Latest Blog Posts
February 20, 2014 Added by:Edward Jones
ZeroAccess, also known as Sirefef, is one of the most robust and durable botnets in recent history. It was first discovered back in July 2011 and has since infected almost 2 million Windows computers all over the world and cost online advertisers over £1.6 million each month through fraudulent clicks!
February 20, 2014 Added by:Rob Fuller
Over the years of doing DNS record collection I have noticed one thing, most domains have a large number of short hostnames that are easy to remember, usually 4 characters or less. I’m sure you already know where I’m going with this, I wanted to brute force all possible hostnames up to 4 characters.
February 19, 2014 Added by:Anton Chuvakin
One of the key uses for threat intelligence (TI) data is making better threat intelligence data out of it.
February 19, 2014 Added by:Dan Dieterle
In this post we will show you how to get a remote shell on an Android by using Metasploit in Kali Linux.
February 19, 2014 Added by:Vince Kornacki
Attackers utilize a variety of tools to automate password guessing attacks, including Hydra, Nmap in conjunction with the http-form-brute script, and homegrown scripts. In this post, Vince explains how to conduct Vertical Password Guessing Attacks.
February 19, 2014 Added by:Electronic Frontier Foundation
Surveillance and legal tactics by the NSA and GCHQ add to the growing list of examples of the government responding to investigative journalism that exposes corruption by attacking the media rather than the corruption.
February 19, 2014 Added by:Patrick Oliver Graf
Encryption. For most organizations, the need for it is very apparent, but for some reason, its implementation often falls well short of goals and expectations. The obvious question here is: why?
February 18, 2014 Added by:Anton Chuvakin
Sure, I admire the ability of attackers to find all the opportunities for amplification DDoS. DNS – check, NTP – check, SNMP – pending… However, I definitely can not hold the the same admiration for the “defenders” (if they can be called that) who still allow spoofed packets to leave their networks.
February 18, 2014 Added by:Pierluigi Paganini
Surfing in various cyber criminal forums or visiting some hidden services in the DeepWeb, it is quite easy to discover forums dedicated to facilitating the matching of supply and demand.
February 17, 2014 Added by:Brent Huston
There is no easier way to shut down the interest of a network security or IT administrator than to say the word "monitoring." You can just mention the word and their faces fall as if a rancid odor had suddenly entered the room! And I can’t say that I blame them.
February 17, 2014 Added by:Patrick Oliver Graf
The recent revelation from Ben Gurion University of malicious apps that can be used to bypass VPN configurations and push communications to a different network address changes the conversation entirely.
February 10, 2014 Added by:Kevin L. Jackson
Cloud computing transitions IT from being "systems of physically integrated hardware and software" to "systems of virtually integrated services." This transition makes interoperability the difference between the success and failure of IT deployments, especially in the Federal government.