Technical Workshop - Win32/Georbot Analysis

•

1 j'aime•816 vues

Positive Hack Days

Technologie

Technical Workshop - Win32/Georbot Analysis

Introduction

• Based in Montreal
• Studies in computer engineering at Ecole Polytechnique
• Malware analysis
• Focus on investigation and understanding trends

Labs’ Objectives

• Gain hands-on knowledge on malware analysis
• Obfuscation
• Persistence
• C&C traffic
• This case is *NOT* cutting edge but a good summary of common
things we see nowadays

Win32/Georbot

• One of our analyst reported an interesting string in a binary
(.gov.ge)
• Started investigation, we thought it was time sensitive and involved
3 guys for 3 days.
• Interesting feature
• Document stealing
• Audio / Video capture
• Etc

Win32/Georbot

• Further analysis showed thousands of variants
• We were able to track the evolution of the features
• Track AV evasion techniques

Workshop Outline

1. Data obfuscation
2. Control flow obfuscation
3. API call obfuscation
4. Answer basic malware analysis questions
5. C&C network protocol

Tools Required

1. IDA 6.x (you can use the demo)
2. Python interpreter w/ some modules for web server
3. Immunity Debugger / Olly Debugger

IDA Python

• Automate repetitive tasks in IDA
• Read data (Byte, Word, Dword, etc)
• Change data (PatchByte, PatchWord, PatchDword, etc)
• Add comments (MakeComm)
• Add cross references
• User interaction
• Etc.

Data Obfuscation

• Where’s all my data?!
• Debug the malware (in a controlled environment), do you see
something appear? (0x407afb)
• What happened? Find the procedure which decodes the data
• Understand obfuscation
• Implement deobfuscation with IDA Python

Control Flow Obfuscation

• Identify common obfuscation patterns
• Find a straight forward replacement
• Implement substitutions with IDA Python
• Reanalyze program, does it look better?

Control Flow Obfuscation

Obfuscated Deobfuscated
push <addr>; ret Jmp <addr>
Push <addr> Call <addr> (will return to addr)
jmp <addr>

API Call Obfuscation

• Where are all my API calls?
• Find and understand hashing function
• Brute force API calls and add comments to IDB using IDA Python

Let’s understand what’s going on!

• Can multiple instances of the malware run at the same time?
• Is the malware persistent? How?
• What is the command and control server?
• What is the update mechanism for binaries?
• Is there a C&C fallback mechanism?

Additional work

• Write a detection mechanism for an infected system
• Implement a cleaner for this malware
• Kill the process
• Remove persistence
• At what time interval does the malware probe its C&C server?

0x403AFD - cpuid

http://en.wikipedia.org/wiki/CPUID

C&C Protocol Analysis

• What’s the chain of event in the communication
• What is the information provided by the bot
• What type of answer is the bot expecting?
• What are the different actions?

C&C Commands

0A029h ; find
1675h ; dir
0A8FEh ; load?
22C4C1h ; upload
42985 ; main?
0A866h ; list?
1175972831 ; upload_dir
9C9Ch ; ddos
0B01Dh ; scan
47154 ; word
2269271 ; system
9FCCh ; dump
310946 ; photo
440F6h 18FEh ; rdp
4F5BBh ; video
3D0BD7C6h ; screenshot
741334016 ; password
0DA8B3Ch ; history

FALLBCK.com

• What is this DNS query?
• What can we do with it?

GUID

• What is at 0x0040A03D, how is it used in program?

Conclusions

• The set of questions to answer is often similar.
• Don’t focus on details, remember your objective, its easy to get lost.
• A mix of dynamic and static analysis is often the best solution for
quick understanding of a new malware family.

Contenu connexe

Tendances

Japan is recently experiencing a rise in targeted attacks. However, it is rare that details of such attacks are revealed. Under this circumstance, JPCERT/CC has been investigating the attack operations targeting Japanese organizations including the government and leading enterprises. We have especially been tracking two distinct cases over a prolonged period. The first case, which became public in 2015, drew nationwide attention for victimizing several Japanese organizations. In this case, the attacker conducts sophisticated attacks through network intrusion and targeting weak points of the organizations. The second case has been continuously targeting certain Japanese organizations since 2013. Although this case has not drawn as much attention, the attacker has advanced techniques and uses various interesting attack methods. This presentation will introduce the above two attack operations, including attack techniques we revealed through prolonged investigation, the malware/tools being used, as well as useful techniques/tools for analyzing related malware.

Revealing the Attack Operations Targeting Japan by Shusei Tomonaga & Yuu Nak...

CODE BLUE

Presented at Black Hat 2019 https://www.blackhat.com/us-19/briefings/schedule/index.html#fantastic-red-team-attacks-and-how-to-find-them-16540 Casey Smith (Red Canary) Ross Wolf (Endgame) bit.ly/fantastic19 Abstract: Red team testing in organizations over the last year has shown a dramatic increase in detections mapped to MITRE ATT&CK™ across Windows, Linux and macOS. However, many organizations continue to miss several key techniques that, unsurprisingly, often blend in with day-to-day user operations. One example includes Trusted Developer Utilities which can be readily available on standard user endpoints, not just developer workstations, and such applications allow for code execution. Also, XSL Script processing can be used as an attack vector as there are a number of trusted utilities that can consume and execute scripts via XSL. And finally, in addition to these techniques, trusted .NET default binaries are known to allow unauthorized execution as well, these include tools like InstallUtil, Regsvcs and AddInProcess. Specific techniques, coupled with procedural difficulties within a team, such as alert fatigue and lack of understanding with environmental norms, make reliable detection of these events near impossible. This talk summarizes prevalent and ongoing gaps across organizations uncovered by testing their defenses against a broad spectrum of attacks via Atomic Red Team. Many of these adversary behaviors are not atomic, but span multiple events in an event stream that may be arbitrarily and inconsistently separated in time by nuisance events. Additionally, we introduce and demonstrate the open-sourced Event Query Language for creating high signal-to-noise analytics that close these prevalent behavioral gaps. EQL is event agnostic and can be used to craft analytics that readily link evidence across long sequences of log data. In a live demonstration, we showcase powerful but easy to craft analytics that catch adversarial behavior most commonly missed in organizations today.

Fantastic Red Team Attacks and How to Find Them

Ross Wolf

Defcon 22-philip-young-from-root-to-special-hacking-ibm-main

Priyanka Aash

Aditya Joshi, Microsoft Abhishek Singh, Microsoft Shellcode detection is critical in the identification of persistent threats. Attackers employ them in exploitation, post-exploitation toolkits and macro-based malware routinely to evade detection. Our research also shows that shellcode in the wild are evolving to defeat many of the static analysis techniques employed to detect them. We will present a fast, platform agnostic approach (Windows/Linux) that been successful in detecting many real world shellcode compromises as part of the ASC Fileless attack feature (Process Investigator). Our approach employs state machines, virtual stack/register representation and operand expression heuristics to identify suspicious machine code patterns in milliseconds. We identify the basic heuristics that are commonly employed in shellcode. This allows us to be more robust against attackers that constantly evolve to thwart pure signature or byte stream sequence based approaches. Each instruction is passed to a series of activation functions that look for platform specific patterns generally needed in Stage 1 shellcode. As we process the stream of instructions we scan for hashing loops, in-segment/out-segment calls/jumps, current instruction pointer determination, system calls, locating system data structures, anti-debugging and anti-hooking behaviors in the machine code. We then correlate these findings to give a maliciousness score. We will deep dive into the concepts and demo obfuscated shellcodes.

BlueHat v18 || Linear time shellcode detection using state machines and opera...

BlueHat Security Conference

Metasploit Framework Executable Encoding

technology_flow

Building next gen malware behavioural analysis environment

isc2-hellenic

Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteli

Priyanka Aash

Network Forensics and Practical Packet Analysis

Priyanka Aash

Malware analysis

Prakashchand Suthar

Circle City Con 2019 and BSides SATX 2019 Abstract: How do you find malicious activity? We often resort to the cliche, you know it when you see it, but how do you even see it, without drowning in data? MITRE’s ATT&CK knowledge base organizes adversary behavior into tactics and techniques, and orients our approach to endpoint data. It suggests questions that might be worth asking, but not a way to ask them. The Event Query Language (EQL) allows a security analyst to naturally express queries for IOC search, hunting, and behavioral detections, while remaining platform and data source agnostic. In this talk, I will demonstrate the iterative process of establishing situational awareness in your environment, creating targeted detections, and hunting for the adversary in your environment with real data, queries, and results.

The Hunter Games: How to Find the Adversary with Event Query Language

Ross Wolf

CheckPlease: Payload-Agnostic Targeted Malware

Brandon Arvanaghi

C Cpres

ramya5a

Chapter 8 security tools ii

Syaiful Ahdan

Basic Malware Analysis

Albert Hui

Static code analysis

Rune Sundling

During the past year IR teams and security researchers around the world witnessed a rise in the use of legitimate tools and common scripts in malware and APT attacks. This talk will explore the presenters’ research that focused on automating the analysis of PowerShell and Macro/VBA/VBS attacks by building a heuristic-based compiler engine that determines whether a script is malicious or not. (Source: RSA Conference USA 2017)

Isolating the Ghost in the Machine: Unveiling Post Exploitation Threatsrsac

Priyanka Aash

The Future of Automated Malware Generation

Stephan Chenette

Red Team Methodology - A Naked Look

Jason Lang

Tendances (18)

Revealing the Attack Operations Targeting Japan by Shusei Tomonaga & Yuu Nak...

Fantastic Red Team Attacks and How to Find Them

Defcon 22-philip-young-from-root-to-special-hacking-ibm-main

BlueHat v18 || Linear time shellcode detection using state machines and opera...

Metasploit Framework Executable Encoding

Building next gen malware behavioural analysis environment

Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteli

Network Forensics and Practical Packet Analysis

Malware analysis

The Hunter Games: How to Find the Adversary with Event Query Language

CheckPlease: Payload-Agnostic Targeted Malware

C Cpres

Chapter 8 security tools ii

Basic Malware Analysis

Static code analysis

Isolating the Ghost in the Machine: Unveiling Post Exploitation Threatsrsac

The Future of Automated Malware Generation

Red Team Methodology - A Naked Look

En vedette

андрей дугин

Positive Hack Days

Sms bank

Positive Hack Days

Phdays

Positive Hack Days

как разработать защищенное веб приложение и не сойти с ума. владимир кочетков

Positive Hack Days

Grc eng

Positive Hack Days

E potseluevskaya ru

Positive Hack Days

V defense veniamin levtsov-kl_24 may 2013

Positive Hack Days

Phd2013 lyamin

Positive Hack Days

24may 1000 valday sergey shekyan artem harutyunyan 'to watch or to be watched'

Positive Hack Days

23may 1500 valday трифаленков 'размещение приложений в облачной платформе о7 ...

Positive Hack Days

Дмитрий Кузнецов. Сертификация в странах CCRA глазами заявителя

Positive Hack Days

Mobiles Can Make Your Business Fly

Rob Manson

e is for everywhere - Interactive Mobile Web Presentation

Rob Manson

What does it mean when your apps can see, hear and feel? Digital sensors are flooding through our daily life. Mobile devices have microphones, cameras, accelerometers, digital compasses and now Near Field Communication (NFC) chips and scanners. But this is all just the very start. These small digital sensors are shrinking even further and just as Mark Weiser predicted they are soaking into the world around you. In this session Rob will explore how you can use these new streams of sensor data to create innovative and dynamic new user experiences. He’ll examine, from an experience point of view, what the challenges and constraints of sensor driven apps are and how you can deal with this deeply technical domain that covers issues such as sensor fusion, latency, calibration and newly extended mental models. But if that all sounds a bit dry and technical for you, don’t panic! Rob’s focus here is on how to create experiences using these technologies rather than the deep technical aspects themselves. However, he will help you get a clear overview of the work from the W3C Device API and Web Real Time Communication working groups, the ARStandards.org community and other related research activities. He’ll present tangible demonstrations that show how these new streams of “digital awareness” data can now be integrated into the experiences you create to literally bring your apps to life. This will leave you re-thinking your current projects and asking “Is that sense-able?”. Rob will also explore where we are headed with all of this and how to plan for this mind expanding journey. This is far from just a technical discussion. It will provide an introduction to the ethical and moral issues created by these sensors. Issues that we will all need to address in our own lives providing yet another aspect to the key question “Is that sensible?”

Is that sense-able?

Rob Manson

2013 05-23 android&crypto

Positive Hack Days

En vedette (15)

андрей дугин

Sms bank

Phdays

как разработать защищенное веб приложение и не сойти с ума. владимир кочетков

Grc eng

E potseluevskaya ru

V defense veniamin levtsov-kl_24 may 2013

Phd2013 lyamin

24may 1000 valday sergey shekyan artem harutyunyan 'to watch or to be watched'

23may 1500 valday трифаленков 'размещение приложений в облачной платформе о7 ...

Дмитрий Кузнецов. Сертификация в странах CCRA глазами заявителя

Mobiles Can Make Your Business Fly

e is for everywhere - Interactive Mobile Web Presentation

Is that sense-able?

2013 05-23 android&crypto

Similaire à Technical Workshop - Win32/Georbot Analysis

2011 CodeEngn Conference 05 DBI 란 Dynamic Binary Instrumentation 의 약자이다. 이는 실행 중인 어떤 Process 또는 Program 에 특수한 목적으로 사용될 임의의 코드를 삽입하는 방법이다. 이를 이용하여 동적으로 생성된 Code 처리, 특정 코드의 발견, 실행중인 Process 분석 등을 할 수 있다. 주로 컴퓨터 구조 연구, 프로그램, 스레드 분 석에 이용되며, Taint Analysis 에 대한 개념, 각종 Tool 과 사용 방법, 간단한 예제, 최신 취약점 분석 등 을 통하여 DBI 를 알아보도록 한다. http://codeengn.com/conference/05

[2011 CodeEngn Conference 05] Deok9 - DBI(Dynamic Binary Instrumentation)를 이용...

GangSeok Lee

ANALYZE'15 - Bulk Malware Analysis at Scale

John Bambenek

Watchtowers of the Internet: Analysis of Outbound Malware Communication, Stephan Chenette, Principal Security Researcher, (@StephanChenette) & Armin Buescher, Security Researcher With advanced malware, targeted attacks, and advanced persistent threats, it’s not IF but WHEN a persistant attacker will penetrate your network and install malware on your company’s network and desktop computers. To get the full picture of the threat landscape created by malware, our malware sandbox lab runs over 30,000 malware samples a day. Network traffic is subsequently analyzed using heuristics and machine learning techniques to statistically score any outbound communication and identify command & control, back-channel, worm-like and other types of traffic used by malware. Our talk will focus on the setup of the lab, major malware families as well as outlier malware, and the statistics we have generated to give our audience an exposure like never before into the details of malicious outbound communication. We will provide several tips, based on our analysis to help you create a safer and more secure network. Stephan Chenette is a principal security researcher at Websense Security Labs, specializing in research tools and next generation emerging threats. In this role, he identifies and implements exploit and malcode detection techniques. Armin Buescher is a Security Researcher and Software Engineer experienced in strategic development of detection/prevention technologies and analysis tools. Graduated as Dipl.-Inf. (MSc) with thesis on Client Honeypot systems. Interested in academic research work and published author of security research papers.

Watchtowers of the Internet - Source Boston 2012

Stephan Chenette

From the demise of conventional signature-based endpoint technologies have risen next generation solutions. These technologies have cluttered the marketplace introducing a conundrum for endpoint selection. This session will focus on the key requirements for effective security prevention, detection, and remediation. It will introduce a real-world framework for categorizing endpoint capabilities, and enable selection of solutions matching the unmet needs of security programs. The following topics will be covered: • What do i actually need? • Real-world framework to categorize endpoint capabilities • Map vendors into buckets within the framework • Housekeeping, what's needed before you even start? • Cheat sheet of probing questions to ask vendors • Best practices of deploying best of breed solutions

NextGen Endpoint Security for Dummies

Atif Ghauri

Defcon 22-wesley-mc grew-instrumenting-point-of-sale-malware

DaveEdwards12

Anti-virus Mechanisms and Various Ways to Bypass Antivirus detection

Neel Pathak

how-to-bypass-AM-PPL

nitinscribd

Filar seymour oreilly_bot_story_

EndgameInc

Reverse engineering is not just about uncovering the hidden behaviour of a given technology, system, program or device. It's actually an art and a mindset. Reversing is used by some government agencies, secret services, antivirus software companies, hackers and students. It can be used for many purposes: cracking/bypassing software, botnet analysis, finding 0day exploits, interpreting unknown protocols, understanding malware or finding bugs in apps.

Demystifying Binary Reverse Engineering - Pixels Camp

André Baptista

Tool up your lamp stack

AgileOnTheBeach

Tool Up Your LAMP Stack

Lorna Mitchell

CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT

CanSecWest

This presentation will provide an overview of what a penetration test is, why companies pay for them, and what role they play in most IT security programs. It will also include a brief overview of the common skill sets and tools used by today’s security professionals. Finally, it will offer some basic advice for getting started in penetration testing. This should be interesting to aspiring pentesters trying to gain a better understanding of how penetration testing fits into the larger IT security world. Additional resources can be found in the blog below: https://www.netspi.com/blog/entryid/140/resources-for-aspiring-penetration-testers More security blogs by the authors can be found @ https://www.netspi.com/blog/

WTF is Penetration Testing v.2

Scott Sutherland

Greg Hoglund explained at BlackHat 2010 that the development environments that malware authors use leaves traces in the code which can be used to attribute malware to a individual or a group of individuals. Not with the precision of name, date of birth and address but with evidence that a arrested suspects computer can be analysed and compared with the "tool marks" on the collected malware sample.

DEEPSEC 2013: Malware Datamining And Attribution

Michael Boman

Hacklu2011 tricaud

stricaud

BSidesCharleston2014 - Ballin on a Budget: Tracking Chinese Malware Campaigns...

Andrew Morris

Commodity malware means YOU

Michael Gough

(130119) #fitalk apt, cyber espionage threat

INSIGHT FORENSIC

Big Data Approaches to Cloud Security

Paul Morse

Conclusions from Tracking Server Attacks at Scale

Guardicore

Similaire à Technical Workshop - Win32/Georbot Analysis (20)

[2011 CodeEngn Conference 05] Deok9 - DBI(Dynamic Binary Instrumentation)를 이용...

ANALYZE'15 - Bulk Malware Analysis at Scale

Watchtowers of the Internet - Source Boston 2012

NextGen Endpoint Security for Dummies

Defcon 22-wesley-mc grew-instrumenting-point-of-sale-malware

Anti-virus Mechanisms and Various Ways to Bypass Antivirus detection

how-to-bypass-AM-PPL

Filar seymour oreilly_bot_story_

Demystifying Binary Reverse Engineering - Pixels Camp

Tool up your lamp stack

Tool Up Your LAMP Stack

CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT

WTF is Penetration Testing v.2

DEEPSEC 2013: Malware Datamining And Attribution

Hacklu2011 tricaud

BSidesCharleston2014 - Ballin on a Budget: Tracking Chinese Malware Campaigns...

Commodity malware means YOU

(130119) #fitalk apt, cyber espionage threat

Big Data Approaches to Cloud Security

Conclusions from Tracking Server Attacks at Scale

Plus de Positive Hack Days

Инструмент ChangelogBuilder для автоматической подготовки Release Notes

Positive Hack Days

Как мы собираем проекты в выделенном окружении в Windows Docker

Positive Hack Days

Типовая сборка и деплой продуктов в Positive Technologies

Positive Hack Days

1. Что такое BI. Зачем он нужен. 2. Что такое Qlik View / Sense 3. Способ интеграции. Как это работает. 4. Метрики, KPI, планирование ресурсов команд, ретроспектива релиза продукта, тренды. 5. Подключение внешних источников данных (Excel, БД СКУД, переговорные комнаты).

Аналитика в проектах: TFS + Qlik

Positive Hack Days

Использование анализатора кода SonarQube

Positive Hack Days

Развитие сообщества Open DevOps Community

Positive Hack Days

Методика определения неиспользуемых ресурсов виртуальных машин и автоматизаци...

Positive Hack Days

Approof — статический анализатор кода для проверки веб-приложений на наличие уязвимых компонентов. В своей работе анализатор основывается на правилах, хранящих сигнатуры искомых компонентов. В докладе рассматривается базовая структура правила для Approof и процесс автоматизации его создания.

Автоматизация построения правил для Approof

Positive Hack Days

Задумывались ли вы когда-нибудь о том, как устроены современные механизмы защиты приложений? Какая теория стоит за реализацией WAF и SAST? Каковы пределы их возможностей? Насколько их можно подвинуть за счет более широкого взгляда на проблематику безопасности приложений? На мастер-классе будут рассмотрены основные методы и алгоритмы двух основополагающих технологий защиты приложений — межсетевого экранирования уровня приложения и статического анализа кода. На примерах конкретных инструментов с открытым исходным кодом, разработанных специально для этого мастер-класса, будут рассмотрены проблемы, возникающие на пути у разработчиков средств защиты приложений, и возможные пути их решения, а также даны ответы на все упомянутые вопросы.

Мастер-класс «Трущобы Application Security»

Positive Hack Days

Формальные методы защиты приложений

Positive Hack Days

Эвристические методы защиты приложений

Positive Hack Days

Теоретические основы Application Security

Positive Hack Days

Разработка наукоемкого программного обеспечения отличается тем, что нет ни четкой постановки задачи, ни понимания, что получится в результате. Однако даже этом надо программировать то, что надо, и как надо. Докладчик расскажет о том, как ее команда успешно разработала и вывела в промышленную эксплуатацию несколько наукоемких продуктов, пройдя непростой путь от эксперимента, результатом которого был прототип, до промышленных версий, которые успешно продаются как на российском, так и на зарубежном рынках. Этот путь был насыщен сложностями и качественными управленческими решениями, которыми поделится докладчик

От экспериментального программирования к промышленному: путь длиной в 10 лет

Positive Hack Days

Немногие разработчики закладывают безопасность в архитектуру приложения на этапе проектирования. Часто для этого нет ни денег, ни времени. Еще меньше — понимания моделей нарушителя и моделей угроз. Защита приложения выходит на передний план, когда уязвимости начинают стоить денег. К этому времени приложение уже работает и внесение существенных изменений в код становится нелегкой задачей. К счастью, разработчики тоже люди, и в коде разных приложений можно встретить однотипные недостатки. В докладе речь пойдет об опасных ошибках, которые чаще всего допускают разработчики Android-приложений. Затрагиваются особенности ОС Android, приводятся примеры реальных приложений и уязвимостей в них, описываются способы устранения.

Уязвимое Android-приложение: N проверенных способов наступить на грабли

Positive Hack Days

Разработка любого софта так или иначе базируется на требованиях. Полный перечень составляют бизнес-цели приложения, различные ограничения и ожидания по качеству (их еще называют NFR). Требования к безопасности ПО относятся к последнему пункту. В ходе доклада будут рассматриваться появление этих требований, управление ими и выбор наиболее важных. Отдельно будут освещены принципы построения архитектуры приложения, при наличии таких требований и без, и продемонстрировано, как современные (и хорошо известные) подходы к проектированию приложения помогают лучше строить архитектуру приложения для минимизации ландшафта угроз.

Требования по безопасности в архитектуре ПО

Positive Hack Days

Доклад посвящен разработке корректного программного обеспечения с применением одного из видов статического анализа кода. Будут освещены вопросы применения подобных методов, их слабые стороны и ограничения, а также рассмотрены результаты, которые они могут дать. На конкретных примерах будет продемонстрировано, как выглядят разработка спецификаций для кода на языке Си и доказательство соответствия кода спецификациям.

Формальная верификация кода на языке Си

Positive Hack Days

Механизмы предотвращения атак в ASP.NET Core

Positive Hack Days

SOC для КИИ: израильский опыт

Positive Hack Days

Honeywell Industrial Cyber Security Lab & Services Center

Positive Hack Days

Credential stuffing и брутфорс-атаки

Positive Hack Days

Plus de Positive Hack Days (20)

Инструмент ChangelogBuilder для автоматической подготовки Release Notes

Как мы собираем проекты в выделенном окружении в Windows Docker

Типовая сборка и деплой продуктов в Positive Technologies

Аналитика в проектах: TFS + Qlik

Использование анализатора кода SonarQube

Развитие сообщества Open DevOps Community

Методика определения неиспользуемых ресурсов виртуальных машин и автоматизаци...

Автоматизация построения правил для Approof

Мастер-класс «Трущобы Application Security»

Формальные методы защиты приложений

Эвристические методы защиты приложений

Теоретические основы Application Security

От экспериментального программирования к промышленному: путь длиной в 10 лет

Уязвимое Android-приложение: N проверенных способов наступить на грабли

Требования по безопасности в архитектуре ПО

Формальная верификация кода на языке Си

Механизмы предотвращения атак в ASP.NET Core

SOC для КИИ: израильский опыт

Honeywell Industrial Cyber Security Lab & Services Center

Credential stuffing и брутфорс-атаки

Dernier

Scaling API-first – The story of a global engineering organization

Radu Cotescu

Tata AIG General Insurance Company - Insurer Innovation Award 2024

The Digital Insurer

This presentations targets students or working professionals. You may know Google for search, YouTube, Android, Chrome, and Gmail, but did you know Google has many developer tools, platforms & APIs? This comprehensive yet still high-level overview outlines the most impactful tools for where to run your code, store & analyze your data. It will also inspire you as to what's possible. This talk is 50 minutes in length.

Powerful Google developer tools for immediate impact! (2023-24 C)

wesley chun

MINDCTI Revenue Release Quarter One 2024

MIND CTI

A Domino Admins Adventures (Engage 2024)

Gabriella Davis

Partners Life - Insurer Innovation Award 2024

The Digital Insurer

presentation ICT roal in 21st century education

jfdjdjcjdnsjd

Imagine a world where information flows as swiftly as thought itself, making decision-making as fluid as the data driving it. Every moment is critical, and the right tools can significantly boost your organization’s performance. The power of real-time data automation through FME can turn this vision into reality. Aimed at professionals eager to leverage real-time data for enhanced decision-making and efficiency, this webinar will cover the essentials of real-time data and its significance. We’ll explore: FME’s role in real-time event processing, from data intake and analysis to transformation and reporting An overview of leveraging streams vs. automations FME’s impact across various industries highlighted by real-life case studies Live demonstrations on setting up FME workflows for real-time data Practical advice on getting started, best practices, and tips for effective implementation Join us to enhance your skills in real-time data automation with FME, and take your operational capabilities to the next level.

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

Safe Software

Top 10 Most Downloaded Games on Play Store in 2024

SynarionITSolutions

GenAI Risks & Security Meetup 01052024.pdf

lior mazor

The value of a flexible API Management solution for Open Banking Steve Melan, Manager for IT Innovation and Architecture - State's and Saving's Bank of Luxembourg Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The value of a flexible API Management solution for O...

apidays

Three things you will take away from the session: • How to run an effective tenant-to-tenant migration • Best practices for before, during, and after migration • Tips for using migration as a springboard to prepare for Copilot in Microsoft 365 Main ideas: Migration Overview: The presentation covers the current reality of cross-tenant migrations, the triggers, phases, best practices, and benefits of a successful tenant migration Considerations: When considering a migration, it is important to consider the migration scope, performance, customization, flexibility, user-friendly interface, automation, monitoring, support, training, scalability, data integrity, data security, cost, and licensing structure Next Wave: The next wave of change includes the launch of Copilot, which requires businesses to be prepared for upcoming changes related to Copilot and the cloud, and to consolidate data and tighten governance ShareGate: ShareGate can help with pre-migration analysis, configurable migration tool, and automated, end-user driven collaborative governance

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

sammart93

Discord is a free app offering voice, video, and text chat functionalities, primarily catering to the gaming community. It serves as a hub for users to create and join servers tailored to their interests. Discord’s ecosystem comprises servers, each functioning as a distinct online community with its own channels dedicated to specific topics or activities. Users can engage in text-based discussions, voice calls, or video chats within these channels. Understanding Discord Servers Discord servers are virtual spaces where users congregate to interact, share content, and build communities. Servers may revolve around gaming, hobbies, interests, or fandoms, providing a platform for like-minded individuals to connect. Communication Features Discord offers a range of communication tools, including text channels for messaging, voice channels for real-time audio conversations, and video channels for face-to-face interactions. These features facilitate seamless communication and collaboration. What Does NSFW Mean? The acronym NSFW stands for “Not Safe For Work,” indicating content that may be inappropriate for professional or public settings. NSFW Content NSFW content encompasses material that is sexually explicit, violent, or otherwise graphic in nature. It often includes nudity, profanity, or depictions of sensitive topics.

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

UK Journal

Join our latest Connector Corner webinar to discover how UiPath Integration Service revolutionizes API-centric automation in a 'Quote to Cash' process—and how that automation empowers businesses to accelerate revenue generation. A comprehensive demo will explore connecting systems, GenAI, and people, through powerful pre-built connectors designed to speed process cycle times. Speakers: James Dickson, Senior Software Engineer Charlie Greenberg, Host, Product Marketing Manager

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

DianaGray10

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

The Digital Insurer

A Principled Technologies deployment guide Conclusion Deploying VMware Cloud Foundation 5.1 on next gen Dell PowerEdge servers brings together critical virtualization capabilities and high-performing hardware infrastructure. Relying on our hands-on experience, this deployment guide offers a comprehensive roadmap that can guide your organization through the seamless integration of advanced VMware cloud solutions with the performance and reliability of Dell PowerEdge servers. In addition to the deployment efficiency, the Cloud Foundation 5.1 and PowerEdge solution delivered strong performance while running a MySQL database workload. By leveraging VMware Cloud Foundation 5.1 and PowerEdge servers, you could help your organization embrace cloud computing with confidence, potentially unlocking a new level of agility, scalability, and efficiency in your data center operations.

Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...

Principled Technologies

With more memory available, system performance of three Dell devices increased, which can translate to a better user experience Conclusion When your system has plenty of RAM to meet your needs, you can efficiently access the applications and data you need to finish projects and to-do lists without sacrificing time and focus. Our test results show that with more memory available, three Dell PCs delivered better performance and took less time to complete the Procyon Office Productivity benchmark. These advantages translate to users being able to complete workflows more quickly and multitask more easily. Whether you need the mobility of the Latitude 5440, the creative capabilities of the Precision 3470, or the high performance of the OptiPlex Tower Plus 7010, configuring your system with more RAM can help keep processes running smoothly, enabling you to do more without compromising performance.

Boost PC performance: How more available memory can improve productivity

Principled Technologies

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Product Anonymous

Effective data discovery is crucial for maintaining compliance and mitigating risks in today's rapidly evolving privacy landscape. However, traditional manual approaches often struggle to keep pace with the growing volume and complexity of data. Join us for an insightful webinar where industry leaders from TrustArc and Privya will share their expertise on leveraging AI-powered solutions to revolutionize data discovery. You'll learn how to: - Effortlessly maintain a comprehensive, up-to-date data inventory - Harness code scanning insights to gain complete visibility into data flows leveraging the advantages of code scanning over DB scanning - Simplify compliance by leveraging Privya's integration with TrustArc - Implement proven strategies to mitigate third-party risks Our panel of experts will discuss real-world case studies and share practical strategies for overcoming common data discovery challenges. They'll also explore the latest trends and innovations in AI-driven data management, and how these technologies can help organizations stay ahead of the curve in an ever-changing privacy landscape.

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc

2024: Domino Containers - The Next Step. News from the Domino Container commu...

Martijn de Jong

Dernier (20)