cyber uc meeting 75
play

Cyber@UC Meeting 75 MITRE Framework Continued If Youre New! Join - PowerPoint PPT Presentation

Mar 15, 2024 •569 likes •758 views

Cyber@UC Meeting 75 MITRE Framework Continued If Youre New! Join our Slack: cyberatuc.slack.com Check out our website: cyberatuc.org (Slackbot will post the link in #general every Wed@6:30) Feel free to get involved with

  1. Cyber@UC Meeting 75 MITRE Framework Continued

  2. If You’re New! ● Join our Slack: cyberatuc.slack.com Check out our website: cyberatuc.org ● (Slackbot will post the link in #general every Wed@6:30) ● ● Feel free to get involved with one of our committees: Content Finance Public Affairs Outreach Recruitment Ongoing work in our research lab! ●

  3. Announcements ● ● ○ Application window closing TOMORROW ● ● ○ Saturday Nov 3rd, 4pm–8pm ● Today end of meeting

  4. Election nominees (incumbents shown in parentheses) President (A.J. Cardarelli) Head of Content (Cory McPhillips) A.J. Cardarelli Christopher Morrison Clif Wolfe Head of Finance (Kyle Hardison) Ryan Young Kyle Hardison Vice President (Hayden Schiff) Ryan O'Connor Hayden Schiff Head of Public Affairs (Jai Singh) Treasurer (Ryan Baas) John Igyarto Ryan Baas Jai Singh Clif Wolfe Head of Outreach (Mahathi Venkatesh) Secretary (Mike Sengelmann) Mahathi Venkatesh Timothy Robert Holstein Ryan Young Head of Recruitment (Greg Barker) Greg Barker

  5. Weekly Content

  6. Windows Zero-Day ● PoC posted to GitHub Privilege escalation flaw in the Microsoft Data Sharing dssvc.dll ● Local service running as LocalSystem account ● ○ This has lots of privileges because it provides data brokering between applications Allows the deleting of critical system files ● Ex. Delete important dll, hope victim looks for it in more writeable location ● ● Only on Windows 10 and recent versions of Windows server ● Second time this researcher released a Windows zero-day in < 2 months Days after his previous disclosure, the exploit was found in the wild ● Once again, he has chosen not to wait the standard 90 days ● ● Beware until next month’s patch tuesday, Nov 13

  7. DustSquad ● Russian APT Primarily target Central Asian users and diplomatic entities ● Use Delphi as language of choice, apparently this is unusual ● ● Make great use of 0ct0pus3.php malware, back in 2017 ● New version of Octopus found in April 2018, pretending to be Telegram Messenger w/ Russian interface ○ Malware seems to be simple ● Most likely relying on Telegram ban in Kazakhstan Between DustSquad and other APTs, we can see there is a high amount of ● interest in the Central Asia region

  8. Recommended Reading https://thehackernews.com/2018/10/android-security-updates.html https://krebsonsecurity.com/2018/10/mirai-co-author-gets-6-months-confinemen t-8-6m-in-fines-for-rutgers-attacks/ https://krebsonsecurity.com/2018/10/how-do-you-fight-a-12b-fraud-problem-one- scammer-at-a-time/ https://thehackernews.com/2018/10/ibm-redhat-tech-acquisition.html

  9. Recommended Reading (continued) https://thehackernews.com/2018/10/facebook-cambridge-analytica.html https://thehackernews.com/2018/10/russia-triton-ics-malware.html https://thehackernews.com/2018/10/privilege-escalation-linux.html https://thehackernews.com/2018/10/windows-defender-antivirus-sandbox.html

  10. Workshop Mode USB Rubber Ducky - Emulates a keyboard to abuse trusting USB devices Bash Bunny - Same thing but has networking capabilities Poison Tap - Project from SAMYK that routes all of the internet traffic through itself over USB as a MiTM and back door installer. ALl of these are commercially available / open source and some have even more undetectable sneaky in the security research field.

  11. The Topics Today Go Something Exactly Like This - ATT&CK Techniques and the Cyber Kill Chain - Initial Access Techniques - Some Examples - Backdoor Factory Exploration

  12. ATT&CK and the Cyber Kill Chain

  13. Initial Access Techniques Computer Vectors Human Vectors Drive-by Compromise Malicious USB’s Exploit Public-Facing Services Spear Phishing Attachments/Links Supply Chain Compromise Spear Phishing Via Services Valid Accounts Trusted Relationships \ Spys

  14. Technique Implementations USB Rubber Ducky - Emulates a keyboard to abuse trusting USB devices Bash Bunny - Same thing but has networking capabilities Poison Tap - Project from SAMYK that routes all of the internet traffic through itself over USB as a MiTM and back door installer. ALl of these are commercially available / open source and some have even more undetectable sneaky in the security research field.

  15. Workshop: Backdoor Factory Backdoor factory is a research utility for injecting backdoors into DLLs/EXE’s No longer developed, and only for research purposes Included in Kali, otherwise clone the git repo Inject a backdoor into an executable then upload it to VirusTotal to see which anti-virus systems would detect it. ./backdoor.py -h https://github.com/secretsquirrel/the-backdoor-factory

  16. Elections

  17. bit.ly/cyberatucvote

Recommend

Cyber@UC; Meeting 28 Cyber Kill Chain If Youre New! Join our Slack ucyber.slack.com

Cyber@UC; Meeting 28 Cyber Kill Chain If Youre New! Join our Slack ucyber.slack.com

Cyber@UC; Meeting 28 Cyber Kill Chain If Youre New! Join our Slack ucyber.slack.com Follow us on Twitter @UCyb3r and Facebook UC.yber; University of Cincinnati OWASP Chapter Feel free to get involved with one of our committees:

430 views • 23 slides
NSF Activities in Cyber Trust NSF Activities in Cyber Trust NSF Activities in Cyber Trust For

NSF Activities in Cyber Trust NSF Activities in Cyber Trust NSF Activities in Cyber Trust For

NSF Activities in Cyber Trust NSF Activities in Cyber Trust NSF Activities in Cyber Trust For ACM CCS I ndustry/ Govt Track Oct. 26, 2004 Carl Landwehr ( clandweh@nsf.gov ) Cyber Trust Coordinator National Science Foundation What s the

439 views • 17 slides
CYBER CYBER-SAFETY CYBER CYBER SAFETY SAFETY SAFETY BASICS BASICS Engineering Staff College

CYBER CYBER-SAFETY CYBER CYBER SAFETY SAFETY SAFETY BASICS BASICS Engineering Staff College

3/29/2012 CYBER CYBER-SAFETY CYBER CYBER SAFETY SAFETY SAFETY BASICS BASICS Engineering Staff College of India I N T R O D U C T I O N What is Cyber-safety Consequences Threats of Inaction Cyber-safety? Cyber-safety Cyber-safety at

215 views • 7 slides
What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is

What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is

R egional C yber C rime U nit DC Louise Gibson Prepare, Prevent &amp; Protect What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is enhanced in scale or Crimes that can only be committed solely reach by use

316 views • 9 slides
Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework Reporting Objectives Executive Summary Information Assess Current Cyber Security Posture Measure Progress Toward Improvement Assess

634 views • 5 slides
The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities?

The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities?

The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities? What is the FBIs Cyber Structure? HQ Division Dedicated Cyber squads in all 56 field offices, including satellite locations overseas.

1.54k views • 14 slides
Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber

Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber

Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber Dependent crime examples of these offences are Distributed Denial of Service attack (DDOS), Account Compromise (hacking), Malware (virus) and

237 views • 7 slides
FEMA Region III Cyber Security Program Maryland Cyber Security Workshop (January 16, 2019)

FEMA Region III Cyber Security Program Maryland Cyber Security Workshop (January 16, 2019)

FEMA Region III Cyber Security Program Maryland Cyber Security Workshop (January 16, 2019) (Presented again at the October 16, 2018, meeting of the Maryland Cybersecurity Council and published with permission.) Overview Current Landscape

560 views • 23 slides
Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK

Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK

Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK businesses and how to remain safe What help is available Further reading Setting the scene 21.2bn The cost of fraud to the

304 views • 19 slides
Mark Fernandes Principal, Cyber Risk Services + FUTURE OF CYBER CYB CYBER SINGU GULAR ARIT

Mark Fernandes Principal, Cyber Risk Services + FUTURE OF CYBER CYB CYBER SINGU GULAR ARIT

Mark Fernandes Principal, Cyber Risk Services + FUTURE OF CYBER CYB CYBER SINGU GULAR ARIT ITY How cyber is becoming a key aspect of the ubiquity generation. CYBER SUMMIT More to come 3 2018 Deloitte Cyber Risk Services 4 2018

514 views • 19 slides
Latest in Cyber Security November 7, 2013 TCIPG Annual Meeting Douglas Maughan Division

Latest in Cyber Security November 7, 2013 TCIPG Annual Meeting Douglas Maughan Division

Homeland Security Advanced Research Projects Agency A View from Washington: The Latest in Cyber Security November 7, 2013 TCIPG Annual Meeting Douglas Maughan Division Director http://www.dhs.gov/cyber-research Presentation Outline

794 views • 32 slides
CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY

CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY

CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY HAPPEN London June 2019 INTRODUCTION Cyber Security The activity or process, ability or capability, or state whereby information and

735 views • 24 slides
Cy Cyber ber La Lay of the he La Land nd What the Numbers Tell Us Cyber r Lay of f the

Cy Cyber ber La Lay of the he La Land nd What the Numbers Tell Us Cyber r Lay of f the

Cy Cyber ber La Lay of the he La Land nd What the Numbers Tell Us Cyber r Lay of f the Land: : Wh What t the Numbe mbers rs Tell l Us Visit www.advisenltd.com at the end of this webinar to download: Copy of these slides

722 views • 31 slides
Cyber@UC Meeting 35 Exploit ALL the vulnerabilities! If Youre New! Join our Slack

Cyber@UC Meeting 35 Exploit ALL the vulnerabilities! If Youre New! Join our Slack

Cyber@UC Meeting 35 Exploit ALL the vulnerabilities! If Youre New! Join our Slack ucyber.slack.com Follow us on Twitter @UCyb3r and Facebook UC.yber; University of Cincinnati OWASP Chapter Feel free to get involved with one of

563 views • 11 slides
Cyber@UC Meeting 59 Actually Doing Star Night! If Youre New! Join our Slack:

Cyber@UC Meeting 59 Actually Doing Star Night! If Youre New! Join our Slack:

Cyber@UC Meeting 59 Actually Doing Star Night! If Youre New! Join our Slack: ucyber.slack.com SIGN IN! (Slackbot will post the link in #general) Feel free to get involved with one of our committees: Content Finance Public

525 views • 23 slides
Cyber@UC Meeting 63 Contributing to the Website If Youre New! Join our Slack:

Cyber@UC Meeting 63 Contributing to the Website If Youre New! Join our Slack:

Cyber@UC Meeting 63 Contributing to the Website If Youre New! Join our Slack: ucyber.slack.com SIGN IN! (Slackbot will post the link in #general every Wed@6:30) Feel free to get involved with one of our committees: Content

491 views • 14 slides
Cyber@UC Meeting 67 Bash and OverTheWire If Youre New! Join our Slack:

Cyber@UC Meeting 67 Bash and OverTheWire If Youre New! Join our Slack:

Cyber@UC Meeting 67 Bash and OverTheWire If Youre New! Join our Slack: cyberatuc.slack.com (URL changed!) SIGN IN! (Slackbot will post the link in #general every Wed@6:30) Feel free to get involved with one of our committees:

594 views • 16 slides
90% OF CYBER ATTACKS ARE 90% OF CYBER ATTACKS ARE SUCCESSFUL DUE TO HUMAN SUCCESSFUL DUE TO

90% OF CYBER ATTACKS ARE 90% OF CYBER ATTACKS ARE SUCCESSFUL DUE TO HUMAN SUCCESSFUL DUE TO

90% OF CYBER ATTACKS ARE 90% OF CYBER ATTACKS ARE SUCCESSFUL DUE TO HUMAN SUCCESSFUL DUE TO HUMAN ERROR ERROR CYBER AWARE CYBER AWARE NEXT-GEN SECURITY AWARENESS TRAINING Cyber Crime Is Now A Cyber Crime Is Now A Business Opportunity

550 views • 25 slides
Cyber@UC Meeting 56 W I F I If Youre New! Join our Slack: ucyber.slack.com SIGN IN!

Cyber@UC Meeting 56 W I F I If Youre New! Join our Slack: ucyber.slack.com SIGN IN!

Cyber@UC Meeting 56 W I F I If Youre New! Join our Slack: ucyber.slack.com SIGN IN! (Slackbot will post the link in #general) Feel free to get involved with one of our committees: Content Finance Public Affairs Outreach

456 views • 19 slides
Cyber@UC Meeting 57 SDR Fun! If Youre New! Join our Slack: ucyber.slack.com SIGN IN!

Cyber@UC Meeting 57 SDR Fun! If Youre New! Join our Slack: ucyber.slack.com SIGN IN!

Cyber@UC Meeting 57 SDR Fun! If Youre New! Join our Slack: ucyber.slack.com SIGN IN! (Slackbot will post the link in #general) Feel free to get involved with one of our committees: Content Finance Public Affairs Outreach

610 views • 18 slides
Cyber@UC Meeting 66 Welcome New Members! If Youre New! Join our Slack: ucyber.slack.com

Cyber@UC Meeting 66 Welcome New Members! If Youre New! Join our Slack: ucyber.slack.com

Cyber@UC Meeting 66 Welcome New Members! If Youre New! Join our Slack: ucyber.slack.com SIGN IN! (Slackbot will post the link in #general at 6:30) Feel free to get involved with one of our committees: Content Finance Public

178 views • 16 slides
Cyber@UC Meeting 49 Systems Exploitation: Sniffing, Man in the Middle, etc If Youre New!

Cyber@UC Meeting 49 Systems Exploitation: Sniffing, Man in the Middle, etc If Youre New!

Cyber@UC Meeting 49 Systems Exploitation: Sniffing, Man in the Middle, etc If Youre New! Join our Slack: ucyber.slack.com SIGN IN! (Slackbot will post the link in #general) Feel free to get involved with one of our committees:

464 views • 21 slides
1 5 6 Cyber Security and Cyber Space During these last years, the most important effect of the

1 5 6 Cyber Security and Cyber Space During these last years, the most important effect of the

1 5 6 Cyber Security and Cyber Space During these last years, the most important effect of the evolution of IT environments has been the origin of Cyber Space as a result for the Internet use by all subjects in the world, that is Individual

1.17k views • 67 slides
Cyber Bullying Sharing with Parents on Cyber Bullying Outline of Presentation To share on:

Cyber Bullying Sharing with Parents on Cyber Bullying Outline of Presentation To share on:

Slides (for Schools Use) to Brief Parents on Cyber Bullying Sharing with Parents on Cyber Bullying Outline of Presentation To share on: What is Cyber Bullying? MOEs Cyber Wellness Education School-wide Programmes

388 views • 14 slides

More recommend