Insecurity in 2017 - 0 Days Are the Least of Our Problems
Hack In The Box Security Conference via YouTube
Overview
Syllabus
Intro
Hello WannaCry
Infection Process - Network
Infection Process - Encryption
The Internet's on Fire How WannaCry Went From A Windows Bug To An International Incident
Patch vs Exploitation Microsoft Security Bulletin MS17-010 - Critical
Attacker View
Defense Summary
Backdoor Details
Malware Credential Stealing
Propagation - Exploit Based
Propagation - PSEXEC
Encryption Process
Different Animal
Access Control
Vulnerability Details
Anyone Remember This??
Try Harder!!!!
General Tips
Patching Advice
Network Controls
User Controls
Backup & Restore
Conclusion
Taught by
Hack In The Box Security Conference