Latest Blog Posts


ASA and IPS Parallel Features – Part II

July 19, 2011 Added by:Dawn Hopper

The value of the normalizer with inline mode cannot be overstated; it can reassemble entire fragmented streams as well as modify packets with illegal and/or malformed options before they reach their target. Not surprisingly, some technical documents refer to this function as packet scrubbing...

Comments  (0)


UPDATE: FBI Arrests 14 in Hacktivist Investigation

July 19, 2011 Added by:Headlines

"Authorities have arrested 14 people today in the United States in connection with hacking attacks by the Anonymous group of online activists, sources said. The arrests follow raids earlier in the day on homes in New York, California, New Jersey, and Florida..."

Comments  (3)


I Am Certified - You Are Secured

July 18, 2011 Added by:J. Oquendo

Security? I don't care for it. Companies don't want security. They do not want assurance. They want a framework to ensure they did no wrong. My goal is simplified ten-fold, and my aim is to ensure that someone on the C-level can cross their T's dot their I's and get on with their game of golf...

Comments  (29)


Using Meterpreter Script – StickyKeys.rb

July 18, 2011 Added by:Kyle Young

This script places a backdoor onto a Windows victim system. The sethc.exe program is the sticky keys program. To activate you just have to hit the shift key 5 times and sethc.exe will be executed. While this can be useful for those who are disabled, there is also an abuse for this feature...

Comments  (2)


Jay Leno: Most Dangerous Celebrity in Cyberspace

July 18, 2011 Added by:Emmett Jorgensen

“Cyber criminals follow the latest trends just as consumers do and they use these and the names of popular celebrities in their campaigns in order to lure people to websites that are full of malicious software (malware)..."

Comments  (0)


Researchers Develop No-Proxy Anonymity System

July 18, 2011 Added by:Headlines

"The client secretly marks the connection as a Telex request by inserting a cryptographic tag into the headers. We construct this tag using a mechanism called public-key steganography... only the Telex service (using a private key) can recognize that a connection has been tagged..."

Comments  (2)


Password Hash: It's Okay to Inhale...

July 18, 2011 Added by:Vulcan Mindm3ld

The recent IRC Federal and HBGary SQL injection vulnerabilities allowed attackers access to a username/password table stored in the database. IRC Federal's “experts” simply stored unencrypted passwords while HBGary's “expert” third-party developers implemented unsalted, non-iterated MD5...

Comments  (4)


Authorities Arrest 61 in Global ATM Skimming Ring

July 18, 2011 Added by:Headlines

"What stands out to me is that they arrested 61 people and they anticipate more. I think it just shows how pervasive these skimming rings are. This isn't a couple of smart teenage hackers operating locally, but a globally organized operation..."

Comments  (0)


America Faced With Wave of Chinese Espionage

July 18, 2011 Added by:Infosec Island Admin

Espionage by the Chinese has been a favorite past time for them with regard to the U.S. and now that espionage is taking place within computer networks. But this too has been happening for a long time (see Titan Rain or others like Moonlight Maze)...

Comments  (0)


Defense Research Lab Back Online After Attacks

July 18, 2011 Added by:Headlines

Nearly two weeks after an Advanced Persistent Threat (APT) attack caused officials to take systems offline at the Energy Department’s Pacific Northwest National Laboratory (PNNL), nearly all systems have been restored to normal operating parameters...

Comments  (0)


Seven Security Blankets and I'm Still Short-Sheeted

July 17, 2011 Added by:Kevin McAleavey

Client-side "layered security" is a mess. It fails because people are so irritated by all the alerts that they don't understand. They no longer trust their security arrangements, and when they visit a site that offers a rogue antivirus and no alert pops up, they let it run for a second opinion...

Comments  (0)


Software Security Degree Programs

July 17, 2011 Added by:Bozidar Spirovski

More institutions are providing programs and degrees focused on the security aspect of information technology than ever before. Part of the reason for this is the significant projected increase in the number of jobs available in the field...

Comments  (1)


Cyber Criminals Just Came A Callin’ At My House

July 17, 2011 Added by:Rebecca Herold

When I asked him why he called me in particular, he tried to avoid the question. I persisted. Finally I asked him if Microsoft had contracted his company to call me. He then said, “Yes! My company was subcontracted by Microsoft to call me, and that is how I got your information...”

Comments  (21)


Judge Says Its OK to Post Social Security Numbers

July 16, 2011 Added by:Robert Siciliano

Over the years, many have interpreted the to allow Social Security numbers, to be posted online. I’ve seen Social Security numbers for Jeb Bush, Colin Powell, former CIA Director Porter Goss, Troy Aiken, and Donald Trump, all published on the Internet...

Comments  (0)


Weapon Systems Specs Stolen in Contractor Breach

July 16, 2011 Added by:Headlines

Reuters reports that a classified US military weapons system will now need to be redesigned after specs and plans for the system were stolen from a defense contractor database in a breach earlier this year...

Comments  (0)


Why Perform FCPA Due Diligence?

July 15, 2011 Added by:Thomas Fox

Once again, the need for continued vigilance throughout the due diligence process. Simply because your agent/vendor/business relationship is located in the United States, does not mean that you can automatically limit your due diligence inquiry to a Level One search...

Comments  (0)

« First < Previous | 290 - 291 - 292 - 293 - 294 | Next > Last »