さようならです。よろしくお願いします。初めまして、ネストです。スペインから来ました。さらにショートです。よろしくお願いします。よろしくお願いします。ごめんなさい。すみません。私は日本人のことを知っていますが、私は良いことをしました。まず、このアプリのアメリカルに私にこのアプリに彼がここにいることを教えています。私はハッキンに関することを聞いています。そのため、私はここにいることを知っています。私はあなたの国に認識することを愛しています。私はもっと仕事をするために彼はよろしくお願いします。ハッキングワープを話す必要があります。私はテンニクアルを試してみてください。私はあなたを超えないようにしています。まず、こんにちは。私について話します。私はコピューター・サインス・エンジニアーです。私の最も重要な部分は、私は非常に興味の人です。2015年にスクーリーを始めました。私はエンジニアンス・エンジニアンス・リスポンスを作りました。彼らのリスポンスは、何か悪いことが起こり、彼らは全てのものを取り除く必要があります。2019年、私はアリスポンスのためにインターネット・エンジニアンス・エンジニアンス、私のお世話に行ったことができました。それは私はこれを会 beneficial 私はこれを会合している。そして私は何か悪い方を想像されたことができました。私はアランティゴシアンの中で私はアロニアンス・エンジニアンス・アロンをアランティーゴシアンの中にここに生きているそして沖縄の沖縄はとても彼らはとてもとてもとてもとてもとてもとてもとてもとてもとてもとてもとてもとてもとてもとてもとてもとてもとてもとてもとてもとてもとてもとてもとてもだからクリスマスが 誰かが仕事をしていたのかこの人を不能に 使っていたらいいですか例えば スリッピーの人たちが飲み物を飲みより植物を使っているのは 努力を使える場合は 私はネットキッズをオーガナイスして、ボタンメイクをハッキリしています。ハッキリを使っているのですが、サイバーセキュリティとコンピューターハッカーを話しています。このプレゼンテーションは、私のサイバーターのペットです。ここで、ハッキリしています。このプレゼンテーションは、ハッキリしています。ネットキッズをオーガナイスしています。コンピューターハッカーは、サイバーセキュリティとコンピューターハッカーを話しています。普通にオーガナイスしています。最終に心配があり、私の若い人はハッキリしています。シャイバーセキュリティは、私に心配があり、私の若い人はハッキリしています。白のハッキリしています。ハッカースはセキュリティアナリストやエティカル ハッカースや also members of the blue team is also known as like that right There is a gray area in the middle. Those who normally have good intentions but do things in a illegal wayis what we call normally gray hat hackers like for example john snowden if you remember some years ago he he released some papers very interesting papers to the world with a good intention but obviously illegallywell what hackers do normally they create malware or they inject malware in the websites and malware is just so we're intentionally designed to cause damage to computers to clients to persons to networks so whatever and malware has a lot of names probably some of them sounds to youbackdoors try and horses ransomware but then I'm not going to get deep into this as I told you cyber security is a hugefield of study ok so web security is just one of the fields inside of cyber securityso in the real war normally all of the people that are here has at least two identities right the real one which are as personsand the digital one normally conforms with a lot of nicknames accounts and so on around the internet so if you care about security in the real war why not you care about the security in your digital war socyber security is the security in the digital world and web security is just a field specially all that happens through the port 80 or 443 if you are a little bit technical savvy rightthen this slide is intended to blow your mind a little bit ok so there are six interesting facts here the first one say hacking is almost never client client orientedI mean doesn't mind if you have a site with store for kitten or to rice phones for something social something like that they don't mind is they are just crawling internet and finding some vulnerabilities and just if you have that they don't mind what are you doing they just get your siteso normally it happens because you or your company or the company the hosting company or the administrator you have hired for that is not making a good monitoring or maintenance of the site normally ok so that's the most typical reasonanother interesting fact here is that the people doesn't understand what SSL certificate is so let me just explain that SSL certificate is not an anti hacking shield I mean having SSL certificate is not going to protect you to be hacked SSL certificate is only intended to assure the communication from your device to the serverso if there is a hacker hacking your server is going to hack securely now another fact is interesting normally in security we are behind hackers ok so patches and security updates appears almost always after hacking exploitswhich translate means if there is an update or a patch of security means that there are some hackers around the world with information to hack your site because it's updated okand the next one is a latin q quote I always use is something just to give some perspective it means human being fails in latin sounds something like a rare humanist ok so human being fails it means everything you do or we do as humans could failand in turn based on that security will never be 100% effective so if you install a lot of plugins if you have a firewall if you have SSL if you have any of the security things in your site it won't assure 100% effectiveness of security rightit could be 90% or something like that but there is always hours rightthis is a graph just got from some reports we have in sukuri you can visit sukuri.net website you have blog site and also you have some reports this one is very interestingas you can see the WordPress is clearly the most targeted platform internet so this is not meaning that the WordPress is insecure ok that means that is the most targetedit is because also the 34% of the world of the worldwide website and around the world and internet is made by WordPress it's something like one of every threeso but this is interesting the hackers are focused especially in WordPressso now let's go forward to the art of words right we have to put ourselves in the hacker's skin we have to try to think as a hacker as a black hat hacker okand try to understand what they want from our platform what they want from our website ok so let's get into the mind of your enemyfirst of all what the hacker what the black hat hacker wants from my website the common targets are normally users information so if you have users in your site customersif you have a subscriber or something like that they are probably an email address name nicknames and so on those are information that hackers values a lot okuser info is important also the database information everything you put in your website normally is in the database as wellwebsite content if you are selling products like for example plugins or you are selling photographs or something like that normally you have them in your media manager in the WordPress and so onso it is in the in the in your website so maybe hackers are interesting on that as wellinfrastructure is important as well normally people doesn't understand this part because it's a little bit technical but there is people that use your website as a platform for example tocrypto cryptocurrency mining for example ok so or they can use your website but not website your server your server resources for example to attack another one okso infrastructure is also important they may need your website to use it in a botnet as well or they need your reputation so if you work hard during a lot of time toto rise your reputation in the social networks or in the search engines because you need to be in the first position something like thatis a real risk if you get hacked that you can see how your reputation or your hard work to be in the first position in the search engines something like that just vanish in the airso taking care about the reputation is important as wellso there is a quote in the art of war saying something like know yourself and know your enemy and you will win all the battles right so let's know our weaknessesthere is a lot of course but these are the most important the first one is the most important in fact you are we are as users the weakest point alwaysok so you can scan you can be a scam you can use bad passwords you can or easy easy to hack passwords or you can justknow you can just install freemium plugins just because you can you want to save some money and the freemium plugin hasinside a triangle there is a half inside something that hacks your site so at the end we are the weakest pointpassword as I mentioned are vulnerable to brute force attacks for example this image is very typical don't use easy passwords just invest a little bit of time trying toremember good strong passwords or use a second factor of dedication method is another way of making this strongerthere are some leftovers I mean for example you are making a new version of the website and if you want to make easier to yourto the owner of the website to get into the website and check how it's how it is going you normally going to create a very easy to remember loginsomething like admin123 or something like that so when we do that we have to be very careful we have to manage to control this kind of things because the lessovers are other of the main reasons or the main factors or the main vector of infections in the websites so I can hack your site for example just getting into the dash new website website and thenexploiting your password because it was very easy or something like that so if you create this kind of things remember to remove if they are not usedthe other big reason is outdated or vulnerable software so maybe if you are not very technical you don't understand that your website is just a layer of the whole systemso you can be in a hosting a very cheap hosting or something like that where the PHP version for example is very old or the Apache version is also very oldenginex or something like that so having your website in an outdated environment is very dangerous as welland being inside of your site if you have planning you have themes and you don't update them you are putting your site in riskalso as I said there even if they are disabled so if you are not using a planning remove them if you are not using a theme remove itok don't disable or don't just keep there and if you will do that please update anywayso the last one is very obvious just secure your connection avoid public wifi you can be vulnerable to man in the middle hackerspeople that are in public spaces just looking what the people are just transmitting through that networkand you don't know how many information you can gather in just in an hour in a place like a university or like a coffee a Starbucks coffee or something like thatok so let's go into the hacking workers the process so this is a very short slide but let me explain a little bitfirst of all try to imagine your website as a castle and try to imagine your security as a wall around the castle okso a hacker can hack your site if there is a hole in your wall so that hole is what we call vulnerabilityand hackers when they find a hole they click create exploit which is a software that leverage that vulnerabilityand once they get access to your site they inject something they can inject just only final code for example spam thingsspan in the comments spam in your folders in your directory tree directory a backdoor just to get access to the website latereven if you have plugged that vulnerability and using a backdoor you can later inject whatever you wantand use the website as a bot node or inject more final code whatever you wantso all what the hacker needs is a hole in your wall that hole can happen in any momentthere is a lot of networks of black hackers around the world just communicating between themand if any of them just find a hole they gonna exploit thatimassively so they gonna find for example if they now we are in the version of WordPress 5.3 I thinkI think there is a 5.2 or 3 or something like that put 5.2.3 or something like that there is a vulnerability in the coreso they can use it to hack so people or hackers are black hackers are just crawling internet to get all the WordPress not updatedjust to use that hole with exploit so as I said vulnerabilities just a back in the code or a possibility of misuse a legacy codethat can be exploit to perform an atherisa actions within a computer systemexploit is just the software to leverage that vulnerability and the backdoor is just malware injecting your sitethat allows remote execution of code even if you have plugged that vulnerabilityso when you get a backdoor in your site you are boostok this is a very interesting website if you are curious about is the bpscan vulnerability database I think is sponsored by automaticthis is a list of known vulnerabilities so you can check from time to time to check if the plugins you have the version pluginsare vulnerable or there is something around the world a wave of attacks specifically focus in aversion or a specific version that you can see here ok so bpvulnerabilitydatabase.com is very interesting if you are Koreanso let me just show some examples I selected for you there are a lot I have to I had to select just three of themthe first one is defacement probably the most visual the most spectacular one so could you imagine if my website is this oneand tomorrow when I wake up in the morning I see this so I have been defaced ok and this is a real example for examplefor in this case a photographer gallery this is an extract of the website ok look like this and one day just look like thisso could you imagine the stress of the of the customer something like oh I've been haggon could be my reputation gonna begoing to law so it's important ok what happened here if you are curious enough is like the hacker just got into the websitetook a picture of the website and then just code this fancy message in the top of it we name it as an index.htmailand since the majority of the web servers around the world load at first the HTML files instead of PHP onesthis one was the first page when the people try to load the domain just removing the index.htmail was enough to fix this issueor maybe reinstalling the WordPress core foldersthat works in a lot of cases that works so another case for example pet store the day after you can find thisthis is as you can see this a message a political message right is about free Syria people and so on declaring war and so on rightas a bonus I can just show another one I love the design of this oneI really don't understand what this says but it's probably about security thing around the world something probably aboutTarkish people or something like that ok so just summarizing the placement is a partial or full replacement of the website front endvery obvious easy for to detect users can detect it easily than you because you are not visiting your website every day so here thenprovide to them of enough channels to communicate to you so they will help you very a lotespecially it's important that when you can get hack the most important factor is the time so the sooner you get that you have been hackedand you fix that will help to the lose of reputation and will help a lot okscanners also detects very easily at the end is just a matter of awareness social political measures for indications oryou know claiming another example is the black hat seal or spam I mentioned it before for example here we havewell design agency I guess cover the name of the of the agency but for sure the banner is not intended to be there so probably they don't sellviagra probably I don't know that they're probably so what the hackers did is just put that banner in your website so everyone that comes into your website and try to contact yousee that you sell by viagra right or for example this is a cleaning company who got the heater also full of spam is in this case is just textsomething like selling applications in Google Store or something like that but it's clearly a spam right so the result of this if youare if you are if you don't get it soon is this you get banned by Google by other blacklisting vendors and then you can get yourthis fancy tag in the in the Google search results you're in this side maybe hack so your reputation will be affected for sure okhere is another example at the at the left you can see that you can trying to find a website in Google there is this kind of measures like cheap night shoes orsomething like that right and in the right you can see a spam injectively in the in the directories tree. Those that have been highlighted are spamthey inside of them they have just a lot of html web page with spam terms right what is intended here is to target your CEO or yourreputation maybe your competitor just hire this hackers and try to lower your reputation because they want just tosurface you in the in Google or something like that or they want just to not to make you not selling so much as they the detection of this is very easy as well because thespam terms are always more or less the same ones so as I always says here your users right DDOS attacks botnets this is a little bit difficult to understand let me just introduce some definitionsDOS attack is a denial of service which means it's overhauled the application with a huge amount of petitions if you have a person who just get tickets and you put 500 of people giving tickets to that guythe probably the guy gonna collapse okay so a DDOS happens when it is a distributed distributed attack so it's not only a lot of petitions from one point to another point it's a lot of points asking for a service to a websiteand this normally happens because there is a botnet there is a net of computers or a net of websites that has been that have been hacked and they coordinated attack or ask for information to a website okayso this is a graphic but you can just check later if you want so there is a this site north is a real time map of the DDOS attack around the world so here you can see a normal situation just maybe tending to be very calmnormally it's a little bit more busy but in 2016 if you remember all the services the common social network services like for example Netflix twitter whatsapp and so on some others just fell down and it happened because of this a lot ofnotes around the world attack specifically one service which is called a Dean that has been is used by these services around the world that year where also happened also another very famous attack but it was performed byCCTVs ok so this attack looks like something like this this is a graphical representation of a ddo's attack so it's the idea is clear rightwell affect to infrastructure is very difficult to to to point this kind ofof attacks normally because you detect a strange use of resources or you have a fire integrity scanner you have someone dedicated to to check that so the here is recommended to have a wolfa web application firewall ok target normally are just service resources or just to make your side as a zombie noteso we reached the third part of my presentation this is a very quick one what is the what counter measures are recommended ok first of all let's talk that if something bad happens which are the character in this story right first youyou your site the admin and the owner has been has to be notified ok but also your users and clients if there is for example a credit card leak ofin a credit card information leak or if there is something any information that may affect to the for today users information you have in your website or in your platformday you have to you have you and the you have to inform there you have to notify them ok so the second character in this story is a hosting provider normally a hosting provider and normal oneshould give support when you your site is has been hack just because they restore core folders or because they restore a backup or something like that normally the 70% of the security uses issues can be fixed by the support of thehosting provider and after that you can just try to check with a security expert externally or internally likes a crew or any other companies is important to understand that security is nothing isnothing is nothing like a whole right is a is just a lot of liars one in top of the other so the first liar of security as I mentioned before is you because you are the weakest liar so you have to be educated of what you clickwhere you click what is the information they the people need and how and when the second one is your device if you are using a laptop or a mobile phone or something like that has been hack or this virus inside of something like that is another layer you have to protect with an antivirus yourconnection as I mentioned before SSL your website should be behind a website application firewall you have to take care of your credential not only yours but only the credentials you give to your mates or your clientstry to use the second factor of dedication if possible the site security so you should monitor and update your website as much as you can the server security the database and of course is not only just put an eye on them you have tomaintain this you have to do all the whole loop in this security liars is in base system as much as you can so there are some measures normally I divide them in reactive and proactive reactive means that something happened already happened so what we are going to do is just paymitigation and proactive means all the measures that you take before anything bad happens so it's a risk mitigation right reactive measures as I mentioned some of them for example scan your site first to know what happened reactive meansthat already happened something bad so scan first your website I recommend site check but there are some others like for example how do I know if my website have been blacklisted so virus total dot com is a website for thatthen the CRC check remove and change which means for example in this case this is a WordPress users table right so here's there are the users of this website I justprotected those that are like it but those that are not is very they are very straightforward right ACME with key and the picture also helps a lot with no email is an administrator and also has a post whoand there are some others for example the managed BP migration is not a fake admin is just a leftover of a migration process so remove them is your site is not in migration right now and another thing is interesting here isthat this website I think yeah I think that you cannot see here but there is has six six updates and six updates available right so please every time you see you know here in the top of the admin bar something like a number indashboard of you knowtelling you how many updates are available click there and update ok so check remove and change in this case for example check the admin users and remove them also do that with the plugins I havephone a lot of website with sixty plugins is impossible that you need sixty plugins ok even if you are a very very famous magazine you don't need sixty plugins so probably you have a lot of them use but some of themare just disabled because you use seasonal or because you use anytime and then is not needed anymore update your site because updating overwrite the core directories and file so if the infection is in the core directories and files and core files just updating youjust remove the infection right and as a last measure restore a backup keep in mind that restoring a backup could imply a loss of information right because maybe you did a backup three days ago and all the happens all the what happens in the last three days you will lose that ok talking about proactive measures before happening but something bad happening reduce admins plugins and themes do backups updates investing hostingand security and install a waft it is important this slide is very important the more doors you have the higher risk so I always say to cursor what is cursor meansif you are going to do some admin stuff ok have an admin user but if you are going just only to publish user a limited count for that try to remove the number of admins try to contend that applying the themes alsodon't reuse password try to change it periodically and try to use the second factor authentication as I said and this is applied to all liars not only in the VP admin if you have FTP accounts if you have C panel if you havehosting provider account change the password from time to time and if you have been hack another thing that you have to do is change all the password as well okbackups have a backup strategy but never never store the backups in your production server always store them in a in another server another difference outside okclean functional backup will be your preference best friend in a bad day and I want to highlight functional I mean I have phone cases that the people say I know I have a backup I will send to you and when I receive it it's corruptnot disabled so it's not only having backups only know that they are functional update always this is important keep in mind that the cost of getting your website from a hack situation and recover all the informationrecover with in front of your users will be way much more cost that recover your website because it's accidentally shut down because an incompatibility when you update or upgrade your website so this graphic is importantautomatic updates enable for our clients are only important for the 30% the rest of them are just when it's possible when as soon as possible when the client wants or whatever so our black hat cut there is very happy when they find this kind of thingsit's important to invest in security in hosting keep in mind that hosting is the first layer is the first one that protects your website rightI always said if you invest in a sharp hosting keep in mind that you can be in a very noisy neighborhood ok if you want to be in a chalet alone just at your own it's going to be a little bit more expensivehow much of your budget investing web security zero for almost 50% this is important as well so free day for our black hat hackerand the last one WAF the web application firewall is your guard art this is important I'm not going to read all of this but keep in mind that WAF is something like a washing tunnelevery connection goes through like for example you can see here all the connection goes through here then is clean all the bad connection just our drop and then the good ones hit your site so this is very interestingthis is one of the quotes I want to share with you everybody needs a hacker so ありがとうございますif you have any questions here I am