Aaron Higbee

• 
  www.novainfosecportal.com/2008/08/28/nova-sec-infosec-m - [Cached Version]
  Published on: 9/6/2008    Last Visited: 9/12/2008  

  Who: Aaron Higbee, Intrepidus Group (possibly Olympic hax0r Stryde Hax too)

• 
  securitybullshit.com/2007/04/02/cartoon-030-riaa-forens - [Cached Version]
  Published on: 1/1/2007    Last Visited: 5/6/2007  

  Courtesy of Aaron Higbee of the Intrepidus Group

• 
  www.eweek.com/c/a/Security/Security-Service-Helps-Organ - [Cached Version]
  Published on: 7/25/2008    Last Visited: 7/25/2008  

  "One of the most popular things that phishers do is they play tricks with the URL parameters and what the link is displayed as ...host of tools to do exactly like they do," said Aaron Higbee, chief technology officer of Intrepidus."You can use our IP addresses, you can use domains that we've created, or if you really want to make an authentic phishing site, you can register your own look-alike domain, point it to our servers and use that for your phishing scenario."
  
  Companies can design the test so that an employee who clicks on the link will be directed to training materials or keep the simulation going to see if the person will respond to requests to enter sensitive data such as passwords.PhishMe does not collect sensitive information, Higbee said, explaining that JavaScript on the Web site overrides anything users actually input into fields during tests.

• 
  forum.catchride.com/index.php?s=e471bde0c466b17282d0599 - [Cached Version]
  Last Visited: 11/13/2008  

  "I think that's the part of the story that people are losing sight of," said Aaron Higbee, chief technical officer at Intrepidus Group, the New York-based Internet security firm where he and Walker work.
  
  "The discovery wasn't of the original document," said Higbee, "but of a cached copy. The document itself was gone."

• 
  www.muziqnet.com/modules.php?op=modload&name=News&file= - [Cached Version]
  Published on: 11/23/2001    Last Visited: 8/24/2002  

  The "phone home" technique presented by Aaron Higbee of Foundstone and Chris Davis from RedSiren Technologies at the Black Hat Briefings here takes advantage of the fact that firewalls effective in blocking entry into a private network, are generally permissive in allowing connections the other way around.
  ...
  Higbee and Davis perform penetration tests, and developed their game box ***** attack tool after finding themselves more than once with physical access to a client's facilities -- posing as an employee in once case, crawling through a drop ceiling in another -- but without a way to leverage that access into remote control of the company's network.
  ...
  "It's not that hard to get into an organization for one or two minutes," said Higbee.
  
  They chose the Dreamcast for its small size, availability of an Ethernet adapter, and affordability -- the console was discontinued last year, and now sells used for under $100 on eBay.Loaded with custom Linux-based software and covertly plugged into a spare network port under a desk or above a ceiling, the harmless-looking toy becomes the enemy within, probing the company firewall for a way out to Internet.
  
  The box cycles through the ports used for common services like SSH, Web surfing, and e-mail, which tend to be permitted by firewall configurations.Failing that, it tries getting "ping" packets out to the Internet, and finally looks for proxy servers bridging the network to the outside world.

• 
  conference.hackinthebox.org/hitbsecconf2005kl/?p=48 - [Cached Version]
  Published on: 7/18/2005    Last Visited: 12/13/2007  

  Aaron Higbee, Principal Consultant, Foundstone, a division of McAfee.
  
  Comments are closed.

• 
  www.dominopower.com/newsitems/00037225.html - [Cached Version]
  Published on: 12/17/2007    Last Visited: 12/18/2007  

  No sensitive information will be collected or allowed to be entered, according to Intrepidus Managing Partner Aaron Higbee.

• 
  www.law.com/jsp/legaltechnology/pubArticleLT.jsp?id=120 - [Cached Version]
  Published on: 6/24/2008    Last Visited: 6/24/2008  

  "I would request from the company providing the solution a copy of their last penetration test report," says Aaron Higbee, managing partner of security consulting firm Intrepidus Group.

• 
  keanua-z.blogspot.com/2003_09_01_archive.html - [Cached Version]
  Published on: 9/1/2003    Last Visited: 11/15/2007  

  Aaron Higbee, a Foundstone consultant, agrees.He even says that a realistic screenplay of his life as an authentic white-hat hacker would look something like this:

• 
  www.infowar.com/iwftp/ciphertext/2002/ciphertext08a2002 - [Cached Version]
  Published on: 1/24/2002    Last Visited: 10/18/2002  

  The "phone home" technique presented by Aaron Higbee of Foundstone and Chris Davis from RedSiren Technologies at the Black Hat Briefings here takes advantage of the fact that firewalls effective in blocking entry into a private network, are generally permissive in allowing connections the other way around.
  ...
  Higbee and Davis perform penetration tests, and developed their game box cum attack tool after finding themselves more than once with physical access to a client's facilities -- posing as an employee in once case, crawling through a drop ceiling in another -- but without a way to leverage that access into remote control of the company's network.

Page:  1 2 3 4 5