Description: Brucon 2011: Pushing in, leaving a present, and pulling out without anybody noticing
The industry is saturated with penetration testing experience and have adapted itself to test organizations using best practice methodologies over the past decade or so. With not a lot of changes happening in the field, organizations find themselves on the defense with not a lot to account for when data breaches happen.
In this presentation we will offer an alternative view of how a security test is done, with a strong focus on data exfiltration techniques employed by advanced attackers and criminals. After an overview of how the initial phases of how an attacker would infiltrate a business (common knowledge), we will explore the targeting considerations when choosing what to look after, as well as advanced techniques for getting the data out without being detected.
Finally, some approaches to data monitoring and control would be proposed in order to mitigate the techniques that are already in place and have affected large organizations
Tags: securitytube , Brucon-2011 , Bru con , hacking , hackers , information security , convention , computer security , Brucon 11 , Brucon , Brucon 2011 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.