Home page logo
/

basics logo Security Basics mailing list archives

Replicating the Gonzalez Cyber Attacks through Penetration Testing
From: "Core Security" <sfa () securityfocus com>
Date: 21 Nov 2009 00:07:11 -0000

--------------------------------------------------------------------------------
YOU'RE INVITED: IT SECURITY ON DEMAND WEBCAST
 
"Replicating the Gonzalez Cyber Attacks through Penetration Testing"
Register: http://www.coresecurity.com/Form/generic/campaign/SecurityFocusGonzalez
---------------------------------------------------------------------------------
 
Recently, we saw the indictment of cybercrime kingpin Albert Gonzalez, one of the accused masterminds behind 
high-profile data breaches at Heartland Payment Systems, Hannaford Bros. Supermarkets, 7-Eleven, and TJX. Next week, 
Core Security Technologies will present a hands-on look at the attacks Gonzalez and his co-conspirators are believed to 
have used in breaching these organizations.
 
Leveraging the actual indictment document as a guide, Core Security senior product manager Alex Horan will use CORE 
IMPACT Pro penetration testing software to demonstrate the techniques by which Gonzales allegedly stole millions of 
credit card numbers* - showing you how to identify IT exposures in your own environment before cybercriminals do.
 
Register here: http://www.coresecurity.com/Form/generic/campaign/SecurityFocusGonzalez
 
During the webcast, you'll see a step-by-step depiction of an attack similar to that described in the Gonzalez 
indictment, including the following critical stages:
 
*  the initial web application compromise via SQL Injection
*  the use of a well-known backend database command to make the attacks even
*  more invasive
*  the planting of malware on the backend database server
*  the collection and transmission of credit card transactions to the
*  attackers
 
Through the demonstration, you'll also learn how commercial-grade penetration testing software enables you to see your 
IT systems as an attacker would -- not only by determining if the kinds of issues that Gonzalez reportedly leveraged 
are present in your environment, but also by ...
 
*  assessing how deployed defenses react to specific threats
*  revealing what systems and data would be exposed by a breach
*  depicting how chains of vulnerabilities open paths to mission-critical
*  systems and information
*  providing actionable data for immediately mitigating critical exposures
*  repeating tests to ensure the effectiveness of remediation efforts
 
This webcast is ideal for anyone interested in proactively assessing their security posture against real-world cyber 
threats.
 
Register here: http://www.coresecurity.com/Form/generic/campaign/SecurityFocusGonzalez


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
  • Replicating the Gonzalez Cyber Attacks through Penetration Testing Core Security (Nov 21)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]