Introduce the cyber threat map, review up-to-date tools, methodolgies and best-practices used by hackers, and learn how to apply them to secure our systems.

1. CYBER ORIENTED
ENGINEERING
SALO SHP
1

2. /whois
2
https://www.linkedin.com/in/salo-shp/
https://www.tikalk.com

3. Malicious
software
“Any software usable for a malicious intent”
Virus Worm
BotTrojan
Ransomware Spyware
Adware
ScarewareRiskware
Mineware
3

4. “There is no patch
for human stupidity”
Kevin Mitnick
4

5. 5

6. https://youtu.be/aVlYuPzmJoY
http://kestas.kuliukas.com/RainbowTables/
6

7. Undocumented feature (aka BUG)
Vulnerability
Hotfix
7

8. 8

9. Undocumented feature (aka BUG)
Vulnerability
Hotfix
NVD/CAN/CVE - Common Vulnerabilities & Exposures
9

10. 10

11. 11

12. https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=office
12

13. Undocumented feature (aka BUG)
Vulnerability
Hotfix
CVE
Antimalware
13

14. 14

15. 15

16. https://www.wired.com/story/inside-scan4you-takedown/16

17. Undocumented feature (aka BUG)
Vulnerability
Hotfix
CVE
Antimalware
RMF
17

18. National Institute of Standards and Technology (DoC)
SP-800-171r1 - Protecting Controlled Unclassified Information in
Nonfederal Systems and Organizations
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-171r1.pdf
SP-800-53r4 - Security and Privacy Controls for Federal
Information Systems and Organizations
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf
CSF - Cyber Security Framework
https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf
SP-800-37r1 - Guide for Applying the Risk Management
Framework to Federal Information Systems
https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-37r1.pdf
18

19. International Organisation for Standardisation
Publications cost money
ISO/IEC 2700x family of information security
standards internationally recognised and accepted
Allows system managers to identify and mitigate gaps
and overlaps in coverage
Focuses specifically and purposefully on information
technology
19

20. GDPR - General Data Protection Regulation
Privacy by Design
http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:
32016R0679
Health & Human services - HIPAA (Health
Insurance Portability and Accountability Act)
Standards for Privacy of Individually
Identifiable Health Information
https://www.hhs.gov/sites/default/files/privacysummary.pdf
PCIDSS - Payment Card Industry Data
Security Standard
https://www.pcisecuritystandards.org/documents/PCI_DSS_v3-2-1.pdf
20

21. Undocumented feature (aka BUG)
Vulnerability
Hotfix
CVE
Antimalware
RMF
0day
Exploit
21

22. https://www.zerodayinitiative.com/blog/2018/9/20/zdi-can-6135-a-remote-code-execution-vulnerability-in-the-microsoft-windows-jet-database-engine
https://github.com/thezdi/PoC/tree/master/ZDI-18-1075
22

23. 23

24. 24

25. 25

26. 26

27. 27
https://github.com/kayrus/kubelet-exploit

28. 28

29. Undocumented feature (aka BUG)
Vulnerability
CVE
0day
Exploit
Kit
Vector
Hotfix
Antimalware
RMF
29

30. 30

31. http://www.cs.cmu.edu/~wing/publications/Howard-Wing03.pdf
https://manadhata.github.io/pdf/tse11.pdf
31

32. Confidentiality
Integrity
Availability
Unauthorised disclosure
of information
Unauthorised modification or
destruction of information
Disruption of access
to information
CIA triad
32

33. Undocumented feature (aka BUG)
Vulnerability
Hotfix
CVE
Antimalware
RMF
0day
Exploit
Kit
Vector
Distro
33

34. Kali
BackBox
Parrot SecOS
BlackArch
DEFT
Samurai Web
Pentoo
Caine
Network Sec Toolkit
Fedora Security Spin
Bugtraq
ArchStrike
Cyborg
Matriux
WEAKERTH4N
BlackUbuntu
LionSec
Dracos
Qubes
Flare-VM
Tails
NetHunter
NodeZero
Knoppix
34

35. Damn Vulnerable web App (DVWA)
WebGoat
Damn Vulnerable Linux
Metasploitable2
https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project/Pages/Offline
bWAPP
Damn Vulnerable iOS App (DVIA)
Game of Hacks
Google Gruyere
HackThis!!
Hack This Site
Hellbound Hackers
McAfee HacMe
Mutillidae2
OverTheWire
Peruggia
Root Me
Try2Hack
Vicnum
Web Security Dojo
XXE
Hackxor
Zero Bank
https://pentesterlab.com/exercises/
https://www.vulnhub.com
https://www.enigmagroup.org/pages/challenges
https://github.com/Hacker0x01/hacker101
35

36. Undocumented feature (aka BUG)
Vector
Distro
skid
troll
Vector
Vulnerability
Hotfix
CVE
Antimalware
RMF
0day
Exploit
Kit
36

37. 37

38. Undocumented feature (aka BUG)
Vector
Distro
skid
hacktivist
troll
Vector
Vulnerability
Hotfix
CVE
Antimalware
RMF
0day
Exploit
Kit
38

39. 39

40. Undocumented feature (aka BUG)
APT
skid
hacktivist
troll
CVE
0day
RMF
Exploit
Antimalware
Vulnerability
Hotfix
Kit
Vector
Distro
40

41. 41

42. 42

43. https://www2.fireeye.com/rs/fireye/images/rpt-apt28.pdf
43

44. 44

45. Personnel
PT / CTF
Honey pots
Methodology
Frameworks
Forensics
Bountyz
Assets
Artefact
repos
Appliances
Monitoring
3-3-3-1
45

46. Confidentiality
Integrity
Availability
Unauthorised disclosure
of information
Unauthorised modification or
destruction of information
Disruption of access
to information
EffectiveUnintrusive
Permissive
Mitigate the threat
Be transparent
as possible
Don’t limit users
beyond necessary
46

47. Classify
Catch
Commit
47

48. Hardware
Ephemeral
Firmware
Software Players
Tokens
SessionsAPI Servers
Workstations
Network
StorageAuthentication
modules
Third party
Users
Bots
AccessIdentification
Support
Level
Type
Meta
Remote
Printers
Switches
BIOS
TPM
CMOS
Services
IPMI/iLo
Sensors
Applications OS
Modules
Plugins
Artefacts
Documents
Location
Classify
48

49. Updates CM
Training
Access control
Maintenance
Backup
Ansible
Scheduled
Configuration
Databases
Artefacts
Encryption
2FA Bio Identification
Time/role based
Bot based
From SCM
Signed
0 downtime
Courses
Certifications
Best practices
Tests
Scenarios
Consistent 0 touch
Commit
49

50. Audit
Accountability
Monitor
State
Logs
Store
4ever
NLP
Auto
Parsing
Cross
levels
TRACE
What
Who
When
Why
Metrics
Performance
Usage
Meta
data
Cloud log
Unexpected
SLA
Anomalies Changes
Desired
Catch
50

51. Whitelist state integrity
SAFE > s0rry
Anonymise environment
Minimise attack vector
51

52. Critical battery