Obscurity in Cybersecurity · 2020. 8. 29. · Dark Search Engine for… everything 7

Post on 03-Oct-2020

0 views 0 download

Preview:

Click to see full reader
Report this document
SHARE

transcript

Obscurity in Cybersecurityby Vitaly Ford

Arcadia University

Passwords? Who uses it anyway…

2

Have you been hacked? Let’s see…

https://haveibeenpwned.com/

3

https://haveibeenpwned.com/

Cracking 12 Character and Above Passwords

https://www.netmux.com/blog/cracking-12-character-above-passwords

4

https://www.netmux.com/blog/cracking-12-character-above-passwords

Password Managers to the Rescue!

https://www.lastpass.com/

5

https://www.lastpass.com/

Annoying popup ads? Too many ads on YouTube?

uBlock Origin plugin

https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm?hl=en

6

https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm?hl=en

Dark Search Engine for… everything

https://www.shodan.io/

https://www.exploit-db.com/google-hacking-database

7

https://www.shodan.io/
https://www.exploit-db.com/google-hacking-database

Innovations in… Phishing!

https://stuffwithaurum.blog/2018/09/30/an-innovative-phishing-style/

8

https://stuffwithaurum.blog/2018/09/30/an-innovative-phishing-style/

Rubber Ducky! Wait, what?

https://www.youtube.com/watch?time_continue=29&v=sbKN8FhGnqg

9

https://www.youtube.com/watch?time_continue=29&v=sbKN8FhGnqg

Danger Drone, the Real Dark Knight

https://www.youtube.com/watch?v=iG7hUE2BZZo&t=415s

10

https://www.youtube.com/watch?v=iG7hUE2BZZo&t=415s

Social Engineering: Best Hack

https://www.youtube.com/watch?v=lc7scxvKQOo&t=3s

11

https://www.youtube.com/watch?v=lc7scxvKQOo&t=3s

10 Airports You Can Easily Get Hacked

https://www.cnbc.com/2018/07/17/these-are-the-10-airports-where-youre-most-likely-to-be-hacked.html

12

https://www.cnbc.com/2018/07/17/these-are-the-10-airports-where-youre-most-likely-to-be-hacked.html

VPN to the Rescue!

https://www.privateinternetaccess.com/

13

https://www.privateinternetaccess.com/

Privacy and Social Media…

https://www.bbc.com/news/technology-46456695

14

https://www.bbc.com/news/technology-46456695

Car Hacking

https://www.wired.com/2017/04/just-pair-11-radio-gadgets-can-steal-car/

https://www.esat.kuleuven.be/cosic/fast-furious-and-insecure-passive-keyless-entry-and-start-in-modern-supercars/

https://nakedsecurity.sophos.com/2018/11/30/driver-loses-his-car-to-hackers-twice/

15

https://www.wired.com/2017/04/just-pair-11-radio-gadgets-can-steal-car/
https://www.esat.kuleuven.be/cosic/fast-furious-and-insecure-passive-keyless-entry-and-start-in-modern-supercars/
https://nakedsecurity.sophos.com/2018/11/30/driver-loses-his-car-to-hackers-twice/

Garage Hacking

https://samy.pl/opensesame/

16

https://samy.pl/opensesame/

Capture The Flag Competitions

• https://ctftime.org/

• https://www.nationalcyberleague.org/

17

https://www.nationalcyberleague.org/
https://www.nationalcyberleague.org/

Learn, Repeat, Profit

• PicoCTF write-up: https://s0cket7.com/picoctf-web/

• Crash Course in CS:https://www.youtube.com/playlist?list=PL8dPuuaLjXtNlUrzyH5r6jN9ulIgZBpdo

• All google resources to learn coding and CS, especially for high school & middle school:https://edu.google.com/computer-science/?modal_active=none

• Breaking into the power grid: https://www.youtube.com/watch?v=pL9q2lOZ1Fw&t=1s

• Awesome Hacking:https://github.com/Hack-with-Github/Awesome-Hacking/blob/master/README.md

• News:• https://www.reddit.com/r/netsec/

• https://krebsonsecurity.com/

• https://www.wired.com/category/threatlevel/

• https://news.ycombinator.com/

• Free cybersecurity learning: https://www.cybrary.it/

18

https://s0cket7.com/picoctf-web/
https://www.youtube.com/playlist?list=PL8dPuuaLjXtNlUrzyH5r6jN9ulIgZBpdo
https://edu.google.com/computer-science/?modal_active=none
https://www.youtube.com/watch?v=pL9q2lOZ1Fw&t=1s
https://github.com/Hack-with-Github/Awesome-Hacking/blob/master/README.md
https://www.reddit.com/r/netsec/
https://krebsonsecurity.com/
https://www.wired.com/category/threatlevel/
https://news.ycombinator.com/
https://www.cybrary.it/

Learn, Repeat, Profit

• Security cheat sheets: https://highon.coffee/blog/

• Awesome offensive security: https://github.com/enaqx/awesome-pentest

• Different Hacking Environments: https://github.com/joe-shenouda/awesome-cyber-skills

• Make your own lab:• https://github.com/rapid7/metasploitable3

• https://metasploit.help.rapid7.com/docs/metasploitable-2

• https://www.owasp.org/index.php/Category:OWASP_WebGoat_Project

• I would recommend setting up a few virtual machines and go over exploiting those. For instance, you can set up Metasploitable3 (https://github.com/rapid7/metasploitable3) and Kali Linux (https://www.kali.org/downloads/), then look into videos on youtube like https://www.youtube.com/playlist?list=PLZOToVAK85MpnjpcVtNMwmCxMZRFaY6mT and you can follow along and see the process of pentesting

19

https://highon.coffee/blog/
https://github.com/enaqx/awesome-pentest
https://github.com/joe-shenouda/awesome-cyber-skills
https://github.com/rapid7/metasploitable3
https://metasploit.help.rapid7.com/docs/metasploitable-2
https://www.owasp.org/index.php/Category:OWASP_WebGoat_Project
https://github.com/rapid7/metasploitable3
https://www.kali.org/downloads/
https://www.youtube.com/playlist?list=PLZOToVAK85MpnjpcVtNMwmCxMZRFaY6mT

Contact

Vitaly Ford

fordv@arcadia.edu

https://vford.me

20

mailto:fordv@arcadia.edu
https://vford.me/

Top related

The Centennial of Ohio’s Flag From Obscurity to Esteem Purcell.pdfThe Centennial of Ohio’s Flag ... The emblem has four cursive letter E’s in green ... has a flag with a dark
Documents
Finding Inspiration in Darkness: The Exploration of Obscurity ...Romanticism is comprised of dark symbols and the incomprehensible. People often inaccurately associate darkness with
Documents
Superintendent rose from obscurity, implemented … · Superintendent rose from obscurity, implemented reform ... A Wall Street Journal/NBC ... provides for multiple readers on a
Documents
Security Through Obscurity - Troopers IT-Security Conference...Security Through Obscurity... powered by HTTPS! Peter Frühwirt, SBA Research Sebastian Schrittwieser, FH St. Pölten
Documents
Attempted Portraits: Photography, Obscurity, and the ...
Documents
The arduous saga of Sri S.P. Sampathy from Obscurity
Documents
The Obscurity of the Equimultiples - University of Pittsburghpap7/The Obscurity of the Equimultiples.pdf · The Obscurity of the Equimultiples 557 couraged Galileo to seek a totally
Documents
Darkness. dark·ness 1.the state or quality of being dark 2.absence or deficiency of light 3.wickedness or evil: Satan, the prince of darkness. 4.obscurity;
Documents
Lecture 2 Europe: from obscurity to economic recovery.
Documents
Types of Obscurity in Thomas Hardy's Jude the Obscure and ... · PDF fileTypes of Obscurity in Thomas Hardy's Jude the Obscure and Maurice Blanchot's 114 Obscurity: The Concept and
Documents
VIOLENCE AND OBSCURITY: ASYLUMS AND THE TRANSFORMATIVE JOURNEY FROM
Documents
ANONYMITY, OBSCURITY, AND TECHNOLOGY: RECONSIDERING ...
Documents
SYDO - Secure Your Data by Obscurity
Technology
Logics of authentication, lieing and obscurity · Logics of AuthenticAtion, Lieing And obscurity cOnTEnTs ... well as to Sumerian cuneiform script, which was one of the earliest alphabets.
Documents
Israeli cybersecurity ecosystem · education, health –all critical infrastructures... THE DARK SIDE OF COMPUTERIZATION "There is no dark side of the moon really. Matter of fact
Documents
CYBERSECURITY...• A deep dive into the Dark Web • Clues that someone has stolen your information • Multi-layered cybersecurity approach • Proactive measures to securing data
Documents
Examining Dark Web Trade - Your Cybersecurity Blind Spot
Technology
The Obscurity of Internal Reasons - University of …finlay/OIR.pdfstephen finlay The Obscurity of Internal Reasons philosophers’ imprint – 3 – vol. 9, no. 7 (july 2009) A rival
Documents
Embracing Obscurity - Sample Chapter
Documents
PradeepShrivastava | Sacrifice - The Road to Obscurity
Documents

Copyright © 2018 DOCUMENTS