Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Security Circus MPICT Summer Conference, June, 2011.

Published byTyler Todd Lamb Modified over 8 years ago

Similar presentations

Presentation on theme: "The Security Circus MPICT Summer Conference, June, 2011."— Presentation transcript:

1 The Security Circus MPICT Summer Conference, June, 2011

2 Twitter!

3 Wikileaks Published <1000 US Gov't diplomatic cables from a leak of 250,000 Distributed an encrypted "Insurance" file by BitTorrent Widely assumed to contain the complete, uncensored leaked data Encrypted with AES-256--no one is ever getting in there without the key Key to be released if Assange is jailed or killed, but he is in UK now resisting extradition to Sweden and the key has not been released

4 Anonymous

5 Operation Payback 4chan's Anonymous group Attacked Scientology websites in 2008 Attacked the RIAA and other copyright defenders Using the Low Orbit Ion Cannon with HiveMind (DDoS) "Opt-in Botnet"

6 HB Gary Federal Aaron Barr Developed a questionable way to track people down online By correlating Twitter, Facebook, and other postings Announced in Financial Times that he had located the “leaders” of Anonymous and would reveal them in a few days

7

8 Social Engineering & SQLi http://tinyurl.com/4gesrcj

9 Leaked HB Gary Emails For Bank of America Discredit Wikileaks Intimidate Journalist Glenn Greenwald For the Chamber of Commerce Discredit the watchdog group US Chamber Watch Using fake social media accounts For the US Air Force Spread propaganda with fake accounts http://tinyurl.com/4anofw8

10 Drupal Exploit

11 Th3j35t3r "Hacktivist for Good" Claims to be ex-military Originally performed DoS attacks on Jihadist sites Bringing them down for brief periods, such as 30 minutes Announces his attacks on Twitter, discusses them on a blog and live on irc.2600.net

12 Jester's Tweets from Dec 2010

13 Th3j35t3r v. Wikileaks He brought down Wikileaks single-handed for more than a day –I was chatting with him in IRC while he did it, and he proved it was him by briefly pausing the attack

14 Wikileaks Outage One attacker, no botnet

15 Th3j35t3r After his Wikileaks attack He battled Anonymous He claims to have trojaned a tool the Anons downloaded He claims to pwn Anon insiders now

16 Jester's Tweets

17 Westboro Baptist Outage 4 sites held down for 8 weeks From a single 3G cell phone –http://tinyurl.com/4vggluu

18 LulzSec The skilled group Anons who hacked H B Gary Federal Hacked – US Senate – Pron.com – Sony – FBI – PBS – Fox News

19

20

21 Two Factor Authentication First factor: what user knows Second factor: what user has –Password token –USB key –Digital certificate –Smart card Without the second factor, user cannot log in –Defeats password guessing / cracking

22 RSA was Hacked, and their Customers Too http://samsclass.info/RSA-alternatives.html

23 Security Training at CCSF Security+ CEH (Certified Ethical Hacker) CISSP (Certified Information Systems Security Professional) Computer Forensics Firewalls

24

Download ppt "The Security Circus MPICT Summer Conference, June, 2011."

Similar presentations

Cyber Stalking Cyber Stalking Phishing Hacker 1. Never reveal your home address !!! This rule is especially important for women who are business professionals.

Cyber Stalking Cyber Stalking Phishing Hacker 1. Never reveal your home address !!! This rule is especially important for women who are business professionals.
Ethical Hacking: New Web 2.0 Attacks and Defenses HI-TEC 2011.

Ethical Hacking: New Web 2.0 Attacks and Defenses HI-TEC 2011.
Black, White, Grey Hat Hackers Not all hackers are bad…which one’s which?

Black, White, Grey Hat Hackers Not all hackers are bad…which one’s which?
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.

ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.

NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.

Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
Chapter 8 Chapter 8 Digital Defense: Securing Your Data and Privacy

Chapter 8 Chapter 8 Digital Defense: Securing Your Data and Privacy
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.

ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.

ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
Vs The Illusion of Security. Aaron Barr : “Security Expert” CEO of security company HBGary Federal Provide Security Training Create Malicious Software.

Vs The Illusion of Security. Aaron Barr : “Security Expert” CEO of security company HBGary Federal Provide Security Training Create Malicious Software.
ITIS 6200/8200: Principles of Information Security and Privacy Dr. Weichao Wang.

ITIS 6200/8200: Principles of Information Security and Privacy Dr. Weichao Wang.
CAP6135: Malware and Software Vulnerability Analysis Examples of Term Projects Cliff Zou Spring 2012.

CAP6135: Malware and Software Vulnerability Analysis Examples of Term Projects Cliff Zou Spring 2012.
Keeping Data Safe Revision Summer 2013. How many ways can data be lost? Start a list… Physical Loss or Corruption of data Accidental or Deliberate Unauthorised.

Keeping Data Safe Revision Summer How many ways can data be lost? Start a list… Physical Loss or Corruption of data Accidental or Deliberate Unauthorised.
Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.

Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.
Threats and ways you can protect your computer. There are a number of security risks that computer users face, some include; Trojans Conficker worms Key.

Threats and ways you can protect your computer. There are a number of security risks that computer users face, some include; Trojans Conficker worms Key.
October 2013. The Insider Financial Crime and Identity Theft Hacktivists Piracy Cyber Espionage and Sabotage.

October The Insider Financial Crime and Identity Theft Hacktivists Piracy Cyber Espionage and Sabotage.

Similar presentations

Ads by Google