Tech Blast: Security

Tech Blast:Security

Michael SauersTech Rodeo

Doane College26-28 July 2012

Who do Ineed to

worryabout?

http://www.flickr.com/photos/12273378@N00/2547546709/

Where?

Address Bar Spoofing

Advanced Persistent Threats

Adware

Arbitrary Command Execution

Arbitrary File Downloads

Array Integer OverflowsBackdoors

Blended Threats

Buffer Overflows

Code Injections

Cookie Disclosures

Cross Site Request Forgery

Cross Site Scripting

Data Aggregation Attacks

Data Exfiltration

Denial Of Service

Directory Traversals

DNS Changes

DNS Poisoning

File Overwrite

Forced Tweet

Format Strings

Frankenmalware

Heap Overflows

Information Disclosures

Keyloggers

Local File Inclusions

Local Stack Buffer Overflow

Malware

Man In The Browser Attacks

Man In The Middle Attacks

Null Byte Injection

Open Redirection

Privilege Escalations

Remote Code Injection

Remote Code Execution

Remote Command Executions

Remote Stack Buffer Overflow

Rootkits

Scareware

Shell UploadsSpyware

SQL Injections

Stack Pointer Underflow

Tojan-Downloaders

Trojans

Viruses

Malvertising

Crimevertising

HTTP Parameter Pollution

Incognito

Blacole

SefnitPhoenix

Eleonore

Bleeding Life

SEO Sploit

CrimePack

Intoxicated

Siberia

IRCBot

Onescan

Hotbar

Zwangi

OpenCandy

GameVance

SideTab

FineTop

ClickPotato CoinMiner

AlureonCycbot

Alureon

Ramnit

SpyEye

Taterf

FakeRean

TaterfConficker

Rimecud

Sality Pdfjsc

Conedex

Poison

Sirefef

FakeCheck

PlayBryte

Dofoil

Citadel

SpyZeus

cutwail

lethic

fivetoone

darkmailer

maazbenghegsendsafe

s_torpig

RedKit

What Are They After?Intro

Personal information is the currency of the underground

economy.

Steal everything

Sort it out laterhttp://www.flickr.com/photos/36448457@N00/4521285655/

There’s no such thing as a secure computer!

Passwordshttp://www.flickr.com/photos/61577908@N00/4750110576/

Passwords http://www.flickr.com/photos/7447470@N06/3839085638/

What makes a good password?

Passwordshttp://www.flickr.com/photos/58442690@N00/2297872691/

Size matters!

Keep up-to-date!

Operating Systems

Browsers

Everything else

Mobile Devices

Anti-virus

How Do You KnowIf You’re Infected?

You don’t!

Your antivirus software is a seat belt, not a force field.-Alfred Huger

Only 1% of all cyberattacks are from

previously unknownthreats.

-Microsoft Report

Simple:If it’s yours, secure it!

If it’s not, don’t trust it!

Social Media

Understand and adjust your privacy

settings

Use HTTPS

Be skeptical of everything

• especially ANYONE asking you for money

Staying Safe Online

If I took your laptop/iPadright now....

What would I have access to?

Staying Safe Online

Security In Libraries

But We’re Just A Library…

83% of victims were

targets of opportunity

92% of attacks were

85% of hacks were

found by a 3rd partyVerizon Data Breach Investigations Report – Fall 2011

IT Security For Libraries

Being bad is easy…

…Security is hard

http://www.flickr.com/photos/vrogy/511644410/

The attacker only needs to succeed once...

-Securosis blog

Common mistakes

Do something…Do anything!

What Does A LibraryNeed To Protect?

Public Access Computers

Inform your patrons:

• Make Sure You Log Out

• Don’t Access Sensitive Sites

• Beware of the "remember me" option

• Don't send personal or financial information via email

• Don't send personal or financial information over unsecure websites

Training

What do you see?

Server Security

Staying Current Schneier on Security : http://www.schneier.com/blog/

Naked Security – Sophos : http://nakedsecurity.sophos.com/

Security FAQs : http://www.security-faqs.com/

SANS Reading Room : http://www.sans.org/reading_room/

Security Now Podcast : http://grc.com/securitynow.htm

FinalThoughts

Thank you!

Michael SauersTechnology Innovation LibrarianNebraska Library Commissionmichael.sauers@nebraska.gov

Special thanks to Blake Carver of LISHost for allowing me to adapt his slides.http://lisnews.org/security/

Tech Blast: Security

Technology

Transcript of Tech Blast: Security

Boston T Security Analysis - The Tech

BLAST MITIGATION RESISTANT PRODUCTS - Arcadia Inc. · BLAST MITIGATION RESISTANT PRODUCTS ... inhabited DoD buildings where no known threat of terrorist ... ISC Security Design Criteria

Network Security Highlights Nick Feamster Georgia Tech.

1993 Ford Ranger - Shield Tech Security

URBASM Blast Motion Sensor Wearable Tech – …...Blast Motion Sensor Wearable Tech – Makes You Better At Anything You Do JULY 2, 2015 BY ERIC J. LEECH About Advertising Contact

Cloud Computing Security Issues - Virginia Tech IT Security Office

Security & Blast Doorsets Product code BFR SD4 · 2020-04-15 · E-Mail: sales@bifoldrolfe.com Website: Tel: (01489) 780099 Security & Blast Doorsets Product code BFR SD4 SD4 Security

2021 Tech M&A Outlook: Information security

BLAST: Guía rápida BLAST. BLAST: Guía rápida .

M-Security Tech Philippines - Product List

Digital security workshop (Tactical Tech)

Tech Data 2011 Application and Data Security Sales … Data Application and Data Security Sales Playbook Tech Data 2011 Application and Data Security Sales Playbook: How to build security

Ultra- Tech Security Solutions, Coimbatore,

Security Teams & Tech In A Cloud World

ENHANCING SECURITY : MITIGATING THREAT · BLAST MITIGATION Abbey Protect’s blast mitigation products, are designed to protect staff and ... ballistic resistant window blinds, window

PC-TECH IT Security Services

FIRST TECH - Security Solutions

TrialPay Security Tech Talk at Stanford ACM

MySQL Tech Tour 2015 - 5.7 Security

Live Op cs security tech brief