Hacking a company

Preview:

Click to see full reader

Citation preview

Hacking a Company

Igor Beliaiev

whoami

Security EngineerOWASP Lviv memberIgor Beliaiev

Red TeamingA red team is an independent group that challenges an organization to improve its effectiveness.

Penetration testers assess organization security, often unbeknownst to client staff. This type of Red Team provides a more realistic picture of the security readiness than announced assessments.

(c) Wikipedia

Red Teaming … of the airport security

95% failure rate67 out of 70

Transportation Security Administration test

%companyname

Compliance vs Security

Attack planning

The weakest part in security?

The security level of the system is determined by its most insecure

element

The most valuable information in company?

PEOPLEMONEY CLIENTS

Choosing targetsFinance

IT(backups, access, data)

AccountingInfrastructure Legal

Risks analysis

Technological risks: Malware/viruses/intrusions Cyber attacks Service provider failure Physical security (f.e. loss of devices) Data related vulnerabilities Phishing

Human risks: Human error/mistakes Insider sabotage/theft Lack of skills Lack of knowledge Lack of guidance

Social Engineering Works

Social Engineering Works

Caution - a lot of BLUR inside

Ask to use your USB flash

Let’s go deeper

Is it a feature?

Acting like IT Support

Accounting

Finance

IT support

Change in mindset needed

going inside…SoftServe

igor@beliaiev.comskype: ghost-bel

Recommended

Lessons from Silicon Valley - Company Culture, Growth Hacking, Design Thinking - KMBS - Oct 15 2015
Technology
Hacking as a Career
Documents
Ethical Hacking and Countermeasures - Varutra · Hacking Concepts o Hacking vs. Ethical Hacking o Effects of Hacking on Business o Who Is a Hacker? o Hacker Classes ... Ethical Hacking
Documents
Certified Ethical Hacking, Ethical Hacking Exam, Ethical Hacking … · 2020-01-24 · This ethical hacking course puts you in the driver’sseat of a hands-on environment with a
Documents
Hacking a Professional Drone
Technology
A Hacking Atlas: Holistic Hacking in the Urban Theater · 2018-12-05 · of hacking and holistic hacking, and hacking spaces (and seven types of hacking spaces, each described below)
Documents
Ethical Hacking and Countermeasures- Version 9 Technology -Ethical Hacking and Countermeasures- Version 9 ... Satellite Picture of a Residence K. ... Google Hacking Tool: Google Hacking
Documents
Hacking and Civic Hacking
Social Media
Hacking The Science Behind LinkedIn Company Updates - Sydney 23rd June
Documents
ACL - Philadelphia University€¦  · Web viewEthical hacking. A term used to describe a type of hacking that is done to help a company or individual identify potential threats
Documents
Hacking & Ethical Hacking
Documents
Company LOGO Search Engine Hacking Steve at SnakeOilLabs dot com
Documents
Ethical Hacking: Hacking GMail. Teaching Hacking
Documents
GOOGLE HACKING GOOGLE HACKING
Documents
HACKING YOUR NON-COMPETE - Black Hat Briefings...•Company B provided an employment offer that prevented the BSW from soliciting Company A clients or uploading any Company A data
Documents
Hacking a USB Keyboard
Documents
Hacking – Ethical Hacking
Technology
BlackHat Hacking - Hacking VoIP
Internet
Hacking A Professional Alliance
Education
HACKING A CRIME?
Documents