January | 2007 | Andrew Hay

January 30, 2007
by Andrew Hay
723 Comments2007-01-31+00%3A07%3A32Andrew+Hay

Hacker Techniques, Exploits and Incident Handling in Fredericton, NB, Canada

After working with my contact at SANS for the last few weeks it’s finally official! From Thursday, April 5, 2007 to Thursday, June 7, 2007 I will be leading the Security 504: Hacker Techniques, Exploits and Incident Handling track here … Continue reading →

January 29, 2007
by Andrew Hay
704 Comments2007-01-29+23%3A56%3A05Andrew+Hay

Why Doesn’t the Security Industry Have Champions in Hollywood?

As I picked up my latest copy of Information Security Magazine I found myself wondering what Tom Hanks was doing on the cover. On second glance I noticed that this wasn’t Tom Hanks but rather Eric Bangerter from the University … Continue reading →

January 17, 2007
by Andrew Hay
690 comments2007-01-17+11%3A23%3A17Andrew+Hay

My root password is so secure … you be the judge

I received a hilarious email posted to the security-basics mailing list this morning that I had to share: I was in a bar in San Francisco where my English accent has a habit of stimulating conversation with total strangers, in … Continue reading →

January 16, 2007
by Andrew Hay
681 Comment2007-01-17+00%3A50%3A16Andrew+Hay

Reasons why enterprise networking and security roles must stay separate

The illustrious Shon Harris has stated in her latest article for SearchSecurity.com that: Not only should the networking group and security group have distinct and clearly defined tasks and responsibilities, but they should also have separate chains of command. which … Continue reading →

January 14, 2007
by Andrew Hay
677 CommentsWhat+Training+is+Missing%3F2007-01-15+01%3A23%3A59Andrew+Hay

What Training is Missing?

Both Richard Bejtlich and Harlan Carvey have expressed their concerns with the recent SANS NewsBites issue in which the new Certified Malware Removal Expert certification is announced: Does anyone on your staff do an excellent job of cleaning out PCs … Continue reading →

January 9, 2007
by Andrew Hay
650 commentsOphcrack2007-01-09+13%3A37%3A37Andrew+Hay

Ophcrack

Many of you are familiar with L0phtcrack for cracking passwords. LC5 was discontinued by Symantec in 2006, but you can still find the LC5 installer floating around. The free trial only lasts 15 days, and Symantec won’t sell you a … Continue reading →

January 1, 2007
by Andrew Hay
640 commentsExpanding+my+horizons+in+20072007-01-01+21%3A25%3A59Andrew+Hay

Expanding my horizons in 2007

I’ve decided that 2007 is going to be the year that I expand my horizons and diversify my knowledge. I’m going to get away from product-centric studies and take a more agnostic approach to my continuous learning. To give you … Continue reading →