www.divedeeperevents.com [email protected] In attending this session you agree that any software demonstrated comes absolutely with NO WARRANTY.
Download ReportTranscript www.divedeeperevents.com [email protected] In attending this session you agree that any software demonstrated comes absolutely with NO WARRANTY.
www.divedeeperevents.com [email protected] In attending this session you agree that any software demonstrated comes absolutely with NO WARRANTY. Use entirely at your own risk. Microsoft Corporation, Quality Training (Scotland) Ltd, Dive Deeper Technology Events EMEA & the other 3rd party vendors whose software is demonstrated as part of this session are not responsible for any subsequent loss or damage whatsoever...You have been warned! Enterprise 1.0 Hierarchy Friction Bureaucracy Inflexibility IT-driven technology / Lack of user control Top down Centralized Teams are in one building / one time zone Silos and boundaries Need to know Information systems are structured and dictated Taxonomies Overly complex Closed/ proprietary standards Scheduled Long time-to-market cycles Enterprise 2.O Flat Organization Ease of Organization Flow Agility Flexibility User-driven technology Bottom up Distributed Teams are global Fuzzy boundaries, open borders Transparency Information systems are emergent Folksonomies Simple Open On Demand Short time-to-market cycles Cybercrime: Vulnerability Exploit Cycle Novice Intruders Use Crude Exploit Tools Crude Exploit Tools Distributed Advanced Intruders Discover New Vulnerability Source: CERT Automated Scanning/Exploit Tools Developed Widespread Use of Automated Scanning/Exploit Tools Intruders Begin Using New Types of Exploits Auction, 8% Other, 9% Retail, 3% Payment Services, 26% Financial, 54% The financial services sector continues to be the most targeted industry sector (APWG) Cybercrime: Latest Trends – Applications are King! http://www.sans.org/top-cyber-security-risks/ Current Cybercrime Trends! 1. Client-side software that remains un-patched. 2. Internet-facing web sites that are vulnerable. 3. Operating systems continue to have fewer remotely-exploitable vulnerabilities that lead to massive Internet worms. 4. Windows: Conficker/Downadup 5. Large increase in Insider Threats http://www.sans.org/top-cyber-security-risks/ Current Cybercrime Trends! 6. Application Vulnerabilities Exceed OS Vulnerabilities 7. Web Application Attacks 8. Apple: QuickTime and Six More 9. Application Patching is Much Slower than Operating System Patching 10.Rising numbers of zero-day vulnerabilities http://www.sans.org/top-cyber-security-risks/ Social Networking: The New Boom Town! Social Networking Systems: Operational Threats • • • 400 Million users (100 Million on Mobile) If Facebook was a country it would be the world’s 4th largest. Average of 130 friends per user More than 45 Million status updates per day More than Two Billion photos and 16 Million videos uploaded per month. That’s twice the amount of YouTube. People spend over 500 billion minutes per month on Facebook 44% of Facebook Users don’t vet Friends! • http://www.facebook.com/press/info.php?statistics • • • • Threats Increased Network Intrusions CSRF (Cross-site Request Forgery) worm (Latest Attack) Cyber Stalking / ID Theft not Cyber Criminals come in 8 Basic Models Largest Growth Sector National Interest Spy Personal Gain Thief Trespasser Personal Fame Curiosity Vandal Script-Kiddy SOURCE: Microsoft and Accenture Author Undergraduate Expert Specialist With special thanks to: BOA, ROMAN VEGA, ROMEO ANTONIO VEGA, MIKE OLDFIELD, JERRY DEEWOOD IGOR ANATOLY TERESCHENKO Floppy Disk – Evidence #4 Unerased file: zakarty-tr1.txt Contents: WaitApp: zakaz.txt - Áëîêíîò App: zakaz.txt - Áëîêíîò |Pos:44x44-772x365| Delay:0:00:01 Mouse: x:308 y:60 butt:Left Delay:0:00:05 Mouse: x:51 y:96 butt:Left Delay:0:00:01 Key:|250||241||251||252|C|253| WaitApp: RenCode 2000 (M) - Database: L:\WORK\zakaz.wok App: Action mode: Magnetic Stripe - Database: zakaz.wok |Pos:193x165-832x604| Delay:0:00:02 Mouse: x:798 y:184 butt:Left Delay:0:00:02 Mouse: x:778 y:503 butt:Left Delay:0:00:01 Key:|252|V|253||9| WaitApp: zakaz.txt - Áëîêíîò Boa Factory Services Expansion of assortment and change of the prices will be published soon. Do not miss special short-term actions! - The process of ordering is explained on every single page down here. - Any corrections, more precise on every order we settle along the way. We give unique order number for every client. You can always see your order status here. - Read Policy of Boa Factory before making the order. - There are few services that we recommend to use from other vendors. We recommend you buying cards data (standard and CVV) from Script and different services from trusted sellers. Policy of Boa Factory - We do NOT responsible for amount of money available on dumps we sold, we sell valid dumps, meaning they all checked for decline. So if you do not find 1k on this card we won’t accept any claims. This is basically usual card with cvv2 code, the only difference between any other cards is that you have the ability to go to the web site of the bank where the card has been issued and by entering the login and password information you'll be able to know the current balance on the card, daily charge limits, available credit amount, date of last purchase, but that's not all. You'll also be able to change the cardholder's billing address and the phone number on the card (ex. to the address and telephone # of your drop). The Name and Surname cannot be changed. Why would you need such kind of service? 1. This card is irreplaceable for people who do the shopping, when you have the ability to change the address on the address you need. Which means when shop is sending the stuff you've ordered it can see that the address on the card is exactly the same as the address you're dropping this to. 2. This will also be a great service for those who work with Western Union! This kind of card goes with extra features like SSN and Date of Birth of the owner. You'll also be able to see the daily limits, and current balance. 3. Once again this card maybe a great get-out for those who does the PayPal verification. Because you have online access to the card, you'll be able to see those cents that PayPal will send you for verification. However there is a flip-side of the coin, the card may never enter the PayPal system, this only depends on person professionalism and luck. Here is the current price list: 1. The price of the card with available balance from $1,000 to $3,000 will be $100. This card goes with online access, which means I'm opening and giving you the card out, and you'll be able to change the Address and Phone # on it. 2. The price of the card with available balance from $4,001 to $6,000 will be $150. 3. The price of the card with available balance from $7,001 to $15,000 will be $250. 4. The price of the card with available balance from $16,001 to $30,000 will be $350. Guarantees: Unfortunately there is no guarantees for this kind of service. You change the billing address yourself, I'm giving you the working card, just after that you go to the web site of the bank with the login\password information provided by me, and make yourself sure that the amount of money that we've previously discussed is available on the card. Just after moment you are the only one whos responsible for the card. I can only replace you the card if it has been closed within an hour after you've received it. My recommendation is to only use the card if you have Cyber Terrorism: Botnet Example: Georgian cyber attacks launched by Russian crime gangs 2008 cyber attacks that brought internet traffic to a standstill in Georgia were carried out by civilians and Russian crime gangs. US Cyber Consequences Unit (US-CCU) said the cyber attacks coincided with the Russian military's invasion of Georgia in August 2008! It was almost impossible for citizens and officials to communicate about what was happening on the ground during the military operation. Cyber Terrorism Botnet Example: Georgian cyber attacks launched by Russian crime gangs Wave 1 - The first group involved used botnets, command and control channels, and other resources operated by Russian crime gangs. 11 government websites were felled by the botnets, which directed a torrent of traffic at their targets. A separate source of the cyber attacks came in the form of civilians who willingly installed improvised software that targeted an additional 43 websites operated by Georgia-based news agencies. Engaged Not Engaged Actively Disengaged Hacker Recruitment Process Get Noticed Hacking Contest Tracked at Conferences Advertise via IRC Channels & Websites Apply for Job in Target Company Top Tip: Protect & Survive Top Tip: Generate a Secure Appearance! www.divedeeperevents.com [email protected] www.microsoft.com/teched www.microsoft.com/learning http://microsoft.com/technet http://microsoft.com/msdn Sign up for Tech·Ed 2011 and save $500 starting June 8 – June 31st http://northamerica.msteched.com/registration You can also register at the North America 2011 kiosk located at registration Join us in Atlanta next year