Hi [[ session.user.profile.firstName ]]

Cleaning Up Your Low Hanging Fruit

Hacker are lazy just like me (you too?), so they often target the low hanging fruity networks first. This session is a how-to for finding and fixing the “low fruit” look you could be giving out to the Internet. Following a simple 3 step fruit raising program, this session might give your network the edge it needs to be skipped when the hackers are out for the low fruit.

Utilizing only Nmap and over 160 scripts that are now included with it, you’ll quickly learn how to scan for low fruit like:
•What do hackers see when they look at your network?
•Do you servers have easily found known compromises?
•Have you checked for vulnerabilities in VMWare, MS SQL server, IIS
and Conflicker?
•Can you locate Bit Torrent running inside your network?
•Is your DNS safe?
•How much info are you leaking via SMTP, SMB, SSH and RPC?
•Can you locate people using scanners inside your organization?
(They could be stealing passwords!)
•How can I get the most fruit raising power for the least work?

Attend this session and find out how to tell if you’re the low fruit and what you can do about fixing your fruit problems. Is your network low hanging fruit?
Recorded Nov 30 2010 53 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Brad Smith
Presentation preview: Cleaning Up Your Low Hanging Fruit

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • [PANEL] Security as a Service Jul 13 2020 3:00 pm UTC 60 mins
    Panelists TBA
    As in-house security becomes increasingly complex and costly, organizations are in need of a reliable and safe security provider. Join industry experts as they discuss the latest trends in SEaaS, including:

    -Why your organisation needs to move towards SEaaS
    -The different models of security as a service
    - SEaaS solutions and strategies
  • Data Privacy in 2020 and Beyond Jun 17 2020 3:00 pm UTC 60 mins
    Panelists TBA
    Is your organization aware of the main differences in data regulations around the world?

    Join this panel of industry leaders for an interactive Q&A roundtable to get a comprehensive look into the different data privacy and security requirements. The panel will also discuss what to expect in 2020 and beyond.

    Viewers will learn more about:
    - What's new on the data privacy and compliance landscape
    - Main differences between data regulations around the world and what this means for your organization
    - Expert recommendations regarding best tools and practices for achieving and maintaining compliance
    - The future of data privacy
    - What to expect in 2020 and beyond
  • [PANEL] Insider Threats Jun 16 2020 5:00 pm UTC 60 mins
    Panelists TBA
    There have been countless insider threat breaches recently, it’s no surprise that research suggests that up to 60% of cyberattacks are due to insider threats. With so much at stake, it's vital for organizations to protect against insider threats.

    Join this interactive panel of industry experts as they discuss:

    -How to protect your organisation from insider threats
    -Latest technologies and solutions
    -Benefits of early and timely detection
  • Election Threats: Ransomware at the State & Local Level May 21 2020 4:00 pm UTC 60 mins
    David Morris
    Crippling ransomware attacks are on the rise and U.S. cities are falling victim at alarming rates. The public sector is especially vulnerable because state and local governments tend to have outdated computer systems and maintain sensitive data which is highly desirable to attackers.

    Join this episode of the Election Hacking series to learn more about the ransomware threat to state and local governments and what this means for the 2020 U.S. presidential election.
    - The year of ransomware
    - How cities and states are coping with the scourge of ransomware
    - The ransomware dilemma: Pay the ransom or fight the infection
    - How AI is enabling - and helping fight - ransomware attacks
    - Ransomware as a threat to democracy

    Moderator: David Morris, Executive Director at Digital Risk Management Institute

    This episode is part of the Election Hacking Original series examining the threats to democratic elections, the technologies used to power and hijack elections, and what's needed to educate and empower voters before Election Day.
  • Cybersecurity Strategy and Leadership for the SMB May 20 2020 4:00 pm UTC 60 mins
    Diana Kelley | Susan Whittemore
    Smaller businesses have a common problem when it comes to cybersecurity - limited expertise, resources and budget.

    The board is asking for, clients are demanding to know whether the company is secure, IT team can't articulate the cybersecurity program, because there isn't one.

    Cybersecurity is sometimes an afterthought for a start-up, or delegated to one engineer. There's a tendency to think of cybersecurity as a set of tactical, technical implementations to cover obvious threats rather than a business problem.

    We'll discuss the role of the CISO in terms of providing the leadership and strategy for a cohesive, risk based program. Ideally, the role is not a technician.

    With an ever-evolving threat landscape and a growing business, where does a business start to build and maintain an affordable program? We'll discuss a baseline program, technologies required, focusing on fewest technologies for maximum benefit.

    This episode is part of The (Security) Balancing Act series with Diana Kelley. Viewers are encouraged to ask questions during the live Q&A.
  • [PANEL] How to Simplify Cyber Risk Management? May 13 2020 3:00 pm UTC 60 mins
    Panelists TBA
    In today’s multi-cloud and hybrid environments, CISO's are struggling to secure assets, manage security policies across clouds, monitor and mitigate risks, while also supporting the business. How are CISOs solving the challenge of complexity?

    Join this panel of experts to learn how to simplify cyber risk management as well as maximize the value of your team and technology.
    - Risk scoring and security controls
    - How to identify risks for organizations and their third-party vendors
    - How to prevent, detect, and respond to, privacy and network security incidents
    - Best of vulnerability and risk management in a multi-vendor environment
    - Best practices and use cases across industries
  • CyberOm - Hacking the Wellness Code in a Chaotic Cyber World May 8 2020 4:00 pm UTC 60 mins
    Jothi Dugar, CISO, NIH Center for Information Technology, Office of The Director
    CyberOm - Hacking the Wellness Code in a Chaotic Cyber World

    Learn how to find peace and happiness within you and around you amidst chaos and understanding how the mind-body-energy connection plays a crucial role in the world of Cyber. Mental health and wellness can be the difference between a Cyber professional and a criminal.
  • Cyber Threats to Elections Apr 28 2020 4:00 pm UTC 60 mins
    David Morris | Mick Baccio | Dave Klein
    With the 2020 U.S. presidential election on the horizon, what are the biggest cybersecurity threats our democracy is facing? How well is the election infrastructure prepared when it comes to cybersecurity, and what are some steps to take today to strengthen the security posture?

    Join this panel to learn more about:
    - The current government threat landscape
    - Which threats can we expect to see in the next few months?
    - Why visibility into the security posture of election infrastructure is key
    - What's needed to ramp up security quickly?
    - Recommendations for enhancing election security

    - Mick Baccio, Security Advisor, Splunk
    - Dave Klein, Sr. Director of Engineering and Architecture, Guardicore

    Moderator: David Morris, Executive Director at Digital Risk Management Institute

    This episode is part of the Election Hacking Original series examining the threats to democratic elections, the technologies used to power and hijack elections, and what's needed to educate and empower voters before Election Day.
  • Balancing Security on Premise and In The Cloud Apr 22 2020 4:00 pm UTC 60 mins
    Diana Kelley | Jon Garside
    Digital transformation - we hear about it all the time, but what does it really mean for security? As organizations transition users, applications, workloads, and data from on-premise into the cloud to improve agility and competitiveness - how does that change their security landscape and threat model? And how can organizations address the challenge of protecting both legacy on-premise systems, while at the same time, also having to secure dynamic multi-cloud-based environment?

    Join today's episode to learn about the reality many organizations are facing when it comes to juggling on prem and multi-cloud security, what the key differences are and how to address them for your organization. The panel will also discuss the following topics:
    - What are the differences between Cloud Security vs On-Premise Security and why do they matter for organizations in 2020?
    - Can we normalize our security posture across the legacy and hybrid/multi-cloud environments?
    - Is it possible to improve security as part of a digital transformation program?
    - What kind of cyber hygiene do we need to practice? What should be added and what can be taken off security teams' plates?
    - Where does DevOps (or DevSecOps) fit into all of this?
    - Are cloud security failures the customer's fault?
    - What is SASE and how will it impact your organization?

    This episode is part of The (Security) Balancing Act series with Diana Kelley. Viewers are encouraged to ask questions during the live Q&A.
  • [PANEL] Email Security Strategies and Solutions Apr 15 2020 3:00 pm UTC 60 mins
    Panelists TBA
    With email security breaches constantly making headlines, it is crucial for organisations to be ahead of the curve. Join this interactive panel of industry experts as they discuss the latest trends in email security and how to prevent becoming the next international headline.

    Join this Q&A panel to learn more about:

    - Emerging trends in email attacks
    - How to stay on top of the latest threats
    - Best solutions to protect your organization
  • Deepfakes, Social & Impact on Elections Recorded: Mar 26 2020 61 mins
    David Morris | John Bambenek | Lance James | Dean Nicolls
    AI-generated fake videos, or deepfakes, are becoming more common, more convincing and easier to create. In the era of social, technically manipulated videos can spread like wildfire.

    This is a particularly sensitive issue in today's politically charged environment. With the 2020 U.S. presidential election on the horizon, foreign interference in elections is a real problem and social media the perfect gateway for sowing misinformation, discord and mistrust.

    Can deepfakes impact the outcome of elections? How easy are they to spot, and do you need a tool for that?

    Join this episode of the Election Hacking series to learn more about the emergence of deepfakes and what can be done to mitigate its impact on elections.
    - The current state of deepfakes
    - How deepfakes can be used in misinformation campaigns
    - Use of deepfakes in cyber crime
    - Social media and the spread of fake videos
    - How tech companies are addressing the scourge of deepfakes (Facebook, Twitter, YouTube)

    - Lance James, CEO of Unit 221B
    - John Bambenek, VP for Security Research and Intelligence at ThreatSTOP
    - Dean Nicolls, VP of Global Marketing, Jumio

    Moderator: David Morris, Executive Director at Digital Risk Management Institute

    This episode is part of the Election Hacking Original series examining the threats to democratic elections, the technologies used to power and hijack elections, and what's needed to educate and empower voters before Election Day.
  • Balancing the Security Workforce Recorded: Mar 25 2020 56 mins
    Diana Kelley | Chris Calvert | Larry Whiteside, Jr. | Gary Hayslip
    The world needs more people in infosec. There are currently about 2.8 million cybersecurity professionals, but roughly 4 million more are needed to close the skills gap.

    So, how are organizations addressing this shortage? What are some of the things organizations are doing when it comes to attracting and retaining cybersecurity talent, but also balancing the workload for the security teams they already have.

    Join today's episode to learn more about the challenges and solutions when it comes to balancing the security workforce.
    - Security skills shortage: Myth vs. Reality
    - Top challenges for security teams
    - Addressing burnout and analyst fatigue
    - How machine learning can help
    - Areas where people are better than AI
    - Building a security culture
    - Removing obstacles and attracting new talent

    This episode is part of The (Security) Balancing Act series with Diana Kelley. Viewers are encouraged to ask questions during the live Q&A.

    - Chris Calvert, Co-Founder & VP Strategy at Respond Software
    - Larry Whiteside, Jr., Veteran CISO & Cybersecurity Thought Leader; Co-Founder & Interim President - ICMCP
    - Gary Hayslip, CISO, Softbank
  • Phases of Incident Response Recorded: Mar 18 2020 64 mins
    Zachery Mitcham, VP and Chief Information Security Officer at The Focus Group
    This webinar is primarily intended for those that are in need of an informational overview on how to respond to information security incidents or have a responsibility for doing so. It will also assist with your preparation for a Computer Security Incident Handling certification
  • Coronavirus Actions and Risks for Tech and Security Leaders Recorded: Mar 13 2020 62 mins
    Dan Lohrmann (Security Mentor, Inc.) | Scott Larsen (Inova Health System) | Earl Duby (Lear Corporation)
    How are state and local governments responding to COVID-19? What are private sector companies doing now? From public health actions to directives for staff, what emergency response steps and risks should be considered?

    Join this webinar for the latest coronavirus playbook roundup and recommendations on how to address the outbreak. Learn the scope of the unprecedented challenges organizations are currently facing. Hear from industry leaders on how they are addressing the COVID-19 outbreak.

    Topics will include:
    - Policy, technology and process steps to take today to protect your workforce and organization.
    - How are orgs dealing with more staff working from home (telework)?
    - What mistakes can be avoided –and how?

    We will close with a Q/A session with the audience.

    - Dan Lohrmann, Chief Security Officer & Chief Strategist at Security Mentor Inc.
    - Scott Larsen, CISO at Inova Health System
    - Earl Duby, CISO at Lear Corporation
  • 2020 Election – Hacking The Vote Recorded: Feb 24 2020 59 mins
    David Morris | Cameron Koffman | Tinatin Japaridze | Lance James
    The inaugural episode of the Election Hacking series will introduce the topic of who, how and why the upcoming 2020 election will be hacked.

    Join this interactive Q&A session to learn more about election hacking, its impact, the various stakeholders, and what if anything, can be done.

    Our unique panel of individuals will bring diverse perspectives to this topic.

    - Cameron Koffman, who, if elected, would be the youngest candidate since Theodore Roosevelt running for the NY State Assembly
    - Tinatin Japaridze, former United Nations correspondent for the Russian and Ukrainian media, with expertise in bi-lateral US-Russian relations on cyber security.
    - Lance James, CEO of Unit 221B and noted cyber security expert who has assisted various law enforcement and government agencies on some of the most highly publicized hacking investigations.

    Moderator: David Morris, Executive Director at Digital Risk Management Institute
  • Social Engineering Threats to Enterprise Security Recorded: Feb 18 2020 58 mins
    Diana Kelley | Tyler Cohen Wood | Stephanie Carruthers | Samantha Davison
    Join us as we review social engineering tactics and attack methods. Learn about the latest trends in social engineering, the risk to your organization's cybersecurity and what steps to take to mitigate it.

    Viewers will learn more about:
    - How social engineers exploit human behavior
    - Most common types of social engineering attacks
    - New in phishing, baiting, tailgating and more
    - Managing access and insider threats

    This episode is part of The (Security) Balancing Act series with Diana Kelley. Viewers are encouraged to ask questions during the live Q&A.
  • [PANEL] IoT Security in 2020 Recorded: Feb 12 2020 61 mins
    Peter Wood, Terence Jackson, Brian Russell & Alexandre Blanc
    With the proliferation of the Internet of Things, IoT devices are often added into enterprise environments without due consideration for the security and privacy risks they pose to the business. Oftentimes, IT security teams do not have full visibility into how many IoT devices are connected to the network. This creates security gaps, as IoT devices are notoriously vulnerable to hacks and attacks.

    Join this interactive panel experts to learn about how enterprises can enhance endpoint, and therefore IoT security.

    Attendees will learn more about:
    - IoT and today's enterprise
    - What's on your network? How do you evaluate IoT devices?
    - Why visibility is key
    - Controlling access to your IoT environment
    - Vendor risk and holding vendors accountable for their IoT equipment
    - Areas for automation and where to reduce your IT security team's involvement
    - Patching and upgrading
    - Expert recommendations for enhancing IoT security

    Peter Wood, Partner, Naturally Cyber LLP (Moderator)
    Terence Jackson, CISO, Thycotic
    Brian Russell, IoT Working Group Co-Chair, Cloud Security Alliance (CSA)
    Alexandre Blanc, Director of Security, Adaware (an Avanquest company)
  • [PANEL] Proactive Security Strategies and Best Practices Recorded: Feb 11 2020 60 mins
    Roselle Safran, Sean Webb, Michelle Drolet & Chris Calvert
    In today’s business landscape it is important to take a proactive approach to security rather than a reactive approach. Join leading security experts as they discuss the safest ways to protect your organisation in 2019 and beyond.

    Join this Q&A panel to learn more about:

    - Key organisational benefits to practising proactive security
    - Technologies powering security
    - Best practices and recommendations for a more secure organization

    Roselle Safran, President, Rosint Labs (Moderator)
    Sean Webb, Information Security Manager, Patriot One Technologies Inc.
    Michelle Drolet, CEO & Co-Founder, Towerwall
    Michelle McLean, VP Marketing, StackRox
    Chris Calvert, VP of Product Strategy, Respond Software
  • Healthcare Security – It Stinks Recorded: Jan 30 2020 53 mins
    Christos Simotas, Senior Information Security Consultant, I.T. Security Corp
    Healthcare is a goldmine for hackers. Not just any kind of hacker though but for almost all kinds of levels. From the NOOB script kiddes sending out ransom ware emails to the advanced reverse engineer creating push to kill insulin pump and heart defibrillators exploits which can be triggered from half a kilometer away.
    This industry's cyber security cost is expected to rise from 7 billion in 2018 to 27 billion by 2026, yet from 2005 to today over 268 million records have been reported breached in the United States alone. That's 85%.
    Financial gain is the main motivator for hackers because healthcare records are highly valued for their personal, financial, and medical data. This type of information is worth roughly 50 times more than credit card or Social Security data, since it can be used for Medicare fraud – the most profitable type of identity theft.
    We will look at some of the most common attacks the healthcare industry has been exposed to and a live demonstration of exploiting one of the oldest technologies that was implemented 1959 and is still being used today.
    Let’s dive deep into the underground world of healthcare.
  • How Private is My Healthcare Data? Surprise! Recorded: Jan 28 2020 59 mins
    Debra Baker | Ellie Daw | Michelle Finneran Dennedy | Karen Schnell | Anna Kirkland Smith
    Join well-known women in privacy and cybersecurity for an exclusive keynote panel on ransomware and IoT threats to healthcare data, and steps to take in 2020 to better secure it.

    Viewers will also learn about Google’s Project Nightingale, as well as have the opportunity to ask questions during the live webinar.

    - Debra Baker, CISSP CCSP, Host and Technical Program Manager at RedSeal
    - Ellie Daw, Research Scientist at Crimson Vista, Inc.
    - Michelle Finneran Dennedy, CEO at DrumWave
    - Karen Schnell, Cybersecurity Business Architect and Adjunct Professor in Computer Science
    - Anna Kirkland Smith, Data Scientist, MetLife

    This keynote panel is part of International Data Privacy Day 2020 and will be available Live on January 28th, as well as an on-demand.

    Data Privacy Day is an international effort to create awareness about the importance of respecting privacy, safeguarding data and enabling trust.
For Certified Members and Information Security Professionals Globally
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and security skills. It is the owner and developer of the world famous Certified Ethical Hacker (C|EH), Computer Hacking Forensics Investigator (C|HFI) and EC-Council Certified Security Analyst (E|CSA)/License Penetration Tester (L|PT) programs, and various others offered in over 60 countries around the globe.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Cleaning Up Your Low Hanging Fruit
  • Live at: Nov 30 2010 2:00 pm
  • Presented by: Brad Smith
  • From:
Your email has been sent.
or close