Blog Posts Tagged with "Network Security"

7fef78c47060974e0b8392e305f0daf0

Cyber Espionage: A Buzzword-Term Often Overused

January 23, 2012 Added by:Infosec Island Admin

The Cuckoo’s Egg”, which happened in 1986, is the first "documented” case of computer espionage that is not classified. Cliff Stoll was asked to look into an accounting error on a University system and ended up finding and tracking an asset for the KGB...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Criticality of Attribution in Volatile Situations

January 22, 2012 Added by:Rafal Los

Imagine when a kinetic act causing loss of life is falsely attributed to a group, and because of the situation, human nature takes over. Assigning responsibility even when it's false is all the "evidence" we need to go to war or retaliate. Same with a hacked website...

Comments  (1)

5cbe1364caf51f95cac6484a832d66d0

More Exposure to SCADA Devices Through Shodan

January 22, 2012 Added by:Bob Radvanovsky

Wile I am certain that the majority of this membership knows what Shodan is, honestly, it represents slightly more than an automated port scanner reporting back on some of the more common open ports (HTTP, SNMP, telnet) that appear to be pingable throughout the Internet...

Comments  (3)

C4363f41d25c216c53c8d71a1ac44a90

Dutch Council on Int'l Affairs' Advice on Digital Warfare

January 22, 2012 Added by:Matthijs R. Koot

In December 2011 the Dutch Advisory Council on International Affairs published an advisory entitled "Digitale Oorlogsvoering" (English: "Digital Warfare") intended for the Dutch government. Below is my translation of the conclusions and recommendations of the advisory...

Comments  (0)

0ff0a77035f9569943049ed3e980bb0d

The Proliferation of Cyber Janitors

January 20, 2012 Added by:

What we really need in this industry is a complete shake up. We need true innovative thought that uses cyber intelligence, counterintelligence and active defense and offensive measures in our programs. No more sitting around waiting for the penetration...

Comments  (3)

B451da363bb08b9a81ceadbadb5133ef

TeamSHATTER: Analysis of the January 2012 Oracle CPU

January 18, 2012 Added by:Alexander Rothacker

This time ere are only TWO fixes. This is the lowest number ever since the CPU program has started in 2005. Oracle, what happened? Did you throw in the towel on DBMS fixes? I know it’s not because the Database is finally fixed for good and is now suddenly secure...

Comments  (0)

1a490136c27502563c62267354024cd5

That a Phone in Your Pocket or Are You Scanning My Network?

January 16, 2012 Added by:Malgorzata Skora

Smartphones have become much more powerful over the past few years. Combine this power with the right applications and you can scan a network from the inside in seconds, along with performing several other new types of attacks for information gathering...

Comments  (1)

4ed54e31491e9fa2405e4714670ae31f

Kolmogorov Complexity, Natural Language Programming and the Bash Shell

January 15, 2012 Added by:Kyle Young

In this post we will be treating strings as objects in a similar sense of Kolmogorov complexity. Then we will apply an alias name or function name to the object which then the alias/function name can be perceived as a natural language sentence...

Comments  (0)

924ce315203c17e05d9e04b59648a942

First Documented Case of Cyber Espionage?

January 15, 2012 Added by:Richard Stiennon

Thanks to a hacker group in India, Infosec Island has source material that demonstrates wide spread cyber espionage on the part of the Indian Government which the hackers may publish. This is a historically significant development for those of us who track cyber espionage...

Comments  (12)

69dafe8b58066478aea48f3d0f384820

Zappos.com Hack: 24 Million Customer Records Breached

January 15, 2012 Added by:Headlines

A source has provided Infosec Island with a copy of a message they received while logging in to their account regarding a "security update". The message advises customers to change their password, but makes no mention of the massive data loss event...

Comments  (2)

03b2ceb73723f8b53cd533e4fba898ee

The Next Generation Search Engine Hacking Arsenal

January 14, 2012 Added by:Pierluigi Paganini

LulzSec and Anonymous use Google Hacking as a means of identifying vulnerable targets, as it provides a complete and regularly updated source of sensitive info. Developers and sysadmins who want to deploy applications on cloud infrastructures should be aware...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Hash Types for John the Ripper

January 14, 2012 Added by:Rob Fuller

Pentest Monkey is a great resource for a lot of things. You can take this a step further and create a hash mangler script that takes a clean hash and adds the few prefixes and suffixes that are common on Pentest Monkey's list to get the most odds at John picking it up...

Comments  (1)

6d117b57d55f63febe392e40a478011f

Exclusive: Interview With Hacker YamaTough

January 13, 2012 Added by:Anthony M. Freed

Update: “The Lords of Dharmaraja” claim to have released the source code for Symantec's Norton Utilities as was threatened earlier today. The alleged data dump has not been confirmed, and company officials have not yet released a statement. Exclusive interview with YamaTough here...

Comments  (3)

C787d4daae33f0e155e00c614f07b0ee

Why Do We Pen Test?

January 13, 2012 Added by:Robb Reck

When we get deep into the weeds of any pentest, the results are not going to be pretty. Some systems don’t get patched like they should. Some servers get stood up outside proper change controls. These types of exceptions cause pentest findings and look bad. They are gotchas...

Comments  (0)

C70bb5cfd0305c9d18312d92f820c321

On Defending Networks

January 13, 2012 Added by:Gabriel Bassett

If we can secure areas of the world existing in at least 3 domains (land, air, and space) if not four (adding sea), then we should easily be able to train to defend networks existing in a single domain (digital)...

Comments  (0)

39728eff8ac87a48cfb050f0df29ceaa

Effective SIEM: Less Turtle - More Awareness

January 12, 2012 Added by:John Linkous

SIEM tools are highly focused on events. Even in cases where a SIEM can look outside of the world of events at one or two other pieces of data - say, at network traffic - that’s still woefully inadequate. We certainly need events and network traffic data...

Comments  (0)

Page « < 26 - 27 - 28 - 29 - 30 > »