Sunday, July 31, 2011

Security Training Video: Investigating DoS Attacks

Introduction to DoS Attacks and techniques is offering a free EC-Council training video to try out their training delivery platform.

The course offered is on Computer Hacking Forensics Investigator (CHFI): Investigating DoS Attacks, and is intended for IT security professionals. The course outline is below, along with a link to try it out.

Please feel free to forward to others in your organization who may be interested this type of training.

Link to sign up for the free training course:

Course Description:

This free introductory online training course (Value at $195) will immerse the student in an interactive environment where they will be shown how to investigate DoS attacks. Students will be introduced to the types of DoS attacks, buffer overflow, DoS attack techniques, intrusion detection systems, live demonstrations of SYN Flooding, Smart Sniff, 3D Trace Routes, and many more critical concepts.

Use the link above to sign up, and or more information, visit or contact at 1-800-807-8839 x201 (US), 1-781-453-3900 x201 (International), email:

This course is Module 31 of a 51 module EC-Council Computer Hacking Forensic Investigator CHFI Training CBT Boot Camp.

Friday, July 29, 2011

Obama to Battle International Cybercrime

Administration Strategy Sees IT as Fostering Cybercrime

President Obama Monday declared a national emergency to battle what he characterizes as the extraordinary threat transnational criminal organizations pose to the nation's security, foreign policy and economy.

As part of the national emergency declaration, the White House issued a strategy to combat transnational organized crime in which cyber plays a crucial component in fostering and combating transnational cybercrime.

"During the past 15 years, technological innovation and globalization have proven to be an overwhelming force for good," Obama said in the introduction to the strategy. "However, transnational criminal organizations have taken advantage of our increasingly interconnected world to expand their illicit enterprises."
The strategy's 56 priorities include enhancing intelligence and information sharing and protecting the nation's financial system and strategic market against transnational organized crime.
Transnational organized crime has traditionally been largely regional in scope, hierarchically structured and had only occasional links to terrorism, the strategy says, adding that's no longer the case. "Today's criminal networks are fluid, striking new alliances with other networks around the world and engaging in a wide range of illicit activities, including cybercrime and providing support for terrorism," the strategy states. "Virtually every transnational criminal organization and its enterprises are connected and enabled by information systems technologies, making cybercrime a substantially more important concern."
The strategy says criminal networks employ cyber technologies to perpetrate sophisticated frauds; create the potential for the transfer of weapons of mass destruction to terrorists; and expand narco-trafficking and human and weapons smuggling networks.
Among the actions the strategy says the administration will take is to enhance domestic and foreign capabilities to combat the increasing involvement of transnational-organized-crime networks in cybercrime and build international capacity to forensically exploit and judicially process digital evidence.

According to the strategy, transnational-organized-crime networks cost consumers billions of dollars annually, threaten sensitive corporate and government computer networks and undermine worldwide confidence in the international financial system. Through cybercrime, transnational criminal organizations pose a significant threat to financial and trust systems - banking, stock markets, e-currency and value and credit card services - on which the world economy depends.

$1 Billion in Fraud Against U.S

How bad is the situation? The strategy contends online frauds perpetrated by Central European cybercrime networks have defrauded American citizens and businesses of $1 billion in a single year. And, the Secret Service says financial crimes facilitated by anonymous online criminal fora result in billions of dollars in losses to the nation's financial infrastructure.

Pervasive criminal activity in cyberspace imperils citizens' and businesses' faith in digital systems, which are critical to our society and economy, the strategy says.

The strategy sees computers and the Internet playing a role in most transnational crimes, either as the target or the weapon used in the crime. "The use of the Internet, personal computers and mobile devices all create a trail of digital evidence," the strategy states. "Often the proper investigation of this evidence trail requires highly trained personnel. Crimes can occur more quickly, but investigations proceed more slowly due to the critical shortage of investigators with the knowledge and expertise to analyze ever increasing amounts of potential digital evidence."

Wednesday, July 27, 2011

How to combat with ATM skimming fraud?

A Simple Plan to Combat ATM Fraud

The risks of electronic banking are all well known. In fact, the updated FFIEC authentication guidance
specifically talks about the need to secure both online and electronic banking. It's important to remember that ATMs are also a target of fraudsters. ATM skimming rings are defrauding cardholders to the tune of tens of millions of dollars. This is a global issue affecting customers in the USA, the European Union, Asia, basically anywhere there are ATMs.

Breaking 2-Factor Authentication

In order to access your account from an ATM you are required to use your ATM card [something you have] and enter a PIN [something you know]. Generally, 2-factor authentication is considered a relatively strong security measure against financial fraud. However, crime rings are using various techniques to capture both the card and the PIN, effectively thwarting these measures.

In the 2011 updated guidance, the FFIEC stresses the importance of not only strong authentication, but also to know your customer. There lies the missing link in combating ATM fraud that fortunately has an eloquent solution.
Since financial institutions utilize "know your customer" capabilities to combat online banking fraud, the same techniques can be used to combat ATM fraud.
Similar to online banking, customers have normal patterns of ATM activity, relatively consistent patterns relating to dollar amounts and frequency of ATM cash withdrawals. Since financial institutions utilize "know your customer" capabilities to combat online banking fraud, the same techniques can be used to combat ATM fraud.

Keeping It Simple

Upon detecting unusual and possibly fraudulent ATM activity, the ATM screen could present the user an out-of-wallet challenge question. Making sure the question has a numeric answer means that current ATM key pads used to enter in PIN information would not have to be modified.

Even with limiting the out-of-wallet questions to those with numeric answers, the list of potential questions is quite long:
  • What year was your first child born?
  • What was the model year of your first car?
  • What year were you married?
Obviously not an exhaustive list, but it does illustrate the fact that there is no shortage of such questions.

It's important that the challenge questions are strictly out-of-wallet. If the fraudster did in fact steal the victim's wallet, with their driver's license, then asking the question "what year were you born" would be inappropriate. Asking what year you graduated from high school would also be a weak question.

The fraudster could simply add 17 to the date of birth on the driver's license and answer that question correctly the majority of the time.

The lesson here is the importance of keeping the challenge questions out-of-wallet.

Eloquent and Effective

Using out-of-wallet questions that are compatible with existing ATM hardware, you can add another layer of security to combat ATM fraud. A low-cost solution that could potentially save customers, and financial institutions, millions of dollars.

To complete the anti-fraud circle, banks can also consider having the ATM machines keep the bank cards when a customer [fraudster] fails to correctly answer the out-of-wallet challenge question. You'd have the card, with fingerprints, as well as photographs of the attempted fraud.

Monday, July 25, 2011

Microsoft just want to say Happy Birthday!

Microsoft and Linux?

Microsoft has sent a Happy Birthday message to the Linux Foundation, congratulating them on turning 20 years old. The video, created by the Microsoft Germany team and shared on the Linux video site, documents the past twenty years of sniping and rivalry between the two platforms, though suggests that the end for such arguments might be in sight.

Titled “Microsoft vs. Linux” the video shows a cartoon penguin and a geeky looking guy who may well be Bill Gates as they struggle to understand each other. Linux ideas “seemed too childish to Microsoft” the video suggests, as Tux rows across the internet seas and Microsoft watches in blissful ignorance from the shore.

Sunday, July 24, 2011

US warns of terror attack on utility plants

Insider threat to Utilities

THE US Department of Homeland Security has warned thousands of US utility plants that they could be the targets of 'violent extremists', according to a report on Wednesday from ABC News.

On Tuesday the Department of Homeland Security sent out a terror alert titled 'Insider Threat to Utilities' that said 'violent extremists have, in fact, obtained insider positions' and might use those positions to wage physical and cyber-attacks on behalf of Al-Qaeda, according to the news report.

The report warns that an insider at a major utility facility, such as a chemical or oil refinery, could help Al-Qaeda wage a major attack near the anniversary date of the Sept 11 attacks.

Officials found evidence among materials recovered during the May US military operation in Pakistan that killed Osama bin Laden, which lead officials to believe that the extremist leader sought to repeat the carnage of the Sept 11 attacks on or around its ten year anniversary.

'The only way you can actually kill the large scale number of Americans that (Osama bin Laden) literally was calculating was through the use of this critical infrastructure,' former DHS chief of staff Chad Sweet told ABC News.

'Based on the reliable reporting of previous incidents, we have high confidence in our judgment that insiders and their actions pose a significant threat to the infrastructure and information systems of US facilities,' the bulletin said. -- AFP

Saturday, July 23, 2011

7 Tips for Securing Mobile Workers

Control mobile security risks and keep business data safe

According to the 2010 Annual US Cost of a Data Breach study 35% of US organizations reported that a lost or stolen mobile device caused a data security breach. Increasingly, employees use their laptops, Androids, iPads and other personal mobile devices for work and blend their unprotected devices with business data. This introduces even greater risk to an organization’s data, network and reputation.

Learn how you can control these risks and keep business data safe—Download the new Ponemon Institute whitepaper to discover how to:
  • Build a successful enterprise strategy for mobile security
  • Educate employees about their personal responsibilities
  • Raise end-user awareness about emerging threats and corporate mobile device security policies
  • Proactively prevent mobile security breaches
  • Defend against new data risks and stay compliant
Data breaches are constantly in the news. The Sony PlayStation breach, which may have compromised personal information from over 100 million online gaming accounts is the latest example of insufficient data protection. Lax mobile security can open up opportunities for data loss and compromise. Here are three mobile data risks you should address:
  • Insufficient passwords
  • Using passwords and a watchful eye is the smartest way to keep the data on your smartphone from falling into the wrong hands.
  • Malicious Apps
  • Malicious code that steals data from your mobile phone for fun and profit? They exist, and Droid Dream is just one example.
  • Lack of Mobile Provider Patching
  • To avoid malicious apps and other cyberthreats that target smartphones, make sure your device has the latest software patches.
Stay ahead of mobile and other data security threats. Download Sophos new report, The State of Data Security: Defending against New Risks to learn how to manage information risks in today’s rapidly changing IT environment.

Friday, July 22, 2011

Information Security & Hacking Events / Conferences

List of events from around the world

Event NamePublicFrequencyHost Country
CSACSecurity Application
ASIAInformation AssuranceAnnualNew York (USA)
Black HatSecurityAnnualAround the World
BlueHatMicrosoft SecurityAnnualUSA
BrumConHackingMonthlyBirmingham (UK)
CanSecWestHackingAnnualVancouver (Canada)
CarolinaConSecurityAnnualNorth Carolina (USA)
Chaos Communication CongressHacking Europe
ChicagoConSecurityAnnualChicago (USA)
DEF CONHackingAnnual
DoD Cyber Crime ConferenceSecurityAnnualAround the World
EkopartyHackingAnnualBuenos Aires (Argentina)
HackConHackingAnnualOslo (Norway)
Hacker HaltedSecurityAnnualUSA
Hack In The BoxHackingAnnualKuala Lumpur (Malaysia)
Hack In ParisHackingAnnualParis (France)
Hackers 2 Hackers Conference (H2HC)HackingAnnualBrazil
HackfestHackingAnnualQuebec (Canada)
Hackito Ergo SumHackingAnnualParis (France)
HacktivityHackingAnnualBudapest (Hungary)
Hackers on Planet Earth (H.O.P.E)HackingAnnualNew York (USA)
Hacks In Taiwan ConferenceHackingAnnualTaipei (Taiwan)
KiwiconHackingAnnualNew Zealand
LayerOneHackingAnnualLos Angeles (USA)
Nuit du HackHackingAnnualFrance
Pwn2OwnHackingAnnualVancouver (Canada)
RSA Security ConferenceCryptography & SecurityAnnualSan Francisco (USA)
RuxconHackingAnnualMelbourne (Australia)
S4:SCADA Security Scientific SymposiumSecurityAnnualMiami (USA)
SEC-THackingAnnualStockholm (Sweden)
SecTorHackingAnnualToronto (Canada)
SecureWorld ExpoSecurityAnnualUSA
ShakaConHackingAnnualHonolulu (Hawai)
ShmooConHackingAnnualWashington (USA)
SOURCE ConferenceSecurityAnnualUSA
SummerconHackingAnnualAtlanta (USA)
T2 Infosec ConferenceHackingAnnualHelsinki (Finland)
THOTCONHackingAnnualChicago (USA)
TROOPERS IT Security ConferenceSecurityAnnualHeidelberg (Germany)
ReconHackingAnnualMontréál, Quebéc (Canada)
Nola X ConHackingAnnualNew Orleans (USA)
You Shot the Sheriff (YSTS)HackingAnnualSão Paulo (Brazil)