Computer Crime Research Center


Ethical hackers' help

Date: August 25, 2006
By: Mario Morejon

Few "ethical" hackers can provide simulated attacks with the level of sophistication that Cenzic offers in its Hailstorm "hacker-in-a-box" penetration tester.

Hailstorm's unique non-signature based technology interprets results during realtime attacks without comparing results with signature-based databases. The tool's interpreting engine eliminates false positives by providing generic solutions to attacks.

What's more, Hailstorm doesn't focus on any specific vendor's technology, since it uses generic scripts to attack different kinds of applications. Santa Clara, Calif.-based Cenzic provides all the source code for its attacks so that anyone can copy them and create their own scenarios.

Today, most hacking is financially driven and well-organized, with attacks launched to steal information from banks, financial services firms and online retailers. With banks, for instance, hackers working with inside employees or identifying weak application exploits have been known to set up temporary offshore accounts to siphon tiny amounts from many of accounts. Banks and consumers usually don't notice such attacks right away because of the small amounts being transferred.
Original article

Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo