Tag Archive for: Professionals

SANS Institute to Empower Cyber Professionals in the Middle East at SANS Dubai May 2024

/in


SANS Institute to Empower Cyber Professionals in the Middle East at SANS Dubai May 2024

SANS Institute has announced SANS Dubai May 2024 from 11-16 May at the Hilton Dubai, Palm Jumeirah. The course is expertly designed to equip cyber professionals with the skills needed to identify, counter, and prevent emerging cybersecurity threats, particularly those security professionals interested in expanding their knowledge of Red Team engagements and security control requirements.


Recent high-profile cyberattacks indicate that offensive attacks are bypassing defensive strategies, and cybersecurity experts, auditors, engineers and compliance officers are actively seeking practical solutions to protect their systems and data. In line with this, the UAE is witnessing a surge in demand for cybersecurity professionals with the necessary skills, with market projections indicating substantial growth from $0.52 billion in 2023 to an anticipated $0.95 billion by 2028.

SANS Dubai May 2024 offers two specialized courses through both in-person training and simultaneous live online sessions: the newly-launched SEC565: Red Team Operations and Adversary Emulation, and SEC566: Implementing and Auditing CIS Controls.

SEC565 will teach students how to develop and improve Red Team operations for security controls through adversary emulation, cyber threat intelligence, Red Team tradecraft, and engagement planning, ultimately improving the overall security posture of the organization.

In SEC566, students will learn how an organization can defend its information by using a vetted cybersecurity control standard, specifically how to implement, manage, and assess security control requirements defined by the Center for Internet Security’s (CIS) Controls across an organization’s complex networks, including cloud assets.

“As threats advance and become more sophisticated, organizations in the Middle East must proactively assess their security measures. Mastering offensive security techniques is necessary today, and that’s where the SANS Institute comes in,” says Ned Baltagi, Managing Director – Middle East, Turkey and Africa, SANS Institute. “By leveraging threat intelligence and…

Source…

7 useful hacker tools for Microsoft Windows professionals

/in


The internet offers a rich selection of tools for criminal purposes: password crackers and vulnerability scanners are just two examples. At the same time, one also finds web applications that are suitable for violating privacy — for example, reverse searches for the owners of telephone numbers or a person in a photo.

However, these tools can not only be used for criminal purposes or to find out the identity of other people, you can also use them for your own protection or for emergencies. Password crackers, for example, are often the last resort if you have forgotten an important password. Vulnerability scanners can also be used on your own network to detect and then block possible entry points for hackers.

Caution: Cracking passwords or even spying on networks is only permitted by law if it involves your own passwords and your own network. If you try to decrypt someone else’s password or spy on another network, you are liable to prosecution.

Replace Windows password

Der Offline NT Password & Registry Editor kann auch die Passwörter von Windows 10 und 11 überschreiben. Eine ausführliche Anleitung im Web erklärt Ihnen, wie das geht.

The Offline NT Password & Registry Editor can also overwrite Windows 10 and 11 passwords. A detailed guide on the web explains how to do this.

IDG

The first password you have to enter after turning on your computer is usually the Windows password. If you no longer know this password, your data is not lost — you can boot the computer with a boot stick or a boot CD, for example, and copy important documents to another medium — but you usually have no choice but to reinstall the operating system.

The free tool Offline NT Password & Registry Editor offers a way out. It does not even try to crack the password, but simply overwrites it with a character combination of your choice.

The tool is already quite old, the last version dates from 2014, but it still runs under Windows 10 and 11, albeit with some restrictions. For example, the computer must support legacy mode when booting; the program does not work with a UEFI boot. In addition, the hard disk or SSD must not be encrypted with Bitlocker or any other software.

Also note that Windows’ built-in encryption, the EFS file system, is tied to the password. If you change it with the Offline NT Password & Registry Editor and had…

Source…

Recent Hacks Prove Need to Educate More Cybersecurity Professionals

/in


(TNS) — The recent hack at MGM Resorts International last week points to a need for more cybersecurity professionals, an expert says, and the importance of training professionals in Massachusetts.

Steven Zuromski, chief information officer and vice president of information technology at Bridgewater State University, said Monday that the breach should serve as a reminder to consumers to monitor their finances for unexplained charges or new accounts.

Zuromski said a hacker group known as Blackcat or AlphaV has taken responsibility for the attack on MGM, using common methods of phishing and social engineering. The hackers gleaned information from an MGM employee’s LinkedIn account and used that knowledge to impersonate the individual and convince MGM employees to take steps that left the computer systems vulnerable.


“And wreak serious havoc over there for more than a week,” Zuromski said. “It appears to be pretty widespread.”

Widespread enough that Zuromski worries that consumer and account data might have been stolen. “If these actors were able to get this far,” he said. “MGM needs to be thinking very carefully about what data might have been exfiltrated.”

Last week, Caesars Entertainment told stock regulators that hackers stole Social Security numbers and driver’s license numbers of its loyalty program in a recent data breach.

On Monday, MGM executives briefed the Massachusetts Gaming Commission on cybersecurity issues at their Springfield casino, eight days after hackers damaged MGM’s computer systems companywide.

The discussion was kept to a closed-door executive session, just as commissioners did last week when they got an initial rundown on the hack.

STATE’S NEW RULES

Meantime, the Massachusetts Gaming Commission will host a roundtable Tuesday with the state’s sports betting operators to discuss implementation of new personal data rules the commission approved last month, according to spokesman Thomas Mills.

Those rules govern how the state’s in-person and mobile sports betting operators — a list that includes MGM — can collect and store personal data. The rules forbid them from…

Source…

We must equip health care professionals with tech resilience

/in


For weeks, a significant portion of our state has been significantly inconvenienced, even put at risk, by an increasingly disturbing trend. For nearly the entire month of August, Eastern Connecticut Health Network and Waterbury Health, which control several state hospitals and medical offices, have been suffering the effects of a cyberattack that have effectively paralyzed their technological capabilities, shutting down their information technology databases.

These are just some of 25 hospitals across the country that have had their operations impacted through this hack, and the significance of 25 hospitals being unable to provide care to their fullest extent cannot be understated. While treatment of patients is ongoing and emergency departments continue to operate, medical professionals are experiencing significant issues due to lack of connectivity through electronic systems. Local hospitals including Manchester Memorial, Rockville General and Waterbury Hospital cannot offer full outpatient medical imaging or blood drawings, with an unclear deadline or end to the outages. Even urgent care centers under the network have been forced to open alternative phone systems for patient contacts.

The continuing advances of technology in our world, and especially medical technology, have provided new opportunities to improve patient health and provide better outcomes for patients in need. In the current times, our dependency on technology also includes increasing access to remote work, electronic or e-consulting services and electronic multidisciplinary teams, almost universal electronic patients’ medical records, online scheduling, electronic radiologic images and other lab tests, robotic surgeries and remote cardiac monitoring among others. Technology has become the single most critical part of outpatient and inpatient services and communications.

Our increasing reliance on technology also poses significant risks. The current situation reinforces that our systems need more safeguards. This includes recognizing that in general, health service personnel have relatively less experience in working remotely, digital literacy and cybersecurity, leaving the sector…

Source…