Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.

Practical Security for Nonprofits: Spectre and Meltdown With Kris Constable

1.305 Aufrufe

Veröffentlicht am

Presentation from NetSquared Vancouver's #Tech4Good Trends event for nonprofits in 2018.

Veröffentlicht in: Technologie
  • Loggen Sie sich ein, um Kommentare anzuzeigen.

  • Gehören Sie zu den Ersten, denen das gefällt!

Practical Security for Nonprofits: Spectre and Meltdown With Kris Constable

  1. 1. Privacy & Security Strategies for Non-Profits Impacts of Meltdown & Spectre By Kris Constable @cqwww
  2. 2. Meltdown & Spectre Speculative execution (what's going to happen next) & side channel attacks (physical, electrical and/or mechanical characteristics – hardware) relating to CPUs (Intel, AMD & ARM) Meltdown: Kernel vs Userland Spectre: Segmentation between applications ... A helpful reminder you need a privacy & security strategy
  3. 3. What can you do? Have an organizational strategy and ensure compliance by measuring compliance
  4. 4. Patch all the things
  5. 5. Masscan & metasploit
  6. 6. Let's go through the layers of the OSI model. CERT suggests upgrading your CPU
  7. 7. Patch your operating systems (server, laptop, phone)
  8. 8. Download the latest version of your browser. I recommend something based off Google Chromium or Mozilla Firefox. I use Iridium and Firefox Focus. For chrome, type this in your URL: chrome://flags/#enable-site-per-process and click “enable” on “Strict site isolation.”
  9. 9. Block JavaScript and Flash by default NoScripts Ablock Plus or Ublock Origin Privacy Badger
  10. 10. Make sure you're using antivirus, including mac/osx users, and are using it properly
  11. 11. Restore from your backups
  12. 12. https://privasectech.com/the-blog/ Or PrivaSecTech on Facebook
  13. 13. Questions? kris@privasectech.com @cqwww