: Thousands of attackers bring down one site Layer 7 DoS: One attacker brings.
Safer Internet Day Benefits and risks of digital technologies.
Computer Security Set of slides 8 Dr Alexei Vernitski.
Zeus Virus By: Chris Foley. Overview  What is Zeus  What Zeus Did  The FBI investigation  The virus for phones  Removal and detection  Conclusion.
By Collin Donaldson Man in the Middle Attack: Password Sniffing and Cracking.
From viruses to theft Joakim von Braun Security Consultant von Braun Security Consultants Uppsala universitet
PCS Technology for Students: Acceptable Use, Privacy, and Safety.
Digital Citizenship.  I can…. What is digital citizenship?  Think.Pair.Share.
Hands-On Ethical Hacking and Network Defense
Digital Citizenship.
PCS Technology for Staff: Acceptable Use, Privacy, and Safety
Digital Citizenship.
Wikileaks, Anonymous, and The Jester
Digital Citizenship.
Digital Citizenship.
Presentation transcript:

The Security Circus MPICT Summer Conference, June, 2011

Twitter!

Wikileaks Published <1000 US Gov't diplomatic cables from a leak of 250,000 Distributed an encrypted "Insurance" file by BitTorrent Widely assumed to contain the complete, uncensored leaked data Encrypted with AES-256--no one is ever getting in there without the key Key to be released if Assange is jailed or killed, but he is in UK now resisting extradition to Sweden and the key has not been released

Anonymous

Operation Payback 4chan's Anonymous group Attacked Scientology websites in 2008 Attacked the RIAA and other copyright defenders Using the Low Orbit Ion Cannon with HiveMind (DDoS) "Opt-in Botnet"

HB Gary Federal Aaron Barr Developed a questionable way to track people down online By correlating Twitter, Facebook, and other postings Announced in Financial Times that he had located the “leaders” of Anonymous and would reveal them in a few days

Social Engineering & SQLi

Leaked HB Gary s For Bank of America Discredit Wikileaks Intimidate Journalist Glenn Greenwald For the Chamber of Commerce Discredit the watchdog group US Chamber Watch Using fake social media accounts For the US Air Force Spread propaganda with fake accounts

Drupal Exploit

Th3j35t3r "Hacktivist for Good" Claims to be ex-military Originally performed DoS attacks on Jihadist sites Bringing them down for brief periods, such as 30 minutes Announces his attacks on Twitter, discusses them on a blog and live on irc.2600.net

Jester's Tweets from Dec 2010

Th3j35t3r v. Wikileaks He brought down Wikileaks single-handed for more than a day –I was chatting with him in IRC while he did it, and he proved it was him by briefly pausing the attack

Wikileaks Outage One attacker, no botnet

Th3j35t3r After his Wikileaks attack He battled Anonymous He claims to have trojaned a tool the Anons downloaded He claims to pwn Anon insiders now

Jester's Tweets

Westboro Baptist Outage 4 sites held down for 8 weeks From a single 3G cell phone –

LulzSec The skilled group Anons who hacked H B Gary Federal Hacked – US Senate – Pron.com – Sony – FBI – PBS – Fox News

Two Factor Authentication First factor: what user knows Second factor: what user has –Password token –USB key –Digital certificate –Smart card Without the second factor, user cannot log in –Defeats password guessing / cracking

RSA was Hacked, and their Customers Too

Security Training at CCSF Security+ CEH (Certified Ethical Hacker) CISSP (Certified Information Systems Security Professional) Computer Forensics Firewalls

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.