This course aims to explore the state of insecurity in 2017, focusing on the prevalence of worms and SMB vulnerabilities in the cybersecurity landscape. By delving into historical trends and current events, participants will learn about the cyclical nature of security challenges and the importance of basic security measures. The course covers topics such as infection processes, patching strategies, attacker perspectives, malware details, encryption processes, access controls, and vulnerability management. It is designed for security professionals seeking to enhance their understanding of prevalent threats and improve their defensive strategies.
Insecurity in 2017 - 0 Days Are the Least of Our Problems
Hack In The Box Security Conference via YouTube
Overview
Syllabus
Intro
Hello WannaCry
Infection Process - Network
Infection Process - Encryption
The Internet's on Fire How WannaCry Went From A Windows Bug To An International Incident
Patch vs Exploitation Microsoft Security Bulletin MS17-010 - Critical
Attacker View
Defense Summary
Backdoor Details
Malware Credential Stealing
Propagation - Exploit Based
Propagation - PSEXEC
Encryption Process
Different Animal
Access Control
Vulnerability Details
Anyone Remember This??
Try Harder!!!!
General Tips
Patching Advice
Network Controls
User Controls
Backup & Restore
Conclusion
Taught by
Hack In The Box Security Conference
