SlideShare a Scribd company logo

OWASP Ukraine Thomas George presentation

Download as PPT, PDF
U
uisgslide

OWASP Ukraine Thomas George presentation

InternetTechnologyBusiness
1 of 32
“Menschenkenntnis” and Cyber Security Thomas George International Business Manager - cyscon GmbH
Who are Cyscon? • Founded 2001 by Thorsten Kraft • Cyber Security Consulting • Founding Member of Botfrei and ACDC Project. • Official Partner of BSI - German Federal Office for Information Security • 2010 - Conficker Takedown • 2013 - Check & Secure - Private User Initiative
Working Relationships cyscon works with a variety of partners in the IT Security world. These include: • Internet Service Providers, including Vodafone and 1&1 Telecom • Banks, such as Deutsche Bank and Postbank • Law enforcement, including FBI and Europol • NGOs, including Stop.Think.Connect - Funded by the Department of Homeland Security
Knowing your Enemy How cyscon gets its data.
Sinkholing • 80 Million Events per day • 42 Different Types of Malware recognised
Honeypots and Spam Traps • 3.5 Million Spam Emails Per Day • Honeypots installed on real systems by our customers • 40,000 New Malicious URLs Each Day
Web Crawling • Systems Continually Crawling the Web • 16 Different Settings - Chilled to Paranoia • Analysing Behaviour and AV Detection
The Data Toilet • Gathering Data since 2006 • Enriching Data with Meta Data • More than 20,000 Sensors • More than 50 Partners • WHOIS, SSH HOSTKEY, DNS details, etc.
What goes in?
Where Does it All Go? • Data is sent to ISPs • AND / OR • Anonymised and Sent to Law Enforcement, Research or Industry
Internet Service Providers Sensor Sensor Concentrator Concentrator Sensor Sensor Sensor Sensor Sensor Sensor Anonymisation Law Enforcement Agencies Research Industry Detection Supporting
Flushing the Toilet • Okay…we have the data. • Let’s Make Some Money!
Menschenkenntnis in Business Wer keine Menschenkenntnis hat, hat als Kaufmann bereits verloren
Flexibility • Knowing what customers want • Using trust and Existing Relationships • Knowing when to work for free
Banks Its All About the Money
What is Hurting? • Losing Money • Losing More Money • Losing Even More Money • Losing Reputation
How do Banks (and their customers) lose money? • Redirection of Payment • Identity Theft through Trojan Infection • Direct Phishing Scams
Technical Overview - Banking Services Threat Detection, Mitigation, Prevention
Malware Detection • Identification of infected customers • More than 40 Trojan Families - 4000 events per second. • JSON Format - Easy to implement and process • Can be combined with sales of Malware Deletion Product.
Malicious Traffic Mitigation • Access to C-SIRT Database and Cyber Threat Detection Cloud • Database fed by Worldwide sensors of Malicious Traffic • Eliminates Cyber Attacks against banking platforms.
Brand Protection • Fully automated takedown service • Detection, Blocking, Blacklisting • Normal process time, 2 hours • Excellent contacts to ISPs for quick takedowns
Menschenkenntnis in the Community “Love thy Neighbour”
Two Sides of the Story • How much can experts do without end users? • GameOver Zeus Takedown - Pointless? • “Slipping through the net”
The Cyber Vaccination • Appears as analysis system from AV industry. • Protection against MITB attacks and identity theft. • Works on 10 different browsers. • Free to use - One time installation. • Attack interception - Malicious code cannot be executed. • “Panic Switch” when intruder is detected.
HitmanPro: A Second Opinion Scanner • Behavioural analysis - not signature based. • 10MB file, can boot from USB. • Complement to existing AV programs • 30 Day free trial for emergency cases.
Case Study: Cyber Alliance of Switzerland Cyber Alliance of Switzerland How can the “Check & Secure” Technology be Implemented by Banks?
Concept and Goals • Making Switzerland into the “Cleanest Internet Country in the World • Identification and Help for Infected End Users • Support for the deletion of malware and securing of end user systems with Check & Secure and End User Products.
Realisation • Banking Partners: Credit Suisse, Raffeisen, Postfinance and UBS. • Internet Service Partners: Swisscom, Sunrise, UPC • Creation of a shared Malware database. • Planned Launch 1.8.2014.
Thank you for Listening • tgeorge@cyscon.de • +491733853804

Recommended

Revealing the dark web
Revealing the dark webRevealing the dark web
Revealing the dark webVeriato
 
Online Privacy and Security
Online Privacy and SecurityOnline Privacy and Security
Online Privacy and SecurityAlex Hyer
 
Hacking, Privacy and Security in a Hyperconnected Society
Hacking, Privacy and Security in a Hyperconnected SocietyHacking, Privacy and Security in a Hyperconnected Society
Hacking, Privacy and Security in a Hyperconnected SocietyMaurice Dawson
 
Cyberthreats: causes, consequences, prevention
Cyberthreats: causes, consequences, preventionCyberthreats: causes, consequences, prevention
Cyberthreats: causes, consequences, preventionmoldovaictsummit2016
 
WSO2 Guest Webinar: Securing SaaS Apps with Multi-factor Authentication with ...
WSO2 Guest Webinar: Securing SaaS Apps with Multi-factor Authentication with ...WSO2 Guest Webinar: Securing SaaS Apps with Multi-factor Authentication with ...
WSO2 Guest Webinar: Securing SaaS Apps with Multi-factor Authentication with ...WSO2
 
Cyber intelligence-services
Cyber intelligence-servicesCyber intelligence-services
Cyber intelligence-servicesCyber 51 LLC
 
Securing the Internet of Things
Securing the Internet of ThingsSecuring the Internet of Things
Securing the Internet of ThingsChristopher Frenz
 
Blockchain in cyber security
Blockchain in cyber securityBlockchain in cyber security
Blockchain in cyber securityPrateek Panda
 

Recommended

Revealing the dark web
Revealing the dark webRevealing the dark web
Revealing the dark webVeriato
 
Online Privacy and Security
Online Privacy and SecurityOnline Privacy and Security
Online Privacy and SecurityAlex Hyer
 
Hacking, Privacy and Security in a Hyperconnected Society
Hacking, Privacy and Security in a Hyperconnected SocietyHacking, Privacy and Security in a Hyperconnected Society
Hacking, Privacy and Security in a Hyperconnected SocietyMaurice Dawson
 
Cyberthreats: causes, consequences, prevention
Cyberthreats: causes, consequences, preventionCyberthreats: causes, consequences, prevention
Cyberthreats: causes, consequences, preventionmoldovaictsummit2016
 
WSO2 Guest Webinar: Securing SaaS Apps with Multi-factor Authentication with ...
WSO2 Guest Webinar: Securing SaaS Apps with Multi-factor Authentication with ...WSO2 Guest Webinar: Securing SaaS Apps with Multi-factor Authentication with ...
WSO2 Guest Webinar: Securing SaaS Apps with Multi-factor Authentication with ...WSO2
 
Cyber intelligence-services
Cyber intelligence-servicesCyber intelligence-services
Cyber intelligence-servicesCyber 51 LLC
 
Securing the Internet of Things
Securing the Internet of ThingsSecuring the Internet of Things
Securing the Internet of ThingsChristopher Frenz
 
Blockchain in cyber security
Blockchain in cyber securityBlockchain in cyber security
Blockchain in cyber securityPrateek Panda
 
Profile securitarian
Profile securitarianProfile securitarian
Profile securitarianRupesh Verma
 
Risk Factory: Top 10 Risks 2013
Risk Factory: Top 10 Risks 2013Risk Factory: Top 10 Risks 2013
Risk Factory: Top 10 Risks 2013Risk Crew
 
Iot Security and Privacy at Scale
Iot Security and Privacy at ScaleIot Security and Privacy at Scale
Iot Security and Privacy at ScaleWinston Morton
 
Databasetheft 151120161435-lva1-app6891
Databasetheft 151120161435-lva1-app6891Databasetheft 151120161435-lva1-app6891
Databasetheft 151120161435-lva1-app6891Risk Crew
 
Dark web
Dark webDark web
Dark webSafwan Hashmi
 
Internet of Things With Privacy in Mind
Internet of Things With Privacy in MindInternet of Things With Privacy in Mind
Internet of Things With Privacy in MindGosia Fraser
 
IoT Security by Sanjay Kumar
IoT Security by Sanjay KumarIoT Security by Sanjay Kumar
IoT Security by Sanjay KumarOWASP Delhi
 
review on Internet Of Things
review on Internet Of Thingsreview on Internet Of Things
review on Internet Of ThingsFarzane Senobari
 
IoT Security
IoT SecurityIoT Security
IoT SecurityPeter Waher
 
Don't let wireless_detour_your_pci_compliance
Don't let wireless_detour_your_pci_complianceDon't let wireless_detour_your_pci_compliance
Don't let wireless_detour_your_pci_complianceEnterprise Technology Management (ETM)
 
Automatski - The Internet of Things - Security in IoT
Automatski - The Internet of Things - Security in IoTAutomatski - The Internet of Things - Security in IoT
Automatski - The Internet of Things - Security in IoTautomatskicorporation
 
Ciberseguridad: Enemigos o defraudadores (MAGISTRAL)
Ciberseguridad: Enemigos o defraudadores (MAGISTRAL)Ciberseguridad: Enemigos o defraudadores (MAGISTRAL)
Ciberseguridad: Enemigos o defraudadores (MAGISTRAL)Cristian Garcia G.
 
HTTPS
HTTPSHTTPS
HTTPSJustin Denton
 
Dark net
Dark netDark net
Dark netPaolo Razon
 
Attacking the cloud with social engineering
Attacking the cloud with social engineeringAttacking the cloud with social engineering
Attacking the cloud with social engineeringPeter Wood
 
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...PiyushHipparkar
 
How will we prove our idnetities in the future 2050?_Contego
How will we prove our idnetities in the future 2050?_ContegoHow will we prove our idnetities in the future 2050?_Contego
How will we prove our idnetities in the future 2050?_ContegoContego
 
Block Armour Digital Vault
Block Armour Digital VaultBlock Armour Digital Vault
Block Armour Digital VaultBlock Armour
 
2019 cou kolokotronis_nicholas - nicholas kolokotronis
2019 cou kolokotronis_nicholas - nicholas kolokotronis2019 cou kolokotronis_nicholas - nicholas kolokotronis
2019 cou kolokotronis_nicholas - nicholas kolokotronisLiza Charalambous
 
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...Abhinav Biswas
 
Sample 5 - Informational Guide
Sample 5 - Informational GuideSample 5 - Informational Guide
Sample 5 - Informational GuideMichael James
 
Poonam passport application
Poonam passport applicationPoonam passport application
Poonam passport applicationabhinavsiddhant
 

More Related Content

What's hot

Profile securitarian
Profile securitarianProfile securitarian
Profile securitarianRupesh Verma
 
Risk Factory: Top 10 Risks 2013
Risk Factory: Top 10 Risks 2013Risk Factory: Top 10 Risks 2013
Risk Factory: Top 10 Risks 2013Risk Crew
 
Iot Security and Privacy at Scale
Iot Security and Privacy at ScaleIot Security and Privacy at Scale
Iot Security and Privacy at ScaleWinston Morton
 
Databasetheft 151120161435-lva1-app6891
Databasetheft 151120161435-lva1-app6891Databasetheft 151120161435-lva1-app6891
Databasetheft 151120161435-lva1-app6891Risk Crew
 
Internet of Things With Privacy in Mind
Internet of Things With Privacy in MindInternet of Things With Privacy in Mind
Internet of Things With Privacy in MindGosia Fraser
 
IoT Security by Sanjay Kumar
IoT Security by Sanjay KumarIoT Security by Sanjay Kumar
IoT Security by Sanjay KumarOWASP Delhi
 
review on Internet Of Things
review on Internet Of Thingsreview on Internet Of Things
review on Internet Of ThingsFarzane Senobari
 
Automatski - The Internet of Things - Security in IoT
Automatski - The Internet of Things - Security in IoTAutomatski - The Internet of Things - Security in IoT
Automatski - The Internet of Things - Security in IoTautomatskicorporation
 
Ciberseguridad: Enemigos o defraudadores (MAGISTRAL)
Ciberseguridad: Enemigos o defraudadores (MAGISTRAL)Ciberseguridad: Enemigos o defraudadores (MAGISTRAL)
Ciberseguridad: Enemigos o defraudadores (MAGISTRAL)Cristian Garcia G.
 
Attacking the cloud with social engineering
Attacking the cloud with social engineeringAttacking the cloud with social engineering
Attacking the cloud with social engineeringPeter Wood
 
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...PiyushHipparkar
 
How will we prove our idnetities in the future 2050?_Contego
How will we prove our idnetities in the future 2050?_ContegoHow will we prove our idnetities in the future 2050?_Contego
How will we prove our idnetities in the future 2050?_ContegoContego
 
Block Armour Digital Vault
Block Armour Digital VaultBlock Armour Digital Vault
Block Armour Digital VaultBlock Armour
 
2019 cou kolokotronis_nicholas - nicholas kolokotronis
2019 cou kolokotronis_nicholas - nicholas kolokotronis2019 cou kolokotronis_nicholas - nicholas kolokotronis
2019 cou kolokotronis_nicholas - nicholas kolokotronisLiza Charalambous
 
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...Abhinav Biswas
 

What's hot (20)

Profile securitarian
Profile securitarianProfile securitarian
Profile securitarian
 
Risk Factory: Top 10 Risks 2013
Risk Factory: Top 10 Risks 2013Risk Factory: Top 10 Risks 2013
Risk Factory: Top 10 Risks 2013
 
Iot Security and Privacy at Scale
Iot Security and Privacy at ScaleIot Security and Privacy at Scale
Iot Security and Privacy at Scale
 
Databasetheft 151120161435-lva1-app6891
Databasetheft 151120161435-lva1-app6891Databasetheft 151120161435-lva1-app6891
Databasetheft 151120161435-lva1-app6891
 
Dark web
Dark webDark web
Dark web
 
Internet of Things With Privacy in Mind
Internet of Things With Privacy in MindInternet of Things With Privacy in Mind
Internet of Things With Privacy in Mind
 
IoT Security by Sanjay Kumar
IoT Security by Sanjay KumarIoT Security by Sanjay Kumar
IoT Security by Sanjay Kumar
 
review on Internet Of Things
review on Internet Of Thingsreview on Internet Of Things
review on Internet Of Things
 
IoT Security
IoT SecurityIoT Security
IoT Security
 
Don't let wireless_detour_your_pci_compliance
Don't let wireless_detour_your_pci_complianceDon't let wireless_detour_your_pci_compliance
Don't let wireless_detour_your_pci_compliance
 
Automatski - The Internet of Things - Security in IoT
Automatski - The Internet of Things - Security in IoTAutomatski - The Internet of Things - Security in IoT
Automatski - The Internet of Things - Security in IoT
 
Ciberseguridad: Enemigos o defraudadores (MAGISTRAL)
Ciberseguridad: Enemigos o defraudadores (MAGISTRAL)Ciberseguridad: Enemigos o defraudadores (MAGISTRAL)
Ciberseguridad: Enemigos o defraudadores (MAGISTRAL)
 
HTTPS
HTTPSHTTPS
HTTPS
 
Dark net
Dark netDark net
Dark net
 
Attacking the cloud with social engineering
Attacking the cloud with social engineeringAttacking the cloud with social engineering
Attacking the cloud with social engineering
 
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
 
How will we prove our idnetities in the future 2050?_Contego
How will we prove our idnetities in the future 2050?_ContegoHow will we prove our idnetities in the future 2050?_Contego
How will we prove our idnetities in the future 2050?_Contego
 
Block Armour Digital Vault
Block Armour Digital VaultBlock Armour Digital Vault
Block Armour Digital Vault
 
2019 cou kolokotronis_nicholas - nicholas kolokotronis
2019 cou kolokotronis_nicholas - nicholas kolokotronis2019 cou kolokotronis_nicholas - nicholas kolokotronis
2019 cou kolokotronis_nicholas - nicholas kolokotronis
 
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
 

Viewers also liked

Sample 5 - Informational Guide
Sample 5 - Informational GuideSample 5 - Informational Guide
Sample 5 - Informational GuideMichael James
 
Poonam passport application
Poonam passport applicationPoonam passport application
Poonam passport applicationabhinavsiddhant
 
Sales promotion by tabish khan
Sales promotion by tabish khanSales promotion by tabish khan
Sales promotion by tabish khanTabishkhanjamaliee
 
Sistemas de informacion institucional
Sistemas de informacion institucionalSistemas de informacion institucional
Sistemas de informacion institucionaladrianita8620
 
Como utilizar las redes sociales en la educacion
Como utilizar las redes sociales en la educacionComo utilizar las redes sociales en la educacion
Como utilizar las redes sociales en la educacion2842968
 
Simple machines & work no work assessment intro
Simple machines & work no work assessment introSimple machines & work no work assessment intro
Simple machines & work no work assessment intromrmbasso
 
Justin Musiker - Justin Musiker
Justin Musiker - Justin MusikerJustin Musiker - Justin Musiker
Justin Musiker - Justin MusikerJustin Musiker
 
Símbolos patrios
Símbolos patriosSímbolos patrios
Símbolos patriospimentelc7
 
Grupos funcionais organica
Grupos funcionais organicaGrupos funcionais organica
Grupos funcionais organicaFernando Lucas
 
UdC - Il tempo. non sta mai fermo.... e si vede!
UdC - Il tempo. non sta mai fermo.... e si vede!UdC - Il tempo. non sta mai fermo.... e si vede!
UdC - Il tempo. non sta mai fermo.... e si vede!Consorzio LaMMA - Corso UdC
 
6 tips to help you float through a depressive episode
6 tips to help you float through a depressive episode6 tips to help you float through a depressive episode
6 tips to help you float through a depressive episodeJocelyn Steffen
 
Magnitudes+eléctricas
Magnitudes+eléctricasMagnitudes+eléctricas
Magnitudes+eléctricaslauriscristina
 
IFC_Agriforum_Report
IFC_Agriforum_ReportIFC_Agriforum_Report
IFC_Agriforum_ReportTerry Wyer
 

Viewers also liked (17)

Sample 5 - Informational Guide
Sample 5 - Informational GuideSample 5 - Informational Guide
Sample 5 - Informational Guide
 
Poonam passport application
Poonam passport applicationPoonam passport application
Poonam passport application
 
Sales promotion by tabish khan
Sales promotion by tabish khanSales promotion by tabish khan
Sales promotion by tabish khan
 
Símbolos patrios
Símbolos patriosSímbolos patrios
Símbolos patrios
 
Liliom
Liliom Liliom
Liliom
 
Sistemas de informacion institucional
Sistemas de informacion institucionalSistemas de informacion institucional
Sistemas de informacion institucional
 
Como utilizar las redes sociales en la educacion
Como utilizar las redes sociales en la educacionComo utilizar las redes sociales en la educacion
Como utilizar las redes sociales en la educacion
 
Simple machines & work no work assessment intro
Simple machines & work no work assessment introSimple machines & work no work assessment intro
Simple machines & work no work assessment intro
 
Justin Musiker - Justin Musiker
Justin Musiker - Justin MusikerJustin Musiker - Justin Musiker
Justin Musiker - Justin Musiker
 
Símbolos patrios
Símbolos patriosSímbolos patrios
Símbolos patrios
 
Grupos funcionais organica
Grupos funcionais organicaGrupos funcionais organica
Grupos funcionais organica
 
General cv
General cvGeneral cv
General cv
 
UdC - Il tempo. non sta mai fermo.... e si vede!
UdC - Il tempo. non sta mai fermo.... e si vede!UdC - Il tempo. non sta mai fermo.... e si vede!
UdC - Il tempo. non sta mai fermo.... e si vede!
 
6 tips to help you float through a depressive episode
6 tips to help you float through a depressive episode6 tips to help you float through a depressive episode
6 tips to help you float through a depressive episode
 
Atender al cliente
Atender al clienteAtender al cliente
Atender al cliente
 
Magnitudes+eléctricas
Magnitudes+eléctricasMagnitudes+eléctricas
Magnitudes+eléctricas
 
IFC_Agriforum_Report
IFC_Agriforum_ReportIFC_Agriforum_Report
IFC_Agriforum_Report
 

Similar to OWASP Ukraine Thomas George presentation

Insurance Cyber Risks Presentation
Insurance Cyber Risks PresentationInsurance Cyber Risks Presentation
Insurance Cyber Risks PresentationNeville Cartwright
 
MobileMiner and NervousNet
MobileMiner and NervousNetMobileMiner and NervousNet
MobileMiner and NervousNetkingsBSD
 
Identity Theft
Identity TheftIdentity Theft
Identity TheftSimpletel
 
PoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail IndustryPoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail IndustryInvincea, Inc.
 
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...HackIT Ukraine
 
CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin OCTF Industry Engagement
 
Security in the News
Security in the NewsSecurity in the News
Security in the NewsJames Sutter
 
Cyber_Security_Awareness_Presentation.pptx
Cyber_Security_Awareness_Presentation.pptxCyber_Security_Awareness_Presentation.pptx
Cyber_Security_Awareness_Presentation.pptxPREMTRIVEDI5
 
Cyber_Security_Awareness_Presentation (1).pptx
Cyber_Security_Awareness_Presentation (1).pptxCyber_Security_Awareness_Presentation (1).pptx
Cyber_Security_Awareness_Presentation (1).pptxjaved75
 
Cyber_Security_Awareness_Presentation.pdf
Cyber_Security_Awareness_Presentation.pdfCyber_Security_Awareness_Presentation.pdf
Cyber_Security_Awareness_Presentation.pdfBalaMurali958529
 
Cyber_Security_Awareness_Presentation.pptx
Cyber_Security_Awareness_Presentation.pptxCyber_Security_Awareness_Presentation.pptx
Cyber_Security_Awareness_Presentation.pptxMalikMumtaz6
 
It security the condensed version
It security the condensed version It security the condensed version
It security the condensed version Brian Pichman
 
DEF CON 23 - Weston Hecker - goodbye memory scraping malware
DEF CON 23 - Weston Hecker - goodbye memory scraping malwareDEF CON 23 - Weston Hecker - goodbye memory scraping malware
DEF CON 23 - Weston Hecker - goodbye memory scraping malwareFelipe Prado
 
Is6120 data security presentation
Is6120 data security presentationIs6120 data security presentation
Is6120 data security presentationJamesDempsey1
 
CCIAOR Cyber Security Forum
CCIAOR Cyber Security ForumCCIAOR Cyber Security Forum
CCIAOR Cyber Security ForumCCIAOR
 

Similar to OWASP Ukraine Thomas George presentation (20)

Cybercrime
CybercrimeCybercrime
Cybercrime
 
Insurance Cyber Risks Presentation
Insurance Cyber Risks PresentationInsurance Cyber Risks Presentation
Insurance Cyber Risks Presentation
 
MobileMiner and NervousNet
MobileMiner and NervousNetMobileMiner and NervousNet
MobileMiner and NervousNet
 
Cybersecurity.pptx
Cybersecurity.pptxCybersecurity.pptx
Cybersecurity.pptx
 
Identity Theft
Identity TheftIdentity Theft
Identity Theft
 
awareness.pdf
awareness.pdfawareness.pdf
awareness.pdf
 
PoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail IndustryPoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail Industry
 
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...
 
CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin
 
Security in the News
Security in the NewsSecurity in the News
Security in the News
 
Cyber_Security_Awareness_Presentation.pptx
Cyber_Security_Awareness_Presentation.pptxCyber_Security_Awareness_Presentation.pptx
Cyber_Security_Awareness_Presentation.pptx
 
Cyber_Security_Awareness_Presentation (1).pptx
Cyber_Security_Awareness_Presentation (1).pptxCyber_Security_Awareness_Presentation (1).pptx
Cyber_Security_Awareness_Presentation (1).pptx
 
Cyber_Security_Awareness_Presentation.pdf
Cyber_Security_Awareness_Presentation.pdfCyber_Security_Awareness_Presentation.pdf
Cyber_Security_Awareness_Presentation.pdf
 
Cyber_Security_Awareness_Presentation.pptx
Cyber_Security_Awareness_Presentation.pptxCyber_Security_Awareness_Presentation.pptx
Cyber_Security_Awareness_Presentation.pptx
 
Cyberattacks.pptx
Cyberattacks.pptxCyberattacks.pptx
Cyberattacks.pptx
 
Cyber security
Cyber securityCyber security
Cyber security
 
It security the condensed version
It security the condensed version It security the condensed version
It security the condensed version
 
DEF CON 23 - Weston Hecker - goodbye memory scraping malware
DEF CON 23 - Weston Hecker - goodbye memory scraping malwareDEF CON 23 - Weston Hecker - goodbye memory scraping malware
DEF CON 23 - Weston Hecker - goodbye memory scraping malware
 
Is6120 data security presentation
Is6120 data security presentationIs6120 data security presentation
Is6120 data security presentation
 
CCIAOR Cyber Security Forum
CCIAOR Cyber Security ForumCCIAOR Cyber Security Forum
CCIAOR Cyber Security Forum
 

More from uisgslide

Стандарт верифікації безпеки веб-додатків ASVS 3.0
Стандарт верифікації безпеки веб-додатків ASVS 3.0Стандарт верифікації безпеки веб-додатків ASVS 3.0
Стандарт верифікації безпеки веб-додатків ASVS 3.0uisgslide
 
Коментарі до концепції інформаційної безпеки
Коментарі до концепції інформаційної безпекиКоментарі до концепції інформаційної безпеки
Коментарі до концепції інформаційної безпекиuisgslide
 
Кращи практики з аудиту та підтвердження довіри до інформаційних системи (ITA...
Кращи практики з аудиту та підтвердження довіри до інформаційних системи (ITA...Кращи практики з аудиту та підтвердження довіри до інформаційних системи (ITA...
Кращи практики з аудиту та підтвердження довіри до інформаційних системи (ITA...uisgslide
 
Необхідність реформи галузі захисту інформації в Україні
Необхідність реформи галузі захисту інформації в УкраїніНеобхідність реформи галузі захисту інформації в Україні
Необхідність реформи галузі захисту інформації в Україніuisgslide
 
Sandbox kiev
Sandbox kievSandbox kiev
Sandbox kievuisgslide
 
Comments glib pakharenko
Comments glib pakharenkoComments glib pakharenko
Comments glib pakharenkouisgslide
 
War between Russia and Ukraine in cyber space
War between Russia and Ukraine in cyber spaceWar between Russia and Ukraine in cyber space
War between Russia and Ukraine in cyber spaceuisgslide
 
Актуальні кібер-загрози АСУ ТП
Актуальні кібер-загрози АСУ ТПАктуальні кібер-загрози АСУ ТП
Актуальні кібер-загрози АСУ ТПuisgslide
 
Group fs owasp_26-11-14
Group fs owasp_26-11-14Group fs owasp_26-11-14
Group fs owasp_26-11-14uisgslide
 
Owasp healthcare cms
Owasp healthcare cmsOwasp healthcare cms
Owasp healthcare cmsuisgslide
 
Isaca kyiv chapter vygody v3
Isaca kyiv chapter vygody v3Isaca kyiv chapter vygody v3
Isaca kyiv chapter vygody v3uisgslide
 
Uisg infosec 10_crypto
Uisg infosec 10_cryptoUisg infosec 10_crypto
Uisg infosec 10_cryptouisgslide
 
Uisg itgov 7_top10
Uisg itgov 7_top10Uisg itgov 7_top10
Uisg itgov 7_top10uisgslide
 
Uuisg itgov 10_bcp
Uuisg itgov 10_bcpUuisg itgov 10_bcp
Uuisg itgov 10_bcpuisgslide
 
Uuisg itgov 9_itfinance
Uuisg itgov 9_itfinanceUuisg itgov 9_itfinance
Uuisg itgov 9_itfinanceuisgslide
 
Uisg itgov 19_cloud
Uisg itgov 19_cloudUisg itgov 19_cloud
Uisg itgov 19_clouduisgslide
 
Uisg itgov 15_nda
Uisg itgov 15_ndaUisg itgov 15_nda
Uisg itgov 15_ndauisgslide
 
Uisg itgov 8_i_taudit
Uisg itgov 8_i_tauditUisg itgov 8_i_taudit
Uisg itgov 8_i_taudituisgslide
 
Uisg itgov 7_top10
Uisg itgov 7_top10Uisg itgov 7_top10
Uisg itgov 7_top10uisgslide
 

More from uisgslide (20)

Стандарт верифікації безпеки веб-додатків ASVS 3.0
Стандарт верифікації безпеки веб-додатків ASVS 3.0Стандарт верифікації безпеки веб-додатків ASVS 3.0
Стандарт верифікації безпеки веб-додатків ASVS 3.0
 
Коментарі до концепції інформаційної безпеки
Коментарі до концепції інформаційної безпекиКоментарі до концепції інформаційної безпеки
Коментарі до концепції інформаційної безпеки
 
Кращи практики з аудиту та підтвердження довіри до інформаційних системи (ITA...
Кращи практики з аудиту та підтвердження довіри до інформаційних системи (ITA...Кращи практики з аудиту та підтвердження довіри до інформаційних системи (ITA...
Кращи практики з аудиту та підтвердження довіри до інформаційних системи (ITA...
 
Необхідність реформи галузі захисту інформації в Україні
Необхідність реформи галузі захисту інформації в УкраїніНеобхідність реформи галузі захисту інформації в Україні
Необхідність реформи галузі захисту інформації в Україні
 
Sandbox kiev
Sandbox kievSandbox kiev
Sandbox kiev
 
Comments glib pakharenko
Comments glib pakharenkoComments glib pakharenko
Comments glib pakharenko
 
War between Russia and Ukraine in cyber space
War between Russia and Ukraine in cyber spaceWar between Russia and Ukraine in cyber space
War between Russia and Ukraine in cyber space
 
Актуальні кібер-загрози АСУ ТП
Актуальні кібер-загрози АСУ ТПАктуальні кібер-загрози АСУ ТП
Актуальні кібер-загрози АСУ ТП
 
Circl eco
Circl ecoCircl eco
Circl eco
 
Group fs owasp_26-11-14
Group fs owasp_26-11-14Group fs owasp_26-11-14
Group fs owasp_26-11-14
 
Owasp healthcare cms
Owasp healthcare cmsOwasp healthcare cms
Owasp healthcare cms
 
Isaca kyiv chapter vygody v3
Isaca kyiv chapter vygody v3Isaca kyiv chapter vygody v3
Isaca kyiv chapter vygody v3
 
Uisg infosec 10_crypto
Uisg infosec 10_cryptoUisg infosec 10_crypto
Uisg infosec 10_crypto
 
Uisg itgov 7_top10
Uisg itgov 7_top10Uisg itgov 7_top10
Uisg itgov 7_top10
 
Uuisg itgov 10_bcp
Uuisg itgov 10_bcpUuisg itgov 10_bcp
Uuisg itgov 10_bcp
 
Uuisg itgov 9_itfinance
Uuisg itgov 9_itfinanceUuisg itgov 9_itfinance
Uuisg itgov 9_itfinance
 
Uisg itgov 19_cloud
Uisg itgov 19_cloudUisg itgov 19_cloud
Uisg itgov 19_cloud
 
Uisg itgov 15_nda
Uisg itgov 15_ndaUisg itgov 15_nda
Uisg itgov 15_nda
 
Uisg itgov 8_i_taudit
Uisg itgov 8_i_tauditUisg itgov 8_i_taudit
Uisg itgov 8_i_taudit
 
Uisg itgov 7_top10
Uisg itgov 7_top10Uisg itgov 7_top10
Uisg itgov 7_top10
 

Recently uploaded

Dubai Call Girls Milky O525547819 Call Girls Dubai Soft Dating
Dubai Call Girls Milky O525547819 Call Girls Dubai Soft DatingDubai Call Girls Milky O525547819 Call Girls Dubai Soft Dating
Dubai Call Girls Milky O525547819 Call Girls Dubai Soft Datingkojalkojal131
 
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Bookingdharasingh5698
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersDamian Radcliffe
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtrahman018755
 
Real Escorts in Al Nahda +971524965298 Dubai Escorts Service
Real Escorts in Al Nahda +971524965298 Dubai Escorts ServiceReal Escorts in Al Nahda +971524965298 Dubai Escorts Service
Real Escorts in Al Nahda +971524965298 Dubai Escorts ServiceEscorts Call Girls
 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...SUHANI PANDEY
 
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...SUHANI PANDEY
 
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.soniya singh
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLimonikaupta
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.soniya singh
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubaikojalkojal131
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge GraphsEleniIlkou
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...Diya Sharma
 
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceDelhi Call girls
 
Al Barsha Night Partner +0567686026 Call Girls Dubai
Al Barsha Night Partner +0567686026 Call Girls DubaiAl Barsha Night Partner +0567686026 Call Girls Dubai
Al Barsha Night Partner +0567686026 Call Girls DubaiEscorts Call Girls
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445ruhi
 
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Delhi Call girls
 

Recently uploaded (20)

Dubai Call Girls Milky O525547819 Call Girls Dubai Soft Dating
Dubai Call Girls Milky O525547819 Call Girls Dubai Soft DatingDubai Call Girls Milky O525547819 Call Girls Dubai Soft Dating
Dubai Call Girls Milky O525547819 Call Girls Dubai Soft Dating
 
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
 
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
 
Real Escorts in Al Nahda +971524965298 Dubai Escorts Service
Real Escorts in Al Nahda +971524965298 Dubai Escorts ServiceReal Escorts in Al Nahda +971524965298 Dubai Escorts Service
Real Escorts in Al Nahda +971524965298 Dubai Escorts Service
 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
 
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
 
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
 
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
 
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
 
Al Barsha Night Partner +0567686026 Call Girls Dubai
Al Barsha Night Partner +0567686026 Call Girls DubaiAl Barsha Night Partner +0567686026 Call Girls Dubai
Al Barsha Night Partner +0567686026 Call Girls Dubai
 
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
 
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
 

OWASP Ukraine Thomas George presentation

  • 1. “Menschenkenntnis” and Cyber Security Thomas George International Business Manager - cyscon GmbH
  • 2. Who are Cyscon? • Founded 2001 by Thorsten Kraft • Cyber Security Consulting • Founding Member of Botfrei and ACDC Project. • Official Partner of BSI - German Federal Office for Information Security • 2010 - Conficker Takedown • 2013 - Check & Secure - Private User Initiative
  • 3. Working Relationships cyscon works with a variety of partners in the IT Security world. These include: • Internet Service Providers, including Vodafone and 1&1 Telecom • Banks, such as Deutsche Bank and Postbank • Law enforcement, including FBI and Europol • NGOs, including Stop.Think.Connect - Funded by the Department of Homeland Security
  • 4. Knowing your Enemy How cyscon gets its data.
  • 5. Sinkholing • 80 Million Events per day • 42 Different Types of Malware recognised
  • 6. Honeypots and Spam Traps • 3.5 Million Spam Emails Per Day • Honeypots installed on real systems by our customers • 40,000 New Malicious URLs Each Day
  • 7. Web Crawling • Systems Continually Crawling the Web • 16 Different Settings - Chilled to Paranoia • Analysing Behaviour and AV Detection
  • 8. The Data Toilet • Gathering Data since 2006 • Enriching Data with Meta Data • More than 20,000 Sensors • More than 50 Partners • WHOIS, SSH HOSTKEY, DNS details, etc.
  • 10. Where Does it All Go? • Data is sent to ISPs • AND / OR • Anonymised and Sent to Law Enforcement, Research or Industry
  • 12. Flushing the Toilet • Okay…we have the data. • Let’s Make Some Money!
  • 13. Menschenkenntnis in Business Wer keine Menschenkenntnis hat, hat als Kaufmann bereits verloren
  • 14. Flexibility • Knowing what customers want • Using trust and Existing Relationships • Knowing when to work for free
  • 15. Banks Its All About the Money
  • 16. What is Hurting? • Losing Money • Losing More Money • Losing Even More Money • Losing Reputation
  • 17. How do Banks (and their customers) lose money? • Redirection of Payment • Identity Theft through Trojan Infection • Direct Phishing Scams
  • 18. Technical Overview - Banking Services Threat Detection, Mitigation, Prevention
  • 19. Malware Detection • Identification of infected customers • More than 40 Trojan Families - 4000 events per second. • JSON Format - Easy to implement and process • Can be combined with sales of Malware Deletion Product.
  • 20. Malicious Traffic Mitigation • Access to C-SIRT Database and Cyber Threat Detection Cloud • Database fed by Worldwide sensors of Malicious Traffic • Eliminates Cyber Attacks against banking platforms.
  • 21. Brand Protection • Fully automated takedown service • Detection, Blocking, Blacklisting • Normal process time, 2 hours • Excellent contacts to ISPs for quick takedowns
  • 23. Two Sides of the Story • How much can experts do without end users? • GameOver Zeus Takedown - Pointless? • “Slipping through the net”
  • 24. The Cyber Vaccination • Appears as analysis system from AV industry. • Protection against MITB attacks and identity theft. • Works on 10 different browsers. • Free to use - One time installation. • Attack interception - Malicious code cannot be executed. • “Panic Switch” when intruder is detected.
  • 25.
  • 26. HitmanPro: A Second Opinion Scanner • Behavioural analysis - not signature based. • 10MB file, can boot from USB. • Complement to existing AV programs • 30 Day free trial for emergency cases.
  • 27.
  • 28.
  • 29. Case Study: Cyber Alliance of Switzerland Cyber Alliance of Switzerland How can the “Check & Secure” Technology be Implemented by Banks?
  • 30. Concept and Goals • Making Switzerland into the “Cleanest Internet Country in the World • Identification and Help for Infected End Users • Support for the deletion of malware and securing of end user systems with Check & Secure and End User Products.
  • 31. Realisation • Banking Partners: Credit Suisse, Raffeisen, Postfinance and UBS. • Internet Service Partners: Swisscom, Sunrise, UPC • Creation of a shared Malware database. • Planned Launch 1.8.2014.
  • 32. Thank you for Listening • tgeorge@cyscon.de • +491733853804