it intrusion it intrusion finfisher product suite it
play

IT INTRUSION IT INTRUSION FinFisher Product Suite IT INTRUSION IT - PowerPoint PPT Presentation

Mar 13, 2023 •246 likes •638 views

IT INTRUSION IT INTRUSION FinFisher Product Suite IT INTRUSION IT INTRUSION FinFisher Product Suite FinFisher Product Suite FinFisher Product Suite Usage Usage Information Gathering Information Gathering PC Surveillance

  1. IT INTRUSION IT INTRUSION FinFisher Product Suite IT INTRUSION IT INTRUSION – FinFisher Product Suite FinFisher Product Suite FinFisher Product Suite

  2. Usage Usage • Information Gathering Information Gathering • PC Surveillance • Hacking • Information Exploitation • Information Interception 2

  3. Components Components • FinFisher USB Suite • FinFisher Remote Hacking Kit • FinSpy • FinSpy • FinFly • FinTraining • FinAudit Fi A dit • New Products - 2008 3

  4. FinFisher USB Suite FinFisher USB Suite • Suite to locally extract information from target systems with little or no user target systems with little or no user interaction • Data analysis/Report generation at Head • Data analysis/Report generation at Head- quarters 4

  5. Components Components • FinFisher USB Suite – FinFisher HQ – FinFisher 1 – FinFisher 2 – FinFisher 3 • FinFisher Remote Hacking Kit • FinFisher Remote Hacking Kit • FinSpy • FinFly • FinTraining • FinTraining • FinAudit • New Products - 2008 5

  6. FinFisher HQ FinFisher HQ • Graphical User Interface for FinFisher 1 and 2 • Used to configure operational options U d t fig ti l ti • Generates certificates for encryption • Deciphers and imports data from dongles • Generates reports from gathered data p g • Updates FinFisher 1 and 2 systems 6

  7. FinFisher HQ FinFisher HQ 7

  8. Components Components • FinFisher USB Suite – FinFisher HQ FinFisher HQ – FinFisher 1 – FinFisher 2 Fi Fi h 2 – FinFisher 3 • FinFisher Remote Hacking Kit • FinSpy py • FinFly • FinTraining Fi T i i • FinAudit • New Products - 2008 8

  9. FinFisher FinFisher 1 1 • U3 USB Dongle • Executes on insertion with little or no user intervention • Obtains system and account information for: Obtains system and account information for: • Windows Accounts • E-Mail Accounts (Microsoft Outlook / Express ) E Mail Accounts (Microsoft Outlook / Express, …) • Instant Messenger Accounts (MSN, Yahoo, ICQ, …) • System Details (Product Keys Hotfixes ) System Details (Product Keys, Hotfixes, …) • Network Information (Open Ports, Cookies, History, …) • All gathered data is asymmetrically enciphered • Bypasses installed Anti Virus/Anti Spyware • Bypasses installed Anti-Virus/Anti-Spyware software 9

  10. FinFisher FinFisher 1 1 10

  11. Components Components • FinFisher USB Suite – FinFisher HQ FinFisher HQ – FinFisher 1 – FinFisher 2 Fi Fi h 2 – FinFisher 3 • FinFisher Remote Hacking Kit • FinSpy py • FinFly • FinTraining Fi T i i • FinAudit • New Products - 2008 11

  12. FinFisher 2 FinFisher 2 • U3 USB Dongle • Executes on insertion with little or no user intervention • Gets a copy of all locally stored E-Mails from Gets a copy of all locally stored E Mails from the target system • Obtains specific files by file extension (e g all • Obtains specific files by file-extension (e.g. all .doc and .xls files) • All gathered data is asymmetrically enciphered All h d d i i ll i h d • Bypasses installed Anti-Virus/Anti-Spyware software 12

  13. FinFisher FinFisher 2 2 13

  14. Components Components • FinFisher USB Suite – FinFisher HQ FinFisher HQ – FinFisher 1 – FinFisher 2 Fi Fi h 2 – FinFisher 3 • FinFisher Remote Hacking Kit • FinSpy py • FinFly • FinTraining Fi T i i • FinAudit • New Products - 2008 14

  15. FinFisher FinFisher 3 3 • 2 Bootable CD-Roms: 1. Removes password for selected Windows user account 2. Securely wipes local hard-disks 15

  16. Components Components • FinFisher USB Suite • FinFisher Remote Hacking Kit • FinSpy • FinSpy • FinFly • FinTraining • FinAudit Fi A dit • New Products - 2008 16

  17. FinFisher Remote Hacking Kit FinFisher Remote Hacking Kit • Used for remote information gathering • Provides up-to-date hacking environment P id t d t h ki i t • Can target public servers and personal g p p computers 17

  18. FinFisher Remote Hacking Kit FinFisher Remote Hacking Kit • Ruggedized notebook • FinTrack operating system Fi T k ti t • Various scripts for automating attack p g procedures • All major up-to-date hacking tools 18

  19. FinFisher Remote Hacking Kit FinFisher Remote Hacking Kit • High-power Wireless LAN adapter • Bluetooth adapter with antenna plug Bl t th d t ith t l • Directional/Omni-directional antenna • 500 GB USB disk containing Rainbow Tables, default password lists, etc. • USB-to-Ethernet adapter • USB to Ethernet adapter • PS/2 and USB Keylogger • Other 19

  20. Components Components • FinFisher USB Suite • FinFisher Remote Hacking Kit • FinSpy • FinSpy • FinFly • FinTraining • FinAudit Fi A dit • New Products - 2008 20

  21. FinSpy FinSpy • Professional Trojan Horse • Monitor and remotely access one or multiple systems • Presence on target system is hidden • All communication is hidden and enciphered • Components: – FinSpy Client – FinSpy Server – FinSpy Target – FinSpy USB-U3 Dongle (Target) – FinSpy Antidote 21

  22. FinSpy FinSpy • Features: – Custom Executables – Bypasses Anti-Virus/Anti-Spyware Software – Location Tracing – Scheduled Operations – Key Logging y gg g – Password Gathering – Webcam/Microphone Access p – Communication Sniffing: • Skype yp • Instant Messengers (ICQ, Yahoo, …) – Other Other 22

  23. Components Components • FinFisher USB Suite • FinFisher Remote Hacking Kit • FinSpy • FinSpy • FinFly • FinTraining • FinAudit Fi A dit • New Products - 2008 23

  24. FinFly FinFly • Used to infect executables while downloading • Components: – Transparent HTTP Proxy – EXE Loader • Proxy attaches Trojan Horse software to downloaded executables on-the-fly • Loader removes attached software from downloaded executable after installation • Can be used on local networks (e.g. Wireless LANs) • ISP Version to come in 2008 ISP V i i 2008 24

  25. Components Components • FinFisher USB Suite • FinFisher Remote Hacking Kit • FinSpy • FinSpy • FinFly • FinTraining • FinAudit Fi A dit • New Products - 2008 25

  26. FinTraining: Basic Hacking Courses FinTraining: Basic Hacking Courses • 1 or 2 week basic hacking overview • Covers various common hacking techniques • Practical examples, demonstrations and exercises • Topics include: – Footprinting/Scanning/Enumeration ootp t g Sca g u e at o – Networks – Exploits – Exploits – Wireless LANs – Bluetooth Bl t th – Other 26

  27. FinTraining Advanced: Exploiting Software FinTraining Advanced: Exploiting Software • 1 week course 1 k • Covers bugs in software and exploiting these these • Practical examples, demonstrations and exercises exercises • Topics include: – Software Bugs Software Bugs – Exploit Archives/Frameworks – Shellcode Shellcode – Finding Bugs – Customizing Exploits Customizing Exploits – Other 27

  28. FinTraining Advanced: Rootkits FinTraining Advanced: Rootkits • 1 week course • Covers RootKit and Trojan horse techniques • Practical examples, demonstrations and exercises • Topics include: – Analysis – Usage Usage – Detection – Development Development – Other 28

  29. FinTraining Advanced: Hacking VoIP FinTraining Advanced: Hacking VoIP • 1 week course • Covers Voice-over-IP eavesdropping and various attack techniques • Practical examples, demonstrations and exercises • Topics include: – RTP Sniffing – RTP Insertion RTP Insertion – SIP Account Brute-Forcing – SIP Account Cracking SIP Account Cracking – Other 29

  30. FinTraining Advanced: Wireless Hacking FinTraining Advanced: Wireless Hacking • 1 week course • Covers Wireless LANs, Bluetooth and Wireless Keyboards • Practical examples, demonstrations and exercises • Topics include: – Wireless LAN WEP/WPA Cracking – Bluetooth Link-Key Cracking Bluetooth Link Key Cracking – Wireless Keyboard Sniffing – Other Other 30

  31. FinTraining Advanced: Covert Comms FinTraining Advanced: Covert Comms • 1 week course • Covers steganography, encryption, network and application protocols • Practical examples, demonstrations and exercises • Topics include: – Hiding data in objects – Hiding data in streams Hiding data in streams – Hiding VoIP communication – Other Other 31

  32. FinTraining Advanced: More FinTraining Advanced: More • More topics upon request • Courses are customized according to customers needs and skill-set 32

  33. Components Components • FinFisher USB Suite • FinFisher Remote Hacking Kit • FinSpy • FinSpy • FinFly • FinTraining • FinAudit Fi A dit • New Products - 2008 33

  34. FinAudit FinAudit • 1 or 2 week penetration test • Security check of networks, systems and software • Helps analyzing various attack vectors and fi di finding vulnerabilities l bili i • Prevents data disclosure and intrusion • Finalizing report and consulting services 34

  35. Components Components • FinFisher USB Suite • FinFisher Remote Hacking Kit • FinSpy • FinSpy • FinFly • FinTraining • FinAudit Fi A dit • New Products - 2008 35

Recommend

Press intrusion. Identifying similar words with different connotations What is press intrusion?

Press intrusion. Identifying similar words with different connotations What is press intrusion?

Topic 12: Press intrusion. Identifying similar words with different connotations What is press intrusion? Press intrusion is an issue which has many stances, often depending on whether you are a member of the press or have been on the receiving

602 views • 9 slides
Styles of Intrusion Detection Misuse intrusion detection Try to detect things known to be

Styles of Intrusion Detection Misuse intrusion detection Try to detect things known to be

Styles of Intrusion Detection Misuse intrusion detection Try to detect things known to be bad Anomaly intrusion detection Try to detect deviations from normal behavior Specification intrusion detection Try to detect

627 views • 15 slides
Intrusion Detection Principles Basics Models of Intrusion Detection

Intrusion Detection Principles Basics Models of Intrusion Detection

Intrusion Detection Principles Basics Models of Intrusion Detection Architecture of an IDS Architecture of an IDS Organization Incident Response Slide #22-1 FEARLESS engineering Principles of Intrusion Detection

744 views • 40 slides
Intrusion Detection System Amir Hossein Payberah payberah@yahoo.com 1 Contents Intrusion

Intrusion Detection System Amir Hossein Payberah payberah@yahoo.com 1 Contents Intrusion

Intrusion Detection System Amir Hossein Payberah payberah@yahoo.com 1 Contents Intrusion Detection Systems Tripwire Snort 2 IDS (Definition) Intrusion Detection is the process of monitoring the events occurring in a computer

571 views • 30 slides
Chapter 25: Intrusion Detection Principles Basics Models of Intrusion Detection

Chapter 25: Intrusion Detection Principles Basics Models of Intrusion Detection

Chapter 25: Intrusion Detection Principles Basics Models of Intrusion Detection Architecture of an IDS Organization Incident Response June 2, 2005 ECS 235, Computer and Information Slide #1 Security Principles of

1.38k views • 104 slides
THE VAPOR INTRUSION PATHWAY DANIEL G. GREENE, CPG MISCONCEPTIONS MISCONCEPTIONS VAPOR INTRUSION

THE VAPOR INTRUSION PATHWAY DANIEL G. GREENE, CPG MISCONCEPTIONS MISCONCEPTIONS VAPOR INTRUSION

engineers | scientists | architects | constructors THE VAPOR INTRUSION PATHWAY DANIEL G. GREENE, CPG MISCONCEPTIONS MISCONCEPTIONS VAPOR INTRUSION The migration of volatile chemical from the subsurface into overlying building (USEPA 2002)

585 views • 31 slides
Intrusion Detection W enke Lee Com puter Science Departm ent Colum bia University Intrusion and

Intrusion Detection W enke Lee Com puter Science Departm ent Colum bia University Intrusion and

Intrusion Detection W enke Lee Com puter Science Departm ent Colum bia University Intrusion and Computer Security Com puter security: confidentiality, integrity, and availability Intrusion: actions to com prom ise security W hy

1.09k views • 63 slides
Customizing and Evolving Intrusion Detection A static, globally useful intrusion detection

Customizing and Evolving Intrusion Detection A static, globally useful intrusion detection

Customizing and Evolving Intrusion Detection A static, globally useful intrusion detection solution is impossible Good behavior on one system is bad behavior on another Behaviors change and new vulnerabilities are discovered

700 views • 23 slides
Outline Introduction Intrusion Detection Characteristics of intrusion detection CS 236

Outline Introduction Intrusion Detection Characteristics of intrusion detection CS 236

Outline Introduction Intrusion Detection Characteristics of intrusion detection CS 236 systems Computer Software Some sample intrusion detection March 12, 2007 systems Lecture 14 Lecture 14 Page 1 Page 2 CS 236, Winter 2007

537 views • 10 slides
Outline Introduction Intrusion Detection Characteristics of intrusion detection CS 239

Outline Introduction Intrusion Detection Characteristics of intrusion detection CS 239

Outline Introduction Intrusion Detection Characteristics of intrusion detection CS 239 systems Computer Software Some sample intrusion detection March 9, 2005 systems Lecture 15 Lecture 15 Page 1 Page 2 CS 239, Winter 2005

602 views • 12 slides
Signature Based Intrusion Detection Systems Philip Chan CS 598 MCC Spring 2013 Intrusion

Signature Based Intrusion Detection Systems Philip Chan CS 598 MCC Spring 2013 Intrusion

Signature Based Intrusion Detection Systems Philip Chan CS 598 MCC Spring 2013 Intrusion Detection Systems Detect malicious Raise alarms activities/attacks Alert administrators Hacking/ unauthorized access Trigger defense

217 views • 21 slides
Intrusion Detection Intrusion Detection October 23, 2020 Administrative Administrative

Intrusion Detection Intrusion Detection October 23, 2020 Administrative Administrative

Intrusion Detection Intrusion Detection October 23, 2020 Administrative Administrative submittal instructions submittal instructions answer the lab assignments questions in written report form, as a text, pdf, or Word document

504 views • 21 slides
Overview Intrusion Detection Systems Intrusion Detection Concepts and Practices Dealing

Overview Intrusion Detection Systems Intrusion Detection Concepts and Practices Dealing

Overview Intrusion Detection Systems Intrusion Detection Concepts and Practices Dealing with Intruders Detecting Intruders Principles of Intrusions and IDS The IDS Taxonomy Chapter 13 Using Rules and Thresholds for

297 views • 7 slides
Vadose Zone Profiling g to Better Understand Processes Related to Vapor Intrusion Related to Vapor

Vadose Zone Profiling g to Better Understand Processes Related to Vapor Intrusion Related to Vapor

Vapor Intrusion 2010 Sept. 29-30 Chicago Vadose Zone Profiling g to Better Understand Processes Related to Vapor Intrusion Related to Vapor Intrusion Daniel B. Carr, P.E., P.G., Laurent C. Levy, Ph.D., P.E., Allan H. Horneman, D.E.S. Effect

574 views • 14 slides
Intrusion Prevention and Detection in Grid computing - The ALICE Case 21st International

Intrusion Prevention and Detection in Grid computing - The ALICE Case 21st International

Intrusion Prevention and Detection in Grid computing - The ALICE Case 21st International Conference on Computing in High Energy and Nuclear Physics Outline: Introduction Threat model Intrusion prevention Intrusion detection

420 views • 16 slides
Intrusion Detection Systems CS 236 On-Line MS Program Networks and Systems Security Peter

Intrusion Detection Systems CS 236 On-Line MS Program Networks and Systems Security Peter

Intrusion Detection Systems CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Lecture 11 Page 1 CS 236 Online Outline Introduction Characteristics of intrusion detection systems Some sample intrusion detection

143 views • 12 slides
NAVFAC Vapor Intrusion NAVFAC Vapor Intrusion Activities Activities May 22, 2009 NAFVAC

NAVFAC Vapor Intrusion NAVFAC Vapor Intrusion Activities Activities May 22, 2009 NAFVAC

NAVFAC Vapor Intrusion NAVFAC Vapor Intrusion Activities Activities May 22, 2009 NAFVAC Atlantic November 10, 2009 Kim Parker Brown, M.S., PE NAVFAC HQ 1 Overview Navy Vapor Intrusion (VI) Policy Navy Vapor Navy Vapor

438 views • 10 slides
Network Intrusion Detection & Forensics with Bro Matthias Vallentin vallentin@berkeley.edu

Network Intrusion Detection & Forensics with Bro Matthias Vallentin vallentin@berkeley.edu

Network Intrusion Detection & Forensics with Bro Matthias Vallentin vallentin@berkeley.edu BERKE1337 March 3, 2016 Outline 1. Intrusion Detection 101 2. Bro 3. Network Forensics Exercises 1 / 29 Detection vs. Blocking Intrusion

432 views • 32 slides
COMPUTER INTRUSION INVESTIGATIONS Investigative Challenges Victim preparedness and response

COMPUTER INTRUSION INVESTIGATIONS Investigative Challenges Victim preparedness and response

John Chesson Special Agent InfraGard Coordinator FBI San Francisco Division Counter Intelligence Computer Intrusion COMPUTER INTRUSION INVESTIGATIONS Investigative Challenges Victim preparedness and response capabilities Volatility of

404 views • 15 slides
Intrusion Detection Distributed Host-Based Network-Based ITS335: IT Security Honeypots

Intrusion Detection Distributed Host-Based Network-Based ITS335: IT Security Honeypots

ITS335 Intrusion Detection Intruders Intrusion Detection Host-Based Intrusion Detection Distributed Host-Based Network-Based ITS335: IT Security Honeypots Summary Sirindhorn International Institute of Technology Thammasat University

585 views • 30 slides
Optimising the resource utilisation in high-speed network intrusion detection systems. Gerald

Optimising the resource utilisation in high-speed network intrusion detection systems. Gerald

Optimising the resource utilisation in high-speed network intrusion detection systems. Gerald Tripp www.kent.ac.uk Network intrusion detection Network intrusion detection systems are provided to detect the presence of various security

260 views • 12 slides
Automobile Intrusion Detection Jun Li Twitter @bravo_fighter UnicornTeam Qihoo360 2 What

Automobile Intrusion Detection Jun Li Twitter @bravo_fighter UnicornTeam Qihoo360 2 What

Automobile Intrusion Detection Jun Li Twitter @bravo_fighter UnicornTeam Qihoo360 2 What this talk is about? Automotive intrusion detection Automotive cyber-security architecture From the highest viewpoint J 3 Outline Quick

926 views • 63 slides
Wisconsin: Vapor Intrusion Prevention Partnership Initiative Alyssa Sellwood, P.E. Vapor

Wisconsin: Vapor Intrusion Prevention Partnership Initiative Alyssa Sellwood, P.E. Vapor

Local/State Efforts Wisconsin: Vapor Intrusion Prevention Partnership Initiative Alyssa Sellwood, P.E. Vapor Intrusion Team Leader Bureau of Remediation and Redevelopment Wisconsin Department of Natural Resources Contact Information

216 views • 7 slides
OrchIDS: on the value of rigor in intrusion detection Jean Goubault-Larrecq CPS, Grenoble, July

OrchIDS: on the value of rigor in intrusion detection Jean Goubault-Larrecq CPS, Grenoble, July

OrchIDS: on the value of rigor in intrusion detection Jean Goubault-Larrecq CPS, Grenoble, July 08 2014 vendredi 11 juillet 14 Outline 1.A few scary stories about computer security 2. ORCHIDS : an intrusion prevention system 3. Semantics and

1.93k views • 177 slides

More recommend