24
Hacking a Company Igor Beliaiev

Hacking a company

Embed Size (px)

Citation preview

Page 1: Hacking a company

Hacking a Company

Igor Beliaiev

Page 2: Hacking a company

whoami

Security EngineerOWASP Lviv memberIgor Beliaiev

Page 3: Hacking a company

Red TeamingA red team is an independent group that challenges an organization to improve its effectiveness.

Penetration testers assess organization security, often unbeknownst to client staff. This type of Red Team provides a more realistic picture of the security readiness than announced assessments.

(c) Wikipedia

Page 4: Hacking a company

Red Teaming … of the airport security

95% failure rate67 out of 70

Transportation Security Administration test

Page 5: Hacking a company

%companyname

Page 6: Hacking a company

Compliance vs Security

Page 7: Hacking a company
Page 8: Hacking a company

Attack planning

The weakest part in security?

The security level of the system is determined by its most insecure

element

The most valuable information in company?

PEOPLEMONEY CLIENTS

Choosing targetsFinance

IT(backups, access, data)

AccountingInfrastructure Legal

Page 9: Hacking a company

Risks analysis

Technological risks: Malware/viruses/intrusions Cyber attacks Service provider failure Physical security (f.e. loss of devices) Data related vulnerabilities Phishing

Human risks: Human error/mistakes Insider sabotage/theft Lack of skills Lack of knowledge Lack of guidance

Page 10: Hacking a company

Social Engineering Works

Page 11: Hacking a company

Social Engineering Works

Page 12: Hacking a company

Caution - a lot of BLUR inside

Page 13: Hacking a company
Page 14: Hacking a company

Ask to use your USB flash

Page 15: Hacking a company

Let’s go deeper

Page 16: Hacking a company

Is it a feature?

Page 17: Hacking a company

Acting like IT Support

Page 18: Hacking a company

Accounting

Page 19: Hacking a company

Finance

Page 20: Hacking a company

IT support

Page 21: Hacking a company

Change in mindset needed

Page 22: Hacking a company
Page 23: Hacking a company

going inside…SoftServe

Page 24: Hacking a company

[email protected]: ghost-bel


ACL - Philadelphia University€¦  · Web viewEthical hacking. A term used to describe a type of hacking that is done to help a company or individual identify potential threats

ACL - Philadelphia University€¦  · Web viewEthical hacking. A term used to describe a type of hacking that is done to help a company or individual identify potential threats

Documents
Hacking as a Career

Hacking as a Career

Documents
Welcome [growthzonesitesprod.azureedge.net]...Social Media Hacking the mind is easier than hacking a computer Video Video –Hacking a company Hacking the company •Spoof the number

Welcome [growthzonesitesprod.azureedge.net]...Social Media Hacking the mind is easier than hacking a computer Video Video –Hacking a company Hacking the company •Spoof the number

Documents
A Hacking Atlas: Holistic Hacking in the Urban Theater · 2018-12-05 · of hacking and holistic hacking, and hacking spaces (and seven types of hacking spaces, each described below)

A Hacking Atlas: Holistic Hacking in the Urban Theater · 2018-12-05 · of hacking and holistic hacking, and hacking spaces (and seven types of hacking spaces, each described below)

Documents
Company LOGO Search Engine Hacking Steve at SnakeOilLabs dot com

Company LOGO Search Engine Hacking Steve at SnakeOilLabs dot com

Documents
Hacking a USB Keyboard

Hacking a USB Keyboard

Documents
Not Hacking Around: Protecting Your Company from Cyber Attacks

Not Hacking Around: Protecting Your Company from Cyber Attacks

Engineering
Certified Ethical Hacking, Ethical Hacking Exam, Ethical Hacking … · 2020-01-24 · This ethical hacking course puts you in the driver’sseat of a hands-on environment with a

Certified Ethical Hacking, Ethical Hacking Exam, Ethical Hacking … · 2020-01-24 · This ethical hacking course puts you in the driver’sseat of a hands-on environment with a

Documents
Hacking and Anti Hacking

Hacking and Anti Hacking

Technology
Hacking – Ethical Hacking

Hacking – Ethical Hacking

Technology
HACKING A CRIME?

HACKING A CRIME?

Documents
Hacking A Professional Alliance

Hacking A Professional Alliance

Education
Hacking the Company : Risks with carbon-based lifeforms using vulnerable systems

Hacking the Company : Risks with carbon-based lifeforms using vulnerable systems

Technology
Ethical Hacking: Hacking GMail. Teaching Hacking

Ethical Hacking: Hacking GMail. Teaching Hacking

Documents
A UNIX Hacking Tutorial

A UNIX Hacking Tutorial

Documents
Hacking / Hacking Exposed 6: Network Security Secrets & …cdn.ttgtmedia.com/searchMidmarketSecurity/downloads/Hacking... · 153 Hacking / Hacking Exposed 6: Network Security Secrets

Hacking / Hacking Exposed 6: Network Security Secrets & …cdn.ttgtmedia.com/searchMidmarketSecurity/downloads/Hacking... · 153 Hacking / Hacking Exposed 6: Network Security Secrets

Documents
Hacking and Civic Hacking

Hacking and Civic Hacking

Social Media
Hacking & Ethical Hacking

Hacking & Ethical Hacking

Documents
Ethical Hacking Introduction. What is Ethical Hacking? Types of Ethical Hacking Responsibilities of a ethical hacker Customer Expectations Skills

Ethical Hacking Introduction. What is Ethical Hacking? Types of Ethical Hacking Responsibilities of a ethical hacker Customer Expectations Skills

Documents
Why Hacking into Your Company is so Easy

Why Hacking into Your Company is so Easy

Technology
Hacking The Science Behind LinkedIn Company Updates - Sydney 23rd June

Hacking The Science Behind LinkedIn Company Updates - Sydney 23rd June

Documents
Hacking the science behind linked in company updates sydney 23rd june

Hacking the science behind linked in company updates sydney 23rd june

Documents
Hacking - The Beginners Guide to Master The Art of Hacking In No Time - Become a Hacking GENIUS (2016)

Hacking - The Beginners Guide to Master The Art of Hacking In No Time - Become a Hacking GENIUS (2016)

Technology
A Hacking Atlas: Holistic Hacking in the Urban Theatercasci.umd.edu/wp-content/uploads/2019/09/Schuler... · effort, the concepts of hacking and holistic hacking, and hacking spaces

A Hacking Atlas: Holistic Hacking in the Urban Theatercasci.umd.edu/wp-content/uploads/2019/09/Schuler... · effort, the concepts of hacking and holistic hacking, and hacking spaces

Documents
Lessons from Silicon Valley - Company Culture, Growth Hacking, Design Thinking - KMBS - Oct 15 2015

Lessons from Silicon Valley - Company Culture, Growth Hacking, Design Thinking - KMBS - Oct 15 2015

Technology
Hacking a Vga Monitor

Hacking a Vga Monitor

Documents
GROWTH HACKING IS EVERY COMPANY A PUBLISHER?

GROWTH HACKING IS EVERY COMPANY A PUBLISHER?

Documents
Ethical Hacking and Countermeasures- Version 9 Technology -Ethical Hacking and Countermeasures- Version 9 ... Satellite Picture of a Residence K. ... Google Hacking Tool: Google Hacking

Ethical Hacking and Countermeasures- Version 9 Technology -Ethical Hacking and Countermeasures- Version 9 ... Satellite Picture of a Residence K. ... Google Hacking Tool: Google Hacking

Documents
GOOGLE HACKING GOOGLE HACKING

GOOGLE HACKING GOOGLE HACKING

Documents
Growth hacking: How to grow your company, faster

Growth hacking: How to grow your company, faster

Business