The presentation will be about real examples of redteam attacks targeted at Polish customers. We will show the advantages and disadvantages of certain type of attacks and our failures and successes. We will summarize the most important best practices to protect against a redteam and good advices on how to attack effectively and be more stealthly.
13. Corporate network
● CMS – demo account
● SSH: tomcat7/tomcat7
● Redundant resource: test image - VM
● The same password applies to Windows server
● Error WWW -> local admin
● Schema of password creation
● Admin account AD
● VMware – admin console
20. Summary
Effective attack is a matter
of time and money
Increase costs of the attackers!
Security is a process. :)
21. Summary
● Report
● Education platform
https://SecurityInside.pl/en
● Presentation for the employees
● Discussion
22. Defense - Communication
● Problems detecting
– SIEM, IDS, IPS, Correlation of data, CallCenter
● Training of the employees
– Education based on practice and case studies
● Incident management (communication)
– Technology, people, risk analysis
23. Defense - Processes
● Computer forensics
– Evidences, analysis of malicious software
● Changes implementation
– Critical updates, vulnerability life span
● Hardening environments, slowing down
the attackers
– Reconfiguration, reaction on the incident
25. Additional materials in polish
Videos:
APT x 3 - wybrane studium przypadków
Darmowe narzędzia wspomagające proces zabezpieczania Twojej firmy
Urządzenia i usługi bezpieczeństwa IT - pełna ochrona czy zaproszenie dla cyberprzestępców?
Narzędzia do zautomatyzowanego testowania bezpieczeństwa
OWASP Top10 Najpopularniejsze błędy bezpieczeństwa aplikacji WWW
Podstawowy arsenał testera bezpieczeństwa aplikacji WWW
Free education:
https://quiz.securityinside.pl
https://quiz2.securityinside.pl
http://sprawdzpesel.pl
http://sprawdzkontobankowe.pl
https://pixabay.com/en/ - Photos
https://www.iconfinder.com/Vecteezy - Icons