My ERP got hacked, an Introduction to Computer Forensics, available for download

Thanks to Hakin9 (and especially to Ewa Dudzic) and the readers that selected my articles as the best in the latest issues, the series of two articles “My ERP got hacked, an Introduction to Computer Forensics” are now available for free download from the magazine site.

I’ve been also authorised to post them on my website, so feel free to download them from the updated “Papers & Presentations” page, where I have also posted some of the comments I received from several readers, as well as an interesting reference to my article from Harlan Carvey.

Happy reading!

From Brussels to Amsterdam calling at London and Sydney

That’s been what I call my ‘SANS itinerary’ since I started this exciting journey back in June 2007. It all started at SANS Secure Europe, in Brussels, where I took my first SANS class with Jess Garcia, CEO of One eSecurity and a good friend of mine. It was SECURITY 508, System Forensics, Investigation & Response, an awesome track created by Rob Lee on one of the most interesting and hot topics of Information Security. It’s been almost two years since then, but now I realize the tremendous positive influence that event had in my career as a security professional.

Early on the first day, I could see that was a different kind of training, far different from all the training sessions I had attended before, including the well-known CISSP bootcamp and vendor specific training like Checkpoint‘s and others I took in the past. Unlike those, this was real hands-on training, with lots of exercises and challenges, including the use of several virtual machines and an arsenal of security tools you can take home with you. Also, the amount of material you receive throughout a 6-day course is awesome. Someone described it like “drinking directly from a fire hose”. Actually, I can’t describe it better.

Add to that a friendly, relaxed but yet professional atmosphere, and the multiple opportunities you get for both networking and sheer knowledge with attendees and instructors and you will understand why Brussels was only the start.

SANS Secure Europe 2007

With Carlos Fragoso and Richard Fadul at SANS Secure Europe 2007 in Brussels

Continue reading From Brussels to Amsterdam calling at London and Sydney

Links to overcome the post-holiday syndrome

September came quickly and holidays are gone. Well, at least for me and for most of the people that live in this part of the world. If you happen to be one of those that survived the holiday season -and all its hassles- without even approaching your laptop, blackberry, iPhone, PDA or any other kind of “always-on” Internet device… you are either a liar or a hero.

Whatever you did, and despite the amount of money you spent, one thing is for sure: if you are reading this it’s safe to assume that you are still interested in reading about good infosec stuff, aren’t you?

Keep reading then and have a look at the following links containing a few interesting security tools, new forensic challenges and even a new Multi-Boot Security Live DVD:

  • DFRWS 2008 Rodeo (forensic challenge): The 8th annual Digital Forensic Research Conference was held from August 11 to 13, 2008 in Baltimore, MD. A key element of this conference is the “forensic rodeo”, a challenge where conference attendees form teams to solve a digital forensic problem. The DRFWS has made the materials for the 2008 Forensic Rodeo available on their website for educational purposes and to support further research in memory analysis and file carving. The scenario description and the image files can be downloaded http://www.dfrws.org/2008/rodeo.shtml Continue reading Links to overcome the post-holiday syndrome