November 18, 2010 Added by:Headlines
Mac users, who have have long been used to lambasting Windows users over security issues, are getting a big dose of exploit reality this week as Apple releases fixes for 134 vulnerabilities. The record-breaking patch release for Mac OS dwarfs Microsoft's record of 49 patches...
November 17, 2010 Added by:Jamie Adams
Linux distributions are built off of standard kernels but are packaged and bundled differently. Some distributions are Debian-based while others might be Red Hat-based. The collection of packages and how the packages were compiled and delivered are what make Linux distributions unique...
November 12, 2010 Added by:Mark Baldwin
There is a widespread belief that Mac OS X is inherently more secure than Windows and that by using a Mac, one is protected from all threats. Unfortunately, not only is this not true, it is dangerous, as it leads people to not take appropriate precautions to protect their computers...
November 03, 2010 Added by:Jamie Adams
I have seen developers relax security controls during unit development only to be bewildered when full integration testing fails. Many database administrators have strict controls which developers must adhere to. Why isn't it the same when it comes to base operating system resources?
October 28, 2010 Added by:Bozidar Spirovski
We will use a Windows 2008 target for this demonstration because even if it was released in 2008, and we now have the R2 version, a lot of companies are just starting to implement it. The attack is based on two well known vulnerabilities based on SRV2.SYS driver...
October 25, 2010 Added by:Robb Reck
Drop My Rights is a free Windows XP utility offered by Microsoft that allows you to be logged into your computer as an administrator while running high risk programs like Internet Explorer, Firefox and Outlook with reduced privileges...
October 13, 2010 Added by:Jamie Adams
Linux file systems are an essential operating system resource. Modern file systems and disk drive technology are robust and reliable — so, most administrators put little effort into planning or worrying about them once the operating system is configured. This makes me both smile and cringe...
October 10, 2010 Added by:Jamie Adams
Broken links are not only annoying little Tribbles which consume file system resources, they also pose a security risk in the form of a Trojan Horse. A good system administrator will try to control these by using best practices, common sense, and educating their users...
October 06, 2010 Added by:Jamie Adams
The term clean is also associated with performing file system checks to ensure structural integrity with tools such as fsck.ext3(8). In addition to these critical activities, you should routinely "clean" file system access controls — ownerships and permissions...
October 04, 2010 Added by:Jamie Adams
Survivability is defined as the capability of a system to fulfill its mission, in a timely manner, in the presence of attacks, failures, or accidents. As a discipline, survivability builds on related fields of study such as security, fault tolerance, reliability, and performance...
September 30, 2010 Added by:Jamie Adams
Too often administrators jump to the root level to perform routine tasks — this is when mistakes occur. The administrator is in a hurry and enters one wrong space, is in the wrong directory, or types an incorrect parameter - all can result in evil things when the ENTER key is pressed...
September 27, 2010 Added by:Jamie Adams
NATO spokesman James Appathurai denied that the computers were regularly compromised. However, I didn't hear him dispute the fact that the systems were missing many of the basic security patches. So, is it just a matter of time? Or have the systems already been comprised but NATO is unaware?
September 24, 2010 Added by:Jamie Adams
The process of lock down (hardening) is difficult, tedious, and time consuming even for an administrator working on an operating system they're familiar with. This process requires knowledge as to where to configure the item and often how to configure the item...
September 23, 2010 Added by:Jamie Adams
Most overflows are addressed during the development process because testing will often uncover erratic program behavior, memory access errors, incorrect results, and unexpected program terminations. Those which aren't identified and make it into production are often abused by attackers...
September 22, 2010 Added by:Brent Huston
If you are not already looking at the newest SAMBA issue, you should be paying attention. It is a stack-based buffer overflow, exploitable remotely without credentials. The MetaSploit folks are already hard at work on an exploit and some versions are rumored to be floating about the underground...
FCC Seeks Public Comment on Mobile Data Coll... taylor white on 07-24-2014
Mobile Security: Tips for Using Personal Dev... taylor white on 07-24-2014
Nortel: From Bankruptcy to Industrial Espion... Eddie colin on 07-23-2014