Professional Documents
Culture Documents
Pathways
Introduction
• Jeremy Koster
• 20 years in Information / Cyber Security
• Qualifications and industry certifications
• Experience
• Lecturing for IT Masters and CSU for 11 years
Ransomware
• Scourge of modern IT
• Big business
• Accelerating
• Almost as big as BEC (business email compromise)
• Why now?
Used on
• Office 365
• VPN entry points
• Remote access (RDP, Citrix, TeamViewer)
• SSH
• Corporate systems
Vulnerable Perimeter Systems
Vulnerabilities:
• VPN Gateways
• Citrix Servers
• RDP (BlueKeep)
Webservers
• PHP, Log4shell, WordPress
• Webshells
• Pivot into corporate
Email delivery - Emotet
Emotet Campaigns
• Missing wallet
• Termination
• Pay rise
• Invoice
Internal phishing
Google search for interesting files
Credential protection
- Strong passwords
- Varied passwords
- Password manager
- HaveIbeenpwned and similar - monitoring
- Deep Web / Dark Net monitoring
- Off-boarding
- Account cleanup
Multifactor Authentication (MFA/2FA)
- Email verification
- Location
- SMS
- Authenticator (OTP)
- Authenticator (push)
- Yubikey / FIDO
Email filtering and URL re-writing
- Spam filters
- Graylisting
- SPF/DKIM
- DMARC
- Link re-write/proxying
- Not perfect, adds delay
- Keeps a record of visits
- Good if blacklist is current
- Purge capability
- Corporate proxies
Malicious files on workstations
- Antivirus
- Endpoint detection and response
- Application allow-listing
- Limit local admin rights
- Patch Windows
- Patch (Browsers, PDF readers, Office App)
User behaviour
- General staff
- Training
- Security conscious
- Phishing simulations
- Target vulnerable or valuable staff
- Report security to Help Desk
- Staff with special access
- Finance/HR
- IT
- Executives
Perimeter systems
- Vendor advisories
- Third party monitoring
- Patching processes
- VPN appliances
- Citrix, RDP, SSH, VNC
- Web applications
- No console access
Additional IT Masters Resources
Free Short Courses University Subjects
• CISSP (Updated) • Information Security
• Masterclass: Comparative Cloud Technology • Pen Testing
• Project Management Updated: PMBOK7 • Hacking Countermeasures
• Applied Digital Marketing Strategies • Cyberwarfare & Terrorism
• PRINCE2, Scrum, Agile methodologies and more… • Cyber Security Fundamentals
• Dark Web
Postgraduate Courses • Digital Forensics
• Graduate Certificate or Master in Cyber Security • Professional Systems Security
• Graduate Certificate or Master in Business
Administration (Computing) And many more…
• Graduate Certificate or Master in Cloud Computing &
Virtualisation
Attention Attendees:
Remember to type your messages to all panellists and attendees