Focus on Sun
Replicating the Gonzalez Cyber Attacks through Penetration Testing Nov 21 2009 12:07AM
Core Security (sfa securityfocus com)
------------------------------------------------------------------------
--------
YOU'RE INVITED: IT SECURITY ON DEMAND WEBCAST

"Replicating the Gonzalez Cyber Attacks through Penetration Testing"
Register: http://www.coresecurity.com/Form/generic/campaign/SecurityFocusGonzalez
------------------------------------------------------------------------
---------

Recently, we saw the indictment of cybercrime kingpin Albert Gonzalez, one of the accused masterminds behind high-profile data breaches at Heartland Payment Systems, Hannaford Bros. Supermarkets, 7-Eleven, and TJX. Next week, Core Security Technologies will present a hands-on look at the attacks Gonzalez and his co-conspirators are believed to have used in breaching these organizations.

Leveraging the actual indictment document as a guide, Core Security senior product manager Alex Horan will use CORE IMPACT Pro penetration testing software to demonstrate the techniques by which Gonzales allegedly stole millions of credit card numbers* - showing you how to identify IT exposures in your own environment before cybercriminals do.

> Register here: http://www.coresecurity.com/Form/generic/campaign/SecurityFocusGonzalez

During the webcast, you'll see a step-by-step depiction of an attack similar to that described in the Gonzalez indictment, including the following critical stages:

* the initial web application compromise via SQL Injection
* the use of a well-known backend database command to make the attacks even
* more invasive
* the planting of malware on the backend database server
* the collection and transmission of credit card transactions to the
* attackers

Through the demonstration, you'll also learn how commercial-grade penetration testing software enables you to see your IT systems as an attacker would -- not only by determining if the kinds of issues that Gonzalez reportedly leveraged are present in your environment, but also by ...

* assessing how deployed defenses react to specific threats
* revealing what systems and data would be exposed by a breach
* depicting how chains of vulnerabilities open paths to mission-critical
* systems and information
* providing actionable data for immediately mitigating critical exposures
* repeating tests to ensure the effectiveness of remediation efforts

This webcast is ideal for anyone interested in proactively assessing their security posture against real-world cyber threats.

> Register here: http://www.coresecurity.com/Form/generic/campaign/SecurityFocusGonzalez

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus