Blog Posts Tagged with "Operating Systems"
Mobile Application Security - Separating Hype From Reality
April 12, 2011 Added by:Rafal Los
Everyone is to blame for the hype around mobile application security. The media is to blame for creating an insane amount of fear, security professionals and vendors are to blame for perpetuating this fear, and end-users are to blame for buying the craziness wholesale without doing research...
Comments (4)
MITM Attack Exploits Windows IPv6 Protocols
April 06, 2011 Added by:Headlines
“All these Windows boxes will default connect to the evil router instead of the legitimate router when this parasitic overlay is running. If Microsoft didn't have that configuration by default, it would negate a lot of the effects of the attack..."
Comments (0)
Pwn2Own Winner Charlie Miller Discusses OS Security
March 13, 2011 Added by:Anthony M. Freed
"Apple doesn't have a perceived security problem by customers and so they haven't had a need to invest heavily in it. I've done what I can to try to educate people that Apple products aren't magical and can have security problems like every other product..."
Comments (0)
Hewlett Packard to Switch to WebOS on Future PC’s
March 11, 2011 Added by:Dan Dieterle
It looks like Microsoft may be forced into making a decision. To change and adapt to the times, or continue with business as usual and end up becoming obsolete. But hey, they still have the XBox right?
Comments (1)
Destructive DOSKEY Aliases
March 07, 2011 Added by:Rob Fuller
The great thing is that there isn't a /delete - you just have to know that in order to remove a doskey macro you need to issue the command without the aliased part, so 'doskey tasklist=' will delete the tasklist macro...
Comments (1)
Zeus Trojan Migrates to Blackberry OS
March 07, 2011 Added by:Headlines
The malware allows remote access of infected Blackberry devices by the attacker, who can then change the SMS message default number, add a new device administrator, control blocked call lists, and even turn the device on and off...
Comments (0)
U.S. Gov Configuration Baseline for Red Hat Enterprise Linux
March 01, 2011 Added by:Jamie Adams
On February 28 the U.S. Government Configuration Baseline (USGCB) for Red Hat Enterprise Linux 5 was released. The long awaited Security Content Automation Protocol (SCAP) content is the next phase in supplanting the legacy Bourne shell scripts known as the System Readiness Review (SRR) scripts...
Comments (0)
Dispelling Myths about Apple Products and Viruses
February 28, 2011 Added by:Theresa Payton
The myth that Apple products are impervious to viruses is almost like a virus in and of itself. Only instead of infecting Apple products, it is infecting the way Apple users think about the product. This “myth” continues to mislead Apple users into believing they are safe from viruses...
Comments (0)
Using Ninja to Monitor And Kill Rogue Privilege Escalation
February 22, 2011 Added by:Rod MacPherson
Once a hacker (if they have malicious intent we'll call them crackers) has found a way onto a system s/he then usually needs to jump to the Administrator or system or root account. Ninja is a program for Linux (and presumably most Unix like OSes) that monitors for such privilege escalation...
Comments (4)
Are We Admitting Defeat on Mobile Security?
February 17, 2011 Added by:Lee Mangold
Never before has the attacker had the ability to listen to phone calls, read emails, read SMS messages, geo-locate, watch and listen in on conversations of the victim all at the same time. This is what you call pwnd...
Comments (0)
The “Magic” Vulnerability – Revised
February 16, 2011 Added by:PCI Guru
You have options to avoid a failing vulnerability scan because of an unsupported OS. The best method, and the one I most recommend, is do not use unsupported operating systems in the first place. However, as a former CIO, I do understand the real world and the issues IT departments face...
Comments (1)
Researchers Claim First Hack-Free Software Development
February 02, 2011 Added by:Headlines
A team of Australian researchers claim to have produced the first hack-free software designed to be malware resistant. Open Kernel Labs (OK Labs) has produced the "seL4", an operating system microkernel that touts the ability to successfully regulate all access to a computer's hardware...
Comments (1)
Common Criteria Evaluation Assurance Level (ISO 15408)
January 30, 2011 Added by:Jamie Adams
Common Criteria is a framework in which computer system users can specify their security and assurance requirements. Vendors then implement and/or make claims about the security attributes of their products, and testing laboratories can evaluate the products to determine if they actually meet the claims...
Comments (0)
Why Microsoft Shops Have to Worry About Security
January 26, 2011 Added by:Danny Lieberman
If you are a real hacker, look for companies with security administrators who are certified for Microsoft ISA server and you will have nothing to worry about. But if your target security administrators are facile with Wireshark, Ratproxy and Fiddler and Metasploit, then you should be really worried...
Comments (12)
On IT Security History and Architecture
January 17, 2011 Added by:Dr. Steve Belovich
There are no quick fixes to this growing problem. One thing, however, is almost certain: The growing body of lawsuits on identity theft, medical record theft, software security, safety and reliability issues will lead to federal and/or state regulation...
Comments (0)
Tips for Deploying Secure Shell in Linux and UNIX
January 10, 2011 Added by:Jamie Adams
Secure Shell is the best method for remote access due to its flexibility and security. It makes it attractive for system administrators as well as system developers and architects. The ability to easily execute commands on remote systems and retrieve files over “secure” channels is seductive...
Comments (14)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)