This is the last ticket about the BruCOn 2015 so, it contains the presentations for which my notes are not so good 🙂
- experiment to generate threat intelligence with Evernote.
- use Evernote as intelligence repository.
- before buying new commercial solution
- try quick and dirty solution in house
- invest in people &process first, then Products.
Use Evernote as a GTD(Getting Things Done ??)-Based Task Mgmt System.
treat Evernote like a Database
Notebook == Table
Note == Free Form Record
Some words about the infosec in the past and today:
- in 1999 the security community was a small community
- things start to change now BUT
the ratios security/it people it’s very low
Some words about the security breaches:
- 99% of the breaches is are due to basic things; BUT the companies are focusing on much complicated
attacks but are forgetting the easy to fill gaps.
- end-users are still the weakest link; for fishing only one click it’s enough to get in inside the it infrastructure
- profiling is difficult BUT targeting the user is muck more easier.
Some words about the security industry:
- security industry is too technology centric.
- we just hope that the technology will solve the problems magically.
- technology it takes over talent.
Some ideas for the defence:
- Disabling local administrator accounts, or randomizing.
- Rotating domain admin account passwords.
- Disallow PowerShell execution for normal users.
- Disallowing executables to be run through TEMP and other directories.
- Network segmentation of user workstations.
- Focus on detection capabilities over anything.
The Cavalry is a organization that is focused on issues where computer security intersect public safety and human life. The areas of focus for The Cavalry are medical devices, automobiles, home electronics and public infrastructure.
How to influence people (a pen test like approach):
- empathizing (replaces finding vulnerabilities)
- enabling changes (replaces exploitation)
known the official structure and the non-official one.
- who is liked
- trusted influencers
- understand the stakeholders
- studies can give you a hint about the way of thinking
- motivation, career ambitions
- how the stakeholders make decisions
- learn how to speak the stakeholders language – cross domain issues
- work the system;
- be adaptive if it didn’t worked
- riding waves, news
- speak their language