Suche senden
Hochladen
Trend briefs security
•
1 gefällt mir
•
348 views
J
Jongseok Choi
Folgen
This presentation is briefly describing trends of security
Weniger lesen
Mehr lesen
Software
Melden
Teilen
Melden
Teilen
1 von 14
Jetzt herunterladen
Downloaden Sie, um offline zu lesen
Empfohlen
Threat Hunting with Cyber Kill Chain
Threat Hunting with Cyber Kill Chain
Suwitcha Musijaral CISSP,CISA,GWAPT,SNORTCP
Web Application Detection with SNORT
Web Application Detection with SNORT
Suwitcha Musijaral CISSP,CISA,GWAPT,SNORTCP
Rethinking Application Security for cloud-native era
Rethinking Application Security for cloud-native era
Priyanka Aash
G Data Retail 2011 English
G Data Retail 2011 English
Daniel Chee
Using ATTACK to Create Cyber DBTS for Nuclear Power Plants
Using ATTACK to Create Cyber DBTS for Nuclear Power Plants
MITRE - ATT&CKcon
The Seven Axioms Of Security
The Seven Axioms Of Security
Saumil Shah
Ben herzberg/incapsula trends of cyber attacks
Ben herzberg/incapsula trends of cyber attacks
ChungSC_tw
Cross Border Cyber Attacks: Impact on Digital Sovereignty
Cross Border Cyber Attacks: Impact on Digital Sovereignty
Saumil Shah
Empfohlen
Threat Hunting with Cyber Kill Chain
Threat Hunting with Cyber Kill Chain
Suwitcha Musijaral CISSP,CISA,GWAPT,SNORTCP
Web Application Detection with SNORT
Web Application Detection with SNORT
Suwitcha Musijaral CISSP,CISA,GWAPT,SNORTCP
Rethinking Application Security for cloud-native era
Rethinking Application Security for cloud-native era
Priyanka Aash
G Data Retail 2011 English
G Data Retail 2011 English
Daniel Chee
Using ATTACK to Create Cyber DBTS for Nuclear Power Plants
Using ATTACK to Create Cyber DBTS for Nuclear Power Plants
MITRE - ATT&CKcon
The Seven Axioms Of Security
The Seven Axioms Of Security
Saumil Shah
Ben herzberg/incapsula trends of cyber attacks
Ben herzberg/incapsula trends of cyber attacks
ChungSC_tw
Cross Border Cyber Attacks: Impact on Digital Sovereignty
Cross Border Cyber Attacks: Impact on Digital Sovereignty
Saumil Shah
The Infosec Crossroads - 44CON 2016
The Infosec Crossroads - 44CON 2016
Saumil Shah
【HITCON FreeTalk 2018 - Spectre & Meltdown 漏洞的修補策略與 risk mitigation】
【HITCON FreeTalk 2018 - Spectre & Meltdown 漏洞的修補策略與 risk mitigation】
Hacks in Taiwan (HITCON)
【HITCON FreeTalk 2018 - 從晶片設計角度看硬體安全】
【HITCON FreeTalk 2018 - 從晶片設計角度看硬體安全】
Hacks in Taiwan (HITCON)
อาชญากรรมคอมพิวเตอร์และกฎหมายที่เกี่ยวข้อง
อาชญากรรมคอมพิวเตอร์และกฎหมายที่เกี่ยวข้อง
Supaporn21
MITRE ATT&CKcon 2018: VCAF: Expanding the ATT&CK Framework to cover VERIS Thr...
MITRE ATT&CKcon 2018: VCAF: Expanding the ATT&CK Framework to cover VERIS Thr...
MITRE - ATT&CKcon
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
CrowdStrike
ویروسهای رایانه ای
ویروسهای رایانه ای
Shahid Beheshti University
임베디드 리눅스 악성코드로 본 사물인터넷 보안 차민석 20150406_코드게이트 발표판
임베디드 리눅스 악성코드로 본 사물인터넷 보안 차민석 20150406_코드게이트 발표판
Minseok(Jacky) Cha
Understanding Fileless (or Non-Malware) Attacks and How to Stop Them
Understanding Fileless (or Non-Malware) Attacks and How to Stop Them
CrowdStrike
【HITCON FreeTalk 2021 - SolarWinds 供應鏈攻擊事件分析】
【HITCON FreeTalk 2021 - SolarWinds 供應鏈攻擊事件分析】
Hacks in Taiwan (HITCON)
Cloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint Security
CrowdStrike
Hta t07-did-you-read-the-news-http-request-hijacking
Hta t07-did-you-read-the-news-http-request-hijacking
Комсс Файквэе
The IoT Attack Surface
The IoT Attack Surface
Daniel Miessler
In search of unique behaviour
In search of unique behaviour
DefCamp
SecureSet WarGames - Logging and Packet Capture Training
SecureSet WarGames - Logging and Packet Capture Training
Greg Foss
Exploit Kit Cornucopia - Blackhat USA 2017
Exploit Kit Cornucopia - Blackhat USA 2017
Brad Antoniewicz
SOCIAL MEDIA AS A CYBER WEAPON
SOCIAL MEDIA AS A CYBER WEAPON
Sylvain Martinez
Catálogo
Catálogo
Iñaki Cabral
Catalogo ZONI
Catalogo ZONI
Iñaki Cabral
Structure - Processing Linkages in Polyethylene
Structure - Processing Linkages in Polyethylene
david_brough1
Decreto 1850 de 2002
Decreto 1850 de 2002
Saku Garcia
Dr Awad CV
Dr Awad CV
Dr Awad Hassan
Weitere ähnliche Inhalte
Was ist angesagt?
The Infosec Crossroads - 44CON 2016
The Infosec Crossroads - 44CON 2016
Saumil Shah
【HITCON FreeTalk 2018 - Spectre & Meltdown 漏洞的修補策略與 risk mitigation】
【HITCON FreeTalk 2018 - Spectre & Meltdown 漏洞的修補策略與 risk mitigation】
Hacks in Taiwan (HITCON)
【HITCON FreeTalk 2018 - 從晶片設計角度看硬體安全】
【HITCON FreeTalk 2018 - 從晶片設計角度看硬體安全】
Hacks in Taiwan (HITCON)
อาชญากรรมคอมพิวเตอร์และกฎหมายที่เกี่ยวข้อง
อาชญากรรมคอมพิวเตอร์และกฎหมายที่เกี่ยวข้อง
Supaporn21
MITRE ATT&CKcon 2018: VCAF: Expanding the ATT&CK Framework to cover VERIS Thr...
MITRE ATT&CKcon 2018: VCAF: Expanding the ATT&CK Framework to cover VERIS Thr...
MITRE - ATT&CKcon
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
CrowdStrike
ویروسهای رایانه ای
ویروسهای رایانه ای
Shahid Beheshti University
임베디드 리눅스 악성코드로 본 사물인터넷 보안 차민석 20150406_코드게이트 발표판
임베디드 리눅스 악성코드로 본 사물인터넷 보안 차민석 20150406_코드게이트 발표판
Minseok(Jacky) Cha
Understanding Fileless (or Non-Malware) Attacks and How to Stop Them
Understanding Fileless (or Non-Malware) Attacks and How to Stop Them
CrowdStrike
【HITCON FreeTalk 2021 - SolarWinds 供應鏈攻擊事件分析】
【HITCON FreeTalk 2021 - SolarWinds 供應鏈攻擊事件分析】
Hacks in Taiwan (HITCON)
Cloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint Security
CrowdStrike
Hta t07-did-you-read-the-news-http-request-hijacking
Hta t07-did-you-read-the-news-http-request-hijacking
Комсс Файквэе
The IoT Attack Surface
The IoT Attack Surface
Daniel Miessler
In search of unique behaviour
In search of unique behaviour
DefCamp
SecureSet WarGames - Logging and Packet Capture Training
SecureSet WarGames - Logging and Packet Capture Training
Greg Foss
Exploit Kit Cornucopia - Blackhat USA 2017
Exploit Kit Cornucopia - Blackhat USA 2017
Brad Antoniewicz
SOCIAL MEDIA AS A CYBER WEAPON
SOCIAL MEDIA AS A CYBER WEAPON
Sylvain Martinez
Was ist angesagt?
(17)
The Infosec Crossroads - 44CON 2016
The Infosec Crossroads - 44CON 2016
【HITCON FreeTalk 2018 - Spectre & Meltdown 漏洞的修補策略與 risk mitigation】
【HITCON FreeTalk 2018 - Spectre & Meltdown 漏洞的修補策略與 risk mitigation】
【HITCON FreeTalk 2018 - 從晶片設計角度看硬體安全】
【HITCON FreeTalk 2018 - 從晶片設計角度看硬體安全】
อาชญากรรมคอมพิวเตอร์และกฎหมายที่เกี่ยวข้อง
อาชญากรรมคอมพิวเตอร์และกฎหมายที่เกี่ยวข้อง
MITRE ATT&CKcon 2018: VCAF: Expanding the ATT&CK Framework to cover VERIS Thr...
MITRE ATT&CKcon 2018: VCAF: Expanding the ATT&CK Framework to cover VERIS Thr...
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
ویروسهای رایانه ای
ویروسهای رایانه ای
임베디드 리눅스 악성코드로 본 사물인터넷 보안 차민석 20150406_코드게이트 발표판
임베디드 리눅스 악성코드로 본 사물인터넷 보안 차민석 20150406_코드게이트 발표판
Understanding Fileless (or Non-Malware) Attacks and How to Stop Them
Understanding Fileless (or Non-Malware) Attacks and How to Stop Them
【HITCON FreeTalk 2021 - SolarWinds 供應鏈攻擊事件分析】
【HITCON FreeTalk 2021 - SolarWinds 供應鏈攻擊事件分析】
Cloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint Security
Hta t07-did-you-read-the-news-http-request-hijacking
Hta t07-did-you-read-the-news-http-request-hijacking
The IoT Attack Surface
The IoT Attack Surface
In search of unique behaviour
In search of unique behaviour
SecureSet WarGames - Logging and Packet Capture Training
SecureSet WarGames - Logging and Packet Capture Training
Exploit Kit Cornucopia - Blackhat USA 2017
Exploit Kit Cornucopia - Blackhat USA 2017
SOCIAL MEDIA AS A CYBER WEAPON
SOCIAL MEDIA AS A CYBER WEAPON
Andere mochten auch
Catálogo
Catálogo
Iñaki Cabral
Catalogo ZONI
Catalogo ZONI
Iñaki Cabral
Structure - Processing Linkages in Polyethylene
Structure - Processing Linkages in Polyethylene
david_brough1
Decreto 1850 de 2002
Decreto 1850 de 2002
Saku Garcia
Dr Awad CV
Dr Awad CV
Dr Awad Hassan
Rural dev
Rural dev
prema latha
Lgpl license
Lgpl license
Eric Juan
GAP_Phase1_Completion_Report
GAP_Phase1_Completion_Report
Tatjana Muhic
Increase your Following on Twitter With Hashtags!
Increase your Following on Twitter With Hashtags!
Megan Davis
Usage of GDB
Usage of GDB
Jongseok Choi
PPDHTH3_HoangNhi
PPDHTH3_HoangNhi
nhi104
Lgpl license
Lgpl license
Eric Juan
Andere mochten auch
(12)
Catálogo
Catálogo
Catalogo ZONI
Catalogo ZONI
Structure - Processing Linkages in Polyethylene
Structure - Processing Linkages in Polyethylene
Decreto 1850 de 2002
Decreto 1850 de 2002
Dr Awad CV
Dr Awad CV
Rural dev
Rural dev
Lgpl license
Lgpl license
GAP_Phase1_Completion_Report
GAP_Phase1_Completion_Report
Increase your Following on Twitter With Hashtags!
Increase your Following on Twitter With Hashtags!
Usage of GDB
Usage of GDB
PPDHTH3_HoangNhi
PPDHTH3_HoangNhi
Lgpl license
Lgpl license
Ähnlich wie Trend briefs security
Whatever it takes - Fixing SQLIA and XSS in the process
Whatever it takes - Fixing SQLIA and XSS in the process
guest3379bd
Cisco Connect Toronto 2017 - Security Through The Eyes of a Hacker
Cisco Connect Toronto 2017 - Security Through The Eyes of a Hacker
Cisco Canada
Recent Trends in Cyber Security
Recent Trends in Cyber Security
Ayoma Wijethunga
Secure coding presentation Oct 3 2020
Secure coding presentation Oct 3 2020
Moataz Kamel
They Ought to Know Better: Exploiting Security Gateways via Their Web Interfaces
They Ought to Know Better: Exploiting Security Gateways via Their Web Interfaces
michelemanzotti
Minor Mistakes In Web Portals
Minor Mistakes In Web Portals
msobiegraj
"Designing Secure Infrastructure for High Growth Product" by Rendra Perdana (...
"Designing Secure Infrastructure for High Growth Product" by Rendra Perdana (...
Tech in Asia ID
How to use shodan more powerful
How to use shodan more powerful
National Cheng Kung University
Blue team reboot - HackFest
Blue team reboot - HackFest
Haydn Johnson
Positive Technologies - S4 - Scada under x-rays
Positive Technologies - S4 - Scada under x-rays
qqlan
Securing TodoMVC Using the Web Cryptography API
Securing TodoMVC Using the Web Cryptography API
Kevin Hakanson
Mitigate Maliciousness -- jQuery Europe 2013
Mitigate Maliciousness -- jQuery Europe 2013
Mike West
Security of Web Applications: Top 6 Risks To Avoid
Security of Web Applications: Top 6 Risks To Avoid
slicklash
EN - BlackHat US 2009 favorite XSS Filters-IDS and how to attack them.pdf
EN - BlackHat US 2009 favorite XSS Filters-IDS and how to attack them.pdf
GiorgiRcheulishvili
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
mike parks
Top Ten Web Hacking Techniques of 2012
Top Ten Web Hacking Techniques of 2012
Jeremiah Grossman
Practical Secure Coding Workshop - {DECIPHER} Hackathon
Practical Secure Coding Workshop - {DECIPHER} Hackathon
Stefan Streichsbier
Writing Secure Code – Threat Defense
Writing Secure Code – Threat Defense
amiable_indian
Track 5 Session 1_如何藉由多層次防禦搭建網路應用安全.pptx
Track 5 Session 1_如何藉由多層次防禦搭建網路應用安全.pptx
Amazon Web Services
Track 5 Session 1_如何藉由多層次防禦搭建網路應用安全
Track 5 Session 1_如何藉由多層次防禦搭建網路應用安全
Amazon Web Services
Ähnlich wie Trend briefs security
(20)
Whatever it takes - Fixing SQLIA and XSS in the process
Whatever it takes - Fixing SQLIA and XSS in the process
Cisco Connect Toronto 2017 - Security Through The Eyes of a Hacker
Cisco Connect Toronto 2017 - Security Through The Eyes of a Hacker
Recent Trends in Cyber Security
Recent Trends in Cyber Security
Secure coding presentation Oct 3 2020
Secure coding presentation Oct 3 2020
They Ought to Know Better: Exploiting Security Gateways via Their Web Interfaces
They Ought to Know Better: Exploiting Security Gateways via Their Web Interfaces
Minor Mistakes In Web Portals
Minor Mistakes In Web Portals
"Designing Secure Infrastructure for High Growth Product" by Rendra Perdana (...
"Designing Secure Infrastructure for High Growth Product" by Rendra Perdana (...
How to use shodan more powerful
How to use shodan more powerful
Blue team reboot - HackFest
Blue team reboot - HackFest
Positive Technologies - S4 - Scada under x-rays
Positive Technologies - S4 - Scada under x-rays
Securing TodoMVC Using the Web Cryptography API
Securing TodoMVC Using the Web Cryptography API
Mitigate Maliciousness -- jQuery Europe 2013
Mitigate Maliciousness -- jQuery Europe 2013
Security of Web Applications: Top 6 Risks To Avoid
Security of Web Applications: Top 6 Risks To Avoid
EN - BlackHat US 2009 favorite XSS Filters-IDS and how to attack them.pdf
EN - BlackHat US 2009 favorite XSS Filters-IDS and how to attack them.pdf
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
Top Ten Web Hacking Techniques of 2012
Top Ten Web Hacking Techniques of 2012
Practical Secure Coding Workshop - {DECIPHER} Hackathon
Practical Secure Coding Workshop - {DECIPHER} Hackathon
Writing Secure Code – Threat Defense
Writing Secure Code – Threat Defense
Track 5 Session 1_如何藉由多層次防禦搭建網路應用安全.pptx
Track 5 Session 1_如何藉由多層次防禦搭建網路應用安全.pptx
Track 5 Session 1_如何藉由多層次防禦搭建網路應用安全
Track 5 Session 1_如何藉由多層次防禦搭建網路應用安全
Mehr von Jongseok Choi
Hyperledger 구조 분석
Hyperledger 구조 분석
Jongseok Choi
Blockchain trends and research
Blockchain trends and research
Jongseok Choi
블록체인 개요
블록체인 개요
Jongseok Choi
Bitcoin and Ethereum
Bitcoin and Ethereum
Jongseok Choi
Effective Go
Effective Go
Jongseok Choi
oneM2M security summary
oneM2M security summary
Jongseok Choi
Case Study on Intelligent IoT Platform
Case Study on Intelligent IoT Platform
Jongseok Choi
oneM2M Introduction and security
oneM2M Introduction and security
Jongseok Choi
IoT Introduction and Security
IoT Introduction and Security
Jongseok Choi
Gitlab.key
Gitlab.key
Jongseok Choi
Basic of Exploitation
Basic of Exploitation
Jongseok Choi
Web penetration
Web penetration
Jongseok Choi
Svn
Svn
Jongseok Choi
wordpress with nginx on virtualization, jail
wordpress with nginx on virtualization, jail
Jongseok Choi
Web hacking 개요
Web hacking 개요
Jongseok Choi
Virtualization
Virtualization
Jongseok Choi
Forensic 2
Forensic 2
Jongseok Choi
Mehr von Jongseok Choi
(17)
Hyperledger 구조 분석
Hyperledger 구조 분석
Blockchain trends and research
Blockchain trends and research
블록체인 개요
블록체인 개요
Bitcoin and Ethereum
Bitcoin and Ethereum
Effective Go
Effective Go
oneM2M security summary
oneM2M security summary
Case Study on Intelligent IoT Platform
Case Study on Intelligent IoT Platform
oneM2M Introduction and security
oneM2M Introduction and security
IoT Introduction and Security
IoT Introduction and Security
Gitlab.key
Gitlab.key
Basic of Exploitation
Basic of Exploitation
Web penetration
Web penetration
Svn
Svn
wordpress with nginx on virtualization, jail
wordpress with nginx on virtualization, jail
Web hacking 개요
Web hacking 개요
Virtualization
Virtualization
Forensic 2
Forensic 2
Kürzlich hochgeladen
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
RTS corp
What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...
Technogeeks
Salesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZ
ABSYZ Inc
A healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdf
Marharyta Nedzelska
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtime
andrehoraa
英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作
qr0udbr0
Introduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdf
FerryKemperman
Post Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on Identity
team-WIBU
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
jennyeacort
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
Christian Birchler
Powering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data Streams
Safe Software
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
9953056974 Low Rate Call Girls In Saket, Delhi NCR
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
Alina Yurenko
Advantages of Odoo ERP 17 for Your Business
Advantages of Odoo ERP 17 for Your Business
Envertis Software Solutions
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Natan Silnitsky
Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...
Rob Geurden
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
StefanoLambiase
UI5ers live - Custom Controls wrapping 3rd-party libs.pptx
UI5ers live - Custom Controls wrapping 3rd-party libs.pptx
Andreas Kunz
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Cizo Technology Services
Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...
Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...
OnePlan Solutions
Kürzlich hochgeladen
(20)
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...
Salesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZ
A healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdf
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtime
英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作
Introduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdf
Post Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on Identity
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
Powering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data Streams
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
Advantages of Odoo ERP 17 for Your Business
Advantages of Odoo ERP 17 for Your Business
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
UI5ers live - Custom Controls wrapping 3rd-party libs.pptx
UI5ers live - Custom Controls wrapping 3rd-party libs.pptx
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...
Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...
Trend briefs security
1.
Cyber Security IoT
Security Trend Briefs of Security th!nkh@ck-hackartist cafe.thinkhack.org September 13, 2014 th!nkh@ck-hackartist Trend Briefs of Security
2.
Cyber Security IoT
Security 1 Cyber Security Exploitation Web Security Reversing 2 IoT Security IoT Architecture IoT Platform IoT Device th!nkh@ck-hackartist Trend Briefs of Security
3.
Cyber Security IoT
Security Exploitation Web Security Reversing Buer Over ow Buer Over ow €? T¨¬ üÐ $X| t©Xì XÄ T¨¬ õt DÌ óÐ pt0| ½…X” õ© Buer Over owX …X Stack Over ow Heap Over ow Buer Over ow ¥ TÜ #include stdio.h int main(int argc, char **argv) f char buf[8]; gets(buf); printf(%snn, buf); return 0; g th!nkh@ck-hackartist Trend Briefs of Security
4.
Cyber Security IoT
Security Exploitation Web Security Reversing Shellcode Shellcode € 4Çx? ShellD )Xì …9´| ä‰Ü¤” TÜ Shellcode ‘ )• ´H¬ TÜ ‘1 0Ä´ ÀX XTÜ ‘1 Shellcode X : BSD setuid/execve nx31nxc0nx50nx50nxb0nx17nxcdnx80 nx31nxc0nx50nx68//shnx68/binnx89nxe3nx50 nx54nx53nx50nxb0nx3bnxcdnx80 th!nkh@ck-hackartist Trend Briefs of Security
5.
Cyber Security IoT
Security Exploitation Web Security Reversing Protection of Buer Over ow Buer Over ow Q0• H |t
6.
ì¬ ¬© Stack
Protection LibSafe StackGuard ProPolice DEP Pointer Protection PointGuard Executable space protection PaX BuerShield Address Space Layout Randomization Depp Packet Inspection th!nkh@ck-hackartist Trend Briefs of Security
7.
Cyber Security IoT
Security Exploitation Web Security Reversing Bypassing BoF Protection Brute Force Canary Ð t ¬© ROP õ© ASLR, DEP/NX, ASCII-Armor protectionÐ t ¬© RTL, Chaining RTL, GOT 0•t ˆL th!nkh@ck-hackartist Trend Briefs of Security
8.
Cyber Security IoT
Security Exploitation Web Security Reversing SQL Injection SQL Injection t€? ù
9.
|ø0X „XX SQL
TÜ| ½…Xì õ©D ‰ SQL InjectionX …X Form Injection Blind Injection Cookie Injection Union Injection SQL Injection ‰Ü SQL ü¬X Áü¬ : SELECT * FROM members WHERE uid='admin' and upw='xxx'; õ©ü¬ : SELECT * FROM members WHERE uid=or '1'='1' and upw= or '1'='1'; th!nkh@ck-hackartist Trend Briefs of Security
10.
Cyber Security IoT
Security Exploitation Web Security Reversing XSS XSS €? Cross Site Scripting }´ CSS|àÄ €tÀÌ, Cascading Style Sheet @ Ù´ XSS ü ˆ¼. ùÐ HTMLÜø| „X ½…Xì T| ‰X” õ©. |” ¬©X Cookie| ÈèX” ƒD ©h XSS õ©X Re ective XSS Stored XSS XSS õ©X scriptalert(document.cookie);/script th!nkh@ck-hackartist Trend Briefs of Security
11.
Cyber Security IoT
Security Exploitation Web Security Reversing CSRF CSRF €? Cross Site Request Forgery X }´tp, HTTP Request| ÀpX” õ© CSRF õ© a href=http://localhost/admin/chpw.php?pw=1234Go to localhost/a Q)• GET TŒÜôä” POST TŒÜ| ¬© ” ô À½ÜД 2( € ‰ th!nkh@ck-hackartist Trend Briefs of Security
12.
Cyber Security IoT
Security Exploitation Web Security Reversing Dynamic Analysis Dynamic Analysis €? ø¨D ä‰Xì T¨¬Ð ) ÁÜÐ „D ‰X” ƒ ¥ Packing D à$XÀ JDÄ ( Ù‘X” üD äÜ ¨È0Á ` ˆL Dynamic AnalysisÐ ü ¬©X” 4 Virtualization, Sandbox 4 Ollydbg, imunity debugger, windbg ñ th!nkh@ck-hackartist Trend Briefs of Security
13.
Cyber Security IoT
Security Exploitation Web Security Reversing Static Analysis Static Analysis €? ø¨D ä‰XÀ Jà „X” )• ¥ Sandbox D”ÆL Anti-DebuggingÐ x¬À JL ô
14.
| ¥ Static
AnalysisÐ ü ¬©X” 4 IDA, objdump th!nkh@ck-hackartist Trend Briefs of Security
15.
Cyber Security IoT
Security IoT Architecture IoT Platform IoT Device IoT Architecture œ˜ : http://www.magic.ubc.ca/wiki/uploads/Projects/IoTportal2.png th!nkh@ck-hackartist Trend Briefs of Security
16.
Cyber Security IoT
Security IoT Architecture IoT Platform IoT Device IoT Platform Security ¬© x x IoT ¬©äÐ t x ¬© Ä ´ ¥ t¤Ð ü´ MAC,DAC, Non-DAC, RBAC ñ” Ä ˆL. CapBACt ˜TÀÌ, ìˆ ììÀ tˆ ˆ´ t°t|h. Privacy IoT” User-Friendly X½ ¬©X ô| Ît xœh Ept0Ð |t„Ü| ô8` ˆ” )• D” ììÀ 0•t Hà ˆÀÌ, 1¥ÁX 8 ˆL. DDoS High-rate DoS õ©@ 0ø xœ´ ˆL Low-rate DoS õ©Ä à$Xì| h Load-Balancing à$t|h th!nkh@ck-hackartist Trend Briefs of Security
17.
Cyber Security IoT
Security IoT Architecture IoT Platform IoT Device IoT Device Security Device Authentication Device to Device xD à$t| h | Serial 0X xD ü ¬©Xà ˆÀÌ, Ä ˆL Certi
18.
cate 0X xD
õt| h SAML, SOAP ñD ü t©Xà ˆÀÌ, Ä ˆL Device Certi
19.
cate x X
D”h Device Access Control DeviceÐ Access ControlD ‰X0 t” ½ÉT ´| h MAC, DAC, RBAC ñX 0tX ü´” IoT X½Ð Ä Ý@ CapBACt tˆ à ˆÀÌ, IoT X½D Dˆ XÀ »Xà ˆL ABE0X ü´ 0•Ð äÈ ðl D”h th!nkh@ck-hackartist Trend Briefs of Security
Jetzt herunterladen