SlideShare a Scribd company logo

Open Source Incidents

Cybera Inc., profile picture
Cybera Inc.

The document discusses the prevalence of DDoS attacks, highlighting that they accounted for 28% of all cyber attacks in 2013. It includes a demonstration of the Shellshock exploit and provides commands for implementing a protection signature in DefensePro. Additionally, it mentions the availability of affordable DDoS tools that can be easily accessed and utilized to launch significant attacks.

Technology
Related topics:
Cyber-Security
1 of 10
Download to read offline
1
2
3
4
5
6
7
8
9
10
Open Source Incidents David Hobbs Director of Security Solutions Emergency Response Team DavidH@Radware.com September 2014 Radware Confidential September 2014
DDoS is the Most Common Cyber Attack 2 28% attack of all cyber attacks in 2013 involved a DDoS Source: 2013 Cyber A1acks Trends, Hackmagedon
2013 Attack Motivation - ERT Survey Radware Confidential Jan 2012 Slide 3
DDoS Ring of Fire 4
The Network Topology and DDoS Attacks Server components that are likely to be a1acked by DDoS A1acks 5c
What are we talking about? 6
ShellShock Demo Slide 7
Bash Exploit • This still works with the latest bash update • (X='() { (a)=>' bash -c "echo ls /etc; cat echo") • As does this: • env X="() { :;} ; echo busted" /bin/sh -c "echo stuff” • The following commands will implement a signature in ‘Report Only’ mode in our DefensePro. • • dp signatures-protection filter basic-filters user create ERT-bash2-CVE-2014-6271 -p tcp -c x28x29x20x7b -ct "Normalized URL" -ce "Case Sensitive" -dp http • dp signatures-protection filter advanced-filters user create group_ERT-bash2- CVE-2014-6271 ERT-bash2-CVE-2014-6271 • dp signatures-protection attacks user create 0 -n ERT-bash2-CVE-2014-6271 -f group_ERT-bash2-CVE-2014-6271 -am 0 • dp update-policies set 1 • • The customer should carefully inspect false positive rates of this signature and only afterwards to move it to ‘Block and Report’ mode. Slide 8
Booter DDOS Tools are Cheep Slide 9 h"p://ragebooter.net/members/plans Can be run from any device anywhere - Can be used to create huge dos floods, and more!
Thank You www.radware.com Radware Confidential Jan 2012

More Related Content

PPTX
An experiment in agile threat modelling
DevSecCon
 
PDF
Lateral Movement: How attackers quietly traverse your Network
EC-Council
 
PPTX
External to DA, the OS X Way
Stephan Borosh
 
PDF
BlueHat v18 || Tales from the soc - real-world attacks seen through azure atp...
BlueHat Security Conference
 
PPTX
BlueHat v17 || A Lustrum of Malware Network Communication: Evolution and Insi...
BlueHat Security Conference
 
PDF
SWAT Style – Live Network Crypto Hacking and Exploitation by Kevin Cardwell a...
EC-Council
 
PDF
Anatomy of a Cloud Hack
NotSoSecure Global Services
 
PPTX
BlueHat v17 || All Your Cloud Are Belong to Us; Hunting Compromise in Azure
BlueHat Security Conference
 
An experiment in agile threat modelling
DevSecCon
 
Lateral Movement: How attackers quietly traverse your Network
EC-Council
 
External to DA, the OS X Way
Stephan Borosh
 
BlueHat v18 || Tales from the soc - real-world attacks seen through azure atp...
BlueHat Security Conference
 
BlueHat v17 || A Lustrum of Malware Network Communication: Evolution and Insi...
BlueHat Security Conference
 
SWAT Style – Live Network Crypto Hacking and Exploitation by Kevin Cardwell a...
EC-Council
 
Anatomy of a Cloud Hack
NotSoSecure Global Services
 
BlueHat v17 || All Your Cloud Are Belong to Us; Hunting Compromise in Azure
BlueHat Security Conference
 

What's hot (20)

PDF
Defcon 22-wesley-mc grew-instrumenting-point-of-sale-malware
Priyanka Aash
 
PDF
Bsides NYC 2018 - Hunting for Lateral Movement
Mauricio Velazco
 
PDF
【HITCON FreeTalk 2018 - Spectre & Meltdown 漏洞的修補策略與 risk mitigation】
Hacks in Taiwan (HITCON)
 
PPTX
Enterprise Linux Exploit Mapper (ELEM) Demo
jasoncallaway
 
PDF
MITRE ATT&CKcon 2018: From Technique to Detection, Paul Ewing and Ross Wolf, ...
MITRE - ATT&CKcon
 
PPTX
PHDays 8: Vulnerability Databases. Sifting thousands tons of verbal ore
Alexander Leonov
 
PPTX
Sticky Keys to the Kingdom
Dennis Maldonado
 
PPTX
Living off the land and fileless attack techniques
Symantec Security Response
 
PPTX
BlueHat v17 || Scaling Incident Response - 5 Keys to Successful Defense at S...
BlueHat Security Conference
 
PPTX
Hunting for APT in network logs workshop presentation
OlehLevytskyi1
 
PDF
Automatiza las detecciones de amenazas y evita falsos positivos
Imma Valls Bernaus
 
PDF
CSW2017 chuanda ding_state of windows application security
CanSecWest
 
PPTX
BSidesLV 2016 - Powershell - Hunting on the Endpoint - Gerritz
Christopher Gerritz
 
PDF
The Rising Threat of Fileless Malware
Chelsea Sisson
 
PDF
SELinux Kernel Internals and Architecture - FOSS.IN/2005
James Morris
 
PPTX
Incident Response for the Work-from-home Workforce
Christopher Gerritz
 
PDF
Shamoon
Shakacon
 
PDF
Antivirus is hopeless
Sumedt Jitpukdebodin
 
PDF
MITRE ATT&CKcon 2018: VCAF: Expanding the ATT&CK Framework to cover VERIS Thr...
MITRE - ATT&CKcon
 
PDF
Syrian Malware
Kaspersky
 
Defcon 22-wesley-mc grew-instrumenting-point-of-sale-malware
Priyanka Aash
 
Bsides NYC 2018 - Hunting for Lateral Movement
Mauricio Velazco
 
【HITCON FreeTalk 2018 - Spectre & Meltdown 漏洞的修補策略與 risk mitigation】
Hacks in Taiwan (HITCON)
 
Enterprise Linux Exploit Mapper (ELEM) Demo
jasoncallaway
 
MITRE ATT&CKcon 2018: From Technique to Detection, Paul Ewing and Ross Wolf, ...
MITRE - ATT&CKcon
 
PHDays 8: Vulnerability Databases. Sifting thousands tons of verbal ore
Alexander Leonov
 
Sticky Keys to the Kingdom
Dennis Maldonado
 
Living off the land and fileless attack techniques
Symantec Security Response
 
BlueHat v17 || Scaling Incident Response - 5 Keys to Successful Defense at S...
BlueHat Security Conference
 
Hunting for APT in network logs workshop presentation
OlehLevytskyi1
 
Automatiza las detecciones de amenazas y evita falsos positivos
Imma Valls Bernaus
 
CSW2017 chuanda ding_state of windows application security
CanSecWest
 
BSidesLV 2016 - Powershell - Hunting on the Endpoint - Gerritz
Christopher Gerritz
 
The Rising Threat of Fileless Malware
Chelsea Sisson
 
SELinux Kernel Internals and Architecture - FOSS.IN/2005
James Morris
 
Incident Response for the Work-from-home Workforce
Christopher Gerritz
 
Shamoon
Shakacon
 
Antivirus is hopeless
Sumedt Jitpukdebodin
 
MITRE ATT&CKcon 2018: VCAF: Expanding the ATT&CK Framework to cover VERIS Thr...
MITRE - ATT&CKcon
 
Syrian Malware
Kaspersky
 
Ad

Viewers also liked (9)

PDF
Economic Development and the Cloud: The Alberta Advantage -- Nathan Armstrong...
Cybera Inc.
 
PPT
Cybera - ISAC Update 2010
Cybera Inc.
 
PDF
Communities in the Clouds - Andy Blundell, C3T Action Research Corp.
Cybera Inc.
 
PDF
Ecosys Experiment Engine
Cybera Inc.
 
PPTX
GeoCENS presentation on Angelo Coast Range Reserve Environmental Sensor Obse...
Cybera Inc.
 
PDF
Engineering Operations
Cybera Inc.
 
PDF
Cybera - ISAC
Cybera Inc.
 
PPTX
GeoCENS Source Talk: Results from an Atlantic Rainforest Micrometeorology Sen...
Cybera Inc.
 
PDF
The Future of Net Neutrality: What's at stake for Canadians
Cybera Inc.
 
Economic Development and the Cloud: The Alberta Advantage -- Nathan Armstrong...
Cybera Inc.
 
Cybera - ISAC Update 2010
Cybera Inc.
 
Communities in the Clouds - Andy Blundell, C3T Action Research Corp.
Cybera Inc.
 
Ecosys Experiment Engine
Cybera Inc.
 
GeoCENS presentation on Angelo Coast Range Reserve Environmental Sensor Obse...
Cybera Inc.
 
Engineering Operations
Cybera Inc.
 
Cybera - ISAC
Cybera Inc.
 
GeoCENS Source Talk: Results from an Atlantic Rainforest Micrometeorology Sen...
Cybera Inc.
 
The Future of Net Neutrality: What's at stake for Canadians
Cybera Inc.
 
Ad

Similar to Open Source Incidents (20)

PDF
Advanced System Security and Digital Forensics
Dr. Ramchandra Mangrulkar
 
PDF
Stranger Danger: Your Java Attack Surface Just Got Bigger | JBCNConf 2022
Brian Vermeer
 
PDF
Serverless security: defence against the dark arts
Yan Cui
 
PDF
【HITCON FreeTalk 2021 - SolarWinds 供應鏈攻擊事件分析】
Hacks in Taiwan (HITCON)
 
PDF
Security in serverless world
Yan Cui
 
PDF
DEFCON 27 - ALEXANDRE BORGES - dot net malware threats
Felipe Prado
 
PDF
Tools & techniques, building a dev secops culture at mozilla sba live a...
SBA Research
 
PDF
Cansecwest - The Death of AV defence in depth
Thierry Zoller
 
PPTX
The Log4Shell Vulnerability – explained: how to stay secure
Kaspersky
 
PDF
Attacking antivirus
UltraUploader
 
PDF
UQ_Cybercrime_Professionalism_Lecture_2024_07.pdf
JonathanOliver26
 
PDF
.NET MALWARE THREAT: INTERNALS AND REVERSING DEF CON USA 2019
Alexandre Borges
 
PDF
Formbook - In-depth malware analysis (Botconf 2018)
Rémi Jullian
 
PPTX
C# Production Debugging Made Easy
Alon Fliess
 
PDF
.NET MALWARE THREATS -- BHACK CONFERENCE 2019
Alexandre Borges
 
PDF
Security Development Lifecycle Tools
n|u - The Open Security Community
 
PDF
"Intrusion Techniques (Open Source Tools)" por Ewerson Guimarães por
SegInfo
 
PPTX
The bash vulnerability practical tips to secure your environment
AlienVault
 
PPTX
Nozzle: A Defense Against Heap-spraying Code Injection Attacks
guest101353
 
PPT
Layer 7 Technologies: Web Services Hacking And Hardening
CA API Management
 
Advanced System Security and Digital Forensics
Dr. Ramchandra Mangrulkar
 
Stranger Danger: Your Java Attack Surface Just Got Bigger | JBCNConf 2022
Brian Vermeer
 
Serverless security: defence against the dark arts
Yan Cui
 
【HITCON FreeTalk 2021 - SolarWinds 供應鏈攻擊事件分析】
Hacks in Taiwan (HITCON)
 
Security in serverless world
Yan Cui
 
DEFCON 27 - ALEXANDRE BORGES - dot net malware threats
Felipe Prado
 
Tools & techniques, building a dev secops culture at mozilla sba live a...
SBA Research
 
Cansecwest - The Death of AV defence in depth
Thierry Zoller
 
The Log4Shell Vulnerability – explained: how to stay secure
Kaspersky
 
Attacking antivirus
UltraUploader
 
UQ_Cybercrime_Professionalism_Lecture_2024_07.pdf
JonathanOliver26
 
.NET MALWARE THREAT: INTERNALS AND REVERSING DEF CON USA 2019
Alexandre Borges
 
Formbook - In-depth malware analysis (Botconf 2018)
Rémi Jullian
 
C# Production Debugging Made Easy
Alon Fliess
 
.NET MALWARE THREATS -- BHACK CONFERENCE 2019
Alexandre Borges
 
Security Development Lifecycle Tools
n|u - The Open Security Community
 
"Intrusion Techniques (Open Source Tools)" por Ewerson Guimarães por
SegInfo
 
The bash vulnerability practical tips to secure your environment
AlienVault
 
Nozzle: A Defense Against Heap-spraying Code Injection Attacks
guest101353
 
Layer 7 Technologies: Web Services Hacking And Hardening
CA API Management
 

More from Cybera Inc. (20)

PDF
Cyber Summit 2016: Technology, Education, and Democracy
Cybera Inc.
 
PPTX
Cyber Summit 2016: Understanding Users' (In)Secure Behaviour
Cybera Inc.
 
PPT
Cyber Summit 2016: Insider Threat Indicators: Human Behaviour
Cybera Inc.
 
PPTX
Cyber Summit 2016: Research Data and the Canadian Innovation Challenge
Cybera Inc.
 
PPTX
Cyber Summit 2016: Knowing More and Understanding Less in the Age of Big Data
Cybera Inc.
 
PDF
Cyber Summit 2016: Privacy Issues in Big Data Sharing and Reuse
Cybera Inc.
 
PPTX
Cyber Summit 2016: Establishing an Ethics Framework for Predictive Analytics ...
Cybera Inc.
 
PDF
Cyber Summit 2016: The Data Tsunami vs The Network: How More Data Changes Eve...
Cybera Inc.
 
PDF
Cyber Summit 2016: Issues and Challenges Facing Municipalities In Securing Data
Cybera Inc.
 
PPT
Cyber Summit 2016: Using Law Responsibly: What Happens When Law Meets Technol...
Cybera Inc.
 
PPT
Privacy, Security & Access to Data
Cybera Inc.
 
PDF
Do Universities Dream of Big Data
Cybera Inc.
 
PDF
Predicting the Future With Microsoft Bing
Cybera Inc.
 
PPTX
Analytics 101: How to not fail at analytics
Cybera Inc.
 
PPTX
Are MOOC's past their peak?
Cybera Inc.
 
PPTX
Opening the doors of the laboratory
Cybera Inc.
 
PPTX
Open City - Edmonton
Cybera Inc.
 
PPTX
Unlocking the power of healthcare data
Cybera Inc.
 
PPT
Checking in on Healthcare Data Analytics
Cybera Inc.
 
PPTX
Open access and open data: international trends and strategic context
Cybera Inc.
 
Cyber Summit 2016: Technology, Education, and Democracy
Cybera Inc.
 
Cyber Summit 2016: Understanding Users' (In)Secure Behaviour
Cybera Inc.
 
Cyber Summit 2016: Insider Threat Indicators: Human Behaviour
Cybera Inc.
 
Cyber Summit 2016: Research Data and the Canadian Innovation Challenge
Cybera Inc.
 
Cyber Summit 2016: Knowing More and Understanding Less in the Age of Big Data
Cybera Inc.
 
Cyber Summit 2016: Privacy Issues in Big Data Sharing and Reuse
Cybera Inc.
 
Cyber Summit 2016: Establishing an Ethics Framework for Predictive Analytics ...
Cybera Inc.
 
Cyber Summit 2016: The Data Tsunami vs The Network: How More Data Changes Eve...
Cybera Inc.
 
Cyber Summit 2016: Issues and Challenges Facing Municipalities In Securing Data
Cybera Inc.
 
Cyber Summit 2016: Using Law Responsibly: What Happens When Law Meets Technol...
Cybera Inc.
 
Privacy, Security & Access to Data
Cybera Inc.
 
Do Universities Dream of Big Data
Cybera Inc.
 
Predicting the Future With Microsoft Bing
Cybera Inc.
 
Analytics 101: How to not fail at analytics
Cybera Inc.
 
Are MOOC's past their peak?
Cybera Inc.
 
Opening the doors of the laboratory
Cybera Inc.
 
Open City - Edmonton
Cybera Inc.
 
Unlocking the power of healthcare data
Cybera Inc.
 
Checking in on Healthcare Data Analytics
Cybera Inc.
 
Open access and open data: international trends and strategic context
Cybera Inc.
 

Recently uploaded (20)

PPTX
OMC Textile Division Presentation 2021.pptx
JahangirAlam816069
 
PDF
Univ-Connecticut-ChatGPT-Presentaion.pdf
ry7r52mzb4
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PDF
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PPTX
1. Introduction to Computer Programming.pptx
bonakiduza1024
 
PDF
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PDF
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PPTX
TLE Review Electricity (Electricity).pptx
JayPolicarpio2
 
PDF
Mushroom cultivation and it's methods.pdf
mailmeonrishi
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PDF
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
PPTX
Machine Learning_overview_presentation.pptx
kondavamsidharreddy2
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
OMC Textile Division Presentation 2021.pptx
JahangirAlam816069
 
Univ-Connecticut-ChatGPT-Presentaion.pdf
ry7r52mzb4
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
Teaching material agriculture food technology
LiaRayya
 
Approach and Philosophy of On baking technology
30anthuong17
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
1. Introduction to Computer Programming.pptx
bonakiduza1024
 
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
TLE Review Electricity (Electricity).pptx
JayPolicarpio2
 
Mushroom cultivation and it's methods.pdf
mailmeonrishi
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
Machine Learning_overview_presentation.pptx
kondavamsidharreddy2
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 

Open Source Incidents

  • 1. Open Source Incidents David Hobbs Director of Security Solutions Emergency Response Team DavidH@Radware.com September 2014 Radware Confidential September 2014
  • 2. DDoS is the Most Common Cyber Attack 2 28% attack of all cyber attacks in 2013 involved a DDoS Source: 2013 Cyber A1acks Trends, Hackmagedon
  • 3. 2013 Attack Motivation - ERT Survey Radware Confidential Jan 2012 Slide 3
  • 4. DDoS Ring of Fire 4
  • 5. The Network Topology and DDoS Attacks Server components that are likely to be a1acked by DDoS A1acks 5c
  • 6. What are we talking about? 6
  • 8. Bash Exploit • This still works with the latest bash update • (X='() { (a)=>' bash -c "echo ls /etc; cat echo") • As does this: • env X="() { :;} ; echo busted" /bin/sh -c "echo stuff” • The following commands will implement a signature in ‘Report Only’ mode in our DefensePro. • • dp signatures-protection filter basic-filters user create ERT-bash2-CVE-2014-6271 -p tcp -c x28x29x20x7b -ct "Normalized URL" -ce "Case Sensitive" -dp http • dp signatures-protection filter advanced-filters user create group_ERT-bash2- CVE-2014-6271 ERT-bash2-CVE-2014-6271 • dp signatures-protection attacks user create 0 -n ERT-bash2-CVE-2014-6271 -f group_ERT-bash2-CVE-2014-6271 -am 0 • dp update-policies set 1 • • The customer should carefully inspect false positive rates of this signature and only afterwards to move it to ‘Block and Report’ mode. Slide 8
  • 9. Booter DDOS Tools are Cheep Slide 9 h"p://ragebooter.net/members/plans Can be run from any device anywhere - Can be used to create huge dos floods, and more!
  • 10. Thank You www.radware.com Radware Confidential Jan 2012