Explore the cyclical nature of cybersecurity threats in this 50-minute conference talk from HITB GSEC 2017. Delve into the resurgence of worms and SMB vulnerabilities, drawing parallels between 2017 and 2003. Examine the industry's regression from strong security controls to a focus on data access and firewall vulnerabilities. Analyze the obsession with zero-day attacks while basic security measures are neglected, such as leaving SMB ports open to the internet. Learn about current events driving these issues, historical patterns, and essential steps security professionals must take to address these challenges. Gain insights from Nick Biasini's extensive experience in information security, including his work with Talos researching exploit kits and malware campaigns.
Insecurity in 2017 - 0 Days Are the Least of Our Problems
Hack In The Box Security Conference via YouTube
Overview
Syllabus
Intro
Hello WannaCry
Infection Process - Network
Infection Process - Encryption
The Internet's on Fire How WannaCry Went From A Windows Bug To An International Incident
Patch vs Exploitation Microsoft Security Bulletin MS17-010 - Critical
Attacker View
Defense Summary
Backdoor Details
Malware Credential Stealing
Propagation - Exploit Based
Propagation - PSEXEC
Encryption Process
Different Animal
Access Control
Vulnerability Details
Anyone Remember This??
Try Harder!!!!
General Tips
Patching Advice
Network Controls
User Controls
Backup & Restore
Conclusion
Taught by
Hack In The Box Security Conference
