Hacker attacks Victorian servers

http://www.zdnet.com.au/hacker-attacks-victorian-servers-339301026.htm

China spies suspected of hacking Julia Gillard’s emails

http://www.news.com.au/technology/federal-ministers-emails-suspected-of-being-hacked/story-e6frfrnr-1226029713668

So anyone connected to the internet is fair game, so the question becomes: How do I stop my company from being the next headline?

Glad you asked…

Enter SANS 504: Hacker Techniques, Exploits and Incident Handling course

SANS, one of the best known names in the IT security training arena, has a course dedicated to teaching IT staff how to understand what hacker are up and put in place measures to keep the company systems safe. SANS 504: Hacker Techniques, Exploits and Incident Handling course gives hands-on experience in understanding vulnerabilities and discovering intrusions, and equipping you with a comprehensive incident handling plan.

This course is being offered as a ten week Mentor lead course here in Sydney, this allow the attendees to gain the maximum study benefits while still having personal lives. It starts on the Thursday, June 2, 2011 and running each Thursday until August 4, 2011.

Learn and work through the SANS courseware with Chris Mohan, one of the few SANS’ GSE holders in the world and a handler at the Internet Storm Center, to help make the courseware relevant and of immediate use to you.

With the Australian dollar nearing an all-time high and using the code Mentor10 for an addition 10% off the course, SANS Security training has never been more cost effective and affordable!

Register here: http://www.sans.org/mentor/details.php?nid=24644

And just in case your company doesn’t think taking IT security is important, show your boss even the Australia’s spy agency ASIO gets cyber wing to protect the country. If the country needs protecting don’t you think your company does to?

http://news.smh.com.au/breaking-news-technology/australias-spy-agency-asio-gets-cyber-wing-20110311-1br4g.html

I think overall I was probably lucky to pass. I don’t do much reverse engineering as part of my daily duties so my experience in this area is basically nill. With that background I really should have been studying from July right up to the last possible moment to take the exam.

Anyway, I passed! Now only two more exams to do before xmas.

I knew I was going to be under the pump when I signed up to do my CISSP and the Offensive Security OSCP both within a three month period. What I didn’t know was how much of my time and effort was going to be involved in completing both.

Sitting here trying to unwind from a three hour amateur coding spree while pondering the past, present and future it really sunk in that I have been studying for three weeks already. Time flies when you’re having fun right? My achievements for the past three weeks include completing 2 of the 10 CISSP domains and 3 of 16 OSCP modules. While I am quite happy with what I have achieved as I have been working my butt off, I have only completing three modules in almost three weeks with another 13 to complete in 5. My uber math skillz tell me that at this current pace I might run overtime… It’s my lack of coding experience is to blame. Code that should have taken me 10 mins has been talking me sometimes an hour or more. Many nights have been spent doing nothing but coding. The beauty of it is I have wanted to dedicate a lot more time to my coding, and now I have no choice. While I don’t believe I am anything close to being a good coder, I am strangely enough starting to see signs of real code shining through and even a touch of real functionality .

The next two modules look quite easy. I think I will be able to knock them both over tomorrow. This will get me back on track. Now I just have to find time to read another CISSP domain .