Top Banner
Be Passionate The Hacker’s cookbook MARTIN HALLER, CEO Credit Matters VIII Discovering DNA 2.5
15

The Hacker’s cookbook · krishna1 bostonlife cutedevil2901 Z80937010301zzz 123456789 barbara davidek gitta1 mmamma Centrum.1 jjitka1755 846867708 kocynka 725053777 214316871. Application

Sep 27, 2020

Download

Documents

dariahiddleston
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: The Hacker’s cookbook · krishna1 bostonlife cutedevil2901 Z80937010301zzz 123456789 barbara davidek gitta1 mmamma Centrum.1 jjitka1755 846867708 kocynka 725053777 214316871. Application

Be Passionate

The Hacker’s cookbook

MARTIN HALLER, CEO

Credit Matters VIII Discovering DNA 2.5

Page 2: The Hacker’s cookbook · krishna1 bostonlife cutedevil2901 Z80937010301zzz 123456789 barbara davidek gitta1 mmamma Centrum.1 jjitka1755 846867708 kocynka 725053777 214316871. Application

Martin Haller

Ethical hacker / penetration tester

Cofounder of PATRON-IT s.r.o.

Page 3: The Hacker’s cookbook · krishna1 bostonlife cutedevil2901 Z80937010301zzz 123456789 barbara davidek gitta1 mmamma Centrum.1 jjitka1755 846867708 kocynka 725053777 214316871. Application

Why should I bother with security

Permanent data loss (family photos, cryptocurrency, business data)

Personal discreditation (chats, GPS, camera, microphone, private photos)

Data leakage (NDA, know-how, source codes)

Damage to other subjects (passing a virus)

Page 4: The Hacker’s cookbook · krishna1 bostonlife cutedevil2901 Z80937010301zzz 123456789 barbara davidek gitta1 mmamma Centrum.1 jjitka1755 846867708 kocynka 725053777 214316871. Application

Password security

What is the deal with passwords?

Who knows my passwords?

No, passwords are not equal!

https://haveibeenpwned.com

Page 5: The Hacker’s cookbook · krishna1 bostonlife cutedevil2901 Z80937010301zzz 123456789 barbara davidek gitta1 mmamma Centrum.1 jjitka1755 846867708 kocynka 725053777 214316871. Application

Do you see your password?

sanandreas

supermen

courage

milo211

hozilibe

google66

pukometo

691979danik

neco83

qwertyui

killkitty

adam0915

phillips21

Dom2208que

bookcase

Huh0g012

krishna1

bostonlife

cutedevil2901

Z80937010301zzz

123456789

barbara

davidek

gitta1

mmamma

Centrum.1

jjitka1755

846867708

kocynka

725053777

214316871

Page 6: The Hacker’s cookbook · krishna1 bostonlife cutedevil2901 Z80937010301zzz 123456789 barbara davidek gitta1 mmamma Centrum.1 jjitka1755 846867708 kocynka 725053777 214316871. Application

Application security

Applications have bugs

Bugs are used to infect devices

Usually no user interaction is needed

Page 7: The Hacker’s cookbook · krishna1 bostonlife cutedevil2901 Z80937010301zzz 123456789 barbara davidek gitta1 mmamma Centrum.1 jjitka1755 846867708 kocynka 725053777 214316871. Application

Social engineering security

Outsmarting users

It is you versus a hacker

Page 8: The Hacker’s cookbook · krishna1 bostonlife cutedevil2901 Z80937010301zzz 123456789 barbara davidek gitta1 mmamma Centrum.1 jjitka1755 846867708 kocynka 725053777 214316871. Application

Interactive question

What is this device?

A) Flash drive

B) Keyboard

C) Network card

D) Computer

Page 9: The Hacker’s cookbook · krishna1 bostonlife cutedevil2901 Z80937010301zzz 123456789 barbara davidek gitta1 mmamma Centrum.1 jjitka1755 846867708 kocynka 725053777 214316871. Application

Physical security

Stolen devices

Unattended devices

Lent devices

Page 10: The Hacker’s cookbook · krishna1 bostonlife cutedevil2901 Z80937010301zzz 123456789 barbara davidek gitta1 mmamma Centrum.1 jjitka1755 846867708 kocynka 725053777 214316871. Application

Physical security

What can be found on a PC:

Browser history

Chat history

Documents

Stored passwords

Cookies

Password managers

Certificates

Page 11: The Hacker’s cookbook · krishna1 bostonlife cutedevil2901 Z80937010301zzz 123456789 barbara davidek gitta1 mmamma Centrum.1 jjitka1755 846867708 kocynka 725053777 214316871. Application

Live demo

1. Bug

2. Exploit

3. Vulnerable devices

4. How to profit

Page 12: The Hacker’s cookbook · krishna1 bostonlife cutedevil2901 Z80937010301zzz 123456789 barbara davidek gitta1 mmamma Centrum.1 jjitka1755 846867708 kocynka 725053777 214316871. Application

Summary

IT security is a complex thing

There is no magic pill

It cannot be rated by a questionnaire

Page 13: The Hacker’s cookbook · krishna1 bostonlife cutedevil2901 Z80937010301zzz 123456789 barbara davidek gitta1 mmamma Centrum.1 jjitka1755 846867708 kocynka 725053777 214316871. Application

Protect yourself

Unique passwords + password manager (e.g. LastPass, 1Password)

2FA authentication for important services

Update applications and devices (esp. operating system and web browsers)

Antivirus + firewall

Use common sense

Install just needed applications

Don’t let anyone touch your devices

Encrypt your devices (e.g. Bitlocker, FileVault)

Page 14: The Hacker’s cookbook · krishna1 bostonlife cutedevil2901 Z80937010301zzz 123456789 barbara davidek gitta1 mmamma Centrum.1 jjitka1755 846867708 kocynka 725053777 214316871. Application

Protect yourself (cont.)

Backup your data (e.g. utilize cloud storages)

Have a recovery plan

Page 15: The Hacker’s cookbook · krishna1 bostonlife cutedevil2901 Z80937010301zzz 123456789 barbara davidek gitta1 mmamma Centrum.1 jjitka1755 846867708 kocynka 725053777 214316871. Application

Be Passionate

Any questions?APP Feedback please

Credit Matters VIII Discovering DNA 2.5

THANK YOUMartin HallerPATRON-IT s.r.o.https://[email protected]