Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin)...
Transcript of Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin)...
![Page 1: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/1.jpg)
13.05.2014 Cybercrime Insights
1
Cybercrime Insights
Notes from the networks beyond
![Page 2: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/2.jpg)
13.05.2014 Cybercrime Insights
2
Introduction - Curesec GmbH
● Technical IT security
● Security Audits
● Tiger Team Audits
● Mobile Phone Audits (Android/iOS)
● Trainings
![Page 3: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/3.jpg)
13.05.2014 Cybercrime Insights
3
Curesec GmbH
● Tools:
● For Security Audits● hbad – Heartbleed Client check
● Vulnerabilities published for instance:
● WhatsApp● Android
● Guidelines for instance:
● Banking Security
![Page 4: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/4.jpg)
13.05.2014 Cybercrime Insights
4
Curesec GmbH
● Office in Berlin
● 7 specialists in different fields
● International projects
![Page 5: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/5.jpg)
13.05.2014 Cybercrime Insights
5
Agenda
● Introduction
● Noteworthy security bugs and scenarios
● APT and Cyberespionage
● Conclusion
![Page 6: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/6.jpg)
13.05.2014 Cybercrime Insights
6
Heartbleed
● Who has not heard of Heartbleed?
● 7th of April
● Major security flaw in the spine of the internet
● Affected versions 1.0.1[abcdef]
● Patched version 1.0.1g or old 0.9.8
● Sleepless nights for admins, security officers and hackers
![Page 7: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/7.jpg)
13.05.2014 Cybercrime Insights
7
What happened?
● Heartbeat -> Extension
● Keeping a session alive
● Process memory data can be dumped from client or server
● Top Ten Internet Sites also affected
● Google, Facebook, Yahoo ...
![Page 8: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/8.jpg)
13.05.2014 Cybercrime Insights
8
Who is affected?
Everyone using the vulnerable software version plus the extension is enabled.
![Page 9: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/9.jpg)
13.05.2014 Cybercrime Insights
9
What is affected?
● Serverside
● Webserver● Databaseserver● Emailserver● VoIP-Systems● VPN● Custom software
![Page 10: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/10.jpg)
13.05.2014 Cybercrime Insights
10
Webserver Example
![Page 11: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/11.jpg)
13.05.2014 Cybercrime Insights
11
What is affected?
● Clientside software:
● Browser● Email clients● VoIP clients● VPN clients● Chat clients ● Custom software linked with openssl vuln version
![Page 12: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/12.jpg)
13.05.2014 Cybercrime Insights
12
w3m Example
![Page 13: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/13.jpg)
13.05.2014 Cybercrime Insights
13
Interesting Data?
● Private keys (Certificates)
● Usernames and passwords
● Sessionkeys and SessionIDs (e.g. Cookies)
● Video- und Voice communication
● VPN keys
● Emails
● Forms of the sites, e.g. banking forms, creditcard forms
![Page 14: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/14.jpg)
13.05.2014 Cybercrime Insights
14
Heartbleed Story 0x01
● Vulnerability is known, admin patches relevant systems.
● During a security check some days later it is found that core systems to the internet are still vulnerable.
● What happened?
![Page 15: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/15.jpg)
13.05.2014 Cybercrime Insights
15
Heartbleed Story 0x01 (Admin)
● The systems were brought to a recent patchlevel. But the patch for the appliance was from April 4th while the vulnerability was from the 7th and there wasn't a newer version until April 11th.
● As a result the vulnerability was brought into the systems as the older/unpatched version were still running with 0.9.8.
![Page 16: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/16.jpg)
13.05.2014 Cybercrime Insights
16
Heartbleed Story 0x01 (Admin)
● 4 Days open attack surface until recognized
● Affected: VPN gateway
![Page 17: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/17.jpg)
13.05.2014 Cybercrime Insights
17
Heartbleed Story 0x02 (Scam)
● Some criminals offering an exploit for HB in version 1.0.1g
● From the style and setup it could be the same guys offering a fake openssh memory leak
● <pastebin>
● Interesting: Scammer is really sending a hb dump back, however, its gained from a different site.
![Page 18: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/18.jpg)
13.05.2014 Cybercrime Insights
18
Heartbleed Story 0x03 (invisible)
● Shortly after the vuln was published, it was rumoured and partly spreaded even through the news that this bug is also that powerful because its invisible.
● Of course this is not true.
● Most probably those statements were made as the bug was not understood completely.
![Page 19: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/19.jpg)
13.05.2014 Cybercrime Insights
19
Heartbleed Story 0x03 (invisble)
● As a result from this wrong assumption and probably some others a 19-year-old canadian student was arrested.
● He successfully hacked the tax office and stole / manipulated 900 entries.
![Page 20: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/20.jpg)
13.05.2014 Cybercrime Insights
20
Industrial Devices aka SCADA
● What happens if our light, water and power supply is disabled?
● We have reached a level of networking devices at which the question rises whether we should go on with networking them.
● This is not anti-technology, this is pro-surviving.
![Page 21: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/21.jpg)
13.05.2014 Cybercrime Insights
21
Industrial Devices aka SCADA
● What is the attack surface?
● Energysector (nuclear, coal, wind, water, sun …)● Water and sanitation● Industrial lines and factories
![Page 22: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/22.jpg)
13.05.2014 Cybercrime Insights
22
Medical Devices
● While working in the industry...
● Medical devices are stillstill dangerous to attach to the network.
● If you run a hospital or something similar:
● Seperate networks● Dont let patients enter the net● Dont use weak wireless crypto
![Page 23: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/23.jpg)
13.05.2014 Cybercrime Insights
23
Agenda
● Introduction
● Noteworthy security bugs and scenarios
● APT and Cyberespionage
● Finish
![Page 24: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/24.jpg)
13.05.2014 Cybercrime Insights
24
APT and Cyberespionage
● Who does remember Stuxnet?
● Ok.
● But do you know:
● Flame (US)● Uroburos (RU)● Careto - The Mask (ES)
![Page 25: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/25.jpg)
13.05.2014 Cybercrime Insights
25
Story behind Stuxnet
● Remember my note about scada security? Well...
● Stuxnet vs. Iranian Nuclear Energy/bomb program
● Fine grained bug which quietly destroyed devices for uranium enrichment
● It not only changed the speed of the devices it also showed the control terminal that everything is normal – sabotage was the goal.
![Page 26: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/26.jpg)
13.05.2014 Cybercrime Insights
26
What is an APT?
● Targeted attack
● Goals:
● Retrieving information (e.g. economic, military)● Espionage● Sabotage● Information isis used for further action
![Page 27: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/27.jpg)
13.05.2014 Cybercrime Insights
27
What is it not?
● It is not internet noise.
● Like SSH brute force● It is not random hacking
● It is not conducted by cybercriminals – backed by .gov
![Page 28: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/28.jpg)
13.05.2014 Cybercrime Insights
28
APT
● So – an APT (Advanced Persistent Threat) is:
● Executed by someone with an agenda● Usually (well) funded● Not compareable with an anonymous or active hacker
group● Attackers:
● Goverments● Freelancers working for goverments
![Page 29: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/29.jpg)
13.05.2014 Cybercrime Insights
29
How do you know it happened?!
● From time to time it is uncovered.
● Flame for instance ranges back to 2004
● More recent APTs:
● „Uroburos“ - 2011● „Careto“ - 2007
![Page 30: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/30.jpg)
13.05.2014 Cybercrime Insights
30
How do you know it was country xyz?
● Of course no country confirms official involvement
● Samples/information in the code
● Artifacts in the code
● Traces on infected systems
● Analysis of the attack's origin
![Page 31: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/31.jpg)
13.05.2014 Cybercrime Insights
31
How do you know it was country xyz?
● What countries are infected most?
● Actions conducted by the software:
● Analysing what it is doing, you find common points in the agenda of countries.
● For instance the Iranian nuclear program's most opposing global players are Israel and the US
![Page 32: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/32.jpg)
13.05.2014 Cybercrime Insights
32
How do you know it was country xyz?
● RedFlag operations
● Yeah...no. There is no gain in not being able to blame someone.
● So traces to goverments exist but it cannot be proven easily.
![Page 33: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/33.jpg)
13.05.2014 Cybercrime Insights
33
Uroburos● Coming from Russia
● Suspected to be related to Agent.BTZ used to attack US Goverment
● Agent.BTZ was used to infect the Department of Defense (DoD) back in 2008
● US said they strongly believe it was conducted by Russia
● We are sure it is a government driven software
![Page 34: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/34.jpg)
13.05.2014 Cybercrime Insights
34
Uroburos
● System infection vector is still unknown
● But, like Agent.BTZ we have several possible ways
● Leave an interesting device(USB Stick, Tablet …)● Social Engineer someone
– Put one of your hot female agents on the target.● Well it is a spy game, pay someone internally to do it● Classic hack conducted through 0day vulnerabilities
![Page 35: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/35.jpg)
13.05.2014 Cybercrime Insights
35
Uroburos
● List of supported files:
● Powerpoint● Excel● Word● Pictures● */*
![Page 36: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/36.jpg)
13.05.2014 Cybercrime Insights
36
Features
● Encrypted Filesystem (vfat / ntfs)
● Hiding activities
● Post-Exploitation Tools
● Tools for network surveilance
● Exfiltrating data via
● HTTP (Browser emulation, with proxy support)● ICMP (Ping payload)● SMTP (Email emulation)
● Peer to Peer Communication – wait what?!
![Page 37: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/37.jpg)
13.05.2014 Cybercrime Insights
37
Peer to Peer
● Peer to Peer Communication
● Between clients in the internal network● Named Pipes are used (RPC)● Gain access to the outerworld
![Page 38: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/38.jpg)
13.05.2014 Cybercrime Insights
38
Uroburos
Exfiltrate data from not internet connected devices
![Page 39: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/39.jpg)
13.05.2014 Cybercrime Insights
39
Careto
● Coming from probably Spain
● Spanish slang for „Ugly Face“ or „Mask“
● Yay, another player joined the field.
![Page 40: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/40.jpg)
13.05.2014 Cybercrime Insights
40
Careto Targets
● Government institutions
● Diplomatics / embassies
● Energy, oil and gas
● Private companies
● Research institutions
● Private equity firms
● Activists
![Page 41: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/41.jpg)
13.05.2014 Cybercrime Insights
41
Careto
● 380 victims
● 31 countries
![Page 42: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/42.jpg)
13.05.2014 Cybercrime Insights
42
Careto
● Spear fishing is the basic infection vector
● Several domains involved
● Trying to look legit
● Infect user by a vulnerable browser
● Public known vuln or zero-day
![Page 43: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/43.jpg)
13.05.2014 Cybercrime Insights
43
Careto
Spear fishing attack
![Page 44: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/44.jpg)
13.05.2014 Cybercrime Insights
44
Protection?
Protection is hard to accomplish
![Page 45: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/45.jpg)
13.05.2014 Cybercrime Insights
45
Agenda
● Introduction
● Noteworthy security bugs and scenarios
● APT and Cyberespionage
● Finish
![Page 46: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/46.jpg)
13.05.2014 Cybercrime Insights
46
The End
„Hope you liked our little journey through the dark side of the networked world.“
![Page 47: Notes from the networks beyond · 13.05.2014 Cybercrime Insights 15 Heartbleed Story 0x01 (Admin) The systems were brought to a recent patchlevel. But the patch for the appliance](https://reader034.fdocuments.in/reader034/viewer/2022050609/5fb06a7bd6b6241692643148/html5/thumbnails/47.jpg)
13.05.2014 Cybercrime Insights
47
Contact