Replicating the Gonzalez Cyber Attacks through Penetration Testing

2009-11-20T16:07:10Z

--------------------------------------------------------------------------------
YOU'RE INVITED: IT SECURITY ON DEMAND WEBCAST

"Replicating the Gonzalez Cyber Attacks through Penetration Testing"
Register: http://www.coresecurity.com/Form/generic/campaign/SecurityFocusGonzalez
---------------------------------------------------------------------------------

Recently, we saw the indictment of cybercrime kingpin Albert Gonzalez, one of the accused masterminds behind high-profile data breaches at Heartland Payment Systems, Hannaford Bros. Supermarkets, 7-Eleven, and TJX. Next week, Core Security Technologies will present a hands-on look at the attacks Gonzalez and his co-conspirators are believed to have used in breaching these organizations.

Leveraging the actual indictment document as a guide, Core Security senior product manager Alex Horan will use CORE IMPACT Pro penetration testing software to demonstrate the techniques by which Gonzales allegedly stole millions of credit card numbers* - showing you how to identify IT exposures in your own environment before cybercriminals do.

> Register here: http://www.coresecurity.com/Form/generic/campaign/SecurityFocusGonzalez

During the webcast, you'll see a step-by-step depiction of an attack similar to that described in the Gonzalez indictment, including the following critical stages:

* the initial web application compromise via SQL Injection
* the use of a well-known backend database command to make the attacks even
* more invasive
* the planting of malware on the backend database server
* the collection and transmission of credit card transactions to the
* attackers

Through the demonstration, you'll also learn how commercial-grade penetration testing software enables you to see your IT systems as an attacker would -- not only by determining if the kinds of issues that Gonzalez reportedly leveraged are present in your environment, but also by ...

* assessing how deployed defenses react to specific threats
* revealing what systems and data would be exposed by a breach
* depicting how chains of vulnerabilities open paths to mission-critical
* systems and information
* providing actionable data for immediately mitigating critical exposures
* repeating tests to ensure the effectiveness of remediation efforts

This webcast is ideal for anyone interested in proactively assessing their security posture against real-world cyber threats.

> Register here: http://www.coresecurity.com/Form/generic/campaign/SecurityFocusGonzalez

---------------------------------------------------------------------
To unsubscribe, e-mail: focus-bsd-unsubscribe@...
For additional commands, e-mail: focus-bsd-help@...

OpenBSD tutorial for beginners

2006-03-31T23:30:49Z

OpenBSD tutorial for beginners:

http://www.wbglinks.net/pages/openbsd/

With an area on security:

http://www.wbglinks.net/pages/openbsd/security.html

Anti Arp Poisoning Daemon (OpenAAPD) PS: Link corrected

2005-09-14T09:14:10Z

OpenAAPD (0.1-beta) is an Anti Arp Poisoning Daemon for OpenBSD operating system which works with/without DHCP protocol support
on the LAN networks without compromising the ARP protocol
performances.

The link to the project is this:

http://www.openbeer.it/codes/projects/aapd.c

Nabble - Security - BSD

Replicating the Gonzalez Cyber Attacks through Penetration Testing

OpenBSD tutorial for beginners

Anti Arp Poisoning Daemon (OpenAAPD) PS: Link corrected