Blog Posts Tagged with "Network Security"
Hacking Exposed 7: Network Security Secrets and Solutions
September 23, 2012 Added by:Ben Rothke
With the release of Hacking Exposed 7: Network Security Secrets & Solutions, authors Stuart McClure, Joel Scambray and George Kurtz (along with over 10 contributing authors) provide an up to date version to the original classic. The book includes the essentials of hacking...
Comments (0)
Security and the Enterprise: Connect What?
September 20, 2012 Added by:Tripwire Inc
We’re going to use the phrase “Connecting security to the business” with almost annoying frequency because it can change the way the business views security, and vice versa. This begs a primer of sorts: What do we mean by all this “connecting security to the business” talk?
Comments (0)
Let Me out Of Your .NET Work: Server Build
September 19, 2012 Added by:Rob Fuller
First you have to get rid of all other services. That’s harder than you would first assume, because you have to admin the box some how. You could toss SSH on a really high port, or have some kind of backend management, or just remove things from running on a multi-IP’d box...
Comments (0)
Recovering Login Sessions, Loaded Drivers, and Command History with Volatility
September 18, 2012 Added by:Michael Ligh
Learn about the undocumented windows kernel data structures related to RDP logon sessions, alternate process listings, and loaded drivers. See how Volatility can help you forensically reconstruct attacker command histories and full input/output console buffers...
Comments (0)
Ask The Experts: Important SCADA Security Tips
September 16, 2012 Added by:Brent Huston
Utilities have been computerizing their SCADA systems for years now. This has allowed them to save money, time and manpower and has increased their situational awareness and control flexibility. However, industrial control systems are usually not very robust and also very ‘dumb...
Comments (0)
Metasploit Penetration Testing Cookbook
September 13, 2012 Added by:Philip Polstra
Singh provides an introduction to the widely used Metasploit framework in the form of seventy plus recipes for various penetration testing tasks, and goes beyond the basics of Metasploit and covers additional penetration testing tools such as various scanners and evasion tools...
Comments (0)
What Will the Impact of a Massive Attack in Cyberspace Be?
September 13, 2012 Added by:Joel Harding
In every war, civilians are the victims. If and when a nation state unleashes their cyber forces against another, the initial blow will most likely be crushing. The economy will grind to an immediate halt, and without communications most of what we know will cease to exist...
Comments (2)
Raising Zombies in Windows: Passwords
September 13, 2012 Added by:Rob Fuller
List the tokens available with Incognito, your new user will be there, steal it and you're done. You now have the ability to user that account/domain token on any of the hosts you've compromised on the network, not just the ones they happen to have left themselves logged in...
Comments (0)
Seven Tips to Improve Patch Management
September 12, 2012 Added by:Dan Dieterle
The amount of time many companies spend on patching, the problems they have deploying patches, the perception that patching causes problems, and a general lack of understanding about what it takes to patch, all combine to make patching such a major issue...
Comments (0)
The Best in Practice
September 12, 2012 Added by:Randall Frietzsche
If we are charged with designing, architecting, implementing, deploying, integrating, training and supporting security technology, processes and policies within our organization, we might discover that this work is really an art more than a science...
Comments (0)
Data is the New Perimeter for Cloud Security
September 12, 2012 Added by:Mike Gault
The security market in 2012 is estimated at $60 billion, yet adding more layers of perimeter security may be completely useless against a determined sysadmin working on the inside. The end result is that your data might or might not be secure – you simply have no way to prove it...
Comments (0)
FireEye Advanced Threat Report: The Inadequacy of Defenses
September 12, 2012 Added by:Pierluigi Paganini
The security firm FireEye has released an interesting report that provides an overview of the current threat landscape, evolving malware, advanced persistent threat (APT) tactics, and the level of infiltration seen in organizations’ networks today. The report presents an alarming scenario ...
Comments (0)
Top Hats For Everyone!
September 11, 2012 Added by:Jim Palazzolo
If you give public attention to your adversary, the stronger they get. We keep using terms like “Hacker” and “Black Hat”. I understand the need to classify the behavior. However, are we inadvertently giving individuals too much inherited power by recognizing them in context and connotation?
Comments (2)
Terminal Services Attack Reductions Redux
September 10, 2012 Added by:Brent Huston
Our testing of the “rdp-sec-check” tool showed it to be quite useful in determining the configuration of exposed Terminal Services and in hardening them. Keep in mind, it is likely useful to harden the Terminal Services implementations internally to critical systems as well...
Comments (1)
How Practical is a Disconnected Network?
September 10, 2012 Added by:Rafal Los
Air-gapped networks are difficult to maintain, and what happens when you have to transfer data from that air-gapped network to somewhere else. What if you have to install printer drivers or update your anti-virus signatures? Doesn't sound so easy to do now, does it?
Comments (2)
Securing Your Application Perimeter: Getting Results
September 08, 2012 Added by:Fergal Glynn
What applications should you be testing? Just because the discovery process identifies 300 web applications doesn’t mean that you’d want to test the 30 that clearly should be decommissioned...
Comments (0)
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform
- Mobile Security Processes Could Be Applied to Medical Devices: Bluebox
- The Emperor Is Naked!
- Infographic: Keeping Web Applications Safe