Hi [[ session.user.profile.firstName ]]

Dangers of Using Wordpress in a Corporate Environment

- Britain's Leading Ethical Hacker, Jamie Woodruff -

Jamie will be showing the dangers of not updating plugins while using Wordpress in a corporate environment. He will perform a live hack on a website to show how easy it is to gain access to the wordpress installation through outdated plugins. He will then proceed to password crack the administrator account and then gain access to the Content Management System. He will then proceed to shell the website and gain control over the server. He'll then show if other services are running on there server we can see there configuration files and proceed to export the relevant data and input new administrator accounts within the database.
Recorded Sep 16 2015 40 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Jamie Woodruff, CTO, Patch Penguin
Presentation preview: Dangers of Using Wordpress in a Corporate Environment

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Navigating the Chasm of SIAM-Managing Infrastructure in 2018 Nov 21 2017 3:00 pm UTC 60 mins
    Jeffrey Ritter
    Governments continue to try to regulate cyberspace, often with little effective impact. Security professionals struggle to design and operate infrastructure that will comply with rules written with Semantically Intentional Ambiguous Meaning (SIAM). Learn from the classrooms of one of the world's great universities the new methods for navigating those challenges and putting in place rules that are effective for managing infrastructure.
  • The 2018 Threatscape: Cyber clairvoyance and divination Nov 14 2017 11:00 am UTC 45 mins
    Peter Wood
    What have we learned from 2017's biggest breaches and how will we deal with 2018's emerging threats? Attempting to look both backward and forward over the cyber landscape, Peter Wood will review lessons learned and apply them to the evolving threatscape.
  • Achieving Digital Trust: Turning New Threats into Customer Loyalty Oct 26 2017 2:00 pm UTC 45 mins
    Jeffrey Ritter
    Dynamic, volatile, innovative. Cloud security is all of these and more. How can cloud service vendors turn the constant parade of new threats into a continuing opportunity to increase customer loyalty? How can customers gain trust in their service vendors despite the parade? Learn how in this webcast.
  • Seeing through the Clouds: How Visibility Reduces Security Failures Oct 25 2017 3:00 pm UTC 45 mins
    Dominic Vogel, Chief Security Strategist, Cyber.SC
    As organizations continue to ramp-up their migration to cloud-based environments, they will need to account for the associated security and control risks. There are hidden dangers and blind spots that arise through the use of virtualization technology in the data center. These hidden dangers and blind spots become more prevalent as business-critical applications are increasingly deployed on the public cloud. This is a problem considering that an organization’s operations are dependent on a cloud environment that inherently has a huge visibility gap.

    Many are now making the necessary changes to keep data secure in the cloud. This talk will focus on how to pragmatically accomplish cloud security through increased emphasis on cloud network visibility and cloud access security brokers. Enterprises that can properly implement appropriate cloud network visibility and cloud access security brokers will experience a third fewer security failures. Learn about practical steps and tools that you can use for accomplishing cloud security in your organization.
  • The Future of Cloud Security: Next Generation Threat-based Testing Oct 24 2017 10:00 am UTC 45 mins
    Peter Wood
    If your processing and data is in the cloud, how can you deliver assurance, compliance and governance? How do you find the flaws and soft spots that criminals will exploit? From browser to database, through human factors and end points, this presentation will take a threat-based approach to securing the cloud.
  • Privacy Level Agreement Code of Conduct for CSPs: a compliance tool for GDPR Aug 17 2017 12:00 pm UTC 60 mins
    Paolo Balboni, Founding Partner of ICT Legal Consulting
    Paolo Balboni will discuss in a practical and business oriented way, the new provisions of the GDPR and how the PLA Code of Conduct supports compliance with the forthcoming EU Data Protection Legislation. More precisely, Balboni will highlight the true privacy compliance “game changers” introduced by the GDPR and offer the audience practical inputs on how to set up a sound and effective corporate Data Protection Compliance Programme, which will also include having a PLA in place with Cloud Service Providers.
  • GDPR Privacy Impact and Risk Assessments Aug 17 2017 12:00 pm UTC 45 mins
    Ariel Evans, CEO, InnoSec
    - InnoSec is the winner of the EU commission Horizon 2020 grant based on its innovation in GDPR and cyber risk -

    GDPR is an urgent issue that has companies scrambling to be compliant by May of 2018. Any organization that processes EU citizen data is in scope and the penalties are severe.

    Alignment with the requirements can reduce the chances of triggering a Data Protection Authority (DPA) to investigate a company’s privacy practices after the GDPR takes effect in May 2018. DPAs can impose a fine on companies of up to 4% of annual global revenues for egregious violations of the GDPR. Member states can also add to these fines. The Netherlands, for instance, has more than doubled its own fining capacity to 10% of annual revenues. European privacy advocates are pressuring DPAs to fully exercise these new powers after May 2018.To manage this risk, multinationals should have a means to demonstrate alignment with the GDPR requirements and communication of this program with DPAs that have jurisdiction over their major European operations.

    InnoSec’s GDPR solution provides privacy impact and risk assessments which measure the confidentiality and integrity of the system and the risk associated to it meeting articles 1,2, 5, 32, 35 and 36. Additionally, we provide a readiness gap analysis for managing, planning and budgeting for GDPR.

    Most e-commerce, educational and multi-national organizations process EU citizen data and are in scope for GDPR. Moreover, most organizations are not ready according to Gartner and his means the race to the finish line requires as much automation as you can afford. InnoSec provides a means for companies to save money and time with their GDPR assessment and gap analysis offering.. Our GDPR offering automates the assessment process and provides a gap analysis readiness feature, that also ensures that organizations can plan, budget and manage their GDPR program.

    Come to this webinar to see how it is done.
  • BrightTALK's GDPR Benchmark Special: How Prepared are You for May 2018? Aug 17 2017 10:00 am UTC 60 mins
    Josh Downs, BrightTALK; Stuart McKenzie, Mandiant; Symantec; Nigel Tozer, Commvault & Tim Hickman, White & Case
    9 months until the GDPR deadline - are you completely up-to-speed?

    Our panel of data protection experts will be discussing the compliance considerations that you need to be assessing for May 2018 along with suggesting next steps from a cyber and general security standpoint.

    We'll also be asking YOU at what stage you're at in terms of your preparations via a series of interactive benchmarks as we go through the session to get a sense of where the security community is at in terms of preparations.

    -------------

    GDPR and its May 2018 deadline are now fully the minds of the vast majority of security professionals and with massive fines on the horizon for non-compliance, now is a better time than ever to get to grips with the legislation and ensure that your organisation is secure and compliant.

    It’s vital that your business has carried out the relevant preparations for compliance by then to make sure you don’t get whacked with a huge fine of up to £15m or 4% of your organisation’s global annual turnover.

    Not only are there potentially huge financial repercussions, but leaving your business open to attack and your customers at risk can cause serious reputational damage.
  • The Cost of Insecure Endpoints – New Findings from Ponemon Institute Jul 27 2017 5:00 pm UTC 60 mins
    Dr. Larry Ponemon, Chairman and Founder, Ponemon Institute & Richard Henderson, Global Security Strategist, Absolute
    Just how dangerous, inefficient, and ineffective are the endpoint security solutions used in most organizations today? Ponemon Institute independently surveyed hundreds of IT security professionals to find out — and are ready to share the surprising results in this important webinar.

    On July 27th, join founder and chairman, Dr. Larry Ponemon, and Richard Henderson, global security strategist at Absolute, for an interactive webinar on the results, including:

    • Exposing the largest dangers and greatest inefficiencies with endpoint security management today
    • Average financial and productivity costs associated with insecure systems – and how to mitigate in your organization
    • Steps you can take now to prevent attacks and stay compliant
  • Digital Business is Here - Is your Trust Infrastructure Ready? Recorded: Jul 20 2017 57 mins
    Mike Hathaway, Aaron Davis
    The move to digital business is exposing the limits of existing trust infrastructures. Rapid growth in the number of deployed certificate authorities (CAs). Increased burden on multiple PKI point solutions deployed to address specific problems. And while IT grapples to support tactical implementations of PKI, the demands of digital business overwhelmingly require a more strategic and holistic approach.

    What's required is a centralized yet agile overarching trust framework that can easily accommodate multiple use cases today and in the future.

    This webinar looks at the steps you can take to build an agile trust infrastructure with a centralized PKI deployment.

    * Digital Trust at Scale Learn how to build a PKI that supports endpoint diversity, evolving and multiple use cases and integration with complimentary solutions.
    * Streamline PKI Deployment Discover how a trust infrastructure can be deployed and managed across your organization to mete the requirements of today's dynamic and distributed business models
    * Simplify 3rd Party CA Key Migration Find out how you can migrate certificates from other vendor systems without having to distribute a new trust anchor and without the need to generate new keys and certificates.
  • Petya Ransomware Attacks: Autopsy and Lessons to Learn Recorded: Jul 13 2017 55 mins
    Josh Downs, BrightTALK; Ben Bartle,Barracuda Networks & Amar Singh, Cyber Management Alliance
    The only thing that can stop the security world discussing WannaCry was another large ransomware attack; which is exactly what happened at the end of June in the shape of Petya / notPetya / Goldeneye.

    The attacks compromised several global organisations and hit the headlines worldwide.

    In this session the moderator and panelists will cover the following:

    Where did Petya originate and who was responsible?

    - What halted the spread?

    - Why was it such an effective and newsworthy cyber attack?

    - Should you be worried about something similar happening to your business?

    - What you do to be better prepared to defend against similar ransomware striking again?

    Tune into this session to get the lowdown on where the attacks came from; who was behind them; what they mean for the cyber security industry and how you can improve the protection for your business the next time something similar rolls along.

    PANELISTS:


    - Josh Downs, Senior Community Manager, BrightTALK (moderator)
    - Ben Bartle, Technical Engineer, Barracuda Networks
    - Amar Singh, CEO & Founder, Cyber Management Alliance
  • Building Breach Notification into your IR process post-GDPR Recorded: Jul 12 2017 62 mins
    Jamie Cowper, Director, IBM Resilient, Jessica Cholerton, Product Specialist
    The rise in large scale data breaches has been accompanied by a growing number of data privacy reporting regulations across the world. The latest of these, the General Data Protection Regulation (GDPR) will require companies to notify the regulator of a serious incident within 72 hours.

    Companies therefore need to look at their cybersecurity incident response plans and how technology can be leveraged to improve their ability to detect and respond to security incidents faster.

    Join IBM Resilient on July 12 at 2pm to review how organisations can build in data privacy reporting into their incident response strategy whilst using security automation and orchestration tools to enhance their IR processes.

    Attendees will learn:

    •The latest on breach notifications and GDPR; what actions are expected of organisations if data belonging to EU citizens is compromised.

    •How to operationalise GDPR using automation and orchestration to improve IR processes

    • A broader view of global and vertical data breach reporting requirements.

    •What benefits can be achieved through the deployment of an Incident Response Platform (IRP)
  • [Ask the Expert Q&A] McAfee's Raj Samani on the Petya Ransomware Attacks Recorded: Jul 12 2017 45 mins
    Raj Samani, Chief Scientist, McAfee
    - Interactive audience Q&A -

    Fresh of the heels of WannaCry this week has seen the Petya / notPetya / Goldeneye attacks strike many global organisations in a wave of devastating ransomware attacks.

    Questions need to be raised though:

    - Where did Petya originate and who was responsible?

    - What halted the spread?

    - Why was it such an effective and newsworthy cyber attack?

    - Should you be worried about something similar happening to your business?

    - What you do to be better prepared to defend against similar ransomware striking again?

    Tune in live to this interactive ask the expert webinar with McAfee Chief Scientist Raj Samani as he takes your questions on the attacks and suggests ways that you can defend yourself from similar variations in the future.
  • [VIDEO] CREST President Ian Glover on GDPR & May 2018 Recorded: Jul 6 2017 12 mins
    Josh Downs, Senior Community Manager BrightTALK & Ian Glover, President, CREST
    BrightTALK caught up with CREST president Ian Glover for an in-depth conversation on the current state of information security, today's threatscape and a discussion on the cyber industry.

    Topics up for discussion:

    - GDPR and the preparation that organisations need to implement to remain compliant

    - Steps that professionals can take to make sure that they're in-the-know and up-to-date with the legislation and changes that need to be made

    - The value of improving security culture in an organisation to increase security stature

    - Nationstate attacks and their influence on the cyber security industry

    - AI & machine learning systems and their applications to the security industry
  • [VIDEO] KPN Telecom's CISO Jaya Baloo on Ransomware, the IoT and 'Hacking Back' Recorded: Jul 6 2017 13 mins
    Josh Downs, Senior Community Manager BrightTALK & Jaya Baloo, CISO, KPN Telecom
    BrightTALK caught up with KPN Telecom's Jaya Baloo for an in-depth conversation on the current state of information security, today's threatscape and a discussion on the cyber industry.

    Topics up for discussion:

    - The WannaCry attacks and what it means for the ransomware landscape

    - 'Hacking back' and the ethical considerations that need to be taken

    - Nation state attacks and the future of cyber warfare

    - How to improve security culture amongst your troops on the ground

    - AI & machine learning and how effective the techniques can be when assessing big security data sets

    - The explosion of the IoT and how to protect connected devices and the overall network - from a telecoms standpoint
  • Petya, notPetya or Goldeneye - The Lies, the Truth and What's Coming Next Recorded: Jul 5 2017 54 mins
    Amar Singh, CEO & Founder, Cyber Management Alliance
    Media hype, so called cyber experts and the rest of the delettantes are all out in force trying to decipher what just happened with Petya. Ransomware or not? Script kiddies? Cyber warfare?

    Let's dive into behind the scenes of what may just be the turning point in targeted malware (sorry ransomware) attacks.

    Tune into this session to get the lowdown on where the attacks came from; who was behind them; what they mean for the cyber security industry and how you can improve the protection for your business the next time something similar rolls along.

    You'll also have the chance to ask Amar your Petya or ransomware questions and to get the upper hand defending your organisation.

    -----------------

    Amar Singh:

    CEO & Founder: Cyber Management Alliance & Give01Day.com - Chair of ISACA's UK Security Advisory Group.

    Experienced cyber, information security & data privacy practitioner. Senior C Level Executive, Global Chief Information Security Officer, Expert in Information Risk Management

    UK Government GCHQ Certified Trainer and creator of APMG & GCHQ Certified course CSPE (Cyber Security & Privacy Essentials)

    Creator and trainer of business focused Cyber Incident Planning & Response Course for middle to senior executives. (CIPR)

    Mentor & Trusted Advisor to FTSE 100 Firms, Start-ups & Incubator Funds

    Board Member and Consultant: MBA in Cyber Security. Chair of ISACA Security Advisory Group.

    Author, writer, Industry speaker & presenter
  • Petrified by the Petya Ransomware? Live Q&A session with Pete Wood Recorded: Jul 5 2017 46 mins
    Pete Wood, CEO, First Base Technologies LLP
    - Interactive audience Q&A -

    Fresh of the heels of WannaCry this week has seen the Petya / notPetya / Goldeneye attacks strike many global organisations in a wave of devastating ransomware attacks.

    Questions need to be raised though:

    - Where did Petya originate and who was responsible?

    - What halted the spread?

    - Why was it such an effective and newsworthy cyber attack?

    - Should you be worried about something similar happening to your business?

    - What you do to be better prepared to defend against similar ransomware striking again?

    Tune in live to this interactive ask the expert webinar with First Base Technologies CEO Pete Wood as he takes your questions on the attacks and suggests ways that you can defend yourself from similar variations in the future.

    Tune in and ask away, we'd love to hear your questions!
  • [VIDEO] Why WannaCry Was so Successful Recorded: Jun 29 2017 10 mins
    Josh Downs, Senior Community Manager, BrightTALK & John Bambenek, Manager Threat Systems, Fidelis Cybersecurity
    BrightTALK caught up with Fidelis Security's John Bambenek for an in-depth conversation on the current state of information security, today's threatscape and a discussion on the cyber industry.

    Topics up for discussion:

    - The WannaCry Ransomware and why it was so successful at breaching companies defences

    - Lessons that others businesses can take to prevent similar attacks happening in the future

    - The power and ethics of hacking back in today's cyber security world

    - The rapid growth of the IoT and the vulnerabilities that it faces as more and more devices join the network
  • [VIDEO] Security Culture and the Influence it Can Play on Your Security Stature Recorded: Jun 29 2017 10 mins
    Josh Downs, Senior Community Manager, BrightTALK & Kai Roer, Creator of the Security Culture Framework
    BrightTALK caught up with Kai Roer, the Creator of the Security Culture Framework for an in-depth conversation on security culture and it's value to businesses today. Kai also talks through the findings of the Security Culture Report 2017, which can be accessed via the videos attachments.

    Topics up for discussion:

    - The importance of building a strong culture of security at businesses to add to an overall security strategy

    - How to improve security culture within your organisation

    - GDPR and how to prepare effectively

    - The findings of the Security Culture Report 2017
  • [VIDEO] Machine Learning in Cyber, Ransomware & the Threat Landscape Recorded: Jun 29 2017 8 mins
    Carl Leonard, Principal Security Analyst, Forcepoint
    BrightTALK caught up with Forcepoint's Carl Leonard for a chat
    on the current state of information security, today's threatscape and a discussion on the cyber industry.

    Topics up for discussion:

    - Why AI and Machine Learning aren't the latest buzzwords and have actually been around in the security industry for a while

    - Steps to take to prepare for the GDPR regulations

    - The threats that you need to be worrying about in 2017

    - Why WannaCry was such a signficant batch of ransomware
For Certified Members and Information Security Professionals Globally
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and security skills. It is the owner and developer of the world famous Certified Ethical Hacker (C|EH), Computer Hacking Forensics Investigator (C|HFI) and EC-Council Certified Security Analyst (E|CSA)/License Penetration Tester (L|PT) programs, and various others offered in over 60 countries around the globe.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Dangers of Using Wordpress in a Corporate Environment
  • Live at: Sep 16 2015 1:00 pm
  • Presented by: Jamie Woodruff, CTO, Patch Penguin
  • From:
Your email has been sent.
or close