Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

Practical Security for Nonprofits: Spectre and Meltdown With Kris Constable

1.303 visualizaciones

Publicado el

Presentation from NetSquared Vancouver's #Tech4Good Trends event for nonprofits in 2018.

Publicado en: Tecnología
  • Inicia sesión para ver los comentarios

  • Sé el primero en recomendar esto

Practical Security for Nonprofits: Spectre and Meltdown With Kris Constable

  1. 1. Privacy & Security Strategies for Non-Profits Impacts of Meltdown & Spectre By Kris Constable @cqwww
  2. 2. Meltdown & Spectre Speculative execution (what's going to happen next) & side channel attacks (physical, electrical and/or mechanical characteristics – hardware) relating to CPUs (Intel, AMD & ARM) Meltdown: Kernel vs Userland Spectre: Segmentation between applications ... A helpful reminder you need a privacy & security strategy
  3. 3. What can you do? Have an organizational strategy and ensure compliance by measuring compliance
  4. 4. Patch all the things
  5. 5. Masscan & metasploit
  6. 6. Let's go through the layers of the OSI model. CERT suggests upgrading your CPU
  7. 7. Patch your operating systems (server, laptop, phone)
  8. 8. Download the latest version of your browser. I recommend something based off Google Chromium or Mozilla Firefox. I use Iridium and Firefox Focus. For chrome, type this in your URL: chrome://flags/#enable-site-per-process and click “enable” on “Strict site isolation.”
  9. 9. Block JavaScript and Flash by default NoScripts Ablock Plus or Ublock Origin Privacy Badger
  10. 10. Make sure you're using antivirus, including mac/osx users, and are using it properly
  11. 11. Restore from your backups
  12. 12. Or PrivaSecTech on Facebook
  13. 13. Questions? @cqwww