|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: The SANS Institute (NewsBites
sans.org)
Date: Tue Mar 11 2008 - 13:58:07 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
It is surprising how few people are aware of the new security courses
that were launched in the past few months, because security isn't
standing still. Here's a short list of the new ones that you can attend
at SANS 2008. Look particularly at the new pen testing courses. If you
hired a pen tester who hasn't taken the new pen testing course and
completely updated his tools and techniques in the past year, his tests
are woefully out of date and ineffective. And as a special gift to
security folks reading NewsBites, we are inviting you to get two or
three of your programmers to come to Orlando for the Secure Coding in
Java/JEE class. Email ccalhounsans.org for the discount code for them.
More info on SANS 2008 in Orlando: http://sans.org/info/20042
New Courses:
SEC560 Network Penetration Testing and Ethical Hacking
SEC542 Web Application Penetration Testing In-Depth
SEC519 Web Application Security Workshop
SEC538 Web Application Penetration Testing Fundamentals
SEC426 AJAX and Web Services Security Overview
SEC541 Secure Coding in Java/JEE: Developing Defensible Applications
AUD521 Meeting the Minimum: PCI/DSS 1.1: Becoming and Staying
Compliant
SEC531 Windows Command-Line Kung Fu In-Depth for Info Sec Pros
SEC533 Windows PowerShell
SEC540 VoIP Security
SEC427 Browser Forensics
SEC535 Network Security Projects Using Hacked Wireless Routers
SEC526 Next Evolution in Digital Forensics
SEC537 Identifying and Removing Malware
SEC616 Defensible .NET
Alan
*************************************************************************
SANS NewsBites March 11, 2008 Vol. 10, Num. 20
*************************************************************************
TOP OF THE NEWS
Brothers Receive Prison Sentences for Selling Pirated Software
Chinese Hackers Say They Infiltrated Pentagon Systems
THE REST OF THE WEEK'S NEWS
LEGAL MATTERS
Harry & David Suing IBM for Software Fraud
HOMELAND SECURITY & GOVERNMENT SYSTEMS SECURITY
Cyber Warfare Exercise Underway
POLICY & LEGISLATION
Tories Outline Their Plan for Tackling Cybercrime
COPYRIGHT, PIRACY & DIGITAL RIGHTS MANAGEMENT
Music Labels Want Irish ISP to Help Fight Piracy
WORMS, ACTIVE EXPLOITS, VULNERABILITIES & PATCHES
Sun Releases Update for Java Runtime Environment
ATTACKS, INTRUSIONS, DATA THEFT & LOSS
MTV Data Breach Exposes 5,000 Employees' Personal Data
Man Indicted in South Korea for Intellectual Property Crimes
MISCELLANEOUS
Police Decline to Intervene in Libelous Bebo Page Case
Students Develop Linux-Based Cyber Forensics Tool
NJ Legislator Wants investigation Into Stolen Insurance Company Laptop
LIST OF UPCOMING FREE SANS WEBCASTS
************************** Sponsored By PacketMotion ********************
Are your internal controls and acceptable use policies for consultants,
temporary, and high-risk users working? What information assets are in
jeopardy? Find the facts, blind spots and new technology regarding
real-time visibility and control of network user transactions. Download
the FREE whitepaper "TRUST BUT VERIFY: 24/7 Monitoring of High-risk
User Activity in the Network" now.
http://www.sans.org/info/25459
*************************************************************************
TRAINING UPDATE
Where can you find the newest Penetration Testing techniques,
Application Pen Testing, Hacker Exploits, Secure Web Application
Development, Security Essentials, Forensics, Wireless, Auditing, CISSP,
and SANS' other top-rated courses?
- - SANS 2008 in Orlando (4/18-4/25) SANS' biggest program with myriad
bonus sessions and a huge exhibition of security products:
http://www.sans.org/sans2008
- - Washington DC (Tyson's) 3/24-3/31 http://www.sans.org/tysonscorner08
- - San Diego (5/9-5/16) http://www.sans.org/securitywest08
- - Toronto (5/10-5/16) http://www.sans.org/toronto08
- - and in 100 other cites and on line any time: www.sans.org
*************************************************************************
TOP OF THE NEWS
--Brothers Receive Prison Sentences for Selling Pirated Software
(March 8, 2008)
Brothers Maurice A. Robberson and Thomas K. Robberson have been
sentenced to prison for selling pirated software online. Together, the
brothers made more than US $1 million by selling counterfeit software
worth more than US $6.5 million. Both men have agreed to forfeit all
they earned from their business. Maurice was sentenced to three years
in prison, while Thomas received a sentence of 30 months. Two other
people involved on the scheme have already been sentenced. The pirated
software included products from Adobe Systems, Autodesk, and Macromedia.
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9067418&source=rss_topic17
--Chinese Hackers Say They Infiltrated Pentagon Systems
(March 7, 2008)
A group of Chinese hackers who met with CNN claim to have broken into
Pentagon computers and downloaded sensitive data. They say they have
received payment from the Chinese government for their activities,
although the government denies this. The group's leader told CNN that
"no web site is one hundred percent safe ... there is always a
weakness."
http://www.cnn.com/2008/TECH/03/07/china.hackers/index.html
[Editor's Note (Pescatore): note that the Shanghai Daily
(http://www.china.org.cn/china/national/2008-03/11/content_12264393.htm)
has article with the hackers denying CNN's claim.
(Skoudis): I find it fascinating that one of these attackers is a
"marketing graduate," according to the article. While I'm sure that
their exploit stories contain a grain of truth, I'll bet that at least
some of their tales have been enhanced using their group's
self-proclaimed marketing expertise.]
************************** Sponsored Links: ***************************
1) SANS Third Annual Log Management Survey
What are the challenges in log management? Have perceptions changed
since last year? Help us find out! Take the survey at
http://www.sans.org/info/25464
2) Live Webcast March 18th. Listen to Hertz, Forrester, and GuardianEdge
Discuss Endpoint Data Protection - Beyond Encryption. Register Now!
http://www.sans.org/info/25474
*************************************************************************
THE REST OF THE WEEK'S NEWS
LEGAL MATTERS
--Harry & David Suing IBM for Software Fraud
(March 10, 2008)
Harry & David, the online gourmet gift basket retailer, has filed a
lawsuit against IBM, alleging the company knowingly sold Harry & David
ecommerce software that violated other companies' patents. Furthermore,
the suit alleges, IBM did not come to Harry & David's defense when they
were faced with legal problems over the software patents. The lawsuit
seeks at least US $6 million in damages.
http://www.informationweek.com/shared/printableArticle.jhtml?articleID=206902734
HOMELAND SECURITY & GOVERNMENT SYSTEMS SECURITY
--Cyber Warfare Exercise Underway
(March 7 & 10, 2008)
Cyber Storm II is underway. Five countries and 40 companies will
participate in a series of cyber war games to test their preparedness
to respond to and recover from cyber attacks. Eighteen US government
agencies are involved in the simulation. Other countries participating
are Canada, the UK, Australia, and New Zealand. This year, "the
exercise will feature mock attacks by nation states, terrorists and
saboteurs against the IT and communications sector and the chemical,
pipeline and rail transportation industries." The exercise, which is a
follow-up to 2006's Cyber Storm I, is the culmination of a
year-and-a-half of planning.
http://www.washingtonpost.com/wp-dyn/content/article/2008/03/07/AR2008030701157_pf.html
http://www.theregister.co.uk/2008/03/10/cyber_storm_ii_exercises/print.html
http://www.fcw.com/online/news/151878-1.html?topic=security
POLICY & LEGISLATION
--Tories Outline Their Plan for Tackling Cybercrime
(March 6, 2008)
British conservatives have expressed dissatisfaction with the current
government's response to cybercrime and data security and have developed
plans for addressing those issues should they win the next election.
The Tories would establish a police national cyber crime unit, a fraud
and cybercrime complaint center, and create the post of e-crime
minister. They would also press for legislation that would require data
breach disclosure. Shadow Home Secretary David Davis was especially
critical of the government's decision to roll the National Hi-Tech Crime
Unit into the Serious and Organized Crime Office.
http://software.silicon.com/security/0,39024655,39170292,00.htm
http://www.telegraph.co.uk/news/main.jhtml?xml=/news/2008/03/06/ncyber106.xml
COPYRIGHT, PIRACY & DIGITAL RIGHTS MANAGEMENT
--Music Labels Want Irish ISP to Help Fight Piracy
(March 10, 2008)
Irish Internet service provider (ISP) Eircom may be compelled to take
steps to prevent illegal music downloading if four major record labels
have their way. The four - EMI Records (Ireland) Ltd, Sony BMG Music
Entertainment (Ireland) Ltd, Universal Music (Ireland) Ltd, and Warner
Music (Ireland) Ltd - have brought a High Court action in an attempt to
force the ISP to use technology specially designed to identify and stop
the illegal activity. Eircom has thus far refused to employ
technological filtering and blocking technologies to stop illegal
downloads. One record company executive cited a 30 percent drop in
sound recording sales since 2001.
http://www.rte.ie/news/2008/0310/download.html
WORMS, ACTIVE EXPLOITS, VULNERABILITIES & PATCHES
--Sun Releases Update for Java Runtime Environment
(March 7, 2008)
Sun Microsystems has released an update to address a number of
vulnerabilities in the Sun Java Runtime Environment (JRE). The most
critical flaws could allow remote execution of arbitrary code. The
affected products are JDK and JRE 6 Update 5, JDK and JRE 5.0 Update 15,
SDK and JRE 1.4.2_17, and SDK and JRE 1.3.1_22. Users are urged to
apply the update or disable Java in their web browsers.
http://www.us-cert.gov/cas/techalerts/TA08-066A.html
http://blogs.zdnet.com/security/?p=933#
http://www.scmagazineus.com/Sun-Microsystems-addresses-critical-Java-flaws/PrintArticle/107742/
ATTACKS, INTRUSIONS, DATA THEFT & LOSS
--MTV Data Breach Exposes 5,000 Employees' Personal Data
(March 8 & 11, 2008)
A compromised Internet connection on an MTV Networks employee's computer
led to a data breach that exposed personally identifiable information
of approximately 5,000 MTV employees. The data include names, Social
Security numbers (SSNs), and compensation information. Someone external
to the company breached the files, though it is unclear whether the
files were opened. MTV is conducting an internal investigation and
employees have been notified.
http://www.nytimes.com/2008/03/08/technology/08data.html?_r=1&oref=slogin&ref=business&pagewanted=print
http://www.securecomputing.net.au/news/71787,mtv-breach-impacts-5000-employees-successful-socialengineering-blamed.aspx
--Man Indicted in South Korea for Intellectual Property Crimes
(March 6, 2008)
A former LG Electronics employee has been arrested and indicted for
giving technology from LG to a Chinese company, according to South
Korean prosecutors. The man, identified only as Jeong, allegedly took
a portable hard drive with information about plasma display technology
when he left the company and later gave the information to his new
employer, the Chinese company COC. Another former LG employee and one
who still works for the company have also been indicted for assisting
Jeong. LG maintains that the theft and sharing of the proprietary
information could cost the company as much as 1.3 trillion won (US $1.35
billion).
http://news.smh.com.au/skorea-indicts-man-for-allegedly-passing-plasma-technology-to-chinese-company/20080306-1xni.html#
http://english.donga.com/srv/service.php3?bicode=040000&biid=2008030681038
MISCELLANEOUS
--Police Decline to Intervene in Libelous Bebo Page Case
(March 7 & 8, 2008)
Saying it is not a criminal matter, police in Strathaven, South
Lanarkshire have declined to become involved in a case in which a
65-year-old woman's identity was used to create a page on the Bebo
social networking website that contained patently false information
damaging to her reputation. Helen Kilby had never used the Internet and
does not own a computer. Bebo has been contacted and the libelous page
taken down. Kilby says there should be measures in place to make sure
this sort of incident does not take place; she is considering civil
action against the people who created the defamatory page.
http://technology.timesonline.co.uk/tol/news/tech_and_web/the_web/article3498888.ece
http://www.dailyrecord.co.uk/news/newsfeed/2008/03/07/web-of-lies-86908-20342677/
http://www.telegraph.co.uk/news/main.jhtml?xml=/news/2008/03/07/nbebo107.xml
[Editor's Note (Schultz): One of the most unfortunate aspects of the
Internet is the ability for anyone to completely fabricate information,
post it on a Web site, and then watch with satisfaction as gullible
users believe it at face value. It is unlikely that any measure, legal
or not, will make much of a difference as far as this goes.]
--Students Develop Linux-Based Cyber Forensics Tool
(March 7, 2008)
Students at Edith Cowan University's School of Computing and Information
Sciences in Australia have developed a Linux-based tool to help police
collect cyber evidence without compromising its integrity. The idea
arose after the Western Australian Police asked the university for help
two years ago. Normally, the police take PCs back to the station to
gather evidence, but this tool allows them to collect it on site. The
tool also searches out certain file types, which saves the police a
great deal of time. To make sure the original evidence will still be
admissible in court, the tool's developers "removed all network support
and the ability to write to disk. If for some reason a disk is
writeable, the system will halt automatically."
http://www.zdnetasia.com/news/security/0,39044215,62038612,00.htm
--NJ Legislator Wants investigation Into Stolen Insurance Company Laptop
(March 3, 2008)
New Jersey State Senator Kevin O'Toole (R-40) has called for a hearing
to investigate the circumstances surrounding the theft of a laptop that
holds personally identifiable information of more than 300,000 Horizon
Blue Cross/Blue Shield of New Jersey subscribers. The computer was
stolen from an employee's home in January. Senator O'Toole wants to
know how many other laptops hold Horizon subscriber data and wants
Horizon's data privacy practices closely examined. Horizon has said that
security procedures designed to protect data were not followed in this
instance.
http://www.politickernj.com/o%E2%80%99toole-renews-call-immediate-investigation-horizon-blue-crossblue-shield-data-breach-16933
LIST OF UPCOMING FREE SANS WEBCASTS
ISC Threat Update: March 2008
WHEN: Wednesday, March 12, 2008 at 1:00 PM EDT (1700 UTC/GMT)
FEATURED SPEAKERS: Johaness Ullrich and Tony Magallanez
http://www.sans.org/info/24623
Sponsored By: F-Secure
The SANS Internet Storm Center (ISC) uses advanced data correlation and
visualization techniques to analyze data collected from thousands of
sensors in over sixty countries. Experienced analysts constantly monitor
the Storm Center data feeds searching for trends and anomalies in order
to identify potential threats. When a threat is identified, the team
immediately begins an intensive investigation to gauge the threat's
severity and impact. This monthly webcast discusses recent threats
observed by the Internet Storm Center, and discusses new software
vulnerabilities or system exposures that were disclosed over the past
month. The general format is about 30 minutes of presentation by senior
ISC staff, followed by a question and answer period.
***
WhatWorks Webcast: PaulDotCom's Penetration Testing Dojo: Core IMPACT Style
WHEN: Tuesday, March 18, 2008 at 1:00 PM EDT (1700 UTC/GMT)
FEATURED SPEAKERS: Alan Paller and Paul Asadoorian
http://www.sans.org/info/24628
Sponsored By: Core Security Technologies
When beginning a security process at a consortium of non-profits, senior
network security engineer, Paul Asadoorian of Pauldotcom began looking
for a penetration testing tool that did network, web application and
social engineering tests. The tool he purchased is low on manpower use,
mostly self-maintaining and reliably proves the existence of network
vulnerabilities. Please attend this webcast to find out why Paul
selected CORE IMPACT and learn how it can help you safely perform
network, web application and end-user penetration testing.
***
SANS Special Webcast: Monthly Series: Security Insights with Dr. Eric Cole
This Month's Topic: Encryption
WHEN: Wednesday, March 19, 2008 at 1:00 PM EDT (1700 UTC/GMT)
FEATURING: Dr. Eric Cole
http://www.sans.org/info/24633
Based on first-hand experience, this talk will look at areas where
encryption should be used and how to avoid common mistakes. Dr. Cole
will also identify areas where encryption should not be deployed.
Overall, this talk will provide expert knowledge of the landscape of
encryption, proper uses and common pitfalls. Register now for this free
webcast!
***
Ask the Expert: Malcode Analysis and Response: Proficiency vs. Complexity
WHEN: Thursday, March 20, 2008 at 1:00 PM EDT (1700 UTC/GMT)
FEATURED SPEAKERS: Matt Allen and Russ McRee
https://www.sans.org/webcasts/show.php?webcastid=91808
Sponsored By: Norman Data Defense Systems
The threat landscape changes constantly, driven in part by the "bot
economy" and changing malcode techniques. In response, incident handler
techniques must keep pace. This presentation will cover the use of
RAPIER, a security tool built to facilitate first response procedures
for incident handling. It is designed to acquire commonly requested
information and samples during an information security event, incident,
or investigation. RAPIER automates the entire process of data collection
and delivers the results directly to the hands of a skilled security
analyst. From detection and discovery, capture and containment, count
on a useful discussion meant to further your incident response
practices.
***
Tool Talk Webcast: Are You Naked? Why virtualization and service
processors are leaving traditional log management customers naked.
WHEN: Tuesday, March 25, 2008 at 1:00 PM EDT (1700 UTC/GMT)
FEATURED SPEAKER: Bill Johnson
https://www.sans.org/webcasts/show.php?webcastid=91798
Sponsored By: Tdi
Virtualization and on board service processors are making log management
systems obsolete and opening their customers to huge compliance issues.
All existing log management systems are based on an 'inside out' agent
based, SYSLOG and SNMP architecture. This model is obsolete in today's
datacenter. Traditional log management systems do not log all events or
watch the data center all the time, opening the door to Sarbanes Oxley,
HIPAA and other compliance risks.
***
Tool Talk Webcast: Analyzing Pen Testing Tools: Shootout at the Blackbox Corral
WHEN: Wednesday, March 26, 2008 at 1:00 PM EDT (1700 UTC/GMT)
FEATURING: Larry Suto
http://www.sans.org/info/24653
Sponsored By: Fortify Software
All black box testing tools are not created equal. In the Fall of 2007,
security consultant Larry Suto published a report that evaluates the
coverage and balance between false positives and false negatives of
three popular penetration testing tools. His findings, which some found
surprising, prompted official responses from a number of tool vendors
that called into question areas of the experiment that could have led
to shaky results.
***
SANS Special Webcast: Stephen Northcutt Presents: Managing Vulnerability
Situational Awareness
WHEN: Wednesday, April 2, 2008 at 2:00 PM EDT (1800 UTC/GMT)
FEATURING: Stephen Northcutt
http://www.sans.org/info/24668
Sponsored By: Core Security Technologies
Stephen Northcutt challenges leaders to move past "Security Theater",
practices like confiscating nail files in airport security or running
vulnerability scans and taking no action or pretending a SIEM "partial
implementation" actually helps create effective security. If we want to
get better and actually implement security well one of the atomic keys
is to configure the system correctly and maintain that configuration.
Stephen will discuss the three views, the inside view, outside view and
user view that give us the information we need to assess the
configuration of our system. We can use tools like the Center for
Internet Security toolsets to create the inside view, vulnerability
scanners and exploitation tools like CORE for the outside view and to
get the user view we need to run a number of tests to determine the
level of awareness and practice. The data from all three views gives us
the ability to accurately assess our exposure to threat.
***
SANS Special Webcast: Data Leakage Landscape
WHEN: Thursday, April 3, 2008 at 1:00 PM EDT (1800 UTC/GMT)
FEATURED SPEAKERS: Barb Filkins, Robert Hemeryck and Malte Pollmann
http://www.sans.org/info/24673
Sponsored By: TrendMicro and Utimaco Software
Data leakage occurs everywhere computing is conducted - whether it be
hand-helds, USB tokens or even protected internal computers where cut,
copy and paste functions are difficult to control. Organizations need a
map of these leakage points so they can plug them and protect themselves
against regulatory violations. This Webcast discusses where and how data
leaks, what types of privacy violations these leakage points present,
and what to do about them.
Tool Talk Webcast: A Blueprint for Successful NAC Deployments
WHEN: Wednesday, April 16, 2008 at 1:00 PM EDT (1800 UTC/GMT)
FEATURING: John Curry
http://www.sans.org/info/24618
Sponsored By: StillSecure
This webinar will discuss the challenges associated with NAC deployments
and =provide organizations with a blueprint on how to cost-effectively
take =advantage of this critical technology. Learn first hand how your
=organization can benefit from this ground-breaking technology.
SANS Special Webcast: Log Management Part II: Real-Time Event Management
WHEN: Thursday, April 17, 2008 at 1:00 PM EDT (1700 UTC/GMT)
FEATURED SPEAKERS: Dave Shackleford and Sunil Bhargava
https://www.sans.org/webcasts/show.php?webcastid=91753
Sponsored By: Intellitactics, Inc.
This Webcast discusses how logs and event correlation should be managed
for =compliance purposes and how auditors, working closely with security
and =operations teams, can help develop processes that leverage logging
and event =data to measure the effectiveness of their controls.
SANS Special Webcast: Security Insights with Dr. Eric Cole
This Month's Topic: DLP
WHEN: Tuesday, April 22, 2008 at 1:00 PM EDT (1700 UTC/GMT)
FEATURING: Dr. Eric Cole
https://www.sans.org/webcasts/show.php?webcastid=91793
Cyber security is all about reducing risk to critical assets. Protecting
and controlling data flow is a critical part of an organizations
security arsenal. Therefore data loss prevention would seem like a
perfect solution for reducing risk. However, just because a product is
called a data loss prevention solution, does not necessarily mean that
it properly reduces risk. Before purchasing or deploying a solution it
is critical to understand the key risks you are trying to reduce and
make sure the solution is the most cost effective way to reduce risk.
This talk will provide insight into what product features are most
valuable and which solutions should be avoided. To accomplish this it
will provide a detail understanding of the landscape and the best way
to protect data at an organization. Register now for this free webcast!
Analyst Webcast: Security and Performance on Converged Networks
WHEN: Thursday, April 24, 2008 at 1:00 PM EDT (1700 UTC/GMT)
FEATURING: Dave Shackleford
https://www.sans.org/webcasts/show.php?webcastid=91764
Sponsored By: NIKSUN
Events from security and monitoring devices fire off an unmanageable
number of alarms with no way of telling how they're related, or how they
impact performance. As networks converge their video, voice and data
traffic over IP networks, these alarms will only increase, while
providing less visibility into what set them off. This Webcast discusses
what will be needed of security monitoring tools as these data, voice,
video convergence becomes ubiquitous.
SANS Special Webcast: The Little Hybrid Web Worm That Could
*** Previously scheduled for 3/6/08***
WHEN: Wednesday, April 30, 2008 at 1:00 PM EDT (1700 UTC/GMT)
http://www.sans.org/info/24614
Sponsored By: HP
This Webcast examines the possibility of hybrid web worms which use
several methods to overcome the limitations of current web worms.
Specifically the authors examine how a hybrid web worm: mutates itself
to evade defenses; updates itself with new attack vectors while in the
wild; and finds and exploits targets regardless of whether they are
client web browsers or web servers.
*******************************************************************
Be sure to check out the following FREE SANS archived webcasts:
Tool Talk Webcast: The ABC's of Dealing with Unique Network Security
Risks in a World of Open Campus Networks
WHEN: Wednesday, March 5, 2008 at 1:00 PM EST (1800 UTC/GMT)
FEATURING: Brian Mehlman
http://www.sans.org/info/22979
Sponsored By: Q1 Labs
SANS Special Webcast: A Response to the "Cold Boot Attack" Announcement
WHEN: Thursday, March 6, 2008 at 3:00 PM EST (1900 UTC/GMT)
FEATURING: John Strand
https://www.sans.org/webcasts/show.php?webcastid=91884
********************************************************************
The Editorial Board of SANS NewsBites
Eugene Schultz, Ph.D., CISM, CISSP is CTO of High Tower Software and the
author/co-author of books on Unix security, Internet security, Windows
NT/2000 security, incident response, and intrusion detection and
prevention. He was also the co-founder and original project manager of
the Department of Energy's Computer Incident Advisory Capability (CIAC).
John Pescatore is Vice President at Gartner Inc.; he has worked in
computer and network security since 1978.
Stephen Northcutt founded the GIAC certification and currently serves
as President of the SANS Technology Institute, a post graduate level IT
Security College, www.sans.edu.
Johannes Ullrich is Chief Technology Officer of the Internet Storm
Center.
Howard A. Schmidt served as CSO for Microsoft and eBay and as Vice-Chair
of the President's Critical Infrastructure Protection Board.
Ed Skoudis is co-founder of Intelguardians, a security research and
consulting firm, and author and lead instructor of the SANS Hacker
Exploits and Incident Handling course.
Tom Liston is a Senior Security Consultant and Malware Analyst for
Intelguardians, a handler for the SANS Institute's Internet Storm
Center, and co-author of the book Counter Hack Reloaded.
Dr. Eric Cole is an instructor, author and fellow with The SANS
Institute. He has written five books, including Insider Threat and he
is a senior Lockheed Martin Fellow.
Bruce Schneier has authored eight books -- including BEYOND FEAR and
SECRETS AND LIES -- and dozens of articles and academic papers. Schneier
has regularly appeared on television and radio, has testified before
Congress, and is a frequent writer and lecturer on issues surrounding
security and privacy.
Mason Brown is one of a very small number of people in the information
security field who have held a top management position in a Fortune 50
company (Alcoa). He is leading SANS' global initiative to improve
application security.
Marcus J. Ranum built the first firewall for the White House and is
widely recognized as a security products designer and industry
innovator.
Mark Weatherford, CISSP, CISM, is the Chief Information Security Officer
for the State of Colorado.
Alan Paller is director of research at the SANS Institute
Clint Kreitner is the founding President and CEO of The Center for
Internet Security.
Rohit Dhamankar is the Lead Security Architect at TippingPoint, a
division of 3Com, and authors the critical vulnerabilities section of
the weekly SANS Institute's RISK newsletter and is the project manager
for the SANS Top20 2005 and the Top 20 Quarterly updates.
Koon Yaw Tan is Assistant Director at Monetary Authority of Singapore
(MAS) and a handler for the SANS Institute's Internet Storm Center.
Gal Shpantzer is a trusted advisor to several successful IT outsourcing
companies and was involved in multiple SANS projects, such as the
E-Warfare course and the Business Continuity Step-by-Step Guide.
Brian Honan is an independent security consultant based in Dublin,
Ireland.
Roland Grefer is an independent consultant based in Clearwater, Florida.
Please feel free to share this with interested parties via email, but
no posting is allowed on web sites. For a free subscription, (and for
free posters) or to update a current subscription, visit
http://portal.sans.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
iEYEARECAAYFAkfWzXAACgkQ+LUG5KFpTkaLPQCgoNmlveam3HWwb1ttOrO247W+
+zQAniouTy9Ac05by1/BD+DYL7rwUQwV
=etr7
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]