Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Security I.

Published by玲 松 Modified over 7 years ago

Similar presentations

Presentation on theme: "Computer Security I."— Presentation transcript:

1 Computer Security I

2 JOB: Security, IR, Forensics
Required Skills: Experience in host forensics, windows/linux internals, vulnerability assessment (more than just running a tool but actually doing analysis of that data or manually gathering vulnerability analysis data via an innovative/custom method) and/or Computer Network Exploitation Performed analysis of host data at rest, forensic analysis of windows, UNIX, or mobile systems, and/or experience with file hashing and fuzzy file hashing Experience with industry standard system tools (Sysinternals suite for example) Performed analysis of code in memory, including analysis of RAM snapshots, Windows crash dump files, and/or UNIX kernel dumps Performed software reverse engineering to include use of code disassemblers (like IDAPro) and debugging unknown code (like Ollydbg) CS background (scripting/programming/development) are required

3 1+ years in 2 of the following:
File Hashing and Fuzzy File Hashing (e.g. ssdeep, fciv, and md5deep) Commercial, open source tools for intrusion detection (e.g., Snort, BroIDS) Packet capture/evaluation (e.g. tcpdump, ethereal/wireshark, NOSEHAIR) Network mapping/discovery (e.g. nmap, TRICKLER) Industry standard system/network tools (e.g. netcat, netstat, traceroute, rpcinfo, nbtscan, snmpwalk, Sysinternals suite)

4 2+ years in 1 of the following:
Development of exploits for Microsoft Windows operation systems Development of exploits for UNIX operating systems Development of exploits for personal computer device/mobile device operating systems (e.g. Andriod, Blackberry, IPhone, and IPad) Software Reverse Engineering to include use of code disassemblers (e.g. IDA Pro) and debugging unknown code (e.g. Ollydbg) Analysis of code in memory, including analysis of RAM snapshots, Windows crash dump files, and/or UNIX kernal dumps Implementing network with IPv6 protocols.

5 Recent Attacks/Breaches Bad, Bad, Bad

6 2014 – 40 Million Credit Cards NEW YORK (CNNMoney) The major hack of discount retailer Target that stole credit and debit card data from 40 million accounts was still reverberating several days later.

7 Target: Hackers stole vendor's credentials in credit card breach
This month (January 2014), Target revealed that about 70 million customers were affected in the credit card data heist from its stores at the end of last year, double the previous estimates.

8 Home Depot Confirms Breach CC #s Already on Auction
Home Depot confirms breach but stays mum as to size. Home supply retailer confirms card data stolen, likely starting in April. Could be larger than the Target breach 2013. Ars Technia

9 Credit Card Market Place
Cybercrime Store rescator[dot]cc Lists Home Depot credit cards Lampeduza[dot]la rescator[dot]la kaddafi[dot]hk octavian[dot]sucheapdumps[dot]org cpro[dot]su vor[dot]cc.

10 USIS Breach at US security contractor exposed at least 25,000 workers
Summary: USIS, which performs background checks for the Department of Homeland Security, revealed that it was hacked earlier this month. The same company vetted Edward Snowden for the government. Update: Government To Drop Background Check Firm USIS

11 JPMorgan and Other Banks Struck by Hackers
By NICOLE PERLROTH, NYT, AUG. 27, 2014 Photo Outside JPMorgan’s corporate headquarters in New York. The bank was one of at least five that suffered a coordinated cyberattack this month. Credit Andrew Burton/Getty Images

12 Russian Hackers Amass Over a Billion Internet Passwords
Alex Holden of Hold Security said most of the targeted websites were still vulnerable. Credit Darren Hauck for The New York Times - 8/5/2014

13 Power Grid Attack Lightsout exploit kit

14 Cyber Intrusion Blamed for Hardware Failure at Water Utility
A recent cyber attack on a city water utility in Illinois may have destroyed a pump and appears to be part of a larger intrusion at a U.S. software provider, new information suggests.

15 Remote Access to SCADA Systems

16 US power plants 'vulnerable to hacking'
Power plants across the US and Canada could overheat, shut down or be caused to malfunction because of vulnerabilities that leave them open to hacking, according to new research. Alex Hern, 10/17/2013 The Guardian

17 Researchers Uncover Holes That Open Power Stations to Hacking
“We found vulnerabilities in virtually all implementations [of the protocol],” Sistrunk said. “Some of them are worse than others.” By Kim Zetter Wired

Download ppt "Computer Security I."

Similar presentations

PEOPLE’S REPUBLIC OF HACKING By: Lani N, Ashley R, Michael R, Gregory R.

PEOPLE’S REPUBLIC OF HACKING By: Lani N, Ashley R, Michael R, Gregory R.
ROOTKIT VIRUS by Himanshu Mishra Points to be covered Introduction History Uses Classification Installation and Cloaking Detection Removal.

ROOTKIT VIRUS by Himanshu Mishra Points to be covered Introduction History Uses Classification Installation and Cloaking Detection Removal.
Windows Security and Rootkits Mike Willard January 2007.

Windows Security and Rootkits Mike Willard January 2007.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Local Area Networks Part III. 2 Introduction Proper support of a local area network requires hardware, software, and miscellaneous support devices. A.

Local Area Networks Part III. 2 Introduction Proper support of a local area network requires hardware, software, and miscellaneous support devices. A.
Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.

Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.
E-Book Repository Solution By Tim Haynes. Contents What is an E-book Repository My Solution Components of My Solution Diagram of My Solution Threats and.

E-Book Repository Solution By Tim Haynes. Contents What is an E-book Repository My Solution Components of My Solution Diagram of My Solution Threats and.
Protecting Customer Websites and Web Applications Web Application Security.

Protecting Customer Websites and Web Applications Web Application Security.
Andrew Martin - Information Security Specialist, CIBC

Andrew Martin - Information Security Specialist, CIBC
A Step Into The Computer Underground 1 “By Understanding The Enemy We Are Better Prepared To Defend Ourselves”

A Step Into The Computer Underground 1 “By Understanding The Enemy We Are Better Prepared To Defend Ourselves”
Theft at Target Leads Citi to Replace Debit Cards By NATHANIEL POPPER Citibank plans to reissue all customer debit cards involved in the data breach at.

Theft at Target Leads Citi to Replace Debit Cards By NATHANIEL POPPER Citibank plans to reissue all customer debit cards involved in the data breach at.
Viruses Hackers Backups Stuxnet Portfolio Computer viruses are small programs or scripts that can negatively affect the health of your computer. A.

Viruses Hackers Backups Stuxnet Portfolio Computer viruses are small programs or scripts that can negatively affect the health of your computer. A.
Network Security Lewis R. Folkerth, P. E. Consumers Energy Energy Management Systems

Network Security Lewis R. Folkerth, P. E. Consumers Energy Energy Management Systems
Investigating Sophisticated Security Breaches Digital Forensics has proven tough in the age of sophisticated Intruders.

Investigating Sophisticated Security Breaches Digital Forensics has proven tough in the age of sophisticated Intruders.
Grants Management Training 200 Cyber Security There are two kinds of people in America today: Those who have experienced a cyber-attack and know it, and.

Grants Management Training 200 Cyber Security There are two kinds of people in America today: Those who have experienced a cyber-attack and know it, and.
Tamra Pawloski Jeff Miller. The views, information, and content expressed herein are those of the authors and do not necessarily represent the views of.

Tamra Pawloski Jeff Miller. The views, information, and content expressed herein are those of the authors and do not necessarily represent the views of.
BREAKING NEWS “Ebay Had 145 Million Personal Record’s Stolen in a Data Breach” “Target Credit Card Breach Affects 110 Million Americans” “Court Ventures.

BREAKING NEWS “Ebay Had 145 Million Personal Record’s Stolen in a Data Breach” “Target Credit Card Breach Affects 110 Million Americans” “Court Ventures.
MORE MONEY FOR CYBER- SECURITY?. CYBER SECURITY: A TICKING TIME BOMB? Richie Sabu G/T Independent Research Howard High School Mr. Brian Price, Advisor.

MORE MONEY FOR CYBER- SECURITY?. CYBER SECURITY: A TICKING TIME BOMB? Richie Sabu G/T Independent Research Howard High School Mr. Brian Price, Advisor.
“2 million Facebook, Gmail and Twitter passwords stolen in massive hack”

“2 million Facebook, Gmail and Twitter passwords stolen in massive hack”

Similar presentations

Ads by Google