Blog Posts Tagged with "Open Source"
Webinar: Keeping Your Open Source Software Secure
May 09, 2012 Added by:Infosec Island Admin
Understand why collaboration is invaluable in keeping proprietary systems secure. Learn how to share private information in public forums without harming your organization. Identify what tools are available to your organization for collaboration, notification, and knowledge-sharing...
Comments (0)
Webinar: Keeping Your Open Source Secure
April 25, 2012 Added by:Infosec Island Admin
Understand why collaboration is invaluable in keeping proprietary systems secure. Learn how to share private information in public forums without harming your organization. Identify what tools are available to your organization for collaboration, notification, and knowledge-sharing...
Comments (0)
Open Source Code in the Enterprise - Keys to Avoiding Vulnerabilities
April 18, 2012 Added by:Rafal Los
There is no debate in the open vs. closed source software question. Either can be made well, or poorly. Either open source or closed source can be relatively secure, or riddled with easy-to-exploit holes. We don't need to rehash this, but there appears to be some new data...
Comments (0)
Exploit for Liferay XSL Code Execution Released
April 11, 2012 Added by:Spencer McIntyre
Researchers are releasing a Metasploit module that can exploit a vulnerability in an open source web content management system called Liferay in the XSLT processing engine that is used to allow setting dynamic XML feeds to be displayed as content on a page...
Comments (0)
Adobe Releases Open Source Malware Analyzer Tool
April 03, 2012 Added by:Headlines
"Malware Classifier uses machine learning algorithms to classify Win32 binaries – EXEs and DLLs – into three classes: 0 for 'clean,' 1 for 'malicious,' or 'UNKNOWN.' The tool extracts seven key features from a binary, feeds them to one or all of the four classifiers..."
Comments (0)
IC3: Browser Bot Infection and HTML Attachment Malware
March 28, 2012 Added by:Headlines
The open source browser can now function like a bot and accept commands. It can process the content of the current page where it is located, redirect the user, halt the loading of particular pages, steal passwords, run executables, and even kill itself...
Comments (0)
An Open Source Methodology to Attack Critical Infrastructure
March 21, 2012 Added by:Jeffrey Carr
Attackers with moderate skills can cause disruption to outright destruction of critical infrastructure at low cost and in short order. Contrary to popular wisdom, an attack against a nuclear power or hydro-electric plant doesn't require the resources of a nation state...
Comments (0)
Choosing Secure Data Storage - A Difficult Dance
February 21, 2012 Added by:Bozidar Spirovski
There are multiple pros and cons across our storage systems parameters, but at first glance, the enterprise storage systems have the upper hand. Bear in mind though, such systems always come with exorbitant pricing, especially on any upgrades after the initial purchase...
Comments (0)
Metasploit: The Penetration Tester's Guide
January 30, 2012 Added by:Ben Rothke
The Metasploit Project is an open-source security project that provides information about security vulnerabilities and assists those performing the penetration tests in building a framework in which to carry out the testing...
Comments (1)
Why I Won’t Teach You To Track Terrorists Online
January 18, 2012 Added by:Scot Terban
This is an organic process. I learned by just doing it and in the process of “doing it” I had to learn A LOT of other things apart from technology issues like hacking/security/coding etc. Remember you are dealing with PEOPLE and you have to be adept and reading them...
Comments (1)
PenTest: Get to Know Yourself Before Others Do
December 15, 2011 Added by:Krzysztof Marczyk
With multi-tier network architectures, web services, custom applications, and heterogeneous server platform environments, keeping data assets secure is more difficult than ever. Coupled with this complexity is the fact that criminal organizations have organized their hacking efforts...
Comments (1)
Free From Defect Software License
November 23, 2011 Added by:Keith Mendoza
This is a question that I would like to pose to the open-source software community: Assuming that we can ignore the lawyers for a second, what amount of effort would you be willing to put to produce software that is free of defect from workmanship? How will you go about making sure?
Comments (2)
Open Source Registry Decoder 1.1 Tool Released
November 03, 2011 Added by:Andrew Case
We are announcing the release of Registry Decoder 1.1, a free and open source tool. We are reaching out to practitioners and research groups (professional and academic) in an attempt to proliferate Registry Decoder. We would appreciate any plugins contributed from these communities...
Comments (0)
Penetration Testing Tools Update: New Version of EAPeak Released
October 16, 2011 Added by:Spencer McIntyre
EAPeak is a suite of open source tools to facilitate auditing of wireless networks that utilize the Extensible Authentication Protocol framework for authentication. It provides useful information relating to the security of these networks for PenTesters to use in searching for vulnerabilities...
Comments (0)
Anonymous: OSINT and Leaking of Corporate Corruption
September 29, 2011 Added by:Scot Terban
Anonymous came up with a new splinter organization that claims to be looking into corporate wrongdoing. This group is called Anonymous Analytics and claims that they are using open source information as well as soliciting leaks/whistleblowers to reveal corporate malfeasance...
Comments (0)
Got A Pile of Logs from an Incident: What to Do?
September 02, 2011 Added by:Anton Chuvakin
If you received any hints with the log pile, then you can search for this and then branch out to co-occurring and related issues and drill-down as needed, but then your investigation will suffer from “tunnel vision” of only seeing this initially reported issue and that is, obviously, a bad idea...
Comments (0)
- Not Totally Sure What Just Happened...
- Has Anonymous Infiltrated the US Government?
- Big Opportunities in the Cloud
- Zeus Malware Targeting Facebook, Gmail and Yahoo Users
- Follow Up to the Out of Band Authentication Post
- Skype Malware Campaign Spreading Poison Ivy Trojan
- I Hope Edo is Worth the Privacy Risk
- Dutch MoD Innovation Competition 2012: CYBER Operations 2.0
- NIST Workshop: The Technical Aspects of Botnets
- Security Automation by Hand - Batch/Bash/FOR