EC-Council has just announced that a much overdue improvement and version upgrade to the ECSA / LPT curriculum will be coming to training centers (ours, of course, is the only one that matters) at the beginning of 2014.
Topics: advanced ethical hacking, advanced penetration testing, advanced security, certified ethical hacker, cyber security, EC-Council, ECSA certification, LPT certification, Security, security training
Most people think of Silicon Valley as the tech capital of the world, but it's in northern Virginia nearly 3,000 miles away that many security firms and defense contractors operate. As of 2009, more than half of the world's Internet traffic passed through this region.
Social networks are social by design. They mean to foster interaction, to put you in touch in one way or another. Some put you in touch with friends and family. Others put you out there for the whole wide world to see. Some uses are personal. Others are all business. In the end, though, social media platforms are all designed to be easy to access and easy to use. They’re intentionally informal. They’re the last place you’d expect to find classified intelligence or the kind of business secrets that companies diligently guard.
Topics: advanced ethical hacking, advanced penetration testing, advanced persistent threat, advanced security, certified ethical hacker, cyber security, cyber war, hacking, information assurance, Security, security training
As cyber attacks increase in frequency and scandals involving governments hacking into private computers become more commonplace, it's no wonder that one of the most promising fields in the current IT sector would be cyber security. In fact, recent research has indicated that cyber security has grown by more than one hundred percent in the last year. Clearly, anyone seeking a job in the information technology area would do well to start at the first line of defense against hackers.
Criminals have been breaking into websites and electronic databases for many years. Although this can result in huge monetary losses, it rarely injures anyone or causes physical damage. However, hackers are gaining more destructive power as manufacturers add network interfaces and microprocessors to mechanical devices. This is a security threat that we cannot afford to ignore.
Topics: advanced ethical hacking, advanced penetration testing, advanced persistent threat, advanced security, certified ethical hacker, cyber security, cyber war, hacking, penetration testing, Security, security training
The term "hacker" is often associated with illegal online activity. However, there are hackers who perform 100 percent legal services, which are based on evaluating the information infrastructures of companies. For those who hold the Certified Ethical Hacker certification from the EC-Council, there are several jobs to consider that come with attractive compensation. Some of the most common jobs for hackers holding the CEH certification include computer forensics, incidence response, penetration testing and security analysis. Penetration testing is the most common job for new hackers, but some later advance to become engineers or take on a wider variety of tasks.
The Certified Ethical Hacker (CEH) certification has become the benchmark for penetration testing certifications. From 2007-2011it became all the rage among the community. More and more hackers fled to the scene and started their careers off by passing the coveted CEH certification exam. There is no question that the CEH is still a highly sought after certification (especially because it was added to the DoD 8570 Directive), but its place in the field has changed. Before, the CEH was a symbol of hacking prowess, dignity, strength, wisdom, reverance, veneration, amazement (OK thats enough)... Now, it holds its spot firmly as the preeminent baseline or entry-level hacking / penetration testing certification.
Topics: advanced ethical hacking, advanced penetration testing, advanced persistent threat, advanced security, certified ethical hacker, cyber security, cyber war, EC-Council, exploit development, hacking, honey farm, honey net, honey pot, information assurance, Security, security training, threat intelligence
Researchers at security company FireEye have revealed an advanced persistent threat targeting the U.S. defense and aerospace industries and likely originating in China. Named Beebus after an early sample, the campaign's attacks come in continuous waves over time against strategically chosen individuals. According to an unnamed inside source, the Beebus campaign began in early 2012 when FireEye noticed suspicious activity on the systems of some its defense and aerospace clients. Of 261 discovered attacks, 123 targeted unmanned aerial vehicle or systems vendors. The most recent exploit used a Deloitte industry analysis report sent in a weaponized email. Researchers believe that the campaign has so far touched 214 servers with 60 unique IP addresses.
Topics: advanced penetration testing, advanced persistent threat, advanced security, aerospace, China, cyber security, cyber war, defense, FireEye, hacking, malware, Operation Beebus, Security, Trojan back doors
A huge portion of modern society uses some form of digital technology on a daily basis. Many conveniences on a national and personal level have been made possible due to this technology, but also opens up a Pandora's box of a whole new set of problems as well. The cyber battlefield grows more dangerous as organized hackers and other cyber threatening criminals set out to exploit the conveniences produced by the digital age for their own gain. There is an ongoing challenge, therefore, creating cyber security or defenses to protect the country from attacks; but have, on many occasions, been successfully breached to raise considerable concern even among the most savvy cyber security agencies in the world.
The term advanced persistent threat (APT) was originally used to describe complex, ongoing espionage perpetrated by foreign governments. However, today, APT typically refers to a category of cybercrime directed toward businesses or government entities. APTs are usually online attacks used to achieve goals beyond those that can be met by a single security breach, but some may involve malicious activity conducted onsite. Compromised computer systems are continuously monitored by the attackers or added to a stable of slave computers to be used to achieve some future goal. APTs are most often perpetrated by employing some form of malware, and IT technicians defend against APTs by installing antimalware software and hardware firewalls.