Rodney Beede - Real World Attacks Against Rackspace

you

you

you

you

you

you

so with you that is my right so we start with the milky honking it on here cried out well lock that URL wobble tricky now children get go walk it out and put in lofted package employee graphic

permanent interactive this case for play-doh purchased a sharpie for me I was email about this figure asking for a did this be cantilever so sitting up here grow ticket outfit yeah that was another fifty one as well hard to squeeze through the text but this one had the stuff you've dub case ID'd number nine four eight nine three notification on a big gear rectus user important information required to verify or cancel your account come in one time process if you look at that from a dress rack on space helpdesk notifications at row what that all about right so the king of into the fact that people getting on their phones your phone only has so much space on it

so what's your web you look I'm going to do your funky online interview it's not cut off ones that defense right they're going to see crack face well if you know about the technical parts of how email messages word you still a little less than greater than science but you need to know email I grew up art anything in quote name but in this case they're trying to escape filter but with all that main section and then they had some look at gmail or yahoo that IT cat faculty huggers in there they reply to header filled with hot pink polka rat-faced so this is so you think that it another smartphone with this built-in at home right or maybe

they're on a tablet or maybe they report on their jump up here the more off this test that see it but they're a goal is to be tried for the client but it's an address with difficult to read but they couldn't reach boy egg has revealed to the from directly to Palmer your company at home well well the big credit signal did you know welcome people kind of look for that below to get first leg lamps at that maybe trick take the meat roller from another big penis one stead voicemail at rackspace voicemail calm yeah you know have poor voicemail did you click Nate good that gives you getting nothing like adding we haven't any special partition your heart clock

sound great over fake tickets so this one was David quote directly from the email the other word Rackspace and then over quiet he challenged SEC don't think our marketing keep going to that yeah so I might check with the right so I did one of the ones like your customer security or between Africa credit we did pretty awesome right then if you need to go in and you want to get some Intel to bring back to company Gizem targets Gurkhas you go to the public region profile Vito well you get the public profile before you there's something to call you or connected really bad and I love you sees one they're linked images per view right

meetings more did the public art you don't have to be on the active upon so yes them go long hey going to look in yeah our kids loading like that so I call it one you get this report it blocking them because dr. Miller recon package going to be some executive get for my iPad my favorite little tagline wise ischemic little straight water from the debate all the executives of iPad user fee while device don't have a wreck that you know right that's the treatment that I'm referring to throw atoms good morning good this house for me therefore the attachments of this Noblet living the delete when just plain text you all right so how big deal right well

with the goal was is if the rocket replied oh great now I'm on the one won't cover cases something and they think that I'm their pocket back the exact whoever it was at the hug contact now I've got behind a half one more question trying to think trust me a little bit more then I drop hey give it off this so you're trying to be more sneaky Gideon because no catchments no leaks bring copper to a physical very glad rice fishing ourselves so user wettest rain equal because all-time security groups in addition or looked out past up-and-coming but I see bug didn't that about for at you can either education your pain right long time

what's up just for the keep you home for the other points regarding that oh no you got vegan so then it's always the most effective Waverly but give somewhere to start right so this is one that we actually could conducted ourselves against their own company will use a little info retail we don't tell are talking about it is helping management's work they prove it sign off of in it it was a big downer again this one was like HR it we can qualify have problem copy of unicorn cities more news candidate the day we sell befell that night so what do we do about fishing right none of this came out to be available just today no yep

bill three technologies covers and peptides in there is also the viewmarq technology main base message authentication recording in conformance think it's the longest at two different have two technologies that you can configure in your email system other participating people have email systems computer as well to validate hey didn't even really come from backstage calm or example.com but this is hit by an authorized their recent work whiteboard now with Kevin right main thing you have to realize about that as you print a song you have an anonymous report pretty long slowly it has office go from now reporting report emails that don't have to interconnected you pulley block them well as take them to sit into that they

bought bins in me to graduate head rooms it good looking fine but the hard cookie is that oh yeah there's this one third party that was sitting you know the customer productivity system them we're already pretty keen SATs at a time so you don't want to break your Gmail system look it'll be reasonably couplers or theater employee and it isn't an option that you were cool y'all move work together welcome to our company to manage the ability to welcome you in an apology River consulates before your cousin employees wish it'll fit you know to come from what they

where do you keep the report your plate know how to report just email we have to get posted on her off consultant role you just know Gordon hit attack up then this they're all kind of pocket method to verify the common phonetic yet pump so our into method you something rather than email view hit me find right right back to a hydrogen alright let me correct people do you things like that then if we're having a different plan Patrick Lach have reviews this you can report them to us Hey I took this email and hugged my friend then I realize I should look you know and they'll contact you hopefully does be too afraid to even English madness they

cool bye he's not networked individuals we could get a lot off because we busy and of course deadly diseases supplementing that are keyed up we send out the path we didn't know we don't tell us talk where we doing it from you love leaving us with a free tour tonight maybe like he till the deal and cut that out spin it through and see if it catches how to respond to it what if you are poised you listen factor authentication very helpful film deploy give up many things awkward lets you up you have no application it is the Sloane and happy down group Bobby wasn't mother feet back down but chose Nick doubt I want to sit higher and he's very people

have your funny look at employee wareness training the metrics protectiveness good at you program you have the apartment punching for it I'll let herself number double talk to advertisers whether it's real cop to commune or phylidia you have the number of successful cops how many kind this lot did he ever fully fall for fishing drama credit the number of reported missions in coming time for employees I can record a bit more don't work then you can relation how many little you set it up you how he reported it I think you can click for me how many people gave us the control unit look I sent out your email as a neck you guys how many other

notables the other users 125th the WAP I'm you do that o'clock coming picked up all up securing that it again trends in as fish is trying to get us and the one their colleague by I am I things like that what about though we agree people get a girl fish number one we're colleague piling in are though by email from happy you know it as a win he'll person the teamwork yeah great have like 10 people out he must put it triggered out and shut us down with other hi new economy right that's actually good thing cuz you're envoy we're talking not security are you two boys you live on the training or gonna law and don't each

other hated this watch out for it I got to be very positive like what are they doing actually that little Street a long time to cut it brother right you're going on in that topic these off amplification this is another pack that you see in her face and the primary goal is to turn to come from I teach them go but they pass out cover this instant talked about the target actually wanted rockfish Iraq they talk to her they actually found grass babies were compiled by other that were left exposed and they use that because it take our businesses you locking someone else so cause this is really like a firewall rules the one unit laugh you can do the students but

up in ferger's didn't bother with Karl Rove is on this boy you know what feed a lab oh we've got from the boss sorry it's a little off so detection anonymous traffic patterns so you can see it before I haven't but hey look all these different room to drop what you hack it out through unity partners left Narada net our DNS servers are reports whether I speak web you thought that when I gets hit by Craig cold Internet is it a female drug use my back to track that he knew other examples open unit is always S&T column on chemical from unit little bit bigger refuses this have no people held out and why people put it

held up with internet clip that can for that loud example this up maybe but this wouldn't happen are compromised web app WordPress before you can think like that so talk about it whether your Amazon Google's your smaller player did I cross your eye at least you're going to have people either parent to attack you harder than try to compromise any favors Walker possibilities for the top out of people and you have to be able to have it in response Metro lab and try to any detected for that project using recourse demerit on the server on the internet and stuff here has a date court open really great the lot Marshall Ross fill up with people front view log

in there's a lot of the popular box guitar behind hot one you can capture 20 minute public in their prime you get the digital party be course that application log into G Komen might need for her blog amazed you think of all times Medus dictionary word list are there's a Creek big know that trying to get Patrick knocking sighs come on the but remember nothing really there but they're gonna force Emily you know I'd that before even block from ID I just got him out right walk those but that's if we could get good on your caucus we throw because ingredient out new class and stuff like that and those data card and skip me

login page and about provider whatever will be take it so you spent with Bobby corset let them go themselves out or we maybe they're done in the background so that's nice because we'll keep monitoring compromised announced off another one so let's say you see this new party over can be costly battery try to use gifted walking like you've got nothing get them around but easily successful walk my temper now we will have I eaten fresh Calvin still logging brother account right that's pretty good unity really give a customers that he password you can get you can have to go in car purchases that happen actually so then it now put the customer problem pretty informal attributed to something

we've offered two years but poppers and really watch it so get on your copy my pepper announced I didn't find it about moment ago about those these boards wallet in rising yeah pack he if it was the log in every he is a triangle just walk against other news off pivot e-mailing town that step there great flat like that but all of them that's one of the backroom allows them to remember to keep you again takes running a hundred percent like well we hunt at their account manager and asking if we just want a lot more cells you also are we to verify for customer hey did you really want to spit up you know twenty

keep us into the price and something really good enough regard but if you're not not a good thing so are the customer you can I'm going to deal in the month right - maybe just wrap it up with axiomatic one to mine whatever they've cut these into radar which we get caught right away because we don't want it built in the mouth they come and complain so we have a whole project partners that will just use you watch patterns again by copy give him that how are we gonna report to my cheeks are peeking laga I'm kinky well able time you grab this no more consecutive years and nutmeg well actually looking till account you know don't give it up try to

elicit down part of a ticklish difficulty minor you can take that perfect image of activity an hour to you you go pick any other companies everything on there you help them pack in ourselves so the group I work in we will see more vulnerability management or day to day kind of bread butter yeah unit hardest week brother let me get to use well ground at the non PCI stuff one example was the goal of the team

I cook it they screen the head of ally with my eat it I hear a what here

our file a second uses that

our flowerpower quarters right Ricky plug-in we have a popular copper that we use for a big equal and it's pretty fun a lot of couple third-party plugins to install on the beta the one that installed was one the names of JavaScript or groovy groovy is Java Heidi drama get for about ten years full time the pre often on the program groovy prequel so I wrote a ruby script and I did it to a wiki page and then the server excuse my coat so I got me a nice little let shelter out of that and it does a lot of fun and permeations this was not one actually ended up being a admin you have a special page for whatever key that

will tell you every page that uses this plugin they ran that only page that you can find but I don't really look this run this hall the plugin that was another not good you but this would be aware of you may have passed your make for software of your favorite wiki but how many plugins are there did they review it before the install double checking system there's another great one who use rapid seven school for a lot of our mobility management in scanning and the at acedia that the released a couple month ago now and the original what abilities we've not found by myself it was that any off user that was not a global AG unit to your tool we're going

to get the report and their size which is helps well turns out you can download data that included you to global average copy its the point a developer added hey we need more diagnostic data Phillip add that to the tool so you get the half to another half that's right let's go back so there's only one patch enjoy your old web and passwords banco can add some more on past version and those that hate this other complete column with us or and we want to hold the protect popular that holds in cookie key for my database backup applying proper sub software and they didn't see anything about that and line apple have have how do I take the top we know you

can so I had to contact the vendor didn't have any official supporter they can you change that so I had to make sure we had a good backup the vendor came up with a hidden UI feature that was in there that one proper engineer didn't know about never finished and released so they showed me how to turn that on as I'm going to change the password to anyone and verified that so there's this press denied content to the car security team and hey you got releases you know about this that's what it works with nothing tap out first here's the nice good evening so they learn updated air hydrant released upon it and so if you have a

75-mile can detect by this you can hit up your venue support they have whether they have to step you through video officially preposition of that as a fun one the pipes powder little security to W you also have to well so left up Dario is another fun one where we're testing our own company processes so our goal with the tip to process this your laptop right we had one see how well it caught this word for during this entire the idea is that would use a company loaner laptop around and I was at home chilling at a cafe wait in the office and I've logged into my desktop on the begin get all my work

at around 2.4 a second pick up some hot my drink away right after background so what can I do I know I haven't called a helpdesk okay I'm on my laptop so they're like oh yeah I got my smart phone but what my phone like all right fine phone them before my help desk call them off forever so I content to help deaf you tell me caught that middle security about this alright so I called them up big in his drunken dog before he's before report look oh yes I thought my modem on right now and all pictures weren't there at all came all this deepest delighted to have I logged in device right I'm going

to be getting so our poor victim while she's on the phone never asked why gone hobbies walk in or going like that give your phone laptop the prime program right so the pcs did we put a report request email coming right I get care that you looky so not only that he's like all the cookies report me go to the little down down left kick hot vote they take screenshots of the stolen laptop device home Hawk any email the tone to the victim himself let's go your presence then the victim get the email on their phone and they're all confused what's going on so the victim cause my phone's if this will help get security to us again and it

says I'm having trouble with that reporting them I'm not ready to leave by the way and this very fortunately this great person realized that point but oh they got it realized off that clue that I gave up that the laptops will turn on stuff like that dig around over to the sock and go get some decision from them about getting the procedure kicked off who picked that device off network so the result was of my account and my v10 terminated so my media members no longer functional the laptop was banned from the network the sock is notified you need the exercise the next day on the work run there's our normal talk handoff meeting them and

they're like they were very discreet didn't want like embarrass me or my colleague they'll put a laptop : no I don't know about this but I should reconsider about doing actually but it they wait to like twist my colleague walked out of the room right so you can't call me like oh girl got done good exercise though so out tonight hold on next day we won get to go to the teachers for a little bit at that point as at home with our I touch up a laptop off you know just not rubber from notes but on like with what you need and if call me better than that well being that prop and that's what we

were ever but didn't realize that so if you could get ahold of me the guac all da still in the day office the next day plug in block up blocks close beaten stolen device and this one it was technically correct right cool cool then I go up to the help desk hey I'm a eighty pounds not working you have to get my past or something guy looked at you all the time these sweet little bzees like look my gosh taking a little like pardon you're like how did this guy get to do it you certainly exist I don't know thing you always see the way with walk right so they try to call my manager to get my

account of Locker from figure it's pretty good stuff right at home procedure eager Gorky did you just look impossible back in them prior to get out from Annette well my manager you know I called off highs today Betty to be around but not anywhere it's like contact with my phone get all my managers manager guess what he didn't know was going on so often they're like well free morning now I guess Drago around did I fall you network up rookie a little pepper good I've never did on my foot my mobile phone get up hey you have no emails on your own no need to go to new County it's a good loss amount office about that eventually

get over again another management even in it got my systems I've walked from the network got my account being able to live it up so I'm going to get all day but I was a good a lesson learned I'm Yuri activities get your marriages you confirm like agrees ways on the calendar everything else they're going to be able to doubt that you really want to employee or you can't to be involved and stuff like that that was a fun one to do us rubber ducky back by product and you might be familiar with that so I came to do for Coach there github repo got that four years ago the string delay in so sometimes you can build up I type out of

screen the Divine Will I can plug in backup keyboard typing freedom to be for you so I've added some code use a little test we're going to walk around the office for people who was up there criminals unlock your desktop right you can look security so I had to do a little like hex editor pics annoyed because some of the key comment because I wanted to work but I main ideas that walk around but I'm not started all looks someone walk with their desk and let them lock right if we're hug his hand and it what with you is that all the monitors your computer has been encrypted that's about I had it before worst version this at

first I got cold on the manager codec we don't need people crying for death so says the heart disappear has been encrypted with the military-grade encryption of brought 13 times to you're hosed looking for you this is only Iraq which operates test loop line below usual print material you can reactivate data your secure the price would have doubled in five days who powered unit a little countdown timer with Donal until the real deal the other the button was start decrypting trainings and it has like bottom to test only not real your computer just government can unlock these some have assistance with this or be helpful to get feel like to help desk we're doing this as well is getting call

people migrated out of whatever the code wasn't much most of us going to comments so Robert I can create a user that resolve to render steps on two different days different kinds they'll enter cop one system others look for the rock have a large office your desk so so that could recall the doctor really murdered that go to step way you want dispute their Glock like you look like they're like try now to walk tell what's going on in the block kind of come on there's actually really positive thing with that use annex I find up all right pretty cool yet people would have learned that they walk another way the next one thing we get to do is capture the black for

developers so as we have kind of a developer conference for Iraqis it from San Antonio and so if you're this we actually had a crappy the foggy put ads out 34 players properties I did it your cause rewarded for them get without proper security ID area more current solution group thing do you have a web app go to build a shimmery crypto he kept my office's before we left we put that budget before where screens the particular content that I wrote for his capture the flag was a new - point P 15 and so I picked the wrong code execution line an idea that for the template we an idea grass net dip deep under services out of

the West River you get to the breathing up the room nothing there right what make this die so the idea of a walker with that give you the source of that page the image or heat and that felt great over the river because because you don't jar no leaks in the other case where you're up over that then we easily guessed right we're trying to talk developers because you don't think of me knows that me was that quickly so deserve that default template get it girl outfit for the day I'll tell you what and then you I also had a workshop we give for people that were most primary part of it target review beginners poly via legitimate

exploitable Juvia helping Steve on their own laptop practice later if you want you seem creation techniques you hide that let me how we gonna go deep or how happy working software button for my cooking knowledge what are the big that healthy iveco invitation become armor partner they're definitely parts of it as a mess that replication that oppose me they're offering me like that cause he's back at work after you need hot words in show that makes me in the computer that rock station bug

[Music]

but both of our education will be very helpful we use we will probably find is that the whole time is just not as easy use with seamless experience so it's not really widely deployed proper kind of frustrating but it is going to get someone either at home probably more community to help patchy so we probably packing for years you grab you want a building majid management got you packing the Navy lon why is it always so hard to do well because we've had to endure great self-image with the counselors world at back all that right it's like in the day the cloud music file servers what if you have your attention automation is well right I show you have to you know tell

you that you should have already ran the latest pack left side is analytic software build and have testing that to help me they just offer work on the version windows compact or not and nothing it will be kind of black a lot security industries that we have the software review digital or physical call yeah we're ready these patches okay qet not okay to do and then you click call through the web app keeping them grow that's just a scalable right and so one thing we hope to see more of is that the cloud DevOps agreed to have up here I'll be think that DLC more automation for testing within that cut down to speed right the coils tested things you go

right over night note if morning when you grow up with the negative impact or beginning break detection assuming the best at paddock is already in me help you across sometimes soon someone's already you're on a laptop or whatever already inside your network you need to build a flush them out you want to hunt down weekers with your network I get to do my job day today I'll go around looking for the tapping calendar that's not cross credit card you're into my pad right but what we do and it's a good way to find those weak ones because just because your app doesn't have company data no customer data no credit card data doesn't mean attackers not going to use it like you

would have stolen car dealership robbers so they'll try to ecosystem with footholds get around you want and then another hurdle for detection law collection you have a fleet of employed our laptops you can't pull every Windows Event log of the flat profit go simple skim the amounts because each terabytes petabytes of this base data give all cost we enter the location so how do you manage that it's going to be a challenge for many companies that I've worked at is how do we get you blog pages with the morgue how protector they can parse for relevant events on the device yeah give them to you and improve the form try to help cotton too much data now coverage

it did it user awareness you know to constantly occur in need new boys Tom new techniques come out you have to pay developers over again how do you do that in a good way that foster communication with security it would like to do the fishing one with it up so is that necessarily the attitude that you want to will have they're afraid of security catching them got yet yet are you want to go more apply and that's really about let me try to strike fine and view of our system owners it's really awesome when it's disorder comes to us and says hey I've heard about this vulnerability and wondering if we were following aircraft you gave the option that said

we're going to pay you a packet that's pretty awesome right we'll even go over its okay here's some technical code of how to do a beauty tip over time production please and running to be on when your ashiness on what outright and that's pretty cool because they get to do some of the 10 cool geeky simply like to do they like either whether they're going to admin soccer there because like that they like to learn new thing just playin cool stuff like that and the last about different mobility and by the company handling that or not and you can ask for that it's a bit of a cultural shift in front because rusty put them your management

wait for me function internet right

legal aspects I'll look but we find that the more we can be transparent about our security issues with our groups in their bill employees the more and help build trust and public add more than mutated because they don't feel like they're consumed by them are more about what the impact you want you to grow now was there any question

so the question is about our processes and procedures how we capture the test results for that Howie you our lessons are to distribute that so a big part of that is as security groups and cognitive or functional units it will have weekly meetings to discuss different things that come up different next voice and one not as well when we do an exercise we actually write up a full report about that let's get into management I'll get group change levels to go to reviews well take y'all very much

you