Join us in Myrtle Beach, SC!
AoE will be sponsoring this year’s Mobile Forensics World and Techno Security Conference!
Both events are taking place in Myrtle Beach, SC from
June 2 – June 5, 2013. Our resident SME on Digital Forensics,
Courtney Lancaster, will be presenting a talk about the increasing role mobile forensics plays in litigation. We will
also be showcasing our Wiretap, Wireless, Mobile Device Forensics, and Snort Fundamentals courses during the event.
This will be the 15th year for Techno Security and the 6th year for Mobile Forensics. Attendees have registered from
52 different countries over the years. Frequent attendees are some of the top practitioners in the world in the fields
of Information Security, eDiscovery, Mobile Forensics, Mobile Forensics and Technical Business Continuity Planning.
Last year, there were over 1,400 people registered by opening day.
Click Here to find out more information about these conferences.
March 11, 2013
TCS' Art of Exploitation Endorsed by E-C Council
ANNAPOLIS, Md., March 11, 2013 /PRNewswire/ -- TeleCommunication Systems, Inc. (TCS) (TSYS), a world leader in highly reliable and secure mobile communication technology, today announced the EC-Council (International Council of E-Commerce Consultants), the world's largest certification body for information security professionals, has endorsed its Cyber Intelligence Group as an EC-Council Elite Vendor and Endorsed Partner. With this endorsement, TCS' Art of Exploitation™ Bootcamp 2.0 course qualifies as official training for the EC-Council's Certified Ethical Hacking (C|EH) designation, which is listed on the U.S. Department of Defense's (DoD) directive 8570 mandate.
- Under the 8570 mandate, all personnel with "privileged access" to DoD systems must obtain an ANSI-approved commercial certification.
- DoD system integrators who provide support to the information assurance/ cyber security mission can now access TCS' comprehensive, mission-focused training.
- With more than 40 labs, Bootcamp Edition 2.0 is a hands-on course of study that focuses on technical and process skills which align to the knowledge areas contained in the C|EH Objectives. This provides an introduction to the tactics, techniques and methodology required for a network exploitation analyst or operator.
- In addition to the course, its modular design allows individual sections such as Basic O/S Review, Methodology and Vulnerability Identification, to be added, subtracted or taught separately, depending on the requirements of the audience.
- TCS is a participant in the Global CyberLympics, a not-for-profit initiative led and organized by the EC-Council Foundation and endorsed by the United Nation's International Telecommunications Union (ITU) to raise awareness towards increased education and ethics in information security.
- Drew Morin, senior vice president and chief technology officer, TCS, said: "The EC-Council is the leader in information security certification, and achieving their endorsement is a significant accomplishment, as fewer than five programs have achieved this level of recognition. Now, DoD cyber/information systems professionals can utilize Bootcamp Edition 2.0 to gain some of the most comprehensive, in-depth cyber security training available."
- Steve Graham, Sr. Director, EC-Council, said: "After undertaking a critical review of TCS' Art of Exploitation curriculum, we found it meets the objectives necessary to help students obtain our Certified Ethical Hacking Certification. TCS' hands-on approach to training and different perspective to the subject matter will add to the valuable education and training programs for our growing base of certified cybersecurity professionals. We congratulate TCS on becoming an EC Council Elite Vendor and Endorsed Partner."
TCS provides focused training in the fields of penetration testing, forensics-defend strategies and vulnerability analysis and ethical hacking, and brings together many of the brightest minds in security as a forum for research, collaboration and building next-generation technologies to protect critical networks. Students learn and experience computer network operations and forensics in a safe and reliable environment and have the opportunity to choose a field of study that will build on and advance the knowledge and skills needed to be successful in their chosen career paths.
About TeleCommunication Systems, Inc.
TeleCommunication Systems, Inc. (TCS) (TSYS) is a world leader in highly reliable and secure mobile communication technology. TCS infrastructure forms the foundation for market leading solutions in E9-1-1, text messaging, commercial location and deployable wireless communications. TCS is at the forefront of new mobile cloud computing services providing wireless applications for navigation, hyper-local search, asset tracking, social applications and telematics. Millions of consumers around the world use TCS wireless apps as a fundamental part of their daily lives. Government agencies utilize TCS' cyber security expertise, professional services, and highly secure deployable satellite solutions for mission-critical communications. Headquartered in Annapolis, MD, TCS maintains technical, service and sales offices around the world. To learn more about emerging and innovative wireless technologies, visit www.telecomsys.com.
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in cyber security and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.
EC-Council has trained over 80,000 individuals and certified more than 40,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570, National Security Agency (NSA) and the Committee on National Security Systems (CNSS).
EC-Council also operates EC-Council University and the global series of Hacker Halted security conferences. The global organization is headquartered in Albuquerque, New Mexico.
For more information about EC-Council, visit the website: www.eccouncil.org.
February 16, 2013
DoD Cyber Workers Undertrained; Fixes Coming
Defense News posted an article on February 16, 2013 discussing the Department of Defense’s concerns on the current level of knowledge and training its employees are receiving. The DoD wants practical application based training and that is what AoE is all about. All of our courses are hands-on training and are taught by Subject Matter Experts who have performed the mission. AoE courses are modular in design so that we can cater to the exact needs of any particular organization. Our BootCamp 2.0 Edition course alone boasts of over 40 practical labs and a final two day capstone that puts the student in the seat of an operator. We don’t just hand out college credits (we’re ACE accredited!), or certifications without being completely sure that the student is going to be able to perform what they have learned by attending an AoE course.
Click here to view the DefenseNews article.
February 15, 2013
American Council of Education CREDIT Recommendation for Eight Cybersecurity Courses
As of February 15, 2013, the American Council on Education College Credit Recommendation Service (ACE CREDIT®) has evaluated and recommended college credit for 8 of our 19 courses:
ACE CREDIT helps adults gain academic credit for courses and examinations taken outside traditional degree programs. More than 2,000 colleges and universities consider ACE CREDIT
recommendations in determining the applicability to their course and degree programs. As a result of the recommendations for the AoE courses, students completing any of these could
receive two to three semester hours of academic credit toward a degree.
ACE is the major coordinating body for the nation's higher education institutions and seeks to provide leadership and a unifying voice on key higher education issues and to influence
public policy through advocacy, research, and program initiatives. For more than 30 years, colleges and universities have trusted ACE CREDIT to provide reliable course equivalency
information to facilitate their decisions to award academic credit. For more information, visit the ACE CREDIT website at
February 15 – 17, 2013
AoE is pleased to announce our platinum sponsorship of ShmooCon 2013,
and to commemorate our growth we are doubling last year's prizes!
This year we will be holding two separate raffles. The first will give you a chance to win
one of two Tablet Pen-testing Suites, both loaded with BackTrack and equipped with an Ubertooth.
The second raffle will allow you an opportunity to win one of two seats to our
being taught on Feb. 19-21 in Hanover, MD (45 minutes outside of DC).
Attendees will have a chance to win in both raffles!
One shirt at a time
Since 2012 Nathan Magniez has been doing his part to eliminate hunger in the world. So far, he has sold shirts at
BlackHat, DEF CON, DerbyCon and ShmooCon to raise money for Hackers for Charity's Food for Work Program.
The program was originally started by Johnny Long and funded through the sale of his "No Tech Hacking" book,
however the program was put on hold due to lack of funds.
The sale of Hack Hunger shirts provide roughly a $15 donation margin and can fund two parts of the Food for Work program:
The first part costs roughly $12 and provides a family of four with food for a month as well
as a small "kitchen garden", which is essentially a 50lb recycled sack that is filled with soil and can grow vegetables out of it.
The second part of the program costs roughly $3 and provides farming supplies, such as seeds and fertilizer, to families.
How does it all work? This is a "food for work" program whereby able-bodied participants be given plots of land and all the materials
and skills needed to plant, maintain and harvest a large personal farm. A portion of the harvest is given to
Action for Empowerment (AOET) Kenya for distribution in the community as well as to “buy” another season to work the farm.
The bulk of the harvest goes to the farmer, most of who have graduated from the food distribution program and are now doing well
enough to work and sustain themselves. The farmer's portion provides enough food to feed their family as well as sell on local markets to provide revenue.
As Nathan said, “I want to affect change in this world. I will no longer hope or wish someone else will be doing something. My goal is to enable
others to help eliminate hunger in the world."
To read more about Nathan’s endeavors check out www.gofundme.com/HackHunger, www.hackhunger.com or
checkout a portion of Johnny Long's talk at Derbycon 2012 below.
October 19 – 21, 2012
CMAP Baltimore Give Camp
On October 19 – 21 UMBC hosted the second annual Baltimore Give Camp. AoE instructor
Aaron Soto along with about 175 other local software developers gathered to donate
their time building software and websites for local non-profit organizations. Approximately
25 non-profit organizations requested support and were sent home with solutions
like Wordpress blogs, Android applications, and .NET-based websites.
As we’ve learned from previous camps, time is crucial. Developers need to have resources
immediately available, so that the majority of their time is spent coding – not
troubleshooting. AoE provided gigabit networking infrastructure, virtualized Windows
and Linux servers, and pre-imaged laptops for developers who did not have one available.
Several teams noted that having on-site development environments made their time
Once infrastructure was humming along, Aaron was a part of the Pet On Wheels team,
a team he’d had the pleasure of working with in previous camps. Pets On Wheels works
with local pet owners to bring their pets into hospitals, assisted living facilities,
and homeless programs. During the Southern Maryland Givecamp (also supported by
AoE), the team was able to send them home with an Android app their volunteers could
use to track their visits, hours, and interactions with residents. Due to a backend
restructuring and some lost code, the application needed a fair bit of updating.
They were also able to add new automation to their volunteer management system.
Aaron and his team worked tirelessly on a long list of requirements to give Pets
On Wheels the highest return for their time. The developer community was estimated
to have provided over $300,000 worth of development services in just one weekend,
bringing praise, applause and a few tears from non-profit representatives during
Sunday’s closing ceremonies.
AoE Sponsors DerbyCon
This was Art of Exploitation’s first year attending DerbyCon in Louisville, Kentucky.
There were roughly between 1,500-1,700 people in attendance. AoE instructor Nathan
Magniez gave a talk on Sunday afternoon on Redirection to bypass firewall, ACLs
and/or to remain anonymous. His slides are currently available here: http://www.hackhunger.com/2012/10/derbycon-slides-alice-in-redirection.html.
The audience responded very well to Nathan’s topic of discussion, and one person
in the audience walked away with their very own AoE Louisville slugger. The rest
of the con was a blast for all of the hackers out there and there were some amazing
talks that our instructors truly benefited from.
Nathan is heavily involved in the organization Hackers for Charity (HFC) where his
shirt was on display and for sale. DerbyCon rose over $33,000 for HFC! Renowned
security expert Johnny Long gave a talk at 9am Saturday morning which was about
the evolution of HFC. He talked about the past, present and future endeavors which
included my efforts to revitalize the Food For Work program which had lost monetary
support. In this video snippet he talks about the Hack Hunger and the specific details
of what these shirts can do for people. 1 Hack Hunger shirt = 1 month of food, (literal)
seed money for farm supplies and small portable kitchen gardens which can help those
with literally nothing. The shirt also supplies those that have farm land with farm
tools to plant crops which then can be harvested and 50% of the crops go back into
funding the project. These shirts are literally providing "seed" money to help people
become self-sufficient. It is truly amazing what $20 and some hackers can do for
the world! Here is the 3 minute snippet: http://www.hackhunger.com/2012/10/HackHungerOfficiallyFundsHackersForCharity.html
Black Hat / DEFCON 2012
Art of Exploitation was proud to sponsor Black Hat 2012 in Las Vegas, Nevada. This
year our instructors were able to attend the conference, host a booth, and promote
the latest course offerings. The instructors attended talks on the new Microsoft
Windows 8 operating system, Near Field Communications (NFC) and Ruby workshops.
The event allowed us to stay in touch with our partners throughout the commercial
and government sectors, as well as the opportunity to attend DEFCON 20. We cannot
wait to go back in 2013!
August 23, 2012
Cyber Auto Challenge
During the week of August 13th - 17th, Mr. Aaron Soto and Mrs. Courtney Lancaster were invited to join Battelle for their week long Cyber Auto Challenge. Among the
attendees were 24 high school students, a number of college students, as well as
cyber security specialist and vehicle manufacturers. The goal of the Cyber Auto
Challenge was to not only educate students and professionals but to inspire them
to think innovatively about the engineering of the vehicles and how it related to
Mr. Soto provided his expertise in electronics by providing a comprehensive lecture
and subsequently issuing an interesting yet fun challenge. The challenge for the
students was to solder and create their very own oscilloscope. This proved to be
a big hit with the students as well as the professionals. Mrs. Lancaster took an
investigative forensic approach with regards to retrieving user data from vehicles.
Like Mr. Soto, Mrs. Lancaster too provided a comprehensive lecture and followed
up with having the students utilize various forensic tools to recover user data
from multiple sources.