A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:


Securing Your Network: How to Prevent Ransomware Infection - Jonathan Broche & Alton Johnson Derbycon 2017 (Hacking Illustrated Series InfoSec Tutorial Videos)

Securing Your Network: How to Prevent Ransomware Infection
Jonathan Broche & Alton Johnson
Derbycon 2017

Malware and Zero Day Exploits are a hot topic in the Information Security community as of late. With new variants of ransomware and zero day exploits being released, organizations have been on high alert. It is estimated that the recent 'Wannacry' ransomware affected over 200,000 systems some of which were located in high impact environments (i.e., hospitals and police stations). Similarly, zero day exploit leaks are being released as frequent as we can remember. With black hat groups launching subscription based programs, zero days are more accessible to the public than ever. It is important to know how to best protect yourself and an organization from these threats. Attendees at this talk will be presented with current events, real world examples, and learn best practices that can be put to use immediately to prevent such attacks. In addition, a tool will be released to help aid network administrators in the discovery and prevention of new/unauthorized services being exposed on their external environment. The tool released and demonstrated during the talk will have the priority of securing and/or reducing external network services. The tool will perform port scans against an organization's external-facing assets as a job (i.e., on a daily, weekly, monthly basis), save the results, and cross-reference the results at the time of the next scan. If new services have been discovered that were not previously discovered, the tool will email network administrators and alert them of the newly discovered service(s). By reducing the amount of services that are externally-facing and ensuring that there are no rogue services being made available, an organization can not only reduce their overall attack surface but also reduce their chances of being targeted by zero day exploits.

Jonathan Broche is a computer security professional with over 10 years of hands-on experience in the Information Technology field. He specializes in penetration testing, social engineering and system security configurations.

@g0jhonny, @altonjx

Back to Derbycon 2017 video list

Printable version of this article

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast