headers
Core Security | 21 Nov 2009 01:07
Picon
Favicon

Replicating the Gonzalez Cyber Attacks through Penetration Testing

--------------------------------------------------------------------------------
YOU'RE INVITED: IT SECURITY ON DEMAND WEBCAST

"Replicating the Gonzalez Cyber Attacks through Penetration Testing"
Register: http://www.coresecurity.com/Form/generic/campaign/SecurityFocusGonzalez
---------------------------------------------------------------------------------

Recently, we saw the indictment of cybercrime kingpin Albert Gonzalez, one of the accused masterminds
behind high-profile data breaches at Heartland Payment Systems, Hannaford Bros. Supermarkets,
7-Eleven, and TJX. Next week, Core Security Technologies will present a hands-on look at the attacks
Gonzalez and his co-conspirators are believed to have used in breaching these organizations.

Leveraging the actual indictment document as a guide, Core Security senior product manager Alex Horan
will use CORE IMPACT Pro penetration testing software to demonstrate the techniques by which Gonzales
allegedly stole millions of credit card numbers* - showing you how to identify IT exposures in your own
environment before cybercriminals do.

> Register here: http://www.coresecurity.com/Form/generic/campaign/SecurityFocusGonzalez

During the webcast, you'll see a step-by-step depiction of an attack similar to that described in the
Gonzalez indictment, including the following critical stages:

*  the initial web application compromise via SQL Injection
*  the use of a well-known backend database command to make the attacks even
*  more invasive
*  the planting of malware on the backend database server
*  the collection and transmission of credit card transactions to the
*  attackers

Through the demonstration, you'll also learn how commercial-grade penetration testing software
(Continue reading)

Permalink | Reply | 0 comments |
headers
newslist@security-briefings.com | 23 Apr 2006 16:19

Newslist about security conference

Hello all,

Just to inform you that you can subscribe to a new mailing list 
dedicated to security conference.

To see example of information you will receive, go to 
http://www.security-briefings.com

To subscribe, just send an empty email to 
list-subscribe <at> security-briefings.com

Regards

Newslist [at] security-briefings.com

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's 
Choice Award from eWeek. As attacks through web applications continue to rise, 
you need to proactively protect your applications from hackers. Cenzic has the 
most comprehensive solutions to meet your application security penetration 
testing and vulnerability management needs. You have an option to go with a 
managed service (Cenzic ClickToSecure) or an enterprise software 
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can 
help you: http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request <at> cenzic.com for details.
------------------------------------------------------------------------------
(Continue reading)

Permalink | Reply | 0 comments |
headers
Andrea Di Pasquale | 14 Sep 2005 17:14
Picon

Anti Arp Poisoning Daemon (OpenAAPD) PS: Link corrected

OpenAAPD (0.1-beta) is an Anti Arp Poisoning Daemon for OpenBSD operating system which works
with/without DHCP protocol support
on the LAN networks without compromising the ARP protocol 
performances.

The link to the project is this:

http://www.openbeer.it/codes/projects/aapd.c
Permalink | Reply | 0 comments |
headers
Joe McCray | 3 Oct 2003 22:44

Requesting help with Unix wargame server development

Hey everybody I'm looking for some help with developing a Unix or Linux based 
wargame server with several levels for players to progress through (like 
hackerslab, pulltheplug, datafort, etc...). I'd really like to see it teach 
players about things like suid exploits, symlinks, race conditions, simple 
buffer overflows, etc.

This is just one of the many things that we would like to work toward having at 
rootwars.org, and would love to have more people help out. Please contact me 
at: joe@... if you are interested

Joe McCray
joe@...
http://www.rootwars.org
Hacking Games   Hands-on Courses   HackLab Access
Permalink | Reply | 0 comments |

Gmane