IDS mailing list archives
Replicating the Gonzalez Cyber Attacks through Penetration Testing
From: "Core Security" <sfa () securityfocus com>
Date: 21 Nov 2009 00:07:11 -0000
-------------------------------------------------------------------------------- YOU'RE INVITED: IT SECURITY ON DEMAND WEBCAST "Replicating the Gonzalez Cyber Attacks through Penetration Testing" Register: http://www.coresecurity.com/Form/generic/campaign/SecurityFocusGonzalez --------------------------------------------------------------------------------- Recently, we saw the indictment of cybercrime kingpin Albert Gonzalez, one of the accused masterminds behind high-profile data breaches at Heartland Payment Systems, Hannaford Bros. Supermarkets, 7-Eleven, and TJX. Next week, Core Security Technologies will present a hands-on look at the attacks Gonzalez and his co-conspirators are believed to have used in breaching these organizations. Leveraging the actual indictment document as a guide, Core Security senior product manager Alex Horan will use CORE IMPACT Pro penetration testing software to demonstrate the techniques by which Gonzales allegedly stole millions of credit card numbers* - showing you how to identify IT exposures in your own environment before cybercriminals do.
Register here: http://www.coresecurity.com/Form/generic/campaign/SecurityFocusGonzalez
During the webcast, you'll see a step-by-step depiction of an attack similar to that described in the Gonzalez indictment, including the following critical stages: * the initial web application compromise via SQL Injection * the use of a well-known backend database command to make the attacks even * more invasive * the planting of malware on the backend database server * the collection and transmission of credit card transactions to the * attackers Through the demonstration, you'll also learn how commercial-grade penetration testing software enables you to see your IT systems as an attacker would -- not only by determining if the kinds of issues that Gonzalez reportedly leveraged are present in your environment, but also by ... * assessing how deployed defenses react to specific threats * revealing what systems and data would be exposed by a breach * depicting how chains of vulnerabilities open paths to mission-critical * systems and information * providing actionable data for immediately mitigating critical exposures * repeating tests to ensure the effectiveness of remediation efforts This webcast is ideal for anyone interested in proactively assessing their security posture against real-world cyber threats.
Register here: http://www.coresecurity.com/Form/generic/campaign/SecurityFocusGonzalez
----------------------------------------------------------------- Securing Your Online Data Transfer with SSL. A guide to understanding SSL certificates, how they operate and their application. By making use of an SSL certificate on your web server, you can securely collect sensitive information online, and increase business by giving your customers confidence that their transactions are safe. http://www.dinclinx.com/Redirect.aspx?36;5001;25;1371;0;1;946;9a80e04e1a17f194
Current thread:
- Replicating the Gonzalez Cyber Attacks through Penetration Testing Core Security (Nov 20)