Blog Posts Tagged with "Tools"
Network Anomaly Detection Takes a NAP
May 08, 2012 Added by:Marc Quibell
ADS are still used for investigative purposes - after the data has passed - taking correlated log data and running an analysis against historical data to see if anything abnormal happened. Well that's cool, except it already happened - the damage is already done in most cases...
Comments (1)
ICS-CERT: Getting Started Securing Industrial Assets
May 04, 2012 Added by:Infosec Island Admin
Over the past year significant discoveries in the areas of adversarial capabilities have identified that many companies across the 18 critical infrastructure and key resources (CIKR) are struggling to cope with the growing threats. Efforts have been taken to defend critical assets...
Comments (0)
Checking Your System for the DNS Changer Malware
April 23, 2012 Added by:Headlines
The deadline for for systems infected with the DNS Changer malware is fast approaching. Failure to rid a device of the malware prior to the July 9 deadline could result in loss of Internet connectivity. To see if your system is infected, simply visit the following website...
Comments (0)
Apple Releases Flashback Malware Removal Tool and Patches
April 17, 2012 Added by:Headlines
Apple has released a malware removal tool for the most common variant of the Flashback Trojan, as well as security updates to mitigate the vulnerability exploited by the malware for OS X Lion v10.7.3, OS X Lion Server v10.7.3. Mac OS X v10.6.8 and Mac OS X Server v10.6.8...
Comments (0)
Exploit for Liferay XSL Code Execution Released
April 11, 2012 Added by:Spencer McIntyre
Researchers are releasing a Metasploit module that can exploit a vulnerability in an open source web content management system called Liferay in the XSLT processing engine that is used to allow setting dynamic XML feeds to be displayed as content on a page...
Comments (0)
OWASP Releases Zed Attack Proxy (ZAP) 1.4.0
April 09, 2012 Added by:Headlines
"The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications... ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually..."
Comments (0)
EU: Possession of Hacking Tools to Become a Criminal Offense
April 04, 2012 Added by:Headlines
Cyber attacks on IT systems would become a criminal offense punishable by at least two years in prison throughout the EU under a draft law backed by the Civil Liberties Committee. Possessing or distributing hacking software and tools would also be an offense...
Comments (5)
Adobe Releases Open Source Malware Analyzer Tool
April 03, 2012 Added by:Headlines
"Malware Classifier uses machine learning algorithms to classify Win32 binaries – EXEs and DLLs – into three classes: 0 for 'clean,' 1 for 'malicious,' or 'UNKNOWN.' The tool extracts seven key features from a binary, feeds them to one or all of the four classifiers..."
Comments (0)
We Need Better Defensive Tools
April 03, 2012 Added by:Gabriel Bassett
Marketers, Google, Facebook, can piece information together to identify you even when you don't say who you are. Banks, online video games, and major web services can degrade service based on perceived threats. It's time for infosec to build such tools to execute a better defense...
Comments (0)
New Release of COREvidence Multi-Engine Vulnerability Service at RSA Conference
March 29, 2012 Added by:Nabil Ouchn
This newest release comes with a bunch of new features and concepts. The dashboard has been designated to display clear and specific data for our users. At a glance customers can determine the assets with the least secure status. All relevant information is at your fingertips...
Comments (0)
A Scanning Tool or a Tool Scanning?
March 27, 2012 Added by:Scot Terban
What is worrying is that the scanner online at amihackerproof.com has no restrictions on it as to who it may scan, just put in an IP or domain name and click to hit some systems using this site. That’s right Mark Zuckerberg, you now can see if facebook.com is easily pwn-able...
Comments (0)
ICS-CERT: Increasing Threat to Industrial Control Systems
March 21, 2012 Added by:Infosec Island Admin
ICS-CERT is monitoring an increase in a combination of threats that increase the risk of control systems attacks. These include Internet accessible ICS configurations, vulnerability and exploit tool releases, and increased interest and activity by hacktivist groups and others...
Comments (0)
CyLab's AppScanner: Cloud-Based Mobile Application Security
March 19, 2012 Added by:Headlines
"Our envisioned service builds on crowdsourcing, virtualization, and automation to enable large-scale analysis of apps. AppScanner provides end-users with more understandable information regarding what mobile apps are really doing on their devices..."
Comments (0)
ENISA: Inventory of Public Sources on Information Security
March 16, 2012 Added by:Infosec Island Admin
ENISA has launched a stock taking exercise using a questionnaire to establish an Inventory of publicly available sources on Information Security. Therefore, collection and aggregation of existing data and sources is an effective tool to raise information security...
Comments (0)
Can You Stamp Out Spambots? No, But Stop Being a Victim
March 02, 2012 Added by:Michelle Drolet
Attackers avoid creating recognizable patterns of attack, installing backdoors for easy re-entry. There are limitless ways of eluding detection by anti-malware tools. Heuristics and fuzzy logic are an improvement, but a far cry from the detection needs of organizations...
Comments (0)
US CERT Advisory on DNSChanger Malware
February 27, 2012 Added by:Infosec Island Admin
US-CERT encourages users and administrators to utilize the FBI's rogue DNS detection tool to ensure their systems are not infected with the DNSChanger. Computers testing positive for infection of the malware will need to be cleaned to ensure continued Internet connectivity...
Comments (0)
- Not Totally Sure What Just Happened...
- Has Anonymous Infiltrated the US Government?
- Big Opportunities in the Cloud
- Zeus Malware Targeting Facebook, Gmail and Yahoo Users
- Follow Up to the Out of Band Authentication Post
- Skype Malware Campaign Spreading Poison Ivy Trojan
- I Hope Edo is Worth the Privacy Risk
- Dutch MoD Innovation Competition 2012: CYBER Operations 2.0
- NIST Workshop: The Technical Aspects of Botnets
- Security Automation by Hand - Batch/Bash/FOR