Jump to content

WEBCAST Replicating the Gonzalez Cyber Attacks IMPERDIVEL

Recommended Posts

Recently, we saw the indictment of cybercrime kingpin Albert Gonzalez, one of the accused masterminds behind

high-profile data breaches at Heartland Payment Systems, Hannaford Bros. Supermarkets, 7-Eleven, and TJX. Next week,

Core Security Technologies will present a hands-on look at the attacks Gonzalez and his co-conspirators are believed to

have used in breaching these organizations.

Leveraging the actual indictment document as a guide, Core Security senior product manager Alex Horan will use CORE

IMPACT Pro penetration testing software to demonstrate the techniques by which Gonzales allegedly stole millions of

credit card numbers* - showing you how to identify IT exposures in your own environment before cybercriminals do.

During the webcast, you'll see a step-by-step depiction of an attack similar to that described in the Gonzalez

indictment, including the following critical stages:

*  the initial web application compromise via SQL Injection

*  the use of a well-known backend database command to make the attacks even

*  more invasive

*  the planting of malware on the backend database server

*  the collection and transmission of credit card transactions to the

*  attackers

Through the demonstration, you'll also learn how commercial-grade penetration testing software enables you to see your

IT systems as an attacker would -- not only by determining if the kinds of issues that Gonzalez reportedly leveraged

are present in your environment, but also by ...

*  assessing how deployed defenses react to specific threats

*  revealing what systems and data would be exposed by a breach

*  depicting how chains of vulnerabilities open paths to mission-critical

*  systems and information

*  providing actionable data for immediately mitigating critical exposures

*  repeating tests to ensure the effectiveness of remediation efforts

This webcast is ideal for anyone interested in proactively assessing their security posture against real-world cyber


disponibilizo um WebCast gravado onde se pode VER, ver mesmo técnicas brutais que todos deveriam ver, sejam testadores de intrusão ou administradores de sistemas e claro tb os programadores...

este é considerado um ATAQUE EXEMPLO e por foi muito falado e debatido nos locais próprios... como já trabalhei oficialmente/profissionalmente com os produtos da Core Security sei que eles disponibilizaram um WEBCAST gravado, onde são exemplificados em imagem as técnicas usadas...

um must, para falar à TIA  :cheesygrin:  :cheesygrin: mas é mesmo

processo chato de preencher dados mas podem colocar qualquer coisa... para ver precisam instalar um NetworkRecord especial, cujo URL apresento:





Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...

Important Information

By using this site you accept our Terms of Use and Privacy Policy. We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.