August 16, 2010 Added by:Anton Chuvakin
Organizations have finally gotten network device logging and server logging under control. However, security incident investigators trying to respond to the next wave of attacks have been thrust into the horrific world of application logging....
August 11, 2010 Added by:Nathaniel Markowitz
BP hosting, like other cyber-criminal activities, has proven highly adept at predicting and reacting to potential threats to their operations. This is demonstrated by the rapidity with which malicious domains repopulate despite being taken down or having their preferred ISPs shut down...
August 08, 2010 Added by:Ron Lepofsky
Pen tests may seem like a security test panacea. However they have been known to go terribly wrong and become vastly expensive. Here’s what you need to know to make sure you get the results you want at the price you expect...
August 06, 2010 Added by:Anton Chuvakin
Thanks for overwhelming community response. The list has grown and is on the verge of becoming unwieldy, so I am about to close the comment period, write up the doc - any smokin’ hot log reports to add? Anything I should take OFF the list for not being top and essential?
August 03, 2010 Added by:Jay Ferron
Businesses are increasingly looking to leverage the efficiency and cost savings that can come from a virtualized desktop infrastructure. With the addition of Microsoft RemoteFX in Windows Server 2008 R2 SP1, a new set of remote user experience capabilities is introduced...
July 31, 2010 Added by:Rob Fuller
A bunch of sites on the web give you different pages depending on the browser you use to view it. Well, sometimes this leads to bad coding practices, so I had an idea to take Burp's Intruder and "Brute Force" any compatibility coding that a site may have...
July 28, 2010 Added by:Jeremiah Talamantes
PlugBot is a hardware bot designed to be used during physical penetration tests. It's a tiny computer the size of a power adapter that is capable of scanning the local network and reporting scan results to a central location...
July 27, 2010 Added by:Richard Stiennon
We must keep a wary eye on this 111th Congress that has over 40 measures under consideration that bear on highly technical issues. Global Internet Freedom will be best served by governments of all types avoiding any meddling in the still young Internet...
July 24, 2010 Added by:Dan Dieterle
Rsignia develops and creates cyber security solutions that detect, capture and monitor modern threats. It has the ability to detect incoming threats, and then block, disable, or counterattack, all at real time speed...
July 22, 2010 Added by:Brent Huston
HITME is a set of deployed HoneyPoints that gather real time attacker data from around the Internet including attack sources, frequency, targeting information, vulnerability patterns, exploits, malware and other crucial event data for the technical team to analyze...
July 16, 2010 Added by:Simon Heron
L.ROOT-SERVERS.NET was the first to switch to a signed copy of the root zone and can be used for testing. This version has been configured deliberately so that it cannot be validated. Its purpose is to allow operators to test whether they can receive signed responses cleanly...
July 15, 2010 Added by:Nathaniel Markowitz
The NS naming structure provides an important insight into how criminal operations attempt to avoid down-time and service interruption. Due to the dubious nature of their activities, such organizations create a redundant infrastructure in order to support their activities...
July 12, 2010 Added by:Brent Huston
Splunk is a log collection engine at heart, but it’s really more than that. Think of it as search engine for your IT infrastructure. It will actually collect and index anything you can throw at it, and this is what made me want to explore it...
July 11, 2010 Added by:Bozidar Spirovski
First, a quick definition, a man in the middle (MitM) attack is an attack where the communication which is exchanged between two users is surreptitiously monitored and possibly modified by a third, unauthorized, party...
July 10, 2010 Added by:Brent Huston
Allowing our servers to execute code from an unknown source is one of the most popular attack vectors today from SQL injection, to XSS and XSRF, to RFI. The Internet continues to be a digital equivalent to the wild, wild west, where outlaws abound...
July 03, 2010 Added by:Lee Mangold
Fingerprinting servers for OS details has been a common practice in the hacker community for years. However, little attention has been given to the fingerprinting of the specific applications. I'm not talking about determining what server or OS you run, I want to know specifically what CMS, portal package or even what API you use!
Mobile Security Processes Could Be Applied t... Johnnie Nix on 05-21-2013
ATM Security (And Really Learning from the P... Johnnie Nix on 05-21-2013
New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013