redteaming in poland - test cases (security)
TRANSCRIPT
password: I w**l f***i** k**l y*u
DDoS
CC vc BCC - reconnaissance! #fail
Firewall – global!
„Running employee”
Phishing - incident management
Corporate network● CMS – demo account
● SSH: tomcat7/tomcat7
● Redundant resource: test image - VM
● The same password applies to Windows server
● Error WWW -> local admin
● Schema of password creation
● Admin account AD
● VMware – admin console
Summary
Effective attack is a matter of time and money
Increase costs of the attackers!
Security is a process. :)
Summary
● Report● Education platform
https://SecurityInside.pl/en● Presentation for the employees● Discussion
Defense - Communication
● Problems detecting– SIEM, IDS, IPS, Correlation of data, CallCenter
● Training of the employees– Education based on practice and case studies
● Incident management (communication)– Technology, people, risk analysis
Defense - Processes
● Computer forensics – Evidences, analysis of malicious software
● Changes implementation– Critical updates, vulnerability life span
● Hardening environments, slowing down the attackers– Reconfiguration, reaction on the incident
Defense
● WWW, FTP, E-mail, SMTP – Proxy (Hardening)
● Configuration of workstations (Application Whitelisting, GPO, password manager)
● USB WhiteListing
● Authentication – 2FA
● Documentation
● Physical security
● Servers hardening (redundant resources and permissions)
● Confidential data encryption
Additional materials in polishVideos:
APT x 3 - wybrane studium przypadków
Darmowe narzędzia wspomagające proces zabezpieczania Twojej firmy
Urządzenia i usługi bezpieczeństwa IT - pełna ochrona czy zaproszenie dla cyberprzestępców?
Narzędzia do zautomatyzowanego testowania bezpieczeństwa
OWASP Top10 Najpopularniejsze błędy bezpieczeństwa aplikacji WWW
Podstawowy arsenał testera bezpieczeństwa aplikacji WWW
Free education:
https://quiz.securityinside.pl
https://quiz2.securityinside.pl
http://sprawdzpesel.pl
http://sprawdzkontobankowe.pl
https://pixabay.com/en/ - Photos
https://www.iconfinder.com/Vecteezy - Icons
https://z3s.pl/szkolenia/https://securityinside.pl
Attack and defense:● Security of web applications● Security of mobile applications
-20%Expires after 31.337 days
Password: xioM6yah
Trainings – discount