Thursday, August 16, 2012

Hacking Exposed 7: Changing the Game

Summer time in the internet security community tends to be hot and busy, and this summer has been no exception for many of us!  It was great to see many of you at Black Hat in Las Vegas recently as my new company CrowdStrike continues to attract worldwide interest and is blossoming daily. We really appreciate everyone’s support and interest in our mission. However, this blog is not about CrowdStrike, it is about continuing the tradition of helping to educate and connect with the security community. It is with great pleasure that I announce the release of the seventh edition of Hacking Exposed: Network Security Secrets & Solutions.
A lot has changed since the first edition of the Hacking Exposed series was written in 1999. Besides having a little bit more hair than I have today, it was a time before the term targeted attacks even existed.  Persistence was a novelty, and a virus wrecked your computer rather than sucking out billions of dollars of intellectual property from your company.   The attacks were numerous and varied, and there was a much smaller pool of attackers coming at your digital defenses.  It was before Metasploit even existed, and netcat and Back Orifice were the best Remote Access Tools (RATs) around.  Fast forward 12 years and we live in the age of the constant cyber adversary. If you step back and really analyze the current environment, the adversary’s tools and techniques have not really evolved all that much. Netcat, once the Swiss army knife of the skilled pen tester, has been replaced with Poison Ivy. Pass the hash is now automated, and lateral movement within a network looks like a carbon copy of Chapter 4 Hacking Windows.

So as the seventh edition of Hacking Exposed hits the shelves this summer, our new daily reality is that targeted attackers are attempting to rain on your picnic at the beach by attempting to kick digital sand in your face.   Hacking Exposed was designed to provide that extra confidence builder that every good guy needs to help understand how to fight the cyber bully attempting to plant a flag on your digital beachfront.  The increase in stories over the last three years alone about the wholesale loss of intellectual property is startling. As our own Shawn Henry, President of CrowdStrike Services says “It is time to stop taking punches, and let's change the game.  It’s time for a major shift in the way we secure our networks, and Hacking Exposed 7 can help you return the pain to your cyber adversary.” More than ever there seems to be a growing and unified agreement in the security community that today’s information security teams absolutely must have an inside track on the ways to beat the adversary and change the game.

So What’s New In the 7th edition?

We spent many late nights making sure the series is armed with the latest cutting edge information.  We updated each chapter to get rid of the old and focus on the new.  Some of the new items include:
  • Addressing Targeted Attacks also known in some circles as Advanced Persistent Threats (APT).
  • Embedded Hacking a topic near and dear to my heart.  This section includes techniques used to strip circuit boards of all its chips and reverse engineer them.
  • Database Hacking We added an entire section on hacking and protecting your most precious commodity data.  Hey, it is all about the data, right?
  • Mobile Hacking We dedicated an entire chapter to mobile hacking, which couldn’t be more timely in today’s ever connected society.

Lastly, we have created a new website to help accompany the latest release of the book:  Along with the new website, we have geared up our CrowdStrike team to provide quarterly webinars with exciting topics that are relevant to the community of security professionals we serve.  

The first webinar hosted by CrowdStrike will be on Wednesday, September 12th from 11am PT/ 2pm ET and will be a one hour format titled
Hacking Exposed: Mobile Targeted Threats The Next Wave of Attack.  This session will focus on mobile threats that have been observed in the wild and the next wave of threat actors. It will conclude with a demo of a seamless targeted attack against an Android ICS device.  I hope you can join Georg Wicherski and myself for this informative webinar. Georg is one of THE top mobile security researchers in our space. You may be familiar with his work if you attended Charlie Miller's recent Black Hat talk.

I am looking forward to continuing both doing Hacking Exposed Live seminars and giving live Webcasts that focus on timely and relevant information.  I will leave you with a quote from a good friend of mine, Patrick Heim, CISO of
“I once heard an avid video gamer say, ‘If you are not moving, you’re dead!’ Use this book to move your security game and stay alive.”  That exact sentiment conveys the pride I feel being involved with the Hacking Exposed series and giving back to the community so that you can “change your game” and live to fight another day!

A big thanks to all the contributing authors who helped make this the best Hacking Exposed yet!

For daily updates, you can follow me on Twitter @george_kurtz.

To join our Hacking Exposed 7 mailing list and receive updates on the latest webinars, please sign up directly at website.


  1. Thanks for the valuable information and insights you have so provided here... free robux cheat

  2. glu hack could have been a great idea if the makers of it had put the time into it that was necessary. But as with so many products that we see everyday, this was obviously a rush job and it showed.

  3. You can just imagine how much money these game cheat entrepreneurs can make. However, these people who make cheats for a living are only one source of game cheats roblox jailbreak hack

  4. Once read, the hardest part begins; the decryption. Facebook uses one of the best encryption methods on the internet

  5. Such a very useful article. Very interesting to read this article.I would like to thank you for the efforts you had made for writing this awesome article. Ocean Of Games

  6. This blog thoroughly steps far from every one of those nonexclusive and symbolizes what elegantly composed genuinely resembles.
    paypal money hack

  7. Players that are shot and killed will respawn allowing them to continue in the same open game session supposed to being shot, not respawning and having to wait until that game session has ended.

  8. Moral hackers only look into the security issues of the company and aim to secure the breaches in the system.
    hack FB

  9. Wonderfully astonished to see this meshwork of stunning words.

  10. Look at neighborhood promotions and nearby dealers for a cheap video game It regards be vigilant for extraordinary rebate advertisements. gramno

  11. This comment has been removed by the author.

  12. Your satisfaction rating needs to include the website’s ability to enable you to have hot games always.Online Slope unblocked

  13. Online games refer to video games that you play with the help of the internet. Now you can see that online games are very famous and prominent these days. Also you can secure your online account with Strong Password Generator. Use these sites, make your password unique and memorable.

  14. Many people have been complaining about their accounts being hacked. The problem mainly lies in the fact that hackers have been coming up with more and more cunning ways of hacking accounts.

  15. Super Saver Mama is devoted to furnishing you with the most sparing commendable arrangements, best online product deals, so you can spend less and appreciate more. Super Saver Mama is here to favor you with limits and investment funds you merit.
    best online product deals

  16. Beware of scammers i have been scammed 3 times because i was trying to know if my husband was cheating until i met this hacker named; cyberghost475 AT gmail DOT com who helped me hack into my spouse phone for real this great hacker hacked into my spouse whats-app messages,Facebook messages.text messages,call logs,deleted text messages,bitcoin account and many more i was impressed with his job and he brought me results under 24 hours believe me he is real and his services are cheap and affordable.: +1 929 359 3547


  17. Thanks for sharing this amazing article, it is very informative post good work keep it up.
    palmetto state armory coupon

  18. I truly thank you for the important data on this incredible subject and anticipate progressively extraordinary posts. You're the best for getting a charge out of this excellence article with me.electronic data room due diligence