Category Archives: video

Detecting Drone Surveillance with Traffic Analysis

This is clever:

Researchers at Ben Gurion University in Beer Sheva, Israel have built a proof-of-concept system for counter-surveillance against spy drones that demonstrates a clever, if not exactly simple, way to determine whether a certain person or object is under aerial surveillance. They first generate a recognizable pattern on whatever subject­ -- a window, say -- someone might want to guard from potential surveillance. Then they remotely intercept a drone's radio signals to look for that pattern in the streaming video the drone sends back to its operator. If they spot it, they can determine that the drone is looking at their subject.

In other words, they can see what the drone sees, pulling out their recognizable pattern from the radio signal, even without breaking the drone's encrypted video.

The details have to do with the way drone video is compressed:

The researchers' technique takes advantage of an efficiency feature streaming video has used for years, known as "delta frames." Instead of encoding video as a series of raw images, it's compressed into a series of changes from the previous image in the video. That means when a streaming video shows a still object, it transmits fewer bytes of data than when it shows one that moves or changes color.

That compression feature can reveal key information about the content of the video to someone who's intercepting the streaming data, security researchers have shown in recent research, even when the data is encrypted.

Research paper and video.

Threat Hunting Professional (THP) Launch Offers

Hunting season is now open, as today we announce the release of another brand-new training course: Threat Hunting Professional.

For those geared and ready for THP, we’ve got some exciting deals locked and loaded for you this December! Use the code THP-D4A upon enrollment and you’ll be getting 30% off regular course fees, as well as a free Edition upgrade.

Regular course fees: $1299 Regular course fees: $1499

The hunted becomes the hunter

“Open confrontation will trigger over-powering resistance.
Thus the key to victory is the ability to use surprise tactics.”

That’s from Sun Tzu’s infamous work, The Art of War. This book, and the military strategies contained within, have stood the test of time—having been adopted by numerous people into their jobs.

It seems cyber attackers are no exception: when faced with a major organization’s defenses, they can’t come in guns a-blazin’. The element of surprise is their main key to success. And, as evidenced by the long (and still-growing) list of victims in 2017 alone, it may as well be a skeleton key.

 “The position of victory is one of determination.
The position of defeat is unpreparedness.”

Long gone are the days when having a purely defensive-minded system in place counts as ‘preparedness.’ Only in Hollywood will you see lights flashing, alarms blaring, and security teams waging war whenever a cyber attack befalls a network.

Today, usual signs that a breach has occurred are: receiving a ransom email asking payment for the stolen data; finding said data leaked somewhere in the dark web; or any other equally humiliating and damaging scenario. What’s worse, there are times when attackers succeed in flying under the radar, leaving no trace at all of their intrusion.

In any case, if you’re not in a position to seek out threats, you’re in a position of defeat.

THP helps professionals bring the fight to cyber attackers

Threat Hunting Professional aims to help security professionals gain a proactive defense mentality. The course also teaches students how to:

  • Proactively hunt for threats in your organization’s network or perimeter
  • Use threat intelligence or hypotheses to hunt for known threats
  • Comfortably inspect network traffic and identify malicious traffic
  • Perform memory analysis using Redline and Volatility to identify malware
  • Use tools such as Sysmon and ELK to analyze Windows events and detect attack patterns
  • Use tools such as PowerShell, Microsoft ATP, and ATA to detect attacks

Although primarily aimed to become the Blue Team’s weapon of choice, THP can also prove to be an extra bullet in the chamber for Red Teams, as they can use the techniques covered in the course to:

  • Get familiar with detection techniques used by mature organizations
  • Identify how an attack looks like in the wire and in memory
  • Identify the most common events that are analyzed
  • Fine tune your attack strategy, attack vectors, and infrastructure

And that’s barely even scraping the surface of what’s in the course. Coupled with a vast array of training materials and a number of real-world Hera Lab scenarios, Threat Hunting Professional delivers the robust eLearnSecurity training experience.

Year-ending THP deals

From now until the end of December, we’re cutting 30% off Threat Hunting Professional enrollment fees, and giving everybody a free Edition upgrade! Students who ‘enlist’ into the course during this launch period will be able to save over $500.

Full Edition includes:

  • HD video training material
  • 60 hours of virtual labs access
  • Dedicated forum; access to instructors
  • Mobile access (HTML5)
  • Standard exam voucher for certification (voucher valid for 180 days)

Regular fees: $1299

Elite Edition includes:

  • HD video training material
  • 120 hours of virtual labs access
  • Dedicated forum; access to instructors
  • Offline access (downloadable as PDF)
  • Mobile access (HTML5)
  • Infinity exam voucher for certification (voucher does not expire)
  • Certificate printing and shipment

Regular fees: $1499

And, to existing students: we’ve shot off an email over to your inboxes containing your exclusive launch deals! You may also check with the Support team if you want to know more.

Go on the Hunt for free with the All Access Pass!

Also this December, enrollees into the All Access Pass bundle will receive the Threat Hunting Professional training course in the Elite Edition for free!

For the same bundle fee, students will get all TEN eLearnSecurity training courses—10 new certifications, hours upon hours of video training material, and over 780 usable hours of hands-on training in Hera Lab. That’s a staggering $6,600+ savings on security training! Learn more about the All Access Pass here.

Target practice

Give THP a shot before enrolling. Try the course by accessing this free course demo.

The launch offer ends on December 31 2017 at 11:59 PM PT, though, so better hurry!

Threat Hunting Professional gives you the skills to proactively hunt for threats and become a stealthier pentester. Try it for free here.

Not much of a hunter?

If Threat Hunting Professional isn’t on your holiday wish list, you can also check out several other training courses and bundles included in our Year-End Gift! Learn more here.

 

Penetration Testing eXtreme (PTX) Launch Offer

We’ve kept you waiting long enough. It’s now time for us to introduce to you: the only practical training course on advanced network pentesting, Penetration Testing eXtreme!

First in line for PTX? If you enroll from today until October 31st, 11:59 PM PT and use the coupon code PTX-V4A, you’ll get 30% reduction on course fees, AND be upgraded into the next higher Edition for free!

That’s over $700 that you’ll be saving on enrollment fees.

Regular course fees: $1699 Regular course fees: $1799

Extreme ways are back again

We’re living in a day and age when a cyber attack orchestrated by rogue actors and government-backed groups can uneventfully pop up in the news every few weeks. These back and forth acts of cyber warfare now seem all too common, yet still on a degree not understood by most.

The skills and knowledge that are on this level of sophistication are usually reserved for those on the upper echelons of the industry. And, since the how-to’s of executing such advanced attacks are not normally discussed in detail, gaining in-depth understanding is tough to come by.

This is what PTX is for.

The course is built on techniques used by red team members, APT groups, nation-state actors – basically those behind the attacks and those whose task is to understand them. Covering advanced network manipulation attacks, critical infrastructure exploitation, obscure backdooring, modern evasion techniques, and providing execution details on even the most covert of operations – PTX teaches students the skills to perform advanced adversary simulation, create custom attack vectors and payloads, and even conduct state-sponsored-like operations.

As with any of our courses, the eLearnSecurity structured learning approach ensures students are guided through the concepts and aren’t left scrambling left and right for materials. And, with the might of the Hera Lab behind them, students can practice advanced pentesting on a number of real-world network infrastructures.

Exclusive Launch Offer

Until October 31st, 2017 – 11:59 PM PT, you can enroll into Penetration Testing eXtreme at 30% off the course fees, and get an Edition upgrade for free. That means PTX students can save more than $700 just by enrolling this October!

While that’s probably enough to get anyone excited, we know that some of you may not be feeling up to the PTX challenge just yet – PTX is geared towards more advanced students, after all.

But, that shouldn’t stop you from availing of this Launch Offer!

With the Launch Add-on Option, you will be able to lock in PTX at the current launch fees, AND add as many other Elite Edition courses as you want for only $899 each!

This way, you can first load up your skill arsenal with PTPv4 before taking on PTX – or lock in any other training course that you’ve been eyeing for a while now – without missing out on these low enrollment fees.

Full Edition includes:

  • HD video training material
  • 60 hours of virtual labs access
  • Dedicated forum; access to instructors
  • Mobile access (HTML5)
  • Standard exam voucher for certification (voucher valid for 180 days)

Regular fees: $1699

Elite Edition includes:

  • HD video training material
  • 120 hours of virtual labs access
  • Dedicated forum; access to instructors
  • Offline access (downloadable as PDF)
  • Mobile access (HTML5)
  • Infinity exam voucher for certification (voucher does not expire)
  • Certificate printing and shipment

Regular fees: $1799

   

And for those of you who are already enrolled into at least one course with us, you’ll want to check your inbox for an even more explosive deal!

Explore it first

If you’re wary that PTX might be too much for you, you can first try it out using this free course demo. But, don’t take too long! Remember: the Launch Offer is only valid until 11:59 PM PT of October 31st, 2017.

Penetration Testing eXtreme is the most practical and advanced training course on network pentesting. Try it for free here.

 

Change the Incentive Model, Change the Culture

We all know there are problems with security. We all know that things aren't keeping pace or improving measurably and meaningfully at a rate or in a manner that most of us would deem sufficient or acceptable. Yet, all we seem to be doing is continuing to cast stones, castigate decision-makers, and pound the FUD drum. Why isn't anybody talking about addressing the core obstacles?

The answer, of course, is two-pronged and revolves around changing culture, which is in turn driven by changing the incentive model(s) of the organization overall, as well as for individual contributors. For an example of where these things have come to fruition, one need only look at DevOps success stories. Why do DevOps initiatives succeed? Because they change the incentive model and thus drive culture change. In fact, when done really well, these two factors cycle iteratively as the organization transforms (back) into a living, learning, evolving organism that benefits from shortened feedback cycles and is able to generatively improve efficiency, effectiveness, and overall performance through improved awareness and execution (among other things).

Sadly, when we look at the lion's share of the security industry, none of it focuses on this core problem. Whether we're talking FUDdy about cloud or mobile or IoT or big data or privacy or compliance or any other number of hairy, scary problems... the conversation almost always devolves back to one about "fitting tools to problems" and ignoring the elephant in the room, which is that there's little-to-no incentive for meaningful change. People still have to get their jobs done, regardless of what security measures should be in place, and their performance is often graded lower if they slow down to make those much-needed improvements.

Where then shall we turn to figure this all out? Well, quite simply, we need to turn inward and we must look upward. While DevOps has been able to affect change in a grassroots manner, it's also seen limited success without top-level support that leads to organizational change. What was the tipping point for the C-suite to support and, ultimately, drive these changes? A shift in the incentive model wherein they saw improved performance and output (e.g., faster delivery of product to market, reduced development costs, improved quality and customer satisfaction).

As such, it's imperative that all security conversations start not with technical issues, but instead with an understanding of the context for those issues, and the incentive models and org culture against which they're (mis)aligned. This is why our Lean Security model is about business transformation rather than being yet another IT or infosec or risk management framework, and why I've taken such an interest lately in generative culture and organizational development. You cannot solve the technical issues without first solving the business management issues. This includes, among other things, ensuring awareness of context, without which most projects are doomed to failure.

More to come...

Are we all RoboCops in the future?

7457645618_1c7dcd0523_oInternet together with small and inexpensive digital cameras have made us aware of the potential privacy concerns of sharing digital photos. The mobile phone cameras have escalated this development even further. Many people are today carrying a camera with ability to publish photos and videos on the net almost in real-time. Some people can handle that and act in a responsible way, some can’t. Defamatory pictures are constantly posted on the net, either by mistake or intentionally. But that’s not enough. Now it looks like the next revolution that will rock the privacy scene is around the corner, Google Glass.

Having a camera in your phone has lowered the threshold to take photos tremendously. It’s always with you and ready to snap. But you still have to take it out of the pocket and aim it at your object. The “victim” has a fair chance to notice that you are taking photos, especially if you are working at close distance.

Google Glass is a smartphone-like device that is integrated in a piece of headgear. You wear it all the time just like ordinary glasses. The screen is a transparent piece in your field of view that show output as an overlay layer on top of what’s in front of you. No keyboard, mouse or touchscreen. You control it by voice commands. Cool, but here comes the privacy concern. Two of the voice commands are “ok, glass, take a picture” and “ok, glass, record a video”. Yes, that’s right. It has a camera too.

Imagine a world where Google Glasses are as common as mobile phones today. You know that every time you talk to someone, you have a camera and microphone pointed at you. You have no way of knowing if it is recording or not. You have to take this into account when deciding what you say, or run the risk of having an embarrassing video on YouTube in minutes. A little bit like in the old movie RoboCop, where the metallic law enforcement officer was recording constantly and the material was good to use as evidence in court. Do we want a world like that? A world where we all are RoboCops?

We have a fairly clear and good legislation about the rules for taking photos. It is in most countries OK to take photos in public places, and people who show up there must accept to be photographed. Private places have more strict rules and there are also separate rules about publishing and commercial use of a photo. This is all fine and it applies to any device, also the Google Glass. The other side of the coin is peoples’ awareness of these laws, or actually lack thereof. In practice we have a law that very few care about, and a varying degree of common sense. People’s common sense do indeed prevent many problems, but not all. It may work fairly OK today, but will it be enough if the glasses become common?

I think that if Google Glass become a hit, then it will force us to rethink our relationship to photo privacy. Both as individuals and as a society. There will certainly be problems if 90% of the population have glasses and still walk around with only a rudimentary understanding about how the law restricts photography. Some would suffer because they broke the law unintentionally, and many would suffer because of the published content.

I hope that our final way to deal with the glasses isn’t the solution that 5 Point Cafe in Seattle came up with. They became the first to ban the Google Glass. It is just the same old primitive reaction that has followed so many new technologies. Needless to say, much fine technology would be unavailable if that was our only way to deal with new things.

But what will happen? That is no doubt an interesting question. My guess is that there will be a compromise. Camera users will gradually become more aware of what boundaries the law sets. Many people also need to redefine their privacy expectation, as we have to adopt to a world with more cameras. That might be a good thing if the fear of being recorded makes us more thoughtful and polite against others. It’s very bad if it makes it harder to mingle in a relaxed way. Many questions remain to be answered, but one thing is clear. Google Glass will definitively be a hot topic when discussing privacy.

Micke

PS. I have an app idea for the Glass. You remember the meteorite in Russia in February 2013? It was captured by numerous car cameras, as drivers in Russia commonly use constantly recording cameras as measure against fraudulent accusations. What if you had the same functionality on your head all the time? There would always be a video with the last hour of your life. Automatically on all the time and ready to get you out of tricky situations. Or to make sure you don’t miss any juicy moments…

Photo by zugaldia @ Flickr