Network->General
Refresher Series - Capturing and cracking SMB hashes with Cain and Half-LM rainbow tables.
December 20, 2012 Added by:f8lerror
On to the fun stuff, to capture a hash we want to use the Metasploit capture SMB auxiliary module, which is located in auxiliary/server/capture/smb. Leave the default settings with the exception of the CAINPWFILE. Set this to output the file where ever you like...
Comments (0)
The Ultra-Legacy Problem - Systems so old...
December 19, 2012 Added by:Rafal Los
Say you're a sizeable institution here and that over the last two decades you've amassed lots of platforms that run your business, in a time before the Information Security organization did much more than install anti-virus on your desktop... and now that technical debt has come back to haunt you...
Comments (3)
Israel’s Cyber Defenses Protect Government Sites from 44 Million Attacks
December 11, 2012 Added by:Dan Dieterle
Israel’s cyber defense is hard at work blocking millions of incoming cyber attacks. There have been millions of hacking attempts against government sites that have been intercepted with reportedly only one successfully taking down it’s target. And that for only a few minutes...
Comments (0)
Who Needs Words for Wars?
December 09, 2012 Added by:Jayson Wylie
This article holds little validity in my mind and I’m sure that runs up the chain of the Government to President Obama who is the only one, at this time, that seems to be able to have a majority consensus for a direction or secret directives for Cyberspace activities, rules and laws...
Comments (0)
Port 9100/TCP Probes
December 06, 2012 Added by:Brent Huston
Now this is a little interesting. It is likely meant to be a validation probe that the printer device’s embedded web server is online and that the device is operational. BUT, the “Python-urllib/2.7″ made us suspicious. Perhaps this isn’t a usual printer request?
Comments (0)
New weapons for cyber warfare. The CHAMP project
December 05, 2012 Added by:Pierluigi Paganini
Cyber warfare scenario is rapidly changing, governments all around the world are investing to increase their cyber capabilities and designing new tools to adopt in cyberspace to face with opponents in what is considered the fifth domain of warfare...
Comments (0)
Windows 8 Forensics: USB Activity
December 03, 2012 Added by:Dan Dieterle
When I started working on Windows 8 USB drive forensics, I assumed it would be similar to Windows 7. I created a fresh Windows 8 VM and plugged a thumb drive into my local system. The VM recognized it as it should. I shut the VM down and opened it in EnCase to examine what happened...
Comments (0)
Controversial Active Cyber Defense
December 01, 2012 Added by:Jarno Limnéll
Increasingly, both the armed forces and businesses are practicing the concept of “active defense,” a military term that refers to efforts to thwart an attack by attacking the attackers. However popular it has become, active defense is an alarming trend...
Comments (0)
Two New SQL Security Books from Syngress
November 29, 2012 Added by:Ben Rothke
Since SQL is so ubiquitous on corporate networks, with sites often running hundreds of SQL servers; SQL is prone to attacks. SQL injection is a technique often used to attack databases through a website and is often done by including portions of SQL statements in a web form entry field...
Comments (0)
Fifteen Tips to Improve Your Infosec Risk Management Practice
November 29, 2012 Added by:Tripwire Inc
For years security vendors have been able to play off the general fears of malware and cyber attacks. As the scope of protecting data has become more complex, we’ve slowly learned that deploying more security controls alone is not a risk management solution...
Comments (0)
Pen Test vs. Vulnerability Scan: You know the difference, but do they?
November 28, 2012 Added by:Stacey Holleran
Small business owners often don't have someone who is versed in network security. So when they are told they need a “network penetration test” to comply with PCI DSS, many will contact the growing number of companies offering inexpensive testing services...
Comments (5)
Our Massively Dysfunctional Cyber System
November 28, 2012 Added by:Joel Harding
What should be done to stop theft of intellectual property by state actors (China) would require a Presidential Finding but our leadership structure is devoid of real leaders. That is not a political statement, that is a statement about our country...
Comments (0)
European Commission supports research on Cyber security
November 28, 2012 Added by:Pierluigi Paganini
Cyber security is considered a primary target for every governments, the increase of cyber criminal activities, state-sponsored operations and the rise of hacktivism requires the use of additional resources to counteract these phenomena...
Comments (0)
Windows 8 Forensics: Recycle Bin
November 27, 2012 Added by:Dan Dieterle
The purpose of this project is to determine key differences between the Windows 7 and Windows 8 operating system from a forensic standpoint in order to determine if there are any significant changes that will be either beneficial or detrimental to the forensic investigation process...
Comments (0)
Low-Cost Ways to Make Your Network More Secure
November 26, 2012 Added by:Marc Quibell
There are improvements you can introduce that are seamless, low-cost , don't present a new burden to your users, and/or are easy to implement. So in between your major IT Security projects that may or may not happen, why not improve you security posture and lower your overall risks?
Comments (2)
Windows 8 Security in Action: Part 2
November 22, 2012 Added by:Dan Dieterle
I have noticed some changes in the way Microsoft handles their different service account passwords over the past few weeks. It first started a while back when using Microsoft Live mail. One day when I typed in my legitimate password to my e-mail account, I received this error message...
Comments (0)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)