- 2021-01-20T23:00:00+00:00
- 2021-01-20T23:00:00+00:00
Digitale Forensik & Incident Response
Aus dem Alltag zweier Cyber Security Analyst*innen bei Kapsch
- 2021-01-18T23:00:00+00:00
- 2021-01-20T23:00:00+00:00
How to spot and defend against adversaries movements in your network
Once the attacker infiltrate to the network they have various goals and targets. Attack can be initiated by phishing or attacker can simply use social engineering technique and gain user credentials. Having stolen credentials there is small step to became domain admin. In situation like this where no exploit is used, and valid credentials play primary role in initial phase of attack SOC have hard time to distinguish from normal traffic. With legit credentials attacker can and will move laterally. During the attack “credential dance” will be used as that is common pattern how to move laterally. In this training we will focus on detections of these movements and techniques. We will use Bloodhound to detect possible movement path. And we will use this knowledge to improve our detections patterns. This training is 90% blue team and 10% red team and 80% technical where time will be spent in lab. After this training you will have knowledge how to detect attacker sneakily moving through the company systems. Table of contents Day 1 Event ID’s – what is important to know What must be logged Where to get logs Which tools to use Lab 1.1 – Event ID’s foundation Logging standard What we really need to log Attack types – commonly used types of attacks What is used by adversaries Which attacks you should test regularly Lateral movement - foundation Lab 1.2 – User session tracking Bloodhound Lab 2.1 Bloodhound foundation Lab 2.2 Bloodhound for defenders Day 2 ATT&CK Mapping How to work with the matrix Practical usages of ATT&CK Common misused tools Lolbin & Lolbas Detection for leaked accounts Lab 3.1 – Tracking for newly created account How to investigate Lab 3.2 – Tracking for misused account Password basics Password hygiene Lab 4.1 – Password cracking Domain password auditing Lab 4.2 – Password auditing Key takeaways Understanding what needs to be monitored Understanding adversaries movement Be confident with ATT&CK matrix Understanding why is important to know the environment Proficient with password auditing Target audience Security manager Chief security analyst Security Operator Security Specialist Security Analyst Requirements Laptop with 60GB of free space, local administrator rights and ability to start VirtualBox or Vmware. Duration: 2 x 8 hours (9am – 5pm) including lunch break and two 15-minutes coffee breaks Maximum number of participants is 20. Workshop will be taught in slovak.
- 2020-12-31T23:00:00+00:00
- 2021-06-29T22:00:00+00:00
Cyber Webinars for students
Cyber webinars for students and teachers
- 2020-12-09T00:00:00+00:00
- 2020-12-11T00:00:00+00:00
CONVERGENCE: Making The European Cybersecurity Competence Network A Reality
CONVERGENCE is a two-day event organised by the four pilot projects, CyberSec4Europe, SPARTA, CONCORDIA and ECHO. The event will highlight to the European cybersecurity stakeholder community - and to anyone interested in the future digital security of Europe - the progress that is being made in harnessing European expertise and resources in the broader context of the proposed legislation relating to a European Cybersecurity Industrial, Technology and Research Competence Centre and a Network of National Coordination Centres. The program consists of an introductory evening session with welcome addresses from the four pilot coordinators followed by a high-level panel discussion comprising representatives from the European institutions. The next one and a half days will provide each pilot the opportunity to demonstrate their achievements and results to date through videos, presentations, tools, panel discussions, and will also feature a series of focus groups that showcase the cooperation between the pilots on certain interrelated cybersecurity topics. FOCUS GROUPS The focus groups areas currently being considered are: Communications Cyber ranges Education Governance JRC Cybersecurity Atlas Roadmapping Threat intelligence in the financial sector Each focus group will start with a short general introduction for those not acquainted with the subject area. The event will conclude on the third day with a wrap-up session involving the four pilot coordinators and a senior ECSO representative. The event will be hosted online and (hopefully!) also in Brussels at the Representation of the State of Hessen to the EU, rue Montoyer 21, B-1000 Brussels.
- 2020-12-02T13:00:00+00:00
- 2020-12-02T17:00:00+00:00
Penetration testing with social engineering
This training and workshop focus on the planning, preparation, implementation and evaluation of security testing using social engineering to identify and address security vulnerabilities.
- 2020-12-02T08:00:00+00:00
- 2020-12-03T12:30:00+00:00
Threat Investigation – A drama in four acts
Cyber attacks are often talked about, what we hear and what we see are damages and the loss of data. The fact of the matter remains that no one really breaks down the attack and narrate “How it happened”. This bootcamp aims to solve 4 real cyber attacks.
- 2020-11-27T11:15:00+00:00
- 2020-11-27T12:00:00+00:00
The History and Future of Cryptography
Information security is practiced for centuries and all along one of the most powerful tools, to keep sensitive information from prying eyes, has been encryption. Seemingly unexciting on the surface, encryption (or lack thereof) has critically influenced the outcome of many wars, revolutions and political plots. From the start of the 21st century we are once again looking at encryption technology capable of revolutionizing information security. The webinar will grant insight into the role of cryptography in worlds history, the coming Quantum revolution and the state of technology.
- 2020-11-19T00:00:00+00:00
- 2020-11-26T00:00:00+00:00
- 2020-11-19T00:00:00+00:00
- 2020-11-19T00:00:00+00:00
European Cybersecurity Month - “Security on the Web - Web Servers and certificates”
Desenvolver as competências dos alunos na área da Cibersegurança Informática no contexto da Segurança de Servidores e Sites Web. Sessão prática de criação de certificado (self-signed) em servidor de testes. Develop students' skills in the area of Computer Cybersecurity in the context of Server and Website Security. Practical session for creating a self-signed certificate on a test server.
- 2020-11-18T23:00:00+00:00
- 2020-11-19T23:00:00+00:00
La protezione cibernetica: Verso la revisione della direttiva NIS (Cyber protection: the revision of NIS Directive )
In a world where the dependence from the information technology is growing day by day, citizens are exposed to serious cyber threats and incidents. To face the challenge of security, the EU intensified its activity in the field of cybersecurity through, among the others, the European Network and Information Security Directive. The Directive aims to improve the defence and security of the member states' critical infrastructure. The core aspects of the Directive are intelligence and prevention to reach an adequate average and uniform level of network security. The NIS Directive is focused on measures, techniques that allow reducing at the same tie risks and the impact of cyber incidents. The Covid-19 pandemic, together with the relocation online of many economic and organizational activities has accelerated the already fast digital evolution. In these circumstances, it is necessary to rethink the cybersecurity of both traditional networks and critical infrastructure. The conference aims is to the promotion of a correct and deep knowledge of the NIS Directive and to start a serious conversation about the revision of the Directive to make it more suitable to the today's needs. The promotion of dialogue and conscious knowledge of the topic it is pivotal to protect the security and the national interests.