Investigating PowerShell Attacks & How TO Master Infosec Management Fundamentals!

Investigating PowerShell Attacks & How TO Master Infosec Management Fundamentals!

Henry Dalziel | Hacker Hotshots | December 1, 2014

The UK home secretary, Theresa May, has withdrawn an extradition order to the United States for computer hacker Gary McKinnon Link.

For those that don’t know, Gary is a British computer hacker who in 2002 was accused of perpetrating the “biggest military computer hack of all time” – as quoted by the US Lawyers trying to extradite him.

Long story short, the US government alleges that between February 2001 and March 2002, the 40-year-old computer enthusiast London UK hacked into dozens of US Army, Navy, Air Force, and Department of Defense computers, as well as 16 Nasa computers. The US government claim that his hacking caused some $700,000 dollars damage to government systems.

This is big news because it is unusual for the UK government not to agree to US extradition requests – but it is also clearly a massive result for Gary and his family.

Gary does suffer from Asperger’s Syndrome – a form of autism – and claims to have been seeking evidence of extraterrestrial life.

Here are two events we have lined up for you over the next two weeks:

Investigating PowerShell Attacks
Link to this event: December 2nd at 1200 EST

Matt Hastings and Ryan Kazanciyan will present “Investigating PowerShell Attacks” Tuesday December 2nd at 12 EST. As usual, this Hacker Hotshot will be under 20 mins in which Max and Ryan will condense their cybersecurity research.

What can you learn from this event on Tuesday? Matt and Ryan will discuss, amongst other sub-topics:

  • How over the past two years, we’ve seen targeted attackers increasingly make use of PowerShell to conduct command-and-control in compromised Windows environments.
  • And how this has in turn created a whole new playground of attack techniques for intruders that have already popped a few admin accounts (or an entire domain). This presentation will focus on common attack patterns performed through PowerShell and the sources of evidence they leave behind.

We hope you can attend it! For those interested in Powershell Hacking we’d suggest taking a look at Introduction to hacking with PowerShell (presented by Scott Busby) to get yourself familarized with this security concept and attack profile.

How TO Master Infosec Management Fundamentals
Link to this event: December 9th at 1200 EST

Join us Tuesday December 9th for a live course (free cybersecurity training!) that is worth continuing education credits (CEU’s) titled: “How TO Master Infosec Management Fundamentals”.

After completing this live online course, you will be sent a 10-question exam. All students who succesfully complete the exam will be issued with a Certificate of Completion, that can be used towards your continuing education requirements.

In this 90 minute class, your instructor Jerod Brennen is going to teach you the following!

Please note that this is a once-off live event! After December 9th we will package up this training into a paid course that you can still use to obtain CEU’s. Here’s the link to the course.
  • How system components are installed, integrated, and optimized
  • IA principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)
  • IT security principles and methods, such as firewalls, demilitarized zones, and encryption
  • IT supply chain security/ risk management policies, requirements, and procedures
  • Known vulnerabilities, from alerts, advisories, errata, and bulletins
  • Network access, identity and access management (e.g., public key infrastructure, PKI)
  • Network design processes, including understanding of security objectives, operational objectives, and tradeoffs
  • Network security architecture concepts including topology, protocols, components, and principles (e.g., application of Defense-in-Depth)
  • Network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools
  • Operating systems
  • Personally Identifying Information (PII) and personal Payment Card Industry (PCI) data security standards
  • Relevant laws, policies, procedures, or governance as they relate to work that may impact critical infrastructure
  • Risk management processes, including steps and methods for assessing risk
  • Secure configuration management techniques
  • Security management
  • Systems testing and evaluation methods
  • Telecommunications concepts
  • Assessing the robustness of security systems and designs
  • Conducting vulnerability scans and recognizing vulnerabilities in security systems
  • Designing countermeasures to identified security risks
  • Designing security controls based on IA principles and tenets
  • Determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes
  • Developing and applying security system access controls
  • Evaluating the adequacy of security designs

In Summary

These are two awesome events and we’d love for you to attend them. Drop a comment below or ask a question during the actual training itself!

Leave a comment or reply below...thanks!