Presentation is loading. Please wait.

Presentation is loading. Please wait.

IOANNIS CHALKIADIS CERNIT SECURITY TEAM How to hack,earn money and stay out of jail. IT LIGHTNING TALK 04.12.15 CERN 1.

Published byOlivia Lane Modified over 8 years ago

Similar presentations

Presentation on theme: "IOANNIS CHALKIADIS CERNIT SECURITY TEAM How to hack,earn money and stay out of jail. IT LIGHTNING TALK 04.12.15 CERN 1."— Presentation transcript:

1 IOANNIS CHALKIADIS CERNIT SECURITY TEAM How to hack,earn money and stay out of jail. IT LIGHTNING TALK 04.12.15 CERN 1

2 Hacking started about curiosity and knowledge, now it is just business. 2

3 How much is the global spending in IT Security?  Up to 77$ Billion in 2015*.  Is it enough? 3 *http://cybersecurityventures.com/cybersecurity-market-report/

4 I ask you again is it enough? 4

5 5

6 CompanyUsers JP Morgan Chase 76.000.000 Sony77.000.000 Ebay145.000.000 Adobe36.000.000 Apple12.400.000 US Military76.000.000 Yahoo22.000.000 Biggest data breaches in the last decade * 6 *http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/

7 24 year old Algerian –ZEUS BOTNET- 3.600.000 million infected machines 70 million $$ loss Hacking and arrests 7

8 27 year old Russian –BLACKHOLE EXPLOIT KIT- 97% of 2014 browser threats was from blackhole. (AVG) Was making 70.000$ per month selling his kit  ----- He was smart huh? You know how he got arrested? He posted this picture in his Facebook profile.. Meh.. 8

9 What is bug bounty, terms/rules You report ->They reply -> Fix or will not fix -> Reward/Thank you 9

10 99% of the companies have this list of rules: Do not cause DOS (Denial of service) to their services. The vulnerability should not affect the user data or critical information. Responsible and ethical disclosure to the company. Do not share it with any third parties. Rules*Rules* 10

11 11

12 12

13 Google : Contacted them 17.10.14 Got Response18.10.14 Triaged Situation ( implementing fix) 19.10.14 Fixed Reward $$ and thank you email. 21.10.14 My Personal Adventures 13

14 14

15 Western union : Contacted them 11.05.15 Got Response16.05.15 Triaged Situation ( implementing fix) 24.05.15 Fixed Reward $$ and thank you email. 03.06.15 My Personal Adventures 15

16 16

17 Sites that host bug bounty programs https://bugcrowd.com/programs https://hackerone.com/directory 17

18 Want to learn more and improve? 18

19 Questions 19

Download ppt "IOANNIS CHALKIADIS CERNIT SECURITY TEAM How to hack,earn money and stay out of jail. IT LIGHTNING TALK 04.12.15 CERN 1."

Similar presentations

Thank you for putting cell phone on silent Please Response Encourage Success – refrain from criticisms Affiliate Network Platform Make Money Online Presented.

Thank you for putting cell phone on silent Please Response Encourage Success – refrain from criticisms Affiliate Network Platform Make Money Online Presented.
Chapter 1 We’ve Got Problems…. Four Horsemen  … of the electronic apocalypse  Spam --- unsolicited bulk email o Over 70% of email traffic  Bugs ---

Chapter 1 We’ve Got Problems…. Four Horsemen  … of the electronic apocalypse  Spam --- unsolicited bulk o Over 70% of traffic  Bugs ---
Privacy: Facebook, Twitter

Privacy: Facebook, Twitter
Ethics CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University

Ethics CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
Top Questions Executives and Board Members Should be Asking About IT and Cloud Risks.

Top Questions Executives and Board Members Should be Asking About IT and Cloud Risks.
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
Security for Internet Every Day Use Standard Security Practices and New Threats.

Security for Internet Every Day Use Standard Security Practices and New Threats.
Computer Security And Computer Crimes. Problem under consideration A software flaw was found in a national bank's web site that allows anyone who knows.

Computer Security And Computer Crimes. Problem under consideration A software flaw was found in a national bank's web site that allows anyone who knows.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Ethical Hacking Introduction.  What is Ethical Hacking?  Types of Ethical Hacking  Responsibilities of a ethical hacker  Customer Expectations  Skills.

Ethical Hacking Introduction.  What is Ethical Hacking?  Types of Ethical Hacking  Responsibilities of a ethical hacker  Customer Expectations  Skills.
Boost your network security with NETASQ Vulnerability Manager.

Boost your network security with NETASQ Vulnerability Manager.
Sage Insights 2015 Using the mobile and social benefits of Sage CRM to enhance your business. Ocean Helberg. Senior CRM Consultant.

Sage Insights 2015 Using the mobile and social benefits of Sage CRM to enhance your business. Ocean Helberg. Senior CRM Consultant.
FACEBOOK BY:GARSAN THAYANANTHAN. What is Facebook? Facebook is a social networking site that allows people to communicate and connect to family, friends.

FACEBOOK BY:GARSAN THAYANANTHAN. What is Facebook? Facebook is a social networking site that allows people to communicate and connect to family, friends.
Get Complete IT Compliance: Reduce Risk and Cost Jonathan CISO, Qualys Seth Automation Specialist, BMC.

Get Complete IT Compliance: Reduce Risk and Cost Jonathan CISO, Qualys Seth Automation Specialist, BMC.
Sam Cook April 18, 2013. Overview What is penetration testing? Performing a penetration test Styles of penetration testing Tools of the trade.

Sam Cook April 18, Overview What is penetration testing? Performing a penetration test Styles of penetration testing Tools of the trade.
© 2009 IDBI Intech, Inc. All rights reserved.IDBI Intech Confidential 1 Information (Data) Security & Risk Mitigation.

© 2009 IDBI Intech, Inc. All rights reserved.IDBI Intech Confidential 1 Information (Data) Security & Risk Mitigation.
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.

Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
Viruses.

Viruses.
Geoff Holt Getting your message out there…. The Buying Cycle Awareness Knowledge Liking Preference Conviction Purchase Comfort.

Geoff Holt Getting your message out there…. The Buying Cycle Awareness Knowledge Liking Preference Conviction Purchase Comfort.

Similar presentations

Ads by Google