Tomorrow is the last day for savings on classes at SANS Network Security
2010 - September 19-27, in Las Vegas. 40 courses. Bonus evening
presentations include The Return of Command Line Kung Fu; and Cyberwar
or Business as Usual?; The State of US Federal CyberSecurity Initiatives.
********************** Sponsored By Splunk ************************ Live Webcast- Splunk for Cisco Security Solution: Supporting Cisco Centric Security Environments With the recent decision by Cisco to no longer support heterogeneous security environments with its CS-MARS product, users were left without a Cisco product for viewing Cisco security data in combination with other best-of-breed security products. Join this webcast and see how Splunk for Cisco Security Solution provides users with a single pane of glass for viewing real-time log data from Cisco security devices and software in addition to other data sources in the customer's environment. http://www.sans.org/info/64013
-- SANS Virginia Beach 2010, August 29-September 3, 2010 9 courses. Bonus evening presentations include Future Trends in Network Security; Hack Back! The Advanced Persistent Threat; and Securing the Human. http://www.sans.org/virginia-beach-2010/
-- SANS Network Security 2010, Las Vegas, September 19-27, 2010 40 courses. Bonus evening presentations include The Return of Command Line Kung Fu and Cyberwar or Business as Usual? The State of US Federal CyberSecurity Initiatives http://www.sans.org/network-security-2010/
-- SANS London 2010, November 27-December 6, 2010 14 courses. Bonus evening presentations include Latest Advances in Computer Forensics and Continuous Vulnerability Testing and Remediation: The 20 Critical Security Controls Perspective http://www.sans.org/london-2010/
Legislators Seek Answers From US Marshalls About Stored Body Scan Images (August 20, 2010)
US legislators want to know why US Marshalls Service stored images of body scans taken at a Florida courthouse. Senators Joe Lieberman (I-Conn.) and Susan Collins (R-Maine) sent a letter to the agency expressing their concern that citizens' privacy may have been violated. The letter was also signed by Senators Daniel Akaka (D-Hawaii), Thomas Carper (D-Delaware), Saxby Chambliss (R-Georgia) and Johnny Isakson (R-Georgia). The images stored were not accessed until the agency received a Freedom of Information Act (FOIA) request from the Electronic Privacy Information Center (EPIC). The Marshalls service says the images are not available without an administrative password. Despite the Marshall Service assurance that details were fuzzy enough so that people could not be identified, even by gender, the legislators want to know why the images were saved, if there are any other locations where full body imaging technology is being used, whether images from those locations are being stored, and if so, why. -http://www.nextgov.com/nextgov/ng_20100820_1563.php?oref=topnews -http://hsgac.senate.gov/public/index.cfm?FuseAction=Press.MajorityNews&Conte ntRecord_id=8c23ed55-5056-8059-761a-a21459c5b48f
**************** NEW COURSE AND FREE RESOURCES FROM SANS *****************
Four Arrested in Canada Over US $1.8 Million Payment Card Fraud Case (August 23, 2010)
Four people have been arrested in Calgary in connection with a payment card fraud scheme. The group allegedly stole US $1.8 million from an unnamed short-term credit and financial services company by increasing the value of prepaid debit cards from that company and withdrawing funds from ATMs in Canada, the US and other countries. Those arrested are Ehud Tenenbaum, Priscilla Mastrangelo, Jean Francois Ralph, and Spyros Xenoulis. Tenenbaum has a history of criminal charges, first as "Analyzer" in the Solar Sunrise exercise, and later for credit cardfraud. All face charges of fraudulent use of credit-card data as well as additional counts of fraud. -http://darkreading.com/database_security/security/attacks/showArticle.jhtml?arti cleID=226900085&subSection=Attacks/breaches
Researcher Arrested for Refusing to Divulge Who Gave Him Voting Machine (August 23, 2010)
Three states - California, Delaware and New York -- sponsored US Cyber Challenge security treasure hunts this summer. Before the challenges, participants attended a training camp. In the video of the event at the Polytechnic Institute of New York University in Brooklyn, Efstratios Gavas describes the importance of having a "venue to do good things, [otherwise ] you're going to end up doing bad things" and Director of the US Cyber Challenge Karen Evans "the path of how you can do really cool things and do the right thing and then have a job and ... contribute positively to society." -http://www.govinfosecurity.com/US-CyberChallenge.php
Eugene Schultz, Ph.D., CISM, CISSP is CTO of Emagined Security and the author/co-author of books on Unix security, Internet security, Windows NT/2000 security, incident response, and intrusion detection and prevention. He was also the co-founder and original project manager of the Department of Energy's Computer Incident Advisory Capability (CIAC)
John Pescatore is Vice President at Gartner Inc.; he has worked in computer and network security since 1978.
Stephen Northcutt founded the GIAC certification and currently serves as President of the SANS Technology Institute, a post graduate level IT Security College, www.sans.edu.
Prof. Howard A. Schmidt is the Cyber Coordinator for the President of the United States
Dr. Johannes Ullrich is Chief Technology Officer of the Internet Storm Center and Dean of the Faculty of the graduate school at the SANS Technology Institute.
Ed Skoudis is co-founder of Inguardians, a security research and consulting firm, and author and lead instructor of the SANS Hacker Exploits and Incident Handling course.
Rob Lee is the curriculum lead instructor for the SANS Institute's computer forensic courses (computer-forensics.sans.org) and a Director at the incident response company Mandiant.
Rohit Dhamankar is the Director of Security Research at TippingPoint, where he leads the Digital Vaccine and ThreatLinQ groups. His group develops protection filters to address vulnerabilities, viruses, worms, Trojans, P2P, spyware, and other applications for use in TippingPoint's Intrusion Prevention Systems.
Tom Liston is a Senior Security Consultant and Malware Analyst for Inguardians, a handler for the SANS Institute's Internet Storm Center, and co-author of the book Counter Hack Reloaded.
Dr. Eric Cole is an instructor, author and fellow with The SANS Institute. He has written five books, including Insider Threat and he is a senior Lockheed Martin Fellow.
Ron Dick directed the National Infrastructure Protection Center (NIPC) at the FBI and is the incoming President of the InfraGard National Members Alliance - with 22,000 members.
Mason Brown is one of a very small number of people in the information security field who have held a top management position in a Fortune 50 company (Alcoa). He is leading SANS' global initiative to improve application security.
David Hoelzer is the director of research & principal examiner for Enclave Forensics and a senior fellow with the SANS Technology Institute.
Mark Weatherford, CISSP, CISM, is Chief Information Security Officer at the North American Energy Reliability Commission (NERC).
Alan Paller is director of research at the SANS Institute.
Marcus J. Ranum built the first firewall for the White House and is widely recognized as a security products designer and industry innovator.
Clint Kreitner is the founding President and CEO of The Center for Internet Security.
Brian Honan is an independent security consultant based in Dublin, Ireland.
David Turley is SANS infrastructure manager and serves as production manager and final editor on SANS NewsBites.
Please feel free to share this with interested parties via email, but no posting is allowed on web sites. For a free subscription, (and for free posters) or to update a current subscription, visit http://portal.sans.org/
As a SysAdmin, I found this course invaluable. It not only gave me the skills I need to audit my own systems, but also gave me some insight on how to better work with external auditors. -Christoper O'Keefe, CPC