Replicating the Gonzalez Cyber Attacks through Penetration Testing

["Core Security" <sfa () securityfocus com>]

--------------------------------------------------------------------------------
YOU'RE INVITED: IT SECURITY ON DEMAND WEBCAST
 
"Replicating the Gonzalez Cyber Attacks through Penetration Testing"
Register: http://www.coresecurity.com/Form/generic/campaign/SecurityFocusGonzalez
---------------------------------------------------------------------------------
 
Recently, we saw the indictment of cybercrime kingpin Albert Gonzalez, one of the accused masterminds behind 
high-profile data breaches at Heartland Payment Systems, Hannaford Bros. Supermarkets, 7-Eleven, and TJX. Next week, 
Core Security Technologies will present a hands-on look at the attacks Gonzalez and his co-conspirators are believed to 
have used in breaching these organizations.
 
Leveraging the actual indictment document as a guide, Core Security senior product manager Alex Horan will use CORE 
IMPACT Pro penetration testing software to demonstrate the techniques by which Gonzales allegedly stole millions of 
credit card numbers* - showing you how to identify IT exposures in your own environment before cybercriminals do.
 
> Register here: http://www.coresecurity.com/Form/generic/campaign/SecurityFocusGonzalez
 
During the webcast, you'll see a step-by-step depiction of an attack similar to that described in the Gonzalez 
indictment, including the following critical stages:
 
*  the initial web application compromise via SQL Injection
*  the use of a well-known backend database command to make the attacks even
*  more invasive
*  the planting of malware on the backend database server
*  the collection and transmission of credit card transactions to the
*  attackers
 
Through the demonstration, you'll also learn how commercial-grade penetration testing software enables you to see your 
IT systems as an attacker would -- not only by determining if the kinds of issues that Gonzalez reportedly leveraged 
are present in your environment, but also by ...
 
*  assessing how deployed defenses react to specific threats
*  revealing what systems and data would be exposed by a breach
*  depicting how chains of vulnerabilities open paths to mission-critical
*  systems and information
*  providing actionable data for immediately mitigating critical exposures
*  repeating tests to ensure the effectiveness of remediation efforts
 
This webcast is ideal for anyone interested in proactively assessing their security posture against real-world cyber 
threats.
 
> Register here: http://www.coresecurity.com/Form/generic/campaign/SecurityFocusGonzalez


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------