EC-Council currently released the most advanced ethical hacking program in the world – CEHv7. This much anticipated version was designed by hackers and security researchers. This new version is a breakaway from earlier releases, with more emphasis on techniques and methodologies, which attackers may use to carry out possible attacks against system/networks. In addition to this makeover, CEHv7 includes a Monster Hacking Tool Repository, Codenamed Frankenstein
Frankenstein provides users with an ease for searching, downloading and installing the latest hacking and penetration testing training tools. By using Frankenstein Version 1.0, users can check the release date of the tool, category under which it is published, probable size of the tool, name of the publisher/author, the website details and technical requirements for the tool to run. This will help all the Certified Members to keep themselves updated of tools released in the wild.
Frankenstein featured in:
Network World – Frankenstein crimeware registry comes online
IDG News Service – Frankenstein crimeware registry comes online
Computerworld UK – EC Council compiles massive Frankenstein malware encyclopedia
Kenya Methodist University (KeMU), in collaboration with the International Council of Electronic Commerce Consultants (EC-Council) has launched globally recognized professional courses in IT Security, in a bid to address some of the major loopholes in the current IT industry in Kenya.
According to the report, “A Human Capital Crisis in Cybersecurity”, released in November 2010 by the Center for Strategic and International Studies (CSIS), a critical element of a robust cybersecurity strategy is having the right people at every level to identify, build and staff the defenses and responses of IT networks and infrastructures.
Fears over an Internet kill switch erupted last month in the wake of Egypt’s successful blackout, sounding alarms even among tech-dependant Westerners who once believed access to the web was an untouchable freedom.
While a similar blackout is far less likely in a nation such as the U.S., filled with loads of Internet service providers and stringent laws protecting civil rights, some say Washington should be imposing more regulations over the web in an effort to curtail cyber threats against critical infrastructures, including those operated by private entities.
For more information, please visit “http://www.foxbusiness.com/markets/2011/03/17/kill-switch-fears-trigger-cyber-security-debate/“.
New Horizons Nigeria Makes Headlines In West Africa With The Launch Of CEH v7.
Jay Bavisi, az EC-Council elnöke a Biztonságportálnak adott interjújában az etikus hekkelésről, a képzési lehetőségekről és nem utolsó sorban a magyar biztonsági szakemberek megítéléséről nyilatkozott.
Ahogy mind több és mind nagyobb károkat okozó biztonsági incidensek következtek be, az informatikai biztonság terén úgy mutatkozott egyre nagyobb igény a penetrációs tesztekre és az etikus hekkelésre. A szervezetek ugyanis egyre kíváncsibbak lettek arra, hogy a gyakran igen költséges védelmi rendszereik valóban képesek-e gátat szabni a kiberbűnözők károkozásainak. Már kezdetben sok vizsgálat, auditálás során bizonyosodott be, hogy hiába a sok technológiai beruházás, ha például az emberi tényezők nem megfelelő kezelése és a biztonságtudatosság hiánya miatt könnyen kihasználható biztonsági rések tátongnak a védelmen. A feltárt sérülékenységek természetesen a fehérkalapos hekkerek munkájának fontosságára is felhívták a figyelmet.
Örömteli, hogy Magyarország az etikus hekkelés szempontjából az elmúlt évek során kiemelkedő teljesítményt nyújtott. Ezt bizonyítja az is, hogy az etikus hekkerképzés egyik vezető szervezete, az EC-Council az elsők között hazánkat jelölte ki a legújabb, 7-es verziójú Certified Ethical Hacker (CEH) képzésének bevezetésére. Ebből az alkalomból Jay Bavisi elnököt kérdeztük az új képzésről, és arról, hogy miként vélekedik a magyar fehérkalapos szakemberekről.
További információkért kérjük, látogasson el: http://biztonsagportal.hu/exkluziv-interju-az-etikus-hekkerkepzes-atyjaval-20110317.html
14 March 2011
The International Council of E-Commerce Consultants (EC-Council) is launching today version 7 of its certified ethical hacker training (CEH) program at 35 training centers.
Version 7 includes iLabs, vulnerability testing in a real server environment; Frankenstein, a threat code repository; plus new course material and a video archive.
“We train information security professionals, the good guys, in the exact art that is well known to the bad guys”, said Jay Bavisi, president of the EC-Council.
For more information, please visit http://www.infosecurity-us.com/view/16613/eccouncil-launches-version-7-of-its-ethical-hacker-training-program/
Mar 9, 2011, Albuquerque, NM – According to the report, Commission on Cybersecurity for the 44th President, released in November 2010 by Center for Strategic and International Studies (CSIS), it is highlighted that technical proficiency is critical to the defense of IT networks and infrastructures. And there is evidently a shortage of such personnel in the current cyber defense workforce.
The United States alone needs between 10,000 to 30,000 well-trained personnel who have specialized skills required to effectively guard its national assets. In essence, there is a huge shortage of highly technically skilled information security professionals. The problem is both of quantity, and quality, and this is not a problem just for the government space. Public and private companies are also in dire straits trying to fill such staffing needs.
The information security workforce requires not just technically proficient people to operate and support existing systems that are already deployed. There is a great demand for highly skilled professionals who can design security systems, application engineers who can write secure codes, as well as forensics experts who are well trained with highly advanced computer examination skills. Threats to SCADA and Critical Infrastructures are mounting and nations cannot ignore that these threats needs effective methods and manpower to be mitigated, should it ever occur. With the exponential growth of mobile devices adoption, and higher dependency on wireless communications, hackers are finding more ways and means to exploit these technology, and crippling organization and agencies alike.
One of the keys to address these issues will be to be adequately train and equip cyber defenders with cutting edge technological skills that are required to prevent such attacks and build a sound perimeter defense to deter these threats. A company needs to ensure that its current cyber workforce is well-trained, and as an individual, one needs to maintain technical proficiencies that are up-to-date in order to stay employable. Without a doubt, training is essential.
Recognizing this gap, EC-Council has launched the Center of Advanced Security Training (CAST), to address the deficiency in the lack of highly technically skilled information security professionals. CAST will provide advanced and specialized information security training for specific domains such as application security, penetration testing, computer forensics, social engineering, malware and botnet analysis, among others. These highly technical training programs are designed with industry practitioners to ensure that content are current and relevant, and the focus of CAST training will be its thorough extensive hands-on approach, to enable participants to combat real life scenarios.
“Certification has grown to become a necessity. It is critical for information security professionals to be equipped with the baseline knowledge and skills that any certification provides,” said Jay Bavisi, president of EC-Council. He adds, “However, it is the advanced skills and technical proficiency that will make one stand out from its peers. Such skills can only be acquired through specialized and highly technical training. And these are the components that CAST aims to provide to the infosec professional community.”
Some of first CAST programs that will be rolled out are Advanced Penetration Testing course by Joseph McCray, an air force veteran who has tested over 150,000 machines in his career alone, and the Digital Mobile Forensics Deep Dive, by Wayne Burke, former cyber crime investigator with the South African police department. There is also the Advanced Application Security course by Tim Pierson, the well-traveled information security consultant and trainer, who had co-authored a book on Virtualization security.
CAST training will be available at all EC-Council hosted conferences and events, and through specially selected training partners. The launch classes for CAST will be at the upcoming TakeDownCon Dallas, from May 15-17, 2011.
Director – CAST
TakeDownCon is a brand new information security conference series, created by EC-Council. This highly technical information security conference series differs from others, and it is very focused – the theme of this first of the series is “Taking Down Security”, focusing on attack and defense vectors. World class experts including Barnaby Jack, Kanen Flowers, Joe McCray, Rodrigo Branco, Sean Arries, among others, will demonstrate and showcase how security systems can be taken down at ease. This 2 days conference, in a very casual and relaxed setting, is targeted towards information security researchers, engineers and technical professionals. http://www.takedowncon.com
Ethical Hacking is Critical to the Security of IT systems. CEH featured in UK’s IT Training magazine.