Author Archives: RY4N

About RY4N

A cyber security maven, dedicated to spreading the word.

Upcoming Cyber Education Symposium in the Washington DC Area

Cyber security has no doubt made strides over the last few years. Many of our readers are international. Our stats show that more readers of this website come from Europe and Asia than they do from the USA. In our travels and consulting experiences around the globe we have found that many countries in Europe and Asia seem to take cyber security a bit more seriously than the USA.

Recently, the USA Gov and DoD has been hindered by the sequestration. This sequestration has put a hold on the training budgets of many professionals in the space. What’s ironic about this timing is that Cyber Security is emerging more and more into the spotlight and the United States’ cyber workforce on the Public and Private sector side is falling behind the cyber workforce of many other countries because of this slow period.

Fortunately, coming to the Washington DC area in November is a cyber education awareness conference called the Cyber Education Symposium. This conference will feature speakers, presentations and discussion sessions on important factors that organizations and Gov agencies have to face when it comes to cyber security education.

CyberEd Symposium

Those of you out there in the Washington DC area that read this blog should definitely check out the symposium. Information on the event can be found here: Cyber Education Symposium.

Ethical Hacking Training Leads to a Wide Variety of Advanced Cyber Security Skill Sets

Have you received your Certified Ethical Hacker (CEH) certification or are you in the process of training to do so? After completion of baseline ethical hacking training, penetration testers have a number of choices for further security education and training to develop a variety of cyber security skills. Let’s take a look at some of these options:

Exploit Development

The development of exploits is a technique used to explore software vulnerabilities. Exploits themselves are flaws within a program that can cause unintended behavior to happen within the software, hardware, or electronic. By learning about the vulnerabilities of different types of software, penetration testers can learn how to take advantage of them to better understand the workings of the computer software and ultimately better protect the target of the exploits. Exploits are categorized by how they target software, remotely or locally, as well as the types of vulnerabilities they exploit. As there is a variety of computer software available, exploits can be varied for different types of software as well. Exploit development classes cover a variety of topics from stack overflows and shellcoding tricks to PDF and ROP exploits.

Malware Analysis

Malware analysis sometimes referred to as “reverse engineering” of malware programs, examines how malware works in order to protect computers from malware attacks. Like the approach behind so many ethical hacking activities, penetration testers will get to learn how an attack is built and executed so that they can know how to defend networks from such attacks in the future. Malware analysis will explore different types of malicious software including viruses, worms, Trojans, spyware, adware, and rootkits. Ultimately the goal will be to learn the versatility of the software and how to combat attacks through similarly versatile and efficient methods. Malware analysis courses may cover fundamentals of PE headers and DLL interactions, identification of malware characteristics, identification of the malware’s level of the malicious capability, and even browser script analysis.

Mobile App Hacking

Mobile hacking and mobile application hacking explore how cell phones are vulnerable to break-ins and teaches penetration testers how to secure mobile devices. With smartphone usage becoming commonplace and increasing numbers of communication and financial services becoming available through mobile versions of websites or mobile apps, it is important to learn how to hack into mobile devices and then how to secure them. Ethical hackers can take what they’ve learned about computers and expand their knowledge to learn on entirely new platforms, from popular Android and Apple smartphones to tablets and iPods as well. Mobile hacking courses cover topics such as Android and Apple device forensics, exploitation of mobile apps, jail breaking, attacking web services through mobile apps, and penetration testing for mobile operating systems.

Wireless Security

Wireless security training provides ethical hackers with the opportunity to gain a skill set that is valuable due to the current technological industry relying on wireless connections for networks. Wireless fidelity, or Wifi, allows electronic devices to exchange data and connect via a wireless local area network (WLAN). Most modern Wifi connections abide by the IEEE 802.11ac standard, so penetration testers would first engage in learning about wireless security by learning about the basics of 802.11 wireless networking. Following the introductory topics would be the exploration of wireless network encryption, of which there are two main types: Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA). Wireless security training includes topics like encryption cracking, encryption defense and circumvention of attacks, and the differences in wireless security for more protected networks, such as those found in the government.

Another Free Hacking Seminar? TrainACE Introduces Hacker’s Breakfast on Threat Protection

Those of you who remember when TrainACE and FireEye teamed up to bring you the first Hacker’s Breakfast will be excited to learn about another installation of the free hacking seminar series! This time TrainACE is collaborating with n2grate Government Technology Solutions for a seminar focused on new mission assurance technologies and web-based security. The event is geared towards government, Department of Defense, and military employees, so it’s definitely something for interested Certified Ethical Hackers to keep on their radar.

The seminar is organized to have presentations and kiosks for product and training demonstrations. The keynote speaker will be Brian Contos, VP and CISO for the Advanced Threat Protection Group at Blue Coat Systems. Presentation topics will cover web-based security and its importance for mobile workers and social networking, threat protection on a variety of devices, and how federal agencies, like the Department of Defense, should handle application security. The two main speaker presentations will be separated by a time allotted for breakout sessions for advanced threat protection product demonstrations.

Kiosk exhibits will include demonstrations from Blue Coat, Netronome, and Packet Shaper. Solera Networks will have a kiosk on big data security intelligence and analytics. This event will have top experts giving presentations and interactive demonstrations, so it will be an exclusive opportunity to learn about the latest technology while getting a chance to meet other industry professionals.

The seminar is set for July 24th and will take place at TrainACE’s Ashburn, Virginia location. You’ll want to hurry because registration is limited to just 70 attendees!

Find out all the details and request more information here: Hacker’s Breakfast – The FREE Hacking Training Seminar Series by TrainACE.

Free CEH Exam Study Guide Now Available

For people looking to take the easier route in accomplishing the Certified Ethical Hacker (CEH) certification, there is a free study guide available online. You can download the free CEH exam prep study guide here: CEH Exam Study Guide

FireEye & TrainACE Teaming Up For Free Hacker’s Breakfast Seminar

That’s right; learn more about Advanced Persistent Threat for FREE!

Enjoy 4 hours packed with lectures/labs/and Q & A (and breakfast of course!). FireEye, the malware protection guru, has a lot to say about catching malware and they are ready to come clean about what they know. Alex Lanstein will be speaking at the seminar, complete with a demo on how FireEye catches major Java zero day threats.

Right after Alex, Timber Wolfe, a SME from TrainACE, will be speaking on Honey Nets, Honey Pots, and Honey Farms. This is a fast growing science and Timber is one of the best of the best when it comes to Honeynetting!

This live event is being held in Greenbelt, MD at the Hilton Garden Inn. The facility is conveniently located right next to TrainACE’s headquarters on Walker Drive. Breakfast will be served at 8:15am then then will transition right into the seminar. There’s going to be time for networking at the end, but things will wrap up at 12:30pm.

For more details and to register for this free Hacker’s Breakfast, visit here:

Why Security Professionals Need to Know Python

As more IT security professionals use programming as an essential tool, Python has emerged as the language of choice as is found in the emergence of open enrollment training classes such as the one at Advanced Security. Python offers advantages in ease, rapid development, and support that provide the flexibility and speed critical to security activities.

Python’s Rise Above the Language Jungle
Python is a high-level, object-oriented programming language that is scalable and extensible. Security professionals can easily learn it and write custom applications, tools, and automation scripts. Hackers are increasingly using Python because it offers extensive libraries and can be coded quickly. The language’s modular design and clean syntax also make it easy to modify existing code or add on to canned tools. In the security community, more applications continue to be written in Python. An organization can save development time by using Python to create reusable code that stands on its own.

Python is cross-platform and portable to most operating systems including Linux, Windows and Mac. Versions also exist for .NET and the Java virtual machine. As a compiled language, it can run as a script or executable. Python’s clear structure and built-in support make it easy for security experts from any programming background to learn and use.

Rapid Application Development With Python
Security professionals need to write and modify applications quickly in order to test, add new features, and stop threats. Intended for rapid application development, Python has an edge over several other languages in its simplicity and readability. It uses a straightforward object-oriented implementation with clean syntax to promote code standardization. It also has automatic memory management and exception handling, features which speed up development time for security experts who need to focus on results rather than low-level operations. Python’s structure supports easy maintenance so that scripts live as extensible business tools independent of their original authors. Security experts tackling programming or Python for the first time can become productive within days. There is even a search engine for Python source code, called Nullege, that lets developers find code examples to work with.

Test tools often lag behind real-life requirements, and security professionals have to move beyond canned solutions in order to achieve full coverage. Hackers and Web application testers often create custom scripts on the fly and need the functionality that Python’s modules and rapid prototyping provide. Using Python, they can quickly deploy crucial offensive measures such as password cracking, SQL injection, packet captures, and back doors. Security systems administrators can easily create scripts to parse log files, scan ports, analyze memory usage, and handle other common tasks.

Strong Python Developer Support
Python comes with a huge library of extensible modules that provide most functions a security professional needs. As Web applications and technologies are a central security concern, Web support is essential for coding. The Python standard library includes specific modules for building clients and working with Web functions. It also has data parsing modules that handle XML and HTML among other syntaxes. Further, substantial third-party solutions exist in the form of Web frameworks and support for binary protocols as well as other tools. Developers can also leverage Python’s active user community and variety of reference resources.

Python is a lean workhorse that gives hackers and other security professionals the tools to quickly develop applications. While it may not be the most elegant of languages, Python’s clean and flexible structure puts power where it is needed most.

Examining the Distinguishing Factors of Cyber Security versus IT Security

Little do people realize but Cyber Security is actually quite different from the more generic term, “IT Security”.

The National Security Agency (NSA) uses two terms to define cyber security. Information assurance is a measure that protects and defends the integrity, availability and confidentiality of information and information systems. Information systems security protects information systems from unauthorized access and prevents unauthorized changes or modifications to information that is stored, moved or processed. Businesses, Department of Defense and other governmental agencies require cyber security measures that will ensure that confidential information remains intact without interference from unauthorized sources. ISO/IEC 27032 defines cyberspace security as the preservation of confidential information in cyberspace. Cyberspace is defined as the interaction of people, software and services on the Internet.

The word cyber began as an ancient Greek word that meant either a pilot, rudder operator or other person guiding a boat. In ancient Greece, the word developed into a term referring to central governmental control. In the twentieth century, Norbert Wiener employed the word cybernetics from the ancient Greek word cyber to describe robots with brains that control mechanisms. William Gibson wanted to use a word in his science fiction novels about the electronic future to refer to the place where online interactions occurred. Gibson’s 1984 novel “Neuromancer” popularized the term cyberspace from the word cyber that Weiner had used earlier in the century.

Some early Internet users were avid readers of Gibson’s science fiction novels. They adopted the term cyberspace as an alternate term for using the Internet. Meanwhile, federal government security professionals adopted information security or infosec as another term for information systems security. The military added another interpretation to the terminology adopted by civilian government professionals. Military mindset encompassed the thought processes of defending the terrain known as cyberspace. The military adopted the term cyber security and later shortened the term to cyber.

Cyber security revolves around the three core areas of confidentiality, integrity and authentication. Confidentiality protects information from unauthorized access by others. Integrity prevents information from alteration by unauthorized users. Authentication is the process of recognizing the identity of information users. There are two other terms associated with cyber security. Non-repudiation means that each person sending a message must be identified as the original message sender. Availability refers to an information system that is operational and functional at any time. Cyber security relies upon preventative measures used to protect information from attacks. Cyber security strategies include identity, incident and risk management to study and resolve potential viruses, malicious code and other information threatening issues.

Three cyber security strategies are prevalent in today’s cyber security environment that will lead to cyber security success. First, building a preventive defense system based upon the needed security level of an organization is essential to combating intrusions and cyber security attacks. Second, resilience or the ability to withstand attacks and failures is necessary as a preventive measure against the intrusions that will happen in cyberspace. Third, an offensive mindset will locate vulnerabilities in an organization’s defense system. A credible cyber defense should also include offensive capabilities to build a deterrence system that will prevent intruders from launching a cyber attack against an organization.

The cyber security industry moved from a defensive to offensive strategy of attack after security professionals examined cyber security from a preventive perspective and technological solutions to the problem emerged. An Intrusion Prevention System (IPS) (eg. Snort) was developed to provide security professionals with a proactive capability. Another offensive strategy uses counter terror techniques to find hacker cells, infiltrate and physically limit these hacker attacks.

Cyber security training differs quite a bit from traditional IT security training as well. True cyber security training (see TrainACE’s Advanced Security Cyber Security Training) classes include offensive skill sets like hacking mobile devices, exploit creation and python scripting your own tools to expose vulnerabilities. Traditional IT security classes include certifications like the Security+ and the CISSP, which are designed for defense, only.


Get every new post delivered to your Inbox.