Latest Blog Posts

Bc353c4c6a6f7743290ce11723414424

ASA and IPS Parallel Features – Part II

July 19, 2011 Added by:Dawn Hopper

The value of the normalizer with inline mode cannot be overstated; it can reassemble entire fragmented streams as well as modify packets with illegal and/or malformed options before they reach their target. Not surprisingly, some technical documents refer to this function as packet scrubbing...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

UPDATE: FBI Arrests 14 in Hacktivist Investigation

July 19, 2011 Added by:Headlines

"Authorities have arrested 14 people today in the United States in connection with hacking attacks by the Anonymous group of online activists, sources said. The arrests follow raids earlier in the day on homes in New York, California, New Jersey, and Florida..."

Comments  (3)

850c7a8a30fa40cf01a9db756b49155a

I Am Certified - You Are Secured

July 18, 2011 Added by:J. Oquendo

Security? I don't care for it. Companies don't want security. They do not want assurance. They want a framework to ensure they did no wrong. My goal is simplified ten-fold, and my aim is to ensure that someone on the C-level can cross their T's dot their I's and get on with their game of golf...

Comments  (29)

4ed54e31491e9fa2405e4714670ae31f

Using Meterpreter Script – StickyKeys.rb

July 18, 2011 Added by:Kyle Young

This script places a backdoor onto a Windows victim system. The sethc.exe program is the sticky keys program. To activate you just have to hit the shift key 5 times and sethc.exe will be executed. While this can be useful for those who are disabled, there is also an abuse for this feature...

Comments  (2)

8c4834b99847b9f7c9ee94b45df086f9

Jay Leno: Most Dangerous Celebrity in Cyberspace

July 18, 2011 Added by:Emmett Jorgensen

“Cyber criminals follow the latest trends just as consumers do and they use these and the names of popular celebrities in their campaigns in order to lure people to websites that are full of malicious software (malware)..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Researchers Develop No-Proxy Anonymity System

July 18, 2011 Added by:Headlines

"The client secretly marks the connection as a Telex request by inserting a cryptographic tag into the headers. We construct this tag using a mechanism called public-key steganography... only the Telex service (using a private key) can recognize that a connection has been tagged..."

Comments  (2)

Ec9b0ab31140696dd578b354b1054635

Password Hash: It's Okay to Inhale...

July 18, 2011 Added by:Vulcan Mindm3ld

The recent IRC Federal and HBGary SQL injection vulnerabilities allowed attackers access to a username/password table stored in the database. IRC Federal's “experts” simply stored unencrypted passwords while HBGary's “expert” third-party developers implemented unsalted, non-iterated MD5...

Comments  (4)

69dafe8b58066478aea48f3d0f384820

Authorities Arrest 61 in Global ATM Skimming Ring

July 18, 2011 Added by:Headlines

"What stands out to me is that they arrested 61 people and they anticipate more. I think it just shows how pervasive these skimming rings are. This isn't a couple of smart teenage hackers operating locally, but a globally organized operation..."

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

America Faced With Wave of Chinese Espionage

July 18, 2011 Added by:Infosec Island Admin

Espionage by the Chinese has been a favorite past time for them with regard to the U.S. and now that espionage is taking place within computer networks. But this too has been happening for a long time (see Titan Rain or others like Moonlight Maze)...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Defense Research Lab Back Online After Attacks

July 18, 2011 Added by:Headlines

Nearly two weeks after an Advanced Persistent Threat (APT) attack caused officials to take systems offline at the Energy Department’s Pacific Northwest National Laboratory (PNNL), nearly all systems have been restored to normal operating parameters...

Comments  (0)

Ba829a6cb97f554ffb0272cd3d6c18a7

Seven Security Blankets and I'm Still Short-Sheeted

July 17, 2011 Added by:Kevin McAleavey

Client-side "layered security" is a mess. It fails because people are so irritated by all the alerts that they don't understand. They no longer trust their security arrangements, and when they visit a site that offers a rogue antivirus and no alert pops up, they let it run for a second opinion...

Comments  (0)

E973b16363b3de77b360563237df7e32

Software Security Degree Programs

July 17, 2011 Added by:Bozidar Spirovski

More institutions are providing programs and degrees focused on the security aspect of information technology than ever before. Part of the reason for this is the significant projected increase in the number of jobs available in the field...

Comments  (1)

65be44ae7088566069cc3bef454174a7

Cyber Criminals Just Came A Callin’ At My House

July 17, 2011 Added by:Rebecca Herold

When I asked him why he called me in particular, he tried to avoid the question. I persisted. Finally I asked him if Microsoft had contracted his company to call me. He then said, “Yes! My company was subcontracted by Microsoft to call me, and that is how I got your information...”

Comments  (21)

37d5f81e2277051bc17116221040d51c

Judge Says Its OK to Post Social Security Numbers

July 16, 2011 Added by:Robert Siciliano

Over the years, many have interpreted the to allow Social Security numbers, to be posted online. I’ve seen Social Security numbers for Jeb Bush, Colin Powell, former CIA Director Porter Goss, Troy Aiken, and Donald Trump, all published on the Internet...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Weapon Systems Specs Stolen in Contractor Breach

July 16, 2011 Added by:Headlines

Reuters reports that a classified US military weapons system will now need to be redesigned after specs and plans for the system were stolen from a defense contractor database in a breach earlier this year...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

Why Perform FCPA Due Diligence?

July 15, 2011 Added by:Thomas Fox

Once again, the need for continued vigilance throughout the due diligence process. Simply because your agent/vendor/business relationship is located in the United States, does not mean that you can automatically limit your due diligence inquiry to a Level One search...

Comments  (0)


« First < Previous | 290 - 291 - 292 - 293 - 294 | Next > Last »