Blog Posts Tagged with "Tools"


We Need Better Defensive Tools

April 02, 2012 Added by:Gabriel Bassett

Marketers, Google, Facebook, can piece information together to identify you even when you don't say who you are. Banks, online video games, and major web services can degrade service based on perceived threats. It's time for infosec to build such tools to execute a better defense...

Comments  (0)


New Release of COREvidence Multi-Engine Vulnerability Service at RSA Conference

March 29, 2012 Added by:Nabil Ouchn

This newest release comes with a bunch of new features and concepts. The dashboard has been designated to display clear and specific data for our users. At a glance customers can determine the assets with the least secure status. All relevant information is at your fingertips...

Comments  (0)


A Scanning Tool or a Tool Scanning?

March 26, 2012 Added by:Infosec Island Admin

What is worrying is that the scanner online at has no restrictions on it as to who it may scan, just put in an IP or domain name and click to hit some systems using this site. That’s right Mark Zuckerberg, you now can see if is easily pwn-able...

Comments  (0)


ICS-CERT: Increasing Threat to Industrial Control Systems

March 21, 2012 Added by:Infosec Island Admin

ICS-CERT is monitoring an increase in a combination of threats that increase the risk of control systems attacks. These include Internet accessible ICS configurations, vulnerability and exploit tool releases, and increased interest and activity by hacktivist groups and others...

Comments  (0)


CyLab's AppScanner: Cloud-Based Mobile Application Security

March 19, 2012 Added by:Headlines

"Our envisioned service builds on crowdsourcing, virtualization, and automation to enable large-scale analysis of apps. AppScanner provides end-users with more understandable information regarding what mobile apps are really doing on their devices..."

Comments  (0)


ENISA: Inventory of Public Sources on Information Security

March 16, 2012 Added by:Infosec Island Admin

ENISA has launched a stock taking exercise using a questionnaire to establish an Inventory of publicly available sources on Information Security. Therefore, collection and aggregation of existing data and sources is an effective tool to raise information security...

Comments  (0)


Can You Stamp Out Spambots? No, But Stop Being a Victim

March 01, 2012 Added by:Michelle Drolet

Attackers avoid creating recognizable patterns of attack, installing backdoors for easy re-entry. There are limitless ways of eluding detection by anti-malware tools. Heuristics and fuzzy logic are an improvement, but a far cry from the detection needs of organizations...

Comments  (0)


US CERT Advisory on DNSChanger Malware

February 27, 2012 Added by:Infosec Island Admin

US-CERT encourages users and administrators to utilize the FBI's rogue DNS detection tool to ensure their systems are not infected with the DNSChanger. Computers testing positive for infection of the malware will need to be cleaned to ensure continued Internet connectivity...

Comments  (0)


DNSChanger, March 8th and You

February 24, 2012 Added by:Eric Cissorsky

The deadline should be treated as an opportunity for your organization to learn and refine their processes and procedures. Like any other virus outbreak, this requires a coordinated effort between security professionals, systems administrators and other stakeholders...

Comments  (0)


Metadata: A Pentester’s Best Friend

February 17, 2012 Added by:Jake Garlie

Most modern productivity software will automatically insert this information into documents for benefits such as collaboration. However, if not removed before being published to a website, metadata can put an organization at risk...

Comments  (0)


AdiOS: Say Goodbye to Nosy iPhone Apps

February 16, 2012 Added by:Fergal Glynn

I put together a free utility called AdiOS (Addressbook Detector for iOS) that lets Mac users scan the iOS apps in your iTunes directory to see if they have the potential to dump your phone book externally. AdiOS detects apps that access your address book using a binary grep...

Comments  (0)


Smart Meter Security Testing

February 15, 2012 Added by:Spencer McIntyre

While reviewing the communication used by a couple of smart meters, it was found that the user did not have to properly authenticate himself to read certain pieces of data and that some data could be written to the device without the use of a proper C12.18 Security Request...

Comments  (0)


Commercial DDoS Tools Offer a Competitive Advantage

February 13, 2012 Added by:Headlines

With the growing availability of DDoS services being marketed directly to businesses, enterprises may increasingly find themselves under attack from competitors seeking to gain an advantage in the increasingly lucrative Internet marketplace...

Comments  (0)


Some "LightReading" about Mobile Application Security

February 10, 2012 Added by:Security Ninja

Developers, project managers and executive officers need to be able to evaluate the risk that they are exposing their customers and their businesses to. They need to know how to measure the security posture of their apps and to make decisions on what changes to make...

Comments  (0)


GFI WebMonitor Internet and Web Security Review

February 09, 2012 Added by:Dan Dieterle

Looking for a program that monitors internet use, allows granular control over sites and services they can access, coupled with comprehensive web security and threat detection that includes scanning with three Anti-Virus engines? Look no further...

Comments  (0)


System Compromise: What the Heck is a FeeLCoMz String?

February 03, 2012 Added by:Brent Huston

If you find those strings, they usually indicate other PHP scanners, worms or attack tools have compromised the system. Now, if you don’t find those, it does NOT mean the system is safe, the list of all of those relevant strings would be too large and dynamic to manage...

Comments  (0)

Page « < 3 - 4 - 5 - 6 - 7 > »
Most Liked