SlideShare une entreprise Scribd logo

Case Studies in Network Vulnerability Assessments

Télécharger en tant que PPT, PDF
Dawn Yankeelov
Dawn Yankeelov

"Case Studies in Network Vulnerability Assessments" was presented by Chris Goggans, PatchAdvisor at the TALK Cybersecurity Summit 2017.

Technologie
1  sur  17
Case Studies in Network Vulnerability Assessments
About Chris  I am a VP and a Senior Security Engineer at PatchAdvisor  In 1991 I started one of the first companies to ever provide comprehensive penetration testing/vulnerability assessment services  I’ve examined networks in every industry sector, in dozens of countries
Industry Expertise
Network Vulnerability Assessments  Internal and external reviews  Validation of existing security mechanisms  Detailed analysis of networked devices and services  Not merely running a commercial scanning tool  Audit for policy compliance  Prioritized recommendations for improving security posture
Vulnerability Assessments: WHY?  Only realistic way to determine vulnerabilities  Get a baseline of vulnerability state  Prioritize remedial actions  Correct serious problems quickly  Assure that policies address real vulnerabilities  Industry best practice
Vulnerability Assessments: HOW?  Internet-based attack  Preferably, should include in-depth web application assessments  On-site engagement  Internal attacks  Simultaneous war dialing / wireless / partner connections  Initial out-briefing  Report delivery  Executive briefing
Web Application Assessments  Comprehensive evaluation of application  Network perspective  Server configuration  Software settings  Authenticated and Unauthenticated attacks  Emulate both internet-based attacker, and valid user exceeding authorized access  Examine applications for all types of security issues  SQL Injection  XSS/CSRF  Buffer Overflows  Cookie Manipulation  URL Replay attacks  Denials of Service
How PatchAdvisor Sees A Network
The Most Common Issues  Patch management  Nearly every organization I have examined has been woefully behind in patches, especially on Non-OS/3rd party applications  Misconfigured Services  Insecure file shares, poor access control, default settings  Poor Coding  Vulnerable web applications, desktop applications & mobile apps  Passwords  Weak passwords and poor password discipline are still the number one mechanism used by attackers to gain access
Attacks Can Start Anywhere…  Unpassworded TELNET access into print server  SNMP Read/Write community string exposed in printer configuration menu  Community string also used on devices such as routers, switches, etc.  “Level 7” hashes in Cisco config files exposed the password “mbhafnitsoscar”  This password also used by a Windows Domain Administrator  Windows Domain also tied to NetWare eDirectory  In total, compromise of nearly 15,000 accounts and 99.99% of all systems and network devices…all from one insecure printer
Real War Stories – Healthcare  Internet scans found a SharePoint Server with some limited unauthenticated access  Search queries exposed numerous documents with “password”  One was a set of instructions for training new users on electronic medical records application  This included a Windows domain account and password  This account and password gave access through a Citrix remote desktop server  This gave us access to the organization’s Internal network  NOTE: I have followed this same attack path to compromise other entities, including banks, law firms, and insurance companies
Real War Stories – Hedge Fund  During internal network assessment, NetBIOS name spoofing exposed numerous accounts  System Administrators appeared to be remotely connecting to Windows-based systems as the Administrator account  Password was quickly cracked  Same local administrator password was used on EVERY workstation and server
Real War Stories – Government Agency  On the internal network several Isilon file servers were found  HDFS was running without any access control restrictions set  One directory on the file server had virtual machine images  Pulled down copies and loaded them under local VMware workstation on our attacker laptops  Extracted usernames and passwords from the virtual machine by first booting to virtual CD image of kon-boot and bypassing local login  Could have also gained access by replacing “sticky keys app”, copying SAM and SYSTEM files, etc.  Local administrator-level accounts recovered worked on numerous other servers  Used Mimikatz to recover accounts from each of the additional systems and exposed numerous Domain Administrator-level accounts  This led to the compromise of several thousand Windows-based systems
Real War Stories - Financial Industry  On the internal network there were numerous systems running server-based JAVA applications  Many were commercial applications from major industry leaders (IBM, HP, VMware, etc.)  Numerous attacks over JavaRMI led to remote code execution  Missing patches, insecure libraries, unauthenticated access to JMX consoles, etc.  Extracted cached accounts and plaintext passwords using Mimikatz program including Domain Administrator-level accounts
The Inevitable Conclusion It’s not about perfect security; it’s about DUE DILIGENCE. “Given the inevitability of computer losses, you’ll be judged not by whether you were the victim of an attack, but by how well you planned for it." - Computer Security Institute
In Closing…  Due diligence requires a full spectrum of countermeasures  Vulnerability assessments are a critical component of successful security programs  Understand that your organization is not as unique as you think it is
PatchAdvisor, Inc 703-256-0156 5510 Cherokee Ave Suite 120 Alexandria, VA. 22312

Recommandé

Security Holes and Vulnerabilities in Corporate Network_Pre Null Meet Kolkata
Security Holes and Vulnerabilities in Corporate Network_Pre Null Meet KolkataSecurity Holes and Vulnerabilities in Corporate Network_Pre Null Meet Kolkata
Security Holes and Vulnerabilities in Corporate Network_Pre Null Meet Kolkataamiyadutta
 
Ch09 Performing Vulnerability Assessments
Ch09 Performing Vulnerability AssessmentsCh09 Performing Vulnerability Assessments
Ch09 Performing Vulnerability AssessmentsInformation Technology
 
SWITZ Business Security. Official presentation!
SWITZ Business Security. Official presentation!SWITZ Business Security. Official presentation!
SWITZ Business Security. Official presentation!Maxim Sidorenko
 
Ch02 System Threats and Risks
Ch02 System Threats and RisksCh02 System Threats and Risks
Ch02 System Threats and RisksInformation Technology
 
Best practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresBest practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresAlexander Benoit
 
Secure Code Warrior - Logging
Secure Code Warrior - LoggingSecure Code Warrior - Logging
Secure Code Warrior - LoggingSecure Code Warrior
 
Stop the Evil, Protect the Endpoint
Stop the Evil, Protect the EndpointStop the Evil, Protect the Endpoint
Stop the Evil, Protect the EndpointBeyondTrust
 
Secure Code Warrior - Defense in depth
Secure Code Warrior - Defense in depthSecure Code Warrior - Defense in depth
Secure Code Warrior - Defense in depthSecure Code Warrior
 

Recommandé

Security Holes and Vulnerabilities in Corporate Network_Pre Null Meet Kolkata
Security Holes and Vulnerabilities in Corporate Network_Pre Null Meet KolkataSecurity Holes and Vulnerabilities in Corporate Network_Pre Null Meet Kolkata
Security Holes and Vulnerabilities in Corporate Network_Pre Null Meet Kolkataamiyadutta
 
Ch09 Performing Vulnerability Assessments
Ch09 Performing Vulnerability AssessmentsCh09 Performing Vulnerability Assessments
Ch09 Performing Vulnerability AssessmentsInformation Technology
 
SWITZ Business Security. Official presentation!
SWITZ Business Security. Official presentation!SWITZ Business Security. Official presentation!
SWITZ Business Security. Official presentation!Maxim Sidorenko
 
Ch02 System Threats and Risks
Ch02 System Threats and RisksCh02 System Threats and Risks
Ch02 System Threats and RisksInformation Technology
 
Best practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresBest practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresAlexander Benoit
 
Secure Code Warrior - Logging
Secure Code Warrior - LoggingSecure Code Warrior - Logging
Secure Code Warrior - LoggingSecure Code Warrior
 
Stop the Evil, Protect the Endpoint
Stop the Evil, Protect the EndpointStop the Evil, Protect the Endpoint
Stop the Evil, Protect the EndpointBeyondTrust
 
Secure Code Warrior - Defense in depth
Secure Code Warrior - Defense in depthSecure Code Warrior - Defense in depth
Secure Code Warrior - Defense in depthSecure Code Warrior
 
Ch03 Protecting Systems
Ch03 Protecting SystemsCh03 Protecting Systems
Ch03 Protecting SystemsInformation Technology
 
Android security
Android securityAndroid security
Android securityKrazy Koder
 
VSEC LAN Security Assessment Service Profile
VSEC LAN Security Assessment Service ProfileVSEC LAN Security Assessment Service Profile
VSEC LAN Security Assessment Service ProfileVietnamese Network Security J.S.C
 
Network Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons LearnedNetwork Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons Learnedamiable_indian
 
3 steps to 4x the risk coverage of CA ControlMinder
3 steps to 4x the risk coverage of CA ControlMinder3 steps to 4x the risk coverage of CA ControlMinder
3 steps to 4x the risk coverage of CA ControlMinderObserveIT
 
"EL ATAQUE INTERNO"
"EL ATAQUE INTERNO""EL ATAQUE INTERNO"
"EL ATAQUE INTERNO"Jose Luis Balbiano
 
Security & Protection in Operating System
Security & Protection in Operating SystemSecurity & Protection in Operating System
Security & Protection in Operating SystemMeghaj Mallick
 
Essentials Of Security
Essentials Of SecurityEssentials Of Security
Essentials Of Securityxsy
 
NetGains Infrastructure Security
NetGains Infrastructure SecurityNetGains Infrastructure Security
NetGains Infrastructure SecurityNetGains Technologies Pvt. Ltd.
 
www.more.net | University of Missouri
www.more.net | University of Missouriwww.more.net | University of Missouri
www.more.net | University of Missouriwebhostingguy
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanannewbie2019
 
A new web application vulnerability assessment framework
A new web application vulnerability assessment frameworkA new web application vulnerability assessment framework
A new web application vulnerability assessment frameworkMark Jayson Fuentes
 
Windows Security in Operating System
Windows Security in Operating SystemWindows Security in Operating System
Windows Security in Operating SystemMeghaj Mallick
 
Fighting The Top 7 Threats to Cloud Cybersecurity
Fighting The Top 7 Threats to Cloud CybersecurityFighting The Top 7 Threats to Cloud Cybersecurity
Fighting The Top 7 Threats to Cloud CybersecurityDavid Zaizar
 
Client /server security overview
Client /server security overviewClient /server security overview
Client /server security overviewMohamed Sayed
 
Network Security Risk
Network Security RiskNetwork Security Risk
Network Security RiskDedi Dwianto
 
Security in Windows operating system
Security in Windows operating systemSecurity in Windows operating system
Security in Windows operating systemabdullah roomi
 
Malware Defense-in-Depth 2.0
Malware Defense-in-Depth 2.0Malware Defense-in-Depth 2.0
Malware Defense-in-Depth 2.0Ayed Al Qartah
 
Industry Best Practice against DDoS Attacks
Industry Best Practice against DDoS AttacksIndustry Best Practice against DDoS Attacks
Industry Best Practice against DDoS AttacksMarcelo Silva
 
September 2012 Security Vulnerability Session
September 2012 Security Vulnerability SessionSeptember 2012 Security Vulnerability Session
September 2012 Security Vulnerability SessionKaseya
 
Chris - Network Vulnerability Assessments: Lessons Learned - ClubHack2008
Chris - Network Vulnerability Assessments: Lessons Learned - ClubHack2008Chris - Network Vulnerability Assessments: Lessons Learned - ClubHack2008
Chris - Network Vulnerability Assessments: Lessons Learned - ClubHack2008ClubHack
 
Software Security Testing
Software Security TestingSoftware Security Testing
Software Security Testingankitmehta21
 

Contenu connexe

Tendances

Android security
Android securityAndroid security
Android securityKrazy Koder
 
Network Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons LearnedNetwork Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons Learnedamiable_indian
 
3 steps to 4x the risk coverage of CA ControlMinder
3 steps to 4x the risk coverage of CA ControlMinder3 steps to 4x the risk coverage of CA ControlMinder
3 steps to 4x the risk coverage of CA ControlMinderObserveIT
 
Security & Protection in Operating System
Security & Protection in Operating SystemSecurity & Protection in Operating System
Security & Protection in Operating SystemMeghaj Mallick
 
Essentials Of Security
Essentials Of SecurityEssentials Of Security
Essentials Of Securityxsy
 
www.more.net | University of Missouri
www.more.net | University of Missouriwww.more.net | University of Missouri
www.more.net | University of Missouriwebhostingguy
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanannewbie2019
 
A new web application vulnerability assessment framework
A new web application vulnerability assessment frameworkA new web application vulnerability assessment framework
A new web application vulnerability assessment frameworkMark Jayson Fuentes
 
Windows Security in Operating System
Windows Security in Operating SystemWindows Security in Operating System
Windows Security in Operating SystemMeghaj Mallick
 
Fighting The Top 7 Threats to Cloud Cybersecurity
Fighting The Top 7 Threats to Cloud CybersecurityFighting The Top 7 Threats to Cloud Cybersecurity
Fighting The Top 7 Threats to Cloud CybersecurityDavid Zaizar
 
Client /server security overview
Client /server security overviewClient /server security overview
Client /server security overviewMohamed Sayed
 
Network Security Risk
Network Security RiskNetwork Security Risk
Network Security RiskDedi Dwianto
 
Security in Windows operating system
Security in Windows operating systemSecurity in Windows operating system
Security in Windows operating systemabdullah roomi
 
Malware Defense-in-Depth 2.0
Malware Defense-in-Depth 2.0Malware Defense-in-Depth 2.0
Malware Defense-in-Depth 2.0Ayed Al Qartah
 
Industry Best Practice against DDoS Attacks
Industry Best Practice against DDoS AttacksIndustry Best Practice against DDoS Attacks
Industry Best Practice against DDoS AttacksMarcelo Silva
 
September 2012 Security Vulnerability Session
September 2012 Security Vulnerability SessionSeptember 2012 Security Vulnerability Session
September 2012 Security Vulnerability SessionKaseya
 

Tendances (20)

Ch03 Protecting Systems
Ch03 Protecting SystemsCh03 Protecting Systems
Ch03 Protecting Systems
 
Android security
Android securityAndroid security
Android security
 
VSEC LAN Security Assessment Service Profile
VSEC LAN Security Assessment Service ProfileVSEC LAN Security Assessment Service Profile
VSEC LAN Security Assessment Service Profile
 
Network Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons LearnedNetwork Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons Learned
 
3 steps to 4x the risk coverage of CA ControlMinder
3 steps to 4x the risk coverage of CA ControlMinder3 steps to 4x the risk coverage of CA ControlMinder
3 steps to 4x the risk coverage of CA ControlMinder
 
"EL ATAQUE INTERNO"
"EL ATAQUE INTERNO""EL ATAQUE INTERNO"
"EL ATAQUE INTERNO"
 
Security & Protection in Operating System
Security & Protection in Operating SystemSecurity & Protection in Operating System
Security & Protection in Operating System
 
Essentials Of Security
Essentials Of SecurityEssentials Of Security
Essentials Of Security
 
NetGains Infrastructure Security
NetGains Infrastructure SecurityNetGains Infrastructure Security
NetGains Infrastructure Security
 
www.more.net | University of Missouri
www.more.net | University of Missouriwww.more.net | University of Missouri
www.more.net | University of Missouri
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
 
A new web application vulnerability assessment framework
A new web application vulnerability assessment frameworkA new web application vulnerability assessment framework
A new web application vulnerability assessment framework
 
Windows Security in Operating System
Windows Security in Operating SystemWindows Security in Operating System
Windows Security in Operating System
 
Fighting The Top 7 Threats to Cloud Cybersecurity
Fighting The Top 7 Threats to Cloud CybersecurityFighting The Top 7 Threats to Cloud Cybersecurity
Fighting The Top 7 Threats to Cloud Cybersecurity
 
Client /server security overview
Client /server security overviewClient /server security overview
Client /server security overview
 
Network Security Risk
Network Security RiskNetwork Security Risk
Network Security Risk
 
Security in Windows operating system
Security in Windows operating systemSecurity in Windows operating system
Security in Windows operating system
 
Malware Defense-in-Depth 2.0
Malware Defense-in-Depth 2.0Malware Defense-in-Depth 2.0
Malware Defense-in-Depth 2.0
 
Industry Best Practice against DDoS Attacks
Industry Best Practice against DDoS AttacksIndustry Best Practice against DDoS Attacks
Industry Best Practice against DDoS Attacks
 
September 2012 Security Vulnerability Session
September 2012 Security Vulnerability SessionSeptember 2012 Security Vulnerability Session
September 2012 Security Vulnerability Session
 

Similaire à Case Studies in Network Vulnerability Assessments

Chris - Network Vulnerability Assessments: Lessons Learned - ClubHack2008
Chris - Network Vulnerability Assessments: Lessons Learned - ClubHack2008Chris - Network Vulnerability Assessments: Lessons Learned - ClubHack2008
Chris - Network Vulnerability Assessments: Lessons Learned - ClubHack2008ClubHack
 
Software Security Testing
Software Security TestingSoftware Security Testing
Software Security Testingankitmehta21
 
Computer security system Unit1.pptx
Computer security system Unit1.pptxComputer security system Unit1.pptx
Computer security system Unit1.pptxVIRAJDEY1
 
Solvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSolvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSebastien Deleersnyder
 
Cybersecurity Goes Mainstream
Cybersecurity Goes MainstreamCybersecurity Goes Mainstream
Cybersecurity Goes MainstreamRob Marson
 
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...IBM Security
 
Anatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EUAnatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EUUniversity of Essex
 
How Can I Reduce The Risk Of A Cyber-Attack?
How Can I Reduce The Risk Of A Cyber-Attack?How Can I Reduce The Risk Of A Cyber-Attack?
How Can I Reduce The Risk Of A Cyber-Attack?Osei Fortune
 
Workshop on BackTrack live CD
Workshop on BackTrack live CDWorkshop on BackTrack live CD
Workshop on BackTrack live CDamiable_indian
 
Kunal - Introduction to BackTrack - ClubHack2008
Kunal - Introduction to BackTrack - ClubHack2008Kunal - Introduction to BackTrack - ClubHack2008
Kunal - Introduction to BackTrack - ClubHack2008ClubHack
 
Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008ClubHack
 
Sreerag cs network security
Sreerag cs network securitySreerag cs network security
Sreerag cs network securitySreerag Gopinath
 
The Best Shield Against Ransomware for IBM i
The Best Shield Against Ransomware for IBM iThe Best Shield Against Ransomware for IBM i
The Best Shield Against Ransomware for IBM iPrecisely
 
Network security, seriously?
Network security, seriously?Network security, seriously?
Network security, seriously?Peter Wood
 
Protecting Windows Networks From Malware 31 Jan09
Protecting Windows Networks From Malware 31 Jan09Protecting Windows Networks From Malware 31 Jan09
Protecting Windows Networks From Malware 31 Jan09technext1
 
Protecting Windows Networks From Malware
Protecting Windows Networks From MalwareProtecting Windows Networks From Malware
Protecting Windows Networks From MalwareRishu Mehra
 
Bank One App Sec Training
Bank One App Sec TrainingBank One App Sec Training
Bank One App Sec TrainingMike Spaulding
 
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundaryDean Iacovelli
 
Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Securitybelsis
 

Similaire à Case Studies in Network Vulnerability Assessments (20)

Chris - Network Vulnerability Assessments: Lessons Learned - ClubHack2008
Chris - Network Vulnerability Assessments: Lessons Learned - ClubHack2008Chris - Network Vulnerability Assessments: Lessons Learned - ClubHack2008
Chris - Network Vulnerability Assessments: Lessons Learned - ClubHack2008
 
Software Security Testing
Software Security TestingSoftware Security Testing
Software Security Testing
 
Computer security system Unit1.pptx
Computer security system Unit1.pptxComputer security system Unit1.pptx
Computer security system Unit1.pptx
 
Solvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSolvay secure application layer v2015 seba
Solvay secure application layer v2015 seba
 
Cybersecurity Goes Mainstream
Cybersecurity Goes MainstreamCybersecurity Goes Mainstream
Cybersecurity Goes Mainstream
 
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...
 
AW-Infs201101067.pptx
AW-Infs201101067.pptxAW-Infs201101067.pptx
AW-Infs201101067.pptx
 
Anatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EUAnatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EU
 
How Can I Reduce The Risk Of A Cyber-Attack?
How Can I Reduce The Risk Of A Cyber-Attack?How Can I Reduce The Risk Of A Cyber-Attack?
How Can I Reduce The Risk Of A Cyber-Attack?
 
Workshop on BackTrack live CD
Workshop on BackTrack live CDWorkshop on BackTrack live CD
Workshop on BackTrack live CD
 
Kunal - Introduction to BackTrack - ClubHack2008
Kunal - Introduction to BackTrack - ClubHack2008Kunal - Introduction to BackTrack - ClubHack2008
Kunal - Introduction to BackTrack - ClubHack2008
 
Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008
 
Sreerag cs network security
Sreerag cs network securitySreerag cs network security
Sreerag cs network security
 
The Best Shield Against Ransomware for IBM i
The Best Shield Against Ransomware for IBM iThe Best Shield Against Ransomware for IBM i
The Best Shield Against Ransomware for IBM i
 
Network security, seriously?
Network security, seriously?Network security, seriously?
Network security, seriously?
 
Protecting Windows Networks From Malware 31 Jan09
Protecting Windows Networks From Malware 31 Jan09Protecting Windows Networks From Malware 31 Jan09
Protecting Windows Networks From Malware 31 Jan09
 
Protecting Windows Networks From Malware
Protecting Windows Networks From MalwareProtecting Windows Networks From Malware
Protecting Windows Networks From Malware
 
Bank One App Sec Training
Bank One App Sec TrainingBank One App Sec Training
Bank One App Sec Training
 
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
 
Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Security
 

Plus de Dawn Yankeelov

TALK Public Policy 2022
TALK Public Policy 2022TALK Public Policy 2022
TALK Public Policy 2022Dawn Yankeelov
 
A Look At Evolving Cybersecurity Policy for Financial Institutions 2021
A Look At Evolving Cybersecurity Policy for Financial Institutions 2021A Look At Evolving Cybersecurity Policy for Financial Institutions 2021
A Look At Evolving Cybersecurity Policy for Financial Institutions 2021Dawn Yankeelov
 
Discussing Guidance & Liabilities Regarding Reopening
Discussing Guidance & Liabilities Regarding ReopeningDiscussing Guidance & Liabilities Regarding Reopening
Discussing Guidance & Liabilities Regarding ReopeningDawn Yankeelov
 
DHS Cybersecurity Services for Building Cyber Resilience
DHS Cybersecurity Services for Building Cyber ResilienceDHS Cybersecurity Services for Building Cyber Resilience
DHS Cybersecurity Services for Building Cyber ResilienceDawn Yankeelov
 
Cyber Security Threats Facing Small Businesses--June 2019
Cyber Security Threats Facing Small Businesses--June 2019Cyber Security Threats Facing Small Businesses--June 2019
Cyber Security Threats Facing Small Businesses--June 2019Dawn Yankeelov
 
A Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveA Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveDawn Yankeelov
 
The Case for EDR: What's In Your Toolkit
The Case for EDR: What's In Your ToolkitThe Case for EDR: What's In Your Toolkit
The Case for EDR: What's In Your ToolkitDawn Yankeelov
 
Cyber Security Resilience by KY CISO David Carter
Cyber Security Resilience by KY CISO David CarterCyber Security Resilience by KY CISO David Carter
Cyber Security Resilience by KY CISO David CarterDawn Yankeelov
 
Cyber Security Resilience from Metro Louisville Govt.
Cyber Security Resilience from Metro Louisville Govt. Cyber Security Resilience from Metro Louisville Govt.
Cyber Security Resilience from Metro Louisville Govt. Dawn Yankeelov
 
Cybersecurity Information From KY's CISO
Cybersecurity Information From KY's CISOCybersecurity Information From KY's CISO
Cybersecurity Information From KY's CISODawn Yankeelov
 
Legal Issues in Data Privacy and Security: Response Readiness Before the Breach
Legal Issues in Data Privacy and Security: Response Readiness Before the BreachLegal Issues in Data Privacy and Security: Response Readiness Before the Breach
Legal Issues in Data Privacy and Security: Response Readiness Before the BreachDawn Yankeelov
 
Kentucky's Cyber Enclave
Kentucky's Cyber EnclaveKentucky's Cyber Enclave
Kentucky's Cyber EnclaveDawn Yankeelov
 
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...Dawn Yankeelov
 
RCM Brain: AI Bots in Healthcare
RCM Brain: AI Bots in HealthcareRCM Brain: AI Bots in Healthcare
RCM Brain: AI Bots in HealthcareDawn Yankeelov
 
Kentucky's Cyber Engineering Pathway for Teens By Scott U'Sellis
Kentucky's Cyber Engineering Pathway for Teens By Scott U'SellisKentucky's Cyber Engineering Pathway for Teens By Scott U'Sellis
Kentucky's Cyber Engineering Pathway for Teens By Scott U'SellisDawn Yankeelov
 
PSST: Seamless Data Solutions
PSST: Seamless Data Solutions PSST: Seamless Data Solutions
PSST: Seamless Data Solutions Dawn Yankeelov
 
RCM Brain: AI Bots in Healthcare
RCM Brain: AI Bots in Healthcare RCM Brain: AI Bots in Healthcare
RCM Brain: AI Bots in Healthcare Dawn Yankeelov
 
Cybersecurity Trends & Startups by Gula Tech Adventures
Cybersecurity Trends & Startups by Gula Tech AdventuresCybersecurity Trends & Startups by Gula Tech Adventures
Cybersecurity Trends & Startups by Gula Tech AdventuresDawn Yankeelov
 
Understanding Research & Development Tax Credits in KY
Understanding Research & Development Tax Credits in KYUnderstanding Research & Development Tax Credits in KY
Understanding Research & Development Tax Credits in KYDawn Yankeelov
 

Plus de Dawn Yankeelov (20)

TALK Public Policy 2022
TALK Public Policy 2022TALK Public Policy 2022
TALK Public Policy 2022
 
A Look At Evolving Cybersecurity Policy for Financial Institutions 2021
A Look At Evolving Cybersecurity Policy for Financial Institutions 2021A Look At Evolving Cybersecurity Policy for Financial Institutions 2021
A Look At Evolving Cybersecurity Policy for Financial Institutions 2021
 
Discussing Guidance & Liabilities Regarding Reopening
Discussing Guidance & Liabilities Regarding ReopeningDiscussing Guidance & Liabilities Regarding Reopening
Discussing Guidance & Liabilities Regarding Reopening
 
DHS Cybersecurity Services for Building Cyber Resilience
DHS Cybersecurity Services for Building Cyber ResilienceDHS Cybersecurity Services for Building Cyber Resilience
DHS Cybersecurity Services for Building Cyber Resilience
 
Cyber Security Threats Facing Small Businesses--June 2019
Cyber Security Threats Facing Small Businesses--June 2019Cyber Security Threats Facing Small Businesses--June 2019
Cyber Security Threats Facing Small Businesses--June 2019
 
A Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveA Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate Perspective
 
The Case for EDR: What's In Your Toolkit
The Case for EDR: What's In Your ToolkitThe Case for EDR: What's In Your Toolkit
The Case for EDR: What's In Your Toolkit
 
Cyber Security Resilience by KY CISO David Carter
Cyber Security Resilience by KY CISO David CarterCyber Security Resilience by KY CISO David Carter
Cyber Security Resilience by KY CISO David Carter
 
Cyber Security Resilience from Metro Louisville Govt.
Cyber Security Resilience from Metro Louisville Govt. Cyber Security Resilience from Metro Louisville Govt.
Cyber Security Resilience from Metro Louisville Govt.
 
Cybersecurity Information From KY's CISO
Cybersecurity Information From KY's CISOCybersecurity Information From KY's CISO
Cybersecurity Information From KY's CISO
 
Legal Issues in Data Privacy and Security: Response Readiness Before the Breach
Legal Issues in Data Privacy and Security: Response Readiness Before the BreachLegal Issues in Data Privacy and Security: Response Readiness Before the Breach
Legal Issues in Data Privacy and Security: Response Readiness Before the Breach
 
Kentucky's Cyber Enclave
Kentucky's Cyber EnclaveKentucky's Cyber Enclave
Kentucky's Cyber Enclave
 
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
 
RCM Brain: AI Bots in Healthcare
RCM Brain: AI Bots in HealthcareRCM Brain: AI Bots in Healthcare
RCM Brain: AI Bots in Healthcare
 
Kentucky's Cyber Engineering Pathway for Teens By Scott U'Sellis
Kentucky's Cyber Engineering Pathway for Teens By Scott U'SellisKentucky's Cyber Engineering Pathway for Teens By Scott U'Sellis
Kentucky's Cyber Engineering Pathway for Teens By Scott U'Sellis
 
PSST: Seamless Data Solutions
PSST: Seamless Data Solutions PSST: Seamless Data Solutions
PSST: Seamless Data Solutions
 
RCM Brain: AI Bots in Healthcare
RCM Brain: AI Bots in Healthcare RCM Brain: AI Bots in Healthcare
RCM Brain: AI Bots in Healthcare
 
Cybersecurity Trends & Startups by Gula Tech Adventures
Cybersecurity Trends & Startups by Gula Tech AdventuresCybersecurity Trends & Startups by Gula Tech Adventures
Cybersecurity Trends & Startups by Gula Tech Adventures
 
How I Will Phish You
How I Will Phish You How I Will Phish You
How I Will Phish You
 
Understanding Research & Development Tax Credits in KY
Understanding Research & Development Tax Credits in KYUnderstanding Research & Development Tax Credits in KY
Understanding Research & Development Tax Credits in KY
 

Dernier

Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 

Dernier (20)

Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 

Case Studies in Network Vulnerability Assessments

  • 1. Case Studies in Network Vulnerability Assessments
  • 2. About Chris  I am a VP and a Senior Security Engineer at PatchAdvisor  In 1991 I started one of the first companies to ever provide comprehensive penetration testing/vulnerability assessment services  I’ve examined networks in every industry sector, in dozens of countries
  • 4. Network Vulnerability Assessments  Internal and external reviews  Validation of existing security mechanisms  Detailed analysis of networked devices and services  Not merely running a commercial scanning tool  Audit for policy compliance  Prioritized recommendations for improving security posture
  • 5. Vulnerability Assessments: WHY?  Only realistic way to determine vulnerabilities  Get a baseline of vulnerability state  Prioritize remedial actions  Correct serious problems quickly  Assure that policies address real vulnerabilities  Industry best practice
  • 6. Vulnerability Assessments: HOW?  Internet-based attack  Preferably, should include in-depth web application assessments  On-site engagement  Internal attacks  Simultaneous war dialing / wireless / partner connections  Initial out-briefing  Report delivery  Executive briefing
  • 7. Web Application Assessments  Comprehensive evaluation of application  Network perspective  Server configuration  Software settings  Authenticated and Unauthenticated attacks  Emulate both internet-based attacker, and valid user exceeding authorized access  Examine applications for all types of security issues  SQL Injection  XSS/CSRF  Buffer Overflows  Cookie Manipulation  URL Replay attacks  Denials of Service
  • 9. The Most Common Issues  Patch management  Nearly every organization I have examined has been woefully behind in patches, especially on Non-OS/3rd party applications  Misconfigured Services  Insecure file shares, poor access control, default settings  Poor Coding  Vulnerable web applications, desktop applications & mobile apps  Passwords  Weak passwords and poor password discipline are still the number one mechanism used by attackers to gain access
  • 10. Attacks Can Start Anywhere…  Unpassworded TELNET access into print server  SNMP Read/Write community string exposed in printer configuration menu  Community string also used on devices such as routers, switches, etc.  “Level 7” hashes in Cisco config files exposed the password “mbhafnitsoscar”  This password also used by a Windows Domain Administrator  Windows Domain also tied to NetWare eDirectory  In total, compromise of nearly 15,000 accounts and 99.99% of all systems and network devices…all from one insecure printer
  • 11. Real War Stories – Healthcare  Internet scans found a SharePoint Server with some limited unauthenticated access  Search queries exposed numerous documents with “password”  One was a set of instructions for training new users on electronic medical records application  This included a Windows domain account and password  This account and password gave access through a Citrix remote desktop server  This gave us access to the organization’s Internal network  NOTE: I have followed this same attack path to compromise other entities, including banks, law firms, and insurance companies
  • 12. Real War Stories – Hedge Fund  During internal network assessment, NetBIOS name spoofing exposed numerous accounts  System Administrators appeared to be remotely connecting to Windows-based systems as the Administrator account  Password was quickly cracked  Same local administrator password was used on EVERY workstation and server
  • 13. Real War Stories – Government Agency  On the internal network several Isilon file servers were found  HDFS was running without any access control restrictions set  One directory on the file server had virtual machine images  Pulled down copies and loaded them under local VMware workstation on our attacker laptops  Extracted usernames and passwords from the virtual machine by first booting to virtual CD image of kon-boot and bypassing local login  Could have also gained access by replacing “sticky keys app”, copying SAM and SYSTEM files, etc.  Local administrator-level accounts recovered worked on numerous other servers  Used Mimikatz to recover accounts from each of the additional systems and exposed numerous Domain Administrator-level accounts  This led to the compromise of several thousand Windows-based systems
  • 14. Real War Stories - Financial Industry  On the internal network there were numerous systems running server-based JAVA applications  Many were commercial applications from major industry leaders (IBM, HP, VMware, etc.)  Numerous attacks over JavaRMI led to remote code execution  Missing patches, insecure libraries, unauthenticated access to JMX consoles, etc.  Extracted cached accounts and plaintext passwords using Mimikatz program including Domain Administrator-level accounts
  • 15. The Inevitable Conclusion It’s not about perfect security; it’s about DUE DILIGENCE. “Given the inevitability of computer losses, you’ll be judged not by whether you were the victim of an attack, but by how well you planned for it." - Computer Security Institute
  • 16. In Closing…  Due diligence requires a full spectrum of countermeasures  Vulnerability assessments are a critical component of successful security programs  Understand that your organization is not as unique as you think it is
  • 17. PatchAdvisor, Inc 703-256-0156 5510 Cherokee Ave Suite 120 Alexandria, VA. 22312