Archive for January, 2011


EC-Council Presents Awards to U.S. Government, U.S. Military, Overall Civilian, and Overall Commercial DC3 Digital Forensics Challenge Winners

January 25, 2010 ATLANTA — The International Council of E-Commerce Consultants (EC-Council) presented awards in four categories for the Department of Defense Cyber Crime Center (DC3) Digital Forensics Challenge.

The EC-Council sponsored awards in the categories of US Government, US Military, Overall Civilian, and Overall Commercial. The winning teams were:

●    U.S. Government: LBPDCCID – 409 points
●    U.S. Military: Batcheej – 88 points
●    Commercial: LittleTree from South Korea – 1,791 points
●    Civilian: Williams Twins Forensics from the United States – 1,470 points

Winning teams were awarded plaques, passes to the Hacker Halted Conference, and their choice of EC-Council training program.

The DC3  Challenge is a competition across a broad range of individuals, teams, and institutions to provide technical solutions for digital forensic challenges in the lab as well as in the field. More than 20 different challenges ranging from basic forensics to advanced tool development were provided to all participants.


In his address, Jay Bavisi, President of EC –Council congratulated DC3 and the winners for their hard word and success. Jay said “ After training over 100,000 Information security professionals in over 80 countries and certifying over 38,000 of them in just 7 years, it gives us great pride to give back to the community with projects like this” Jay delivered his address to a packed audience at the conference entitled “ 10 mistakes Hackers Want You to Make”

ABOUT EC-COUNCIL:
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and security skills. It is the owner and developer of the world famous Certified Ethical Hacker (CEH) course, Computer Hacking Forensics Investigator (CHFI) program, License Penetration Tester (LPT) program and various other programs offered in over 60 countries around the globe. EC-Council has trained over 80,000 individuals and certified more than 30,000 security professionals. These certifications are recognized worldwide and have received endorsements from various government agencies including the US federal government, National Security Agency (NSA), Committee on National Security Systems (CNSS), US Army, FBI, Microsoft and CERTs (Computer Emergency Response Team) of various nations. The UUS Department of Defense has included the CEH program into its Directive 8570, making it one of the mandatory standards to be achieved by Computer Network Defenders Service Providers (CND-SP). www.eccouncil.org

ABOUT DC3
The Department of Defense Cyber Crime Center (DC3) sets standards for digital evidence processing, analysis, and diagnostics for any DoD investigation that requires computer forensic support to detect, enhance, or recover digital media, including audio and video. The center assists in criminal, counterintelligence, counterterrorism, and fraud investigations of the Defense Criminal Investigative Organizations (DCIOs) and DoD counterintelligence activities. It also supports safety investigations and Inspector General and commander-directed inquiries. DC3 aids in meeting intelligence community document exploitation objectives from a criminal law enforcement forensics and counterintelligence perspective. DC3 provides computer investigation training to forensic examiners, investigators, system administrators, and any other DoD members who must ensure Defense information systems are secure from unauthorized use, criminal and fraudulent activities, and foreign intelligence service exploitation. DC3 remains on the leading edge of computer technologies and techniques through research, development, testing, and evaluation applied to digital evidence processing and computer forensic analysis; and by partnering with governmental, academic, and private industry computer security officials.


Hacker Halted USA Returns to Miami – October 21-27, 2011

MIAMI, FL – JANUARY 13, 2011 – The premiere East Coast information security conference and training event will again be held in Miami, Florida as the EC-Council returns to the South with Hacker Halted USA. 2011 marks the third consecutive year the conference has been held in Miami.

Hacker Halted USA begins on Friday, October 21 and ends the following week on Thursday, October 27. EC-Council is expecting up to 1,000 attendees at this year’s event. The conference will again be held at the Intercontinental Miami and will include advanced infosec training and presentations from some of the world’s most respected names in cybersecurity.

This year’s conference will be split into three tracks:

Hacker Halted Academy is also unveiling a new specialized training program at this year’s Hacker Halted USA. It will feature highly advanced infosec training sessions from EC-Council’s new Center for Advanced Security Training (CAST). These advanced technical training programs will delve deeply into specific areas of security. These trainings are definitely not for those still trying to get their feet wet in the rapidly evolving information security landscape.

Founded in 2004, the Hacker Halted conference series has been held in cities such as Myrtle Beach, Mexico City, Singapore, Kuala Lumpur, Guangzhou, Tokyo and Dubai, among others. The series recently celebrated its 20th edition in Cairo in December 2010.

The Call for Papers is now open until March 15, 2011. For those interested in submitting a paper to be presented at Hacker Halted USA in Miami this October, please visit www.hackerhalted.com/cfp.

Corporate and organizational partners interested in becoming involved in this year’s Hacker Halted USA should contact Leonard Chin, Global Director of Marketing for the EC-Council (leonard@eccouncil.org).

Be sure not to miss the 2011 Hacker Halted USA, one of the year’s most important information security events:  Oct. 21-27, 2011, Miami, Florida. To keep track of conference updates, follow us on Twitter (@hackerhalted).

Website:  www.hackerhalted.com

ABOUT EC-COUNCIL:
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and security skills. It is the owner and developer of the world famous Certified Ethical Hacker (CEH) course, Computer Hacking Forensics Investigator (CHFI) program, License Penetration Tester (LPT) program and various other programs offered in over 60 countries around the globe. EC-Council has trained over 80,000 individuals and certified more than 30,000 security professionals. These certifications are recognized worldwide and have received endorsements from various government agencies including the US federal government, National Security Agency (NSA), Committee on National Security Systems (CNSS), US Army, FBI, Microsoft and CERTs (Computer Emergency Response Team) of various nations. The UUS Department of Defense has included the CEH program into its Directive 8570, making it one of the mandatory standards to be achieved by Computer Network Defenders Service Providers (CND-SP). www.eccouncil.org


EC-Council Partner in France Holds IT Security Seminar

PARIS,  January 13, 2011 : The Institut Informatique et Entreprise (IIE), a newly appointed Academia Partner of the EC-Council, recently conducted an important IT Security seminar for businesses on the risks and exposures that businesses face from unauthorized network intrusions.

More than 100 participants attended the IIE’s December 7th seminar in Valenciennes, in Northern France.
The IIE seminar focused on the risks and exposures that all businesses and organizations face from malevolent network intrusions. A key goal of the EC-Council and its partners is to teach information security professionals how to « think like hackers » in order to defeat them. As such, the IIE conférence provided extensive instruction on the tools and methods used by malicious hackers and effective countermeasures. The seminar also discussed current weaknesses in IT security certification programs.

Conference Highlights:
IIE Director Liliane Denis-Cussaguet explained how she trains her students to be aware  of the potential dangers that could affect their  enterprises system security at any project phase.

IIE Professor and Certified EC-Council Instructor Dr. Christian Deliescche introduced the Certified Ethical Hacker (CEH) course. As he explained, a key part of the CEH program is to train IT security professionals to think like hackers in order to reduce their offensive capabilities within an organization. Dr. Deliescche also highlighted the knowledge and skills that help to prevent security breaches, as well as post-breach tracing and security.

Claire Kemp, the EC-Council’s representative in France, shared the dramatic growth in demand of IT security professionals worldwide and locally in France.  According to Kemp, skyrocketing cyber crime levels, increased sophistication of the underground hacking community and the lack of training and education, were the main causes of this growth. She went on to share the endorsements, strategic partnerships and recognitions of EC-Council certifications in the professional world.
As a new Academia Partner of the EC-Council, the IIE’s students will undergo EC-Council course certifications before graduation.


EC-Council and Overnet Provide Exclusive Series of CEH and CHFI Sessions at Italy’s Largest IT Conference

EC-Council and Overnet join forces to provide stunning insights and concepts of EC-Council Certified Ethical Hacker (CEH) and Computer Hacking Forensics Investigator (CHFI) courses during the Microsoft Worldwide Partner Conference.

MILANO, January 13 2011: EC-Council, a leading global provider of IT Security certification training, recently teamed up with Overnet to provide exclusive high-level security and forensic training during the Microsoft Worldwide Partner Conference (WPC) in Milan. The conference, which ran from November 23-25, is the largest information technology event in Italy.

The joint training effort is part of the EC-Council’s objective to share IT security training, education and cybercrime analysis with more industry professionals and corporate partners worldwide.

“2011 will be a challenging year for cybersecurity professionals worldwide,” said Sean Lim, EC-Council Vice President. “With the rise of cyber terrorism, EC-Council will continue to offer superior and up-to-the-minute information security training and support to its many partners, and their communities, around the world.”

At the WPC, the EC-Council and Overnet organized 15 exclusive Certified Ethical Hacker (CEH) and Computer Hacking Forensics Investigator (CHFI) hands-on sessions for conference attendees.  These sessions were conducted by Overnet’s Certified EC-Council Trainer, Massimiliano Luciani, who is also the 2010 winner of the Circle of Excellence Instructor award . Over 100 professionals participated in the WPC training.

“EC-Council sponsorship has been very important for Overnet,” said Anna Cometti, marketing manager of Overnet. “Providing a broad range of courses is essential for reaching more corporate clients and we were excited to provide the Ethical Hacker and Forensic Investigator courses. We had excellent feedback and we hope to receive even more entries for this training next year.”
Claire Kemp, EC-Council representative in Italy stated: “We were extremely delighted with the results at this year’s WPC and we look forward to creating more cybercrime awareness campaigns in the near future.”


Cyber Security Summit: A Resounding Success

Singapore Informatics, a premier education solution provider in Sri Lanka, receives heartiest congratulations on the success of the Cyber Security Summit organized together with the International Council of Electronic Commerce Consultants (EC Council). The summit, held from 23rd -27th November 2010, proved an eye- opener on cyber security issues for many participants including high ranking government officials, military personnel, academia, corporate managers and IT professionals highlighting the significance of information security. While the participants thanked Singapore Informatics for taking initiative to convene such an event in Sri Lanka bringing in the expertise of world’s top most IT gurus, EC Council President, Sanjay Bavisi further pledged their support to this Singapore Informatics endeavour to educate Sri Lankans on cyber security issues.

The summit featured three key events; Cyber Security Conference, training programmes on Certified Ethical Hacking (CEH) and Computer Hacking Forensic Investigator (CHFI), and the Night Hack Cocktail. The keynote speakers were Sanjay Bavisi, President of EC Council, Sean Lim, Vice President of EC Council, Joseph McCray of Learn Security Online and Tim Pierson, Consultant and Instructor from Data- Sentry, Inc. The speakers were positively amazed at the high level of participation and enthusiasm of the participants throughout the conference commenting them to be the “best audience they ever had”.
The subsequent training sessions on CEH conducted by Joseph McCray of Learn Security Online exceeded the stipulated hours demonstrating the participants’ active interest in the subject area. The sessions on CHFI by Tim Pierson, Consultant and Instructor from Data- Sentry, Inc. drew attention to the importance of forensic investigation to rectify flaws in the system and bring the culprits to justice.

The summit culminated with the Night Hack Cocktail, the first-ever live hacking session held in South Asia. The two trainers, McCray and Pierson, also training instructors for Pentagon, US Department of Defense, demonstrated live hacking showcasing latest hacking methodologies and often overlooked security vulnerabilities.
The experience proved highly educational to the participants, as the Director IT of Sri Lanka Air Force, Group Captain Amarasena commented “I was amazed to see amount of things hackers could do. It made me think twice of our own information systems”. Captain Deepthi Peiris, Director IT of Sri Lanka Navy shared the same view stating “this persuaded me to build up the knowledge of ethical hacking among my staff members”.
Singapore Informatics was also commended by Lal Dias, Chief Executive Officer of Sri Lanka Computer Emergency Team (CERT), also a strategic partner for the summit, for stepping forward to assist them in their mission as a private sector institution sharing the same goals.
In light of these positive response from both participants and resource personnel, Singapore Informatics Director/ General Manager, Sri Lanka Territory Corporate Office, Boshan Dayaratne stated “Considering the increasing number of cyber crimes, particularly related to social media networks like Facebook and Twitter, and recent uproar caused by WikiLeaks, the summit was held at an opportune moment addressing a growing security concern worldwide”.


Furthermore, Singapore Informatics plans to make the Cyber Security Summit an annual event in their corporate calendar.
“We also hope to extend our awareness raising campaigns to grass root level, particularly school children, whose ignorance on cyber security has made them fall easy prey to various kinds of internet-related crimes” Director/ General Manager of Singapore Informatics further stated.
Currently, Singapore Informatics has launched CEH and CHFI training in Sri Lanka at a discounted rate to prepare our younger generation to face new challenges in the IT field. More information can be obtained through http://www.singaporeinformatics.lk/ or call on 0112699898.


Dark Reading: New Stealth Rootkit Steals Windows 7, Server 2008 User Privileges ‘On The Fly’

Researcher plans to hand off code to antivirus vendors, and then to EC-Council for ethical hacking training

Jan 04, 2011 – A European researcher has created a rootkit that can evade detection in Windows 7 and Windows Server 2008 machines and reset user passwords.The rootkit, created by Csaba Barta during the past two-and-half years, was initially a project meant for training purposes. But Barta, a security expert for Deloitte in Hungary who works on penetration testing training and forensic cases, says he eventually discovered he could perform new types of attacks with the rootkit, which he plans to deliver to antivirus firms as well as to the International Council of E-Commerce Consultants (EC-Council) for its certified hacker training program.

For more information on this, please visit http://www.darkreading.com/authentication/167901072/security/vulnerabilities/229000060/new-stealth-rootkit-steals-windows-7-server-2008-user-privileges-on-the-fly.html


Conference Series Targeting Technical Information Security Professionals Making Spring Debut in Dallas, Texas

EC-Council launches the TakeDownCon series – a highly technical information security conference series that promises to be an excellent knowledge acquisition and skills exchange platform.

Jan 6, 2011 – Albuquerque, NM – TakeDownCon will bring together information security researchers and technical experts, both the brightest and darkest, from the corporate and government sectors to academic as well the underground, and make it into one of the world’s premier infosec event where the latest security threats are presented and debated, and vulnerabilities are disclosed and scrutinized.

TakeDownCon will also feature a pre-event training platform offering EC-Council certification training including the world-renowned Certified Ethical Hacker (CEH) and Computer Hacking Forensic Investigator (CHFI) programs. In addition, there will also be highly advanced and technical courses offered by EC-Council’s Center of Advanced Security Training (CAST). These programs are designed by industry practitioners and experts, and will allow participants to go through both hands on and real life scenario based training covering domains such as web application security, penetration testing and social engineering.

Jay Bavisi, President of EC-Council said, “There is a huge gap, and we recognize the need for more information security training and education. TakeDownCon will be the ideal platform for knowledge acquisition. Dallas was chosen for its strategic geographical location, and the vast demand for information security training. TakeDownCon, being highly technical, will feature a brand new format, it will be very focused, content driven, and attendees will see no frills, thus making it accessible for the masses.”

This conference will also see the launch of “Nite Locks et all”. It is where physical security vulnerabilities and lock picking skills will be showcased, and a chance for attendees to try their hands on lock picking, under the tutelage of experts in this realm.

The Call for Paper is now open. If you are interested to reveal a zero day exploit, expose a new vulnerability or flag an unknown threat, this may well be the platform for you to showcase and demonstrate your technical expertise and proficiency, as well as demonstrate your thought leadership. Do visit http://www.takedowncon.com to submit your paper to be considered.

TakeDownCon will make its debut in Dallas, TX from May 14 – 19, 2011. More details can be found at http://www.takedowncon.com.

Media/Partnership Contact:
Leonard Chin
Director – Conferences & Events
leonard@eccouncil.org


Arrow ECS Appointed as EC-Council Platinum Partner in Europe

PARIS (January 1st, 2011) – Arrow Enterprise Computing Solutions, a business segment of Arrow Electronics Inc. [NYSE: ARW], announced that it has been appointed as a Platinum Partner by the EC-Council (International Council of E-Commerce Consultants) in Europe.

The EC-Council’s Certified Ethical Hacker course is designed to enable information technology professionals within enterprises and governments to prevent malicious hacking by identifying system vulnerabilities and security flaws ahead of time.

Under the Platinum Partner agreement, Arrow ECS will offer the Certified Ethical Hacker (CEH) training course, among others, through its training facilities in 13 countries across Europe including Austria, Czech Republic, Denmark, Finland, France, Germany, Hungary, Norway, Poland, Serbia, Sweden, Switzerland, and the United Kingdom.

IT Security remains a top priority for major corporations and organizations across the region,” said Jay Bavisi, president of EC-Council. “By partnering with Arrow ECS, a leading European value-added distributor of security solutions, we will be able to broaden the availability of our internationally recognized certification programs and ensure that European IT professionals are ready to tackle the growing threat of cyber attacks.”

“The EC-Council’s Certified Ethical Hacker program complements our growing catalogue of IT training offerings and reinforces our role as a significant leading IT services and training provider across Europe,” said Gaël Salomon, services and training development director for Arrow ECS in the Europe, Middle East and Africa region. “EC-Council is a natural choice in the ethical hacking training space, especially given the quality of their content related to security and software editor solutions, as well as the relationships they share with suppliers in that space.”

ABOUT EC-COUNCIL
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world. The global organization is headquartered in Albuquerque, N.M.

ABOUT ARROW ENTERPRISE COMPUTING SOLUTIONS
Arrow ECS, a business segment of Arrow Electronics Inc. [NYSE: ARW], provides enterprise and midrange computing products, services and solutions to value-added resellers, system integrators, and independent software vendors.  Based in Englewood, Colo., and with offices in 26 countries, Arrow ECS connects its customers to the world’s foremost technology suppliers.  Arrow ECS reported $4.9 billion in global enterprise computing solution sales in 2009.  Visit ecs.arrow.com for more information.