Blog Posts Tagged with "Network Security"

0a8cae998f9c51e3b3c0ccbaddf521aa

On the Lack of IT Readiness: The Security Edition

September 30, 2012 Added by:Rafal Los

Sticking to the basics wouldn't be such a bad thing in Security... if we had a clue on how to do the basics right. I know plenty of people who pentest all day every day and they'll be the first to tell you how easy it is to break in because defenses are so weak, if they exist at all...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Surviving a Public Infrastructure or Energy Grid Attack

September 27, 2012 Added by:Dan Dieterle

What would you do if the lights suddenly went out? Where would you get news from? Or more importantly water? Keep cool or get heat? Though many disregard warnings about critical infrastructure attacks what if the worst did happen, would you be prepared?

Comments  (2)

0a8cae998f9c51e3b3c0ccbaddf521aa

Java in the Cross-Hairs of Enterprise Security

September 26, 2012 Added by:Rafal Los

Enterprises seem to have a love-hate relationship with Java. It's a client we aren't thrilled with, but when it comes to cross-platform use there aren't really any other alternatives. If you look around you'll find that many of the security platforms are written in what? Java...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Expect New Wave of Cyber Attacks Against Banking

September 26, 2012 Added by:Pierluigi Paganini

A possible Iranian cyber offensive against US banks has been discussed recently, and immediately denied by government of Teheran. Financial institutions are targets for a cyber attacks, as the banking system is a critical asset for a nation and its paralysis could damage economic activities...

Comments  (0)

924ce315203c17e05d9e04b59648a942

Three Keys to Managing Firewalls for Better Security

September 25, 2012 Added by:Richard Stiennon

The that firewalls do not provide value had its first incarnation in de-perimeterization. The idea is that because network security is so hard we should give up and focus on securing the endpoints and data that travels between them. In reality we have to defend four separate domains...

Comments  (1)

Bdcd1324539ec513ff7c10014b9668b6

Investigating In-Memory Network Data with Volatility

September 25, 2012 Added by:Andrew Case

This post will discuss Volatility’s new Linux features for recovering network information including enumerating sockets, network connections, and packet contents, and will discuss each plugin along with implementation, how to use it, output, and which forensics scenarios apply...

Comments  (0)

71d85bb5d111973cb65dfee3d2a7e6c9

Metasploit Persistence

September 24, 2012 Added by:f8lerror

You pop a box, get your meterpreter shell at the end of the day. You leave your shell, come back in the morning and find out the connection dropped because the system rebooted. Luckily @Carlos_Perez/Darkoperator made a persistence script that is included in Metasploit...

Comments  (0)

Fd7e078e5bfb68a4be33cbfac76f4f70

Analyzing Desktops, Heaps, and Ransomware with Volatility

September 24, 2012 Added by:Michael Ligh

This post discusses the undocumented windows kernel data structures for desktop objects and desktop heaps. You'll see how to use memory forensics to detect recent malware including the ACCDFISA ransomware and Tigger variants...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Windows 8 Forensics: Reset and Refresh Artifacts

September 24, 2012 Added by:Dan Dieterle

Everything about the machine pre-refresh can be recovered, and is placed into a folder named windows.old. Information in regards to the migration process, old vs. new mappings, and the date and time of the refresh can be found by in the $SysReset folder and the specific log...

Comments  (0)

8a958994958cdf24f0dc051edfe29462

Anomaly Detection: Front-Door Infrastructure Security

September 23, 2012 Added by:Larry Karisny

So what if we could create an anomaly algorithm that could audit, detect and approve positive input events in business processes. And if we could do this then wouldn’t risk management and security actually just be a byproduct of allowing these positive business events to occur?

Comments  (1)

Bdcd1324539ec513ff7c10014b9668b6

Analyzing Jynx and LD_PRELOAD Based Rootkits

September 23, 2012 Added by:Andrew Case

In order to have samples to test against, I used the sample provided by SecondLook on their Linux memory images page, and I also loaded the Jynx2 rootkit against a running netcat process in my Debian virtual machine that was running the 2.6.32-5-686 32-bit kernel...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

CleanIT Project: concerns for a Global Surveillance Project

September 23, 2012 Added by:Pierluigi Paganini

I just returned from the Cyber Threat Summit in Dublin, The event revealed an alarming scenario on cyber threats, no matter if it is cybercrime, hacktivism, cyber terrorism or cyber warfare, all those share a worrying growth of attacks that are influencing our digital lives...

Comments  (1)

3e35900ae6facc6c146a85c435c71d82

Hacking Exposed 7: Network Security Secrets and Solutions

September 23, 2012 Added by:Ben Rothke

With the release of Hacking Exposed 7: Network Security Secrets & Solutions, authors Stuart McClure, Joel Scambray and George Kurtz (along with over 10 contributing authors) provide an up to date version to the original classic. The book includes the essentials of hacking...

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Security and the Enterprise: Connect What?

September 20, 2012 Added by:Tripwire Inc

We’re going to use the phrase “Connecting security to the business” with almost annoying frequency because it can change the way the business views security, and vice versa. This begs a primer of sorts: What do we mean by all this “connecting security to the business” talk?

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Let Me out Of Your .NET Work: Server Build

September 19, 2012 Added by:Rob Fuller

First you have to get rid of all other services. That’s harder than you would first assume, because you have to admin the box some how. You could toss SSH on a really high port, or have some kind of backend management, or just remove things from running on a multi-IP’d box...

Comments  (0)

Fd7e078e5bfb68a4be33cbfac76f4f70

Recovering Login Sessions, Loaded Drivers, and Command History with Volatility

September 18, 2012 Added by:Michael Ligh

Learn about the undocumented windows kernel data structures related to RDP logon sessions, alternate process listings, and loaded drivers. See how Volatility can help you forensically reconstruct attacker command histories and full input/output console buffers...

Comments  (0)

Page « < 3 - 4 - 5 - 6 - 7 > »