Blog Posts Tagged with "Network Security"
January 24, 2012 Added by:Joel Harding
Instead of buying a ship for the relatively cheap price of $15 million, one could simply take control of the ship remotely and guide it into a target from thousand of miles away. Imagine the boom that 135 million cubic yards of natural gas could make if an LNG ship were run aground...
The majority of OIG organizations publish highly sensitive information as if they were assisting the agency. Just the opposite. They are ensuring a more rapid penetration of cyber defenses. Whose side of the equation here are you on? Why does this need to be public information?
January 23, 2012 Added by:Scot Terban
The Cuckoo’s Egg”, which happened in 1986, is the first "documented” case of computer espionage that is not classified. Cliff Stoll was asked to look into an accounting error on a University system and ended up finding and tracking an asset for the KGB...
January 22, 2012 Added by:Rafal Los
Imagine when a kinetic act causing loss of life is falsely attributed to a group, and because of the situation, human nature takes over. Assigning responsibility even when it's false is all the "evidence" we need to go to war or retaliate. Same with a hacked website...
January 22, 2012 Added by:Bob Radvanovsky
Wile I am certain that the majority of this membership knows what Shodan is, honestly, it represents slightly more than an automated port scanner reporting back on some of the more common open ports (HTTP, SNMP, telnet) that appear to be pingable throughout the Internet...
January 22, 2012 Added by:Matthijs R. Koot
In December 2011 the Dutch Advisory Council on International Affairs published an advisory entitled "Digitale Oorlogsvoering" (English: "Digital Warfare") intended for the Dutch government. Below is my translation of the conclusions and recommendations of the advisory...
What we really need in this industry is a complete shake up. We need true innovative thought that uses cyber intelligence, counterintelligence and active defense and offensive measures in our programs. No more sitting around waiting for the penetration...
January 18, 2012 Added by:Alexander Rothacker
This time ere are only TWO fixes. This is the lowest number ever since the CPU program has started in 2005. Oracle, what happened? Did you throw in the towel on DBMS fixes? I know it’s not because the Database is finally fixed for good and is now suddenly secure...
January 16, 2012 Added by:Malgorzata Skora
Smartphones have become much more powerful over the past few years. Combine this power with the right applications and you can scan a network from the inside in seconds, along with performing several other new types of attacks for information gathering...
January 15, 2012 Added by:Kyle Young
In this post we will be treating strings as objects in a similar sense of Kolmogorov complexity. Then we will apply an alias name or function name to the object which then the alias/function name can be perceived as a natural language sentence...
January 15, 2012 Added by:Richard Stiennon
Thanks to a hacker group in India, Infosec Island has source material that demonstrates wide spread cyber espionage on the part of the Indian Government which the hackers may publish. This is a historically significant development for those of us who track cyber espionage...
January 15, 2012 Added by:Headlines
A source has provided Infosec Island with a copy of a message they received while logging in to their account regarding a "security update". The message advises customers to change their password, but makes no mention of the massive data loss event...
January 14, 2012 Added by:Pierluigi Paganini
LulzSec and Anonymous use Google Hacking as a means of identifying vulnerable targets, as it provides a complete and regularly updated source of sensitive info. Developers and sysadmins who want to deploy applications on cloud infrastructures should be aware...
January 14, 2012 Added by:Rob Fuller
Pentest Monkey is a great resource for a lot of things. You can take this a step further and create a hash mangler script that takes a clean hash and adds the few prefixes and suffixes that are common on Pentest Monkey's list to get the most odds at John picking it up...
January 13, 2012 Added by:Anthony M. Freed
Update: “The Lords of Dharmaraja” claim to have released the source code for Symantec's Norton Utilities as was threatened earlier today. The alleged data dump has not been confirmed, and company officials have not yet released a statement. Exclusive interview with YamaTough here...
January 13, 2012 Added by:Robb Reck
When we get deep into the weeds of any pentest, the results are not going to be pretty. Some systems don’t get patched like they should. Some servers get stood up outside proper change controls. These types of exceptions cause pentest findings and look bad. They are gotchas...
Mobile Security Processes Could Be Applied t... Johnnie Nix on 05-21-2013
ATM Security (And Really Learning from the P... Johnnie Nix on 05-21-2013
New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013