Author Archives: ryan

About ryan

I am the VP of Marketing for TrainACE and our Cyber Security training division, Advanced Security.

Examining the Distinguishing Factors of Cyber Security versus IT Security

Little do people realize but Cyber Security is actually quite different from the more generic term, “IT Security”.

The National Security Agency (NSA) uses two terms to define cyber security. Information assurance is a measure that protects and defends the integrity, availability and confidentiality of information and information systems. Information systems security protects information systems from unauthorized access and prevents unauthorized changes or modifications to information that is stored, moved or processed. Businesses, Department of Defense and other governmental agencies require cyber security measures that will ensure that confidential information remains intact without interference from unauthorized sources. ISO/IEC 27032 defines cyberspace security as the preservation of confidential information in cyberspace. Cyberspace is defined as the interaction of people, software and services on the Internet.

The word cyber began as an ancient Greek word that meant either a pilot, rudder operator or other person guiding a boat. In ancient Greece, the word developed into a term referring to central governmental control. In the twentieth century, Norbert Wiener employed the word cybernetics from the ancient Greek word cyber to describe robots with brains that control mechanisms. William Gibson wanted to use a word in his science fiction novels about the electronic future to refer to the place where online interactions occurred. Gibson’s 1984 novel “Neuromancer” popularized the term cyberspace from the word cyber that Weiner had used earlier in the century.

Some early Internet users were avid readers of Gibson’s science fiction novels. They adopted the term cyberspace as an alternate term for using the Internet. Meanwhile, federal government security professionals adopted information security or infosec as another term for information systems security. The military added another interpretation to the terminology adopted by civilian government professionals. Military mindset encompassed the thought processes of defending the terrain known as cyberspace. The military adopted the term cyber security and later shortened the term to cyber.

Cyber security revolves around the three core areas of confidentiality, integrity and authentication. Confidentiality protects information from unauthorized access by others. Integrity prevents information from alteration by unauthorized users. Authentication is the process of recognizing the identity of information users. There are two other terms associated with cyber security. Non-repudiation means that each person sending a message must be identified as the original message sender. Availability refers to an information system that is operational and functional at any time. Cyber security relies upon preventative measures used to protect information from attacks. Cyber security strategies include identity, incident and risk management to study and resolve potential viruses, malicious code and other information threatening issues.

Three cyber security strategies are prevalent in today’s cyber security environment that will lead to cyber security success. First, building a preventive defense system based upon the needed security level of an organization is essential to combating intrusions and cyber security attacks. Second, resilience or the ability to withstand attacks and failures is necessary as a preventive measure against the intrusions that will happen in cyberspace. Third, an offensive mindset will locate vulnerabilities in an organization’s defense system. A credible cyber defense should also include offensive capabilities to build a deterrence system that will prevent intruders from launching a cyber attack against an organization.

The cyber security industry moved from a defensive to offensive strategy of attack after security professionals examined cyber security from a preventive perspective and technological solutions to the problem emerged. An Intrusion Prevention System (IPS) (eg. Snort) was developed to provide security professionals with a proactive capability. Another offensive strategy uses counter terror techniques to find hacker cells, infiltrate and physically limit these hacker attacks.

Cyber security training differs quite a bit from traditional IT security training as well. True cyber security training (see TrainACE’s Advanced Security Cyber Security Training) classes include offensive skill sets like hacking mobile devices, exploit creation and python scripting your own tools to expose vulnerabilities. Traditional IT security classes include certifications like the Security+ and the CISSP, which are designed for defense, only.


Funny Video by EC-Council Award Winning Training Company

We came across this video from our friends at TrainACE. Its pretty funny. The Office Space and Office references are blatant and subliminal messages are amusing as well:


How Computer Forensics Training Complements A Hacking Career

Hackers who have gone good form an essential part of any large business or organization’s IT team. Hackers who are employed on the behalf of a business can identify security threats and put security measures in place that protect the data of a company and its consumers. Professionals hackers who have gone good have been key in identifying and eliminating security threats that affect major businesses and government bodies. In fact, such hackers can earn the Certified Ethical Hacker (CEH) certification to demonstrate to potential employers that they intend to use their hacking skills for good.

Completing training in computer forensics can round-out the skill set of any hacker. This special training helps individuals as they strive to identify information or evidence left behind on computers after crimes or hacker attacks. While many law enforcement agencies employ computer forensics professionals, few major businesses are able to do so on a regular basis. Such businesses stand to benefit significantly from hiring CEHs with advanced computer forensics training.

While on the job, the majority of hackers employed by businesses and government bodies are responsible for identifying incoming attacks by hackers and stopping those attacks. In order to do so, CEHs must use the same tools and knowledge that bad hackers use to infiltrate and corrupt systems. When a CEH can work on a network at the same time that a hacker is attempting to violate that network, he or she can gain valuable information about a hacker’s skills, tools and likelihood of success. A CEH is also able to track the path of a hacker’s attack when he or she can observe the hacker in action.

However, many computer security threats occur when CEHs and other IT professionals are off the clock. This means that corporate and government computer systems might be prone to particularly vicious attacks after hours. This is especially true when hackers are attempting to plant a virus or other encrypted information on a company’s servers. Such off-hours attacks are also prevalent when an employee of the organization is attempting to hack the system for the purposes of embezzlement or other personal gain.

After a hacking incident has taken place, CEHs can trace the basic route of the hacker in an attempt to understand how the system was compromised and what security measures should be put into place. However, even the best corporate hackers are often unable to determine other information about the hacker. What evidence did they leave behind when they infiltrated a system? If they deleted or moved crucial business files, what happened to those files? CEHs must also be able to trace viruses or encrypted packets of unwanted information that hackers leave behind.

Computer forensics training provides professional hackers with the skills that they need in order to trace and better understand threats. Such training makes it possible for hackers to seek out and identify systems changes made by hackers. Using forensic techniques, hackers are also able to locate unwanted information placed on a company’s network. They can find hidden scripts and viruses that hackers leave behind in an attempt to sabotage an organization’s network.

Certified Ethical Hackers who complete computer forensics training can also be invaluable in identifying computer crimes committed by an organization’s own employees. They may be able to locate information about embezzlement or find files that employees have attempted to hide on company systems. They can even recover damaging documents that employees believe they have deleted. Computer forensics training is an excellent complement to the career of any professional hacker. With this important training under his or her belt, a hacker will have a wealth of skills that help ensure the security and stability of any organization’s network.

This Post Sponsored By: The CHFI Class at Hacker Halted 2012 – Get Info Now!!


Why the CompTIA Security+ is a Great Course to Take Online

With the world in an age of technology and fast advancing at that, security threats in systems and networks are a rising concern. In order to protect corporations from damages involving breaches in security and data loss, personnel must be well-versed in methods and tools used to protect data and systems. Toward that end, CompTIA Security+ is a certification course which demonstrates the ability and knowledge of individuals in regards to procedures used to guard against security risks, as well as their capabilities to handle security incidents should they occur.

Since the course is theory-based, the required classes can be taken online instead of needing a standard classroom setting. Online classes have several advantages over physical classrooms and are becoming an increasingly common alternative for many.

With an online class, the course can be made to fit any schedule since there is no specific required time which must be devoted to classes. Due to this, any kind of work schedule, which would often conflict with school times, will allow online lessons as an option. For many people, their work schedule directly conflicts with common school times or is quite variable, making normal lessons—with fixed times—very difficult. This is all the more so since not all jobs will offer flexibility in their schedules for other activities, even if they are a responsible course of action. For the working parent, further adaptability is required still.

Having freedom to select what times to use toward lessons and studying allows each person to reserve time for lessons when available and convenient. By choosing the specific time, one can make sure that distractions are minimal and attention is at its best; this makes the time spent more effective and ensures a better understanding of the subject matter.

Not all courses are equally well-suited to online classes. Any classes that benefit from hands-on experience and direct guidance from an instructor will be better suited to a standard classroom. However, this kind of certification is almost completely theory, meaning that there is nothing lost in taking the courses online as opposed to attending a physical classroom. Not only is the course itself theory-based, the exam which certifies that you have passed the course satisfactorily is largely vocabulary. Consisting in large part of vocabulary means that studying for the exam can be very well accomplished anywhere and that the knowledge can be obtained from a written or online source just as well as from an actual instructor.

In our fast-moving world, being able to attend classes at any time and from the comfort of your home is a great convenience. The CompTIA Security+ certification course is an excellent choice for an online course, tailored to your individual schedule and needs.

Get information on an online / CBT Security+ class: http://www.trainace.com/courses/securityplus/


Zero Day Exploits are Selling and Being Bought More then Ever

The market for brokering zero day exploits is a hot one. In the last three or four months this industry has taken off quite a bit. There have been many articles on major publications written about the brokering of exploits and zero day attacks (http://www.itsupportquotes.com/exploitsales/) and this market is spread across private companies, Government agencies from a handful of countries and even to malicious intent organizations and spy / espionage units.

This buying and selling of exploit activity has been going on for a while, but more companies are entering the marketplace. Because of the international presence of this marketplace there really isn’t much capability for any one Government or entity to monitor or police this trafficking. There is a great deal of money in this marketplace and one can hope that the companies and agencies that have good intent when buying the exploits are the ones that also are capable of offering the selling party the most money or the highest bid.

As this exploit marketplace matures there may be a way for Government entities to hold accountable the selling party for damages that are done from the sale of the attack. If this is the case, then I think we will see a strict policy from the sellers to sell exclusively to Gov agencies. That’s really the only hope right now that this type of marketplace will be used more for good than for bad.


Free Mobile Hacking Webinar – A Must Have!

We just came across this webinar coming up by our good friends at Advanced Security by TrainACE. They are offering a free webinar on must-know fundamentals to mobile hacking (Register Here). Advanced Security’s lead instructor, Joe McCray (http://strategicsec.com) will be the presenter. Joe is a top expert and is known internationally as not only being a pen testing ninja, but he’s a well known funny guy too. This should be a great webinar.

Mobile hacking is something we have discussed on this blog before, but it is as important as any other emerging area for security professionals / hackers. If you have not yet spent time sharpening your mobile penetration testing skills, do so now. Mobile apps are still relatively easy to hack and in this webinar Joe will show you several skill sets that you can employ right away.

The webinar will be held from 1pm-2pm this Thursday (5/24). Register Here.


What Training Comes Next After The Certified Ethical Hacker – How to Advanced Your Career as a Penetration Tester

Ethical hackers attempt to compromise computer systems or networks at the request of the system or network owner. By using the same methodology and resources available to criminal hackers, ethical hackers help to identify security vulnerabilities that could be exploited. These weaknesses can then be addressed by programmers or others that are assigned to work on that particular vulnerable hardware or software.

An attempt to circumvent system security and compromise a computer system is commonly known as a penetration test. It is a realistic simulation of a malicious computer attack and can be launched from external sources or from a compromised internal source. Ideally, networks and computer systems should be equally secure from both sources. In reality, they often are not.

The International Council of E-Commerce Consultants, which is known in the IT industry as the EC-Council, offers training and professional certification in ethical hacking. Certified Ethical Hackers must attend an accredited training center or combine at least two years of information security work with an approved self-study program. The CEHv8 test consists of 150 multiple-choice questions that must be completed within a 4-hour period with a minimum score of 70 percent. The test costs approximately $500, and a $100 eligibility fee is also required.

After CEH certification, IT security professions seek more advanced Certified Security Analyst/Licensed Penetration Tester credentials. The ECSA/LPT certification (http://www.trainace.com/courses/lpt/) covers advanced information security techniques and is also provided by the EC-Council. ECSA/LPTs focus on the analysis of penetration test outcomes and create risk mitigation measures to protect IT infrastructure. The course emphasizes best practices from experts in many areas of IT security.

The third tier of certification in the ethical hacking credentialing hierarchy is the Cyber War / Advanced Penetration Testing training. This certification, which is offered through Advanced Security by Academy of Computer Education, instructs IT security professionals in advanced, persistent threat tactics for penetration testing of high-security systems and networks. Advanced Security by Academy of Computer Education is a preferred training provider for the U.S. military, DHS, the FBI and other government agencies for this reason.

The course lasts for five days and focuses on the penetration of highly secured data environments. Patched and hardened versions of Vista, Windows 7, Windows Server 2008, and up-to-date Linux servers are used as course targets. The course covers both host-based and network intrusion detection systems and intrusion prevention systems.

In this industry leading advanced hacking training class, students first learn to deal with load balancing, network IDS/IPS, and deep packet inspection while attempting penetration from outside a network. The course then progresses to penetration of web-based applications with typical security measures in place.

The third step in the class is the study of LAN-based attacks, the penetration of locked down workstations, and a study of methods of dealing with host-based IDS/IPS as opposed to networked systems. The final phase of the advanced pen testing class deals with controlling active directories.

Criminal hackers are constantly sharing new ideas and penetration techniques. Many of their approaches can be quite sophisticated. IT security professionals often hear about these approaches only after it is too late to prevent intrusion. CEH, ESCA/LPT, and Cyber War are designed to ensure exposure to cutting-edge penetration and exploitation methodologies, and the courses cover hands-on hacking techniques that simply aren’t taught in routine educational settings. By teaching security professionals to think like hackers, these classes enable IT personnel to anticipate advances that hackers have not yet made.


Free Certified Ethical Hacker Class Giveaway

Advanced Security by Academy of Computer Education is giving away one free enrollment into any one of our Award Winning Certified Ethical Hacker (CEH) training classes.

Advanced Security is the reigning, two-time EC-Council ATC of the Year of the year award winner. Their training is recognized worldwide as the leading hands-on CEH training available because of the amount of time we spend on labs and method they have to prepare students for the exam. Their instructors are internationally known and followed Subject Matter Experts who speak at conferences and are followed by many in the industry.

They are giving away a free enrollment (certification exam included) to any one of their open enrollment Certified Ethical Hacker (CEH) training classes. This free enrollment can be used during any one of their open enrollment courses for up to one year from the end of this drawing. Details are as follows:

You must either blog about, Tweet about, Facebook post about or Google+ post about this Certified Ethical Hacker course giveaway contest. In any of the mentioned forms of posting you must include a link to this page: http://www.trainace.com/courses/ceh/

If you already have the CEH or equivalent experience you may follow the same steps, but do so for the Cyber War, Advanced Penetration Testing class: http://www.trainace.com/courses/apt/

For each online activity above that you do, you will receive the following entries into the drawing:

Blog Post – 10 entries

Tweet –  3 entries

Facebook – 2 entries

Google+ – 2 entries

When complete, you must send an email with the Subject “Free CEH Class Contest”. In the email include a link where they can find each posting. Send the email to rcorey@trainace.com  They will tally all entries and randomly select a winner. The winner will be selected on 5/16/12.


Five Principles of Mobile Security

Mobile devices offer exceptional opportunities to stay in touch with friends, access needed information and remain connected to the things that matter anywhere in the world. However, this unparalleled degree of connectivity comes with certain risks. Mobile phones and devices can be vulnerable to theft, unauthorized intrusion, viral infections and other security risks due to:

• Physical characteristics of the devices themselves
• Applications stored and used on these advanced systems
• Vulnerabilities that exist in the operating systems

The data stored and accessed by mobile devices must be properly secured and protected against these risks. Here are five basic principles mobile security. ie for securing cell phones and other mobile devices.

Maintain physical security
It may seem obvious, but one of the most important elements of keeping the data on mobile devices safe is to maintain physical possession of smartphones, iPads and other tablet computing devices at all times. Valuable data including passwords, financial information and browsing activity can be retrieved even from deactivated phones, so it is vital to keep these devices safe even after they are no longer in use.

Opt for secure mobile hardware
A number of companies are currently offering secure mobile processors. These powerful components add layers of security to the data and processing power of the mobile device and make applications like e-ticketing, e-wallets and other financial transactions practical and secure.

Update the operating system
Mobile operating systems are not always configured to update automatically to the most advanced version or to apply security patches. Manual upgrades may be the only way to ensure that the operating system is up to date and capable of providing the latest, best protection against new threats from mobile viruses and other malware.

Download selectively
Mobile applications can constitute a serious risk to the security of the device. While apps from well-known manufacturers and available through established e-commerce sites are usually safe and reliable, other apps may install malware, track activities or even steal data directly upon download and installation. Download with care to avoid these risks to mobile security.

Antivirus protection
Mobile versions of major antivirus programs can protect valuable data on tablet computers and smartphones. These software solutions can sometimes slow performance on less powerful mobile devices, however, making them less practical for older and less technically advanced tablets and mobile phones.

By incorporating these five security tactics into an overall security strategy, mobile device users can more effectively protect their valuable data against unauthorized access, theft and loss.


CHFI v8 Launch

In case you have not heard, the CHFI v8 launch has been set for the week of 2/27/12. The launch is being limited to make the event exclusive and the companies that can offer the launch training will be providing the attendees with a bunch of extra perks (listed below).  The CHFI v8 launch is only being offered in a few places around the world and only three here in the USA.

The CHFI v4 (old version) has been somewhat outdated for some time now and this was reflected on the exam. The EC-Council invested a lot of time and money in to the new CHFI Version 8. The material has been updated, new tools have been added and the courseware (books) have been improved so that are not as bulky and they are easier to read.

CHFI v8 Launch Special Inclusions with Registration

  1. A complimentary 4 day iLab Access Pass worth 100 USD
  2. Twenty percent (20%) discount on the Mobile Forensics CAST class (valid until December 31, 2012)
  3. A complimentary “Secondpass Voucher” for those who fail their exam (valid until the end of June 2012) worth 500 USD
  4. A limited edition commemorative metal plated certificate of attendance
  5. Your name and testimonial posted on EC-Council’s CHFIv8 Website

Get information on the CHFI v8 launch.


Follow

Get every new post delivered to your Inbox.