Blog Posts Tagged with "Network Security"


Expect New Wave of Cyber Attacks Against Banking

September 26, 2012 Added by:Pierluigi Paganini

A possible Iranian cyber offensive against US banks has been discussed recently, and immediately denied by government of Teheran. Financial institutions are targets for a cyber attacks, as the banking system is a critical asset for a nation and its paralysis could damage economic activities...

Comments  (0)


Three Keys to Managing Firewalls for Better Security

September 25, 2012 Added by:Richard Stiennon

The that firewalls do not provide value had its first incarnation in de-perimeterization. The idea is that because network security is so hard we should give up and focus on securing the endpoints and data that travels between them. In reality we have to defend four separate domains...

Comments  (1)


Investigating In-Memory Network Data with Volatility

September 25, 2012 Added by:Andrew Case

This post will discuss Volatility’s new Linux features for recovering network information including enumerating sockets, network connections, and packet contents, and will discuss each plugin along with implementation, how to use it, output, and which forensics scenarios apply...

Comments  (0)


Metasploit Persistence

September 24, 2012 Added by:f8lerror

You pop a box, get your meterpreter shell at the end of the day. You leave your shell, come back in the morning and find out the connection dropped because the system rebooted. Luckily @Carlos_Perez/Darkoperator made a persistence script that is included in Metasploit...

Comments  (0)


Analyzing Desktops, Heaps, and Ransomware with Volatility

September 24, 2012 Added by:Michael Ligh

This post discusses the undocumented windows kernel data structures for desktop objects and desktop heaps. You'll see how to use memory forensics to detect recent malware including the ACCDFISA ransomware and Tigger variants...

Comments  (0)


Windows 8 Forensics: Reset and Refresh Artifacts

September 24, 2012 Added by:Dan Dieterle

Everything about the machine pre-refresh can be recovered, and is placed into a folder named windows.old. Information in regards to the migration process, old vs. new mappings, and the date and time of the refresh can be found by in the $SysReset folder and the specific log...

Comments  (0)


Anomaly Detection: Front-Door Infrastructure Security

September 23, 2012 Added by:Larry Karisny

So what if we could create an anomaly algorithm that could audit, detect and approve positive input events in business processes. And if we could do this then wouldn’t risk management and security actually just be a byproduct of allowing these positive business events to occur?

Comments  (1)


Analyzing Jynx and LD_PRELOAD Based Rootkits

September 23, 2012 Added by:Andrew Case

In order to have samples to test against, I used the sample provided by SecondLook on their Linux memory images page, and I also loaded the Jynx2 rootkit against a running netcat process in my Debian virtual machine that was running the 2.6.32-5-686 32-bit kernel...

Comments  (0)


CleanIT Project: concerns for a Global Surveillance Project

September 23, 2012 Added by:Pierluigi Paganini

I just returned from the Cyber Threat Summit in Dublin, The event revealed an alarming scenario on cyber threats, no matter if it is cybercrime, hacktivism, cyber terrorism or cyber warfare, all those share a worrying growth of attacks that are influencing our digital lives...

Comments  (1)


Hacking Exposed 7: Network Security Secrets and Solutions

September 23, 2012 Added by:Ben Rothke

With the release of Hacking Exposed 7: Network Security Secrets & Solutions, authors Stuart McClure, Joel Scambray and George Kurtz (along with over 10 contributing authors) provide an up to date version to the original classic. The book includes the essentials of hacking...

Comments  (0)


Security and the Enterprise: Connect What?

September 20, 2012 Added by:Tripwire Inc

We’re going to use the phrase “Connecting security to the business” with almost annoying frequency because it can change the way the business views security, and vice versa. This begs a primer of sorts: What do we mean by all this “connecting security to the business” talk?

Comments  (0)


Let Me out Of Your .NET Work: Server Build

September 19, 2012 Added by:Rob Fuller

First you have to get rid of all other services. That’s harder than you would first assume, because you have to admin the box some how. You could toss SSH on a really high port, or have some kind of backend management, or just remove things from running on a multi-IP’d box...

Comments  (0)


Recovering Login Sessions, Loaded Drivers, and Command History with Volatility

September 18, 2012 Added by:Michael Ligh

Learn about the undocumented windows kernel data structures related to RDP logon sessions, alternate process listings, and loaded drivers. See how Volatility can help you forensically reconstruct attacker command histories and full input/output console buffers...

Comments  (0)


Ask The Experts: Important SCADA Security Tips

September 16, 2012 Added by:Brent Huston

Utilities have been computerizing their SCADA systems for years now. This has allowed them to save money, time and manpower and has increased their situational awareness and control flexibility. However, industrial control systems are usually not very robust and also very ‘dumb...

Comments  (0)


Metasploit Penetration Testing Cookbook

September 13, 2012 Added by:Philip Polstra

Singh provides an introduction to the widely used Metasploit framework in the form of seventy plus recipes for various penetration testing tasks, and goes beyond the basics of Metasploit and covers additional penetration testing tools such as various scanners and evasion tools...

Comments  (0)


What Will the Impact of a Massive Attack in Cyberspace Be?

September 13, 2012 Added by:Joel Harding

In every war, civilians are the victims. If and when a nation state unleashes their cyber forces against another, the initial blow will most likely be crushing. The economy will grind to an immediate halt, and without communications most of what we know will cease to exist...

Comments  (2)

Page « < 3 - 4 - 5 - 6 - 7 > »