Blog Posts Tagged with "Exploits"


Can CTF Players Replace Professional Penetration Testers?

September 23, 2015 Added by:Ilia Kolochenko

The first issue with the majority of CTFs is that they focus on single result (flag), rather than a process of comprehensive consecutive security testing.

Comments  (0)


New Approaches for Blocking Zero-Day Exploits to Prevent APTs

April 16, 2013 Added by:George Tubin

Cybercriminals continue to develop new methods to bypass security controls in order to install malware on corporate endpoints. An endpoint protection approach that provides both effectiveness and manageability must begin with an understanding of the attack vectors that require mitigation.

Comments  (2)


Podcast: Vupen CEO Chaouki Bekrar Talks About Selling Zero Days at CanSecWest

March 08, 2013 Added by:Mike Lennon

Ryan Naraine talks to Vupen CEO Chaouki Bekrar about the controversies surrounding the sale of zero-day vulnerabilities and exploits, his company’s business dealings and the work that goes into winning the CanSecWest Pwn2Ownhacker contest.

Comments  (0)


UPnP Security Flaws Expose 40-50 Million Networked Devices

January 29, 2013 Added by:Infosec Island

Researchers at Rapid7 have uncovered that roughly 40-50 million network-enabled devices are at risk due to vulnerabilities in the Universal Plug and Play (UPnP) protocol.

Comments  (0)


The Rise of Exploit Kits According to Solutionary SERT

January 28, 2013 Added by:Pierluigi Paganini

The report revealed the surprising efficiency of well-known vulnerabilities usually included in the popular exploits sold in the underground, around 60% are more than two years old, and 70% of the exploit kits analyzed (26) were released or created in Russia...

Comments  (0)


Web Browsers, Exploits and H@x0rs… Oh, My!

November 26, 2012 Added by:Tripwire Inc

I might possibly be in the wrong business. Google announced recently that teenage hacker “Pinkie Pie” was awarded $60,000 for finding and reporting a bug in the company’s Chrome web browser. Apparently this is not even the first time he has accomplished this feat...

Comments  (0)


Skype: serious vulnerability found

November 15, 2012 Added by:Pierluigi Paganini

The news is circulating with insistence on the net, Skype is suffering from a vulnerability that can expose its users to serious risks, due this reason it has suspended the password reset process.The Russian Blog published a post where it described a workaround to hijack the accounts of the famous application...

Comments  (0)


"No known exploits in the wild..."

November 13, 2012 Added by:Rafal Los

It's human nature, and just the way we are wired... I know I can feel some of that on myself when I hear that phrase. I guess I would change it to be slightly more effective (or harder to dismiss) by adding "at this time" at the end of the sentence - although I doubt it would make too much of a different...

Comments  (0)


Group-IB found a new zero-day vulnerability in Adobe products

November 11, 2012 Added by:Pierluigi Paganini

Once again the discovery comes from Russia, its a analysts are demonstrating great capabilities in investigations, the forensics firm Group-IB, the same that provided information on cybercrime activities in Russia in last months, has discovered the availability of a new exploit sold in the underground...

Comments  (0)


Post Exploitation Command Lists: Request to Edit

November 07, 2012 Added by:Rob Fuller

If you would like to contribute, please shoot me a tweet, a email, a... anything and I will gladly add you to the permissions to edit. Honestly it just became so overwhelming that every time I thought to add something I would cringe away because I know I'd spend most of time fixing them...

Comments  (0)


Man-in-the-Middle Redux

November 05, 2012 Added by:Tripwire Inc

This attack used to be fairly innovative. But not so much anymore. Would-be attackers can buy the basic components “off the shelf” using ready-made toolkits like Ettercap, Mallory (I love the creative use of the classic MITM name), and dsniff. If you’d like a better look at how it works, this is a good video...

Comments  (0)


Wrong response to zero day attacks exposes serious risks

October 22, 2012 Added by:Pierluigi Paganini

Recent revelations on Flame raise the question on the efficiency of zero day vulnerabilities, software bugs that hackers exploit to avoid security defenses on targeted systems. The real problem when we talk about zero-day is related to the duration of the period in which hackers exploit the vulnerability...

Comments  (0)


Advice Regarding Recent Java Vulnerabilities

October 17, 2012 Added by:Fergal Glynn

By now, our readers have undoubtedly seen the buzz about a serious security vulnerability in Oracle Java, with corresponding exploit code making its way around in the form of active, in-the-wild attack campaigns, as well as penetration testing tools...

Comments  (0)


Java in the Cross-Hairs of Enterprise Security

September 26, 2012 Added by:Rafal Los

Enterprises seem to have a love-hate relationship with Java. It's a client we aren't thrilled with, but when it comes to cross-platform use there aren't really any other alternatives. If you look around you'll find that many of the security platforms are written in what? Java...

Comments  (0)


How We Might Wage War in Cyberspace

September 19, 2012 Added by:Joel Harding

With the way US forces are distributed globally, cyber capabilities and flexibilities are enhanced. Cyber, both offense and defense, can be launched from anywhere. All Combatant Commanders have liaisons and representative elements with geographic commands, Cyber Command is no different...

Comments  (0)


Clipboards, Confidence, and Information Security

September 17, 2012 Added by:Tripwire Inc

How do you teach paranoia and suspicion? We often hire people because of their willingness to help others, their good communication skills, their ability to be responsive, etc. As we work through securing our humans, we need to strike a balance – trust but verify, assist but not unquestioningly...

Comments  (1)

Page « < 1 - 2 - 3 - 4 - 5 > »