Latest Posts

Ec9b0ab31140696dd578b354b1054635

On Romulan Ale and Bird of Prey Malware

July 20, 2011 Added by:Vulcan Mindm3ld

Defenders are bound by a set of process and procedures. An organization’s inflexibility in deviating from them compound the problems. Many changes are often rejected on the basis of economic concerns. The majority are focusing on useless security guidelines such as the DISA PDI GEN001280...

Comments  (2)

69dafe8b58066478aea48f3d0f384820

FBI: Anonymous Members Arrested for PayPal Attacks

July 20, 2011 Added by:Headlines

Fourteen individuals were arrested by on charges related to their involvement in a cyber attack on PayPal’s website as part of an action claimed by the group “Anonymous,” announced the Department of Justice and the FBI. Two additional defendants were arrested on cyber-related charges...

Comments  (1)

Ba829a6cb97f554ffb0272cd3d6c18a7

Solving The End User Problem

July 19, 2011 Added by:Kevin McAleavey

One of the more useful tools for Windows clients was a product called "Steady State." It allowed a system to be "snapshotted" and in the event of malware intrusion, a reboot would restore the client to its previous snapshot. But like most good ideas, Microsoft discontinued it...

Comments  (3)

69dafe8b58066478aea48f3d0f384820

Politics Trumps Security in Dubious White House Hire

July 19, 2011 Added by:Headlines

Callahan was the ex-Clinton staffer who famously lost thousands of White House e-mails which were under subpoena, and was also dismissed by the Department of Homeland Security after a Congressional investigation determined she lied about her education and experience credentials...

Comments  (3)

Bdd5942b986a243fd2d84461611aec6a

Have I Been Skimmed???

July 19, 2011 Added by:Anup Shetty

Hardware tampering on handhelds are tough to crack unless multiple cases lead to the fraudsters. Awareness and regular tracking one's card accounts leads to detection. The next time you swipe your card at a tacky joint that, be sure to be more vigilant on your account...

Comments  (0)

44a2e0804995faf8d2e3b084a1e2db1d

PFC Parts' Delectable Cyber Security Shopping List

July 19, 2011 Added by:Don Eijndhoven

A study done by the CSIS speaks of a human capital crisis in Cyber Security and may offer some insights that can also be used outside of the US. CSIS mentions that there are a variety of people and skills needed. From the report we learn that CSIS found a shortage in the following roles...

Comments  (2)

37d5f81e2277051bc17116221040d51c

Spear Phishing Leaves a Bloody Wound

July 19, 2011 Added by:Robert Siciliano

Once criminal hackers get a person’s username and email address, they can begin to launch a targeted spear phish scam. Scammers copy the design of each breached entities outgoing email campaign and blast the breached list with “account update” or other ruses...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Seven No-Cost Security Tune-Ups for Windows

July 19, 2011 Added by:Headlines

"Don't use Internet Explorer or, for that matter, Safari... neither is as secure as Chrome, Firefox or Opera. IE 10 is certainly safer to use than previous versions, but significant security flaws that could expose your Windows system to malicious code online tend to crop up with it..."

Comments  (0)

Bc353c4c6a6f7743290ce11723414424

ASA and IPS Parallel Features – Part II

July 19, 2011 Added by:Dawn Hopper

The value of the normalizer with inline mode cannot be overstated; it can reassemble entire fragmented streams as well as modify packets with illegal and/or malformed options before they reach their target. Not surprisingly, some technical documents refer to this function as packet scrubbing...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

UPDATE: FBI Arrests 14 in Hacktivist Investigation

July 19, 2011 Added by:Headlines

"Authorities have arrested 14 people today in the United States in connection with hacking attacks by the Anonymous group of online activists, sources said. The arrests follow raids earlier in the day on homes in New York, California, New Jersey, and Florida..."

Comments  (3)

850c7a8a30fa40cf01a9db756b49155a

I Am Certified - You Are Secured

July 18, 2011 Added by:J. Oquendo

Security? I don't care for it. Companies don't want security. They do not want assurance. They want a framework to ensure they did no wrong. My goal is simplified ten-fold, and my aim is to ensure that someone on the C-level can cross their T's dot their I's and get on with their game of golf...

Comments  (29)

4ed54e31491e9fa2405e4714670ae31f

Using Meterpreter Script – StickyKeys.rb

July 18, 2011 Added by:Kyle Young

This script places a backdoor onto a Windows victim system. The sethc.exe program is the sticky keys program. To activate you just have to hit the shift key 5 times and sethc.exe will be executed. While this can be useful for those who are disabled, there is also an abuse for this feature...

Comments  (2)

8c4834b99847b9f7c9ee94b45df086f9

Jay Leno: Most Dangerous Celebrity in Cyberspace

July 18, 2011 Added by:Emmett Jorgensen

“Cyber criminals follow the latest trends just as consumers do and they use these and the names of popular celebrities in their campaigns in order to lure people to websites that are full of malicious software (malware)..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Researchers Develop No-Proxy Anonymity System

July 18, 2011 Added by:Headlines

"The client secretly marks the connection as a Telex request by inserting a cryptographic tag into the headers. We construct this tag using a mechanism called public-key steganography... only the Telex service (using a private key) can recognize that a connection has been tagged..."

Comments  (2)

Ec9b0ab31140696dd578b354b1054635

Password Hash: It's Okay to Inhale...

July 18, 2011 Added by:Vulcan Mindm3ld

The recent IRC Federal and HBGary SQL injection vulnerabilities allowed attackers access to a username/password table stored in the database. IRC Federal's “experts” simply stored unencrypted passwords while HBGary's “expert” third-party developers implemented unsalted, non-iterated MD5...

Comments  (4)

69dafe8b58066478aea48f3d0f384820

Authorities Arrest 61 in Global ATM Skimming Ring

July 18, 2011 Added by:Headlines

"What stands out to me is that they arrested 61 people and they anticipate more. I think it just shows how pervasive these skimming rings are. This isn't a couple of smart teenage hackers operating locally, but a globally organized operation..."

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

America Faced With Wave of Chinese Espionage

July 18, 2011 Added by:Infosec Island Admin

Espionage by the Chinese has been a favorite past time for them with regard to the U.S. and now that espionage is taking place within computer networks. But this too has been happening for a long time (see Titan Rain or others like Moonlight Maze)...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Defense Research Lab Back Online After Attacks

July 18, 2011 Added by:Headlines

Nearly two weeks after an Advanced Persistent Threat (APT) attack caused officials to take systems offline at the Energy Department’s Pacific Northwest National Laboratory (PNNL), nearly all systems have been restored to normal operating parameters...

Comments  (0)

Ba829a6cb97f554ffb0272cd3d6c18a7

Seven Security Blankets and I'm Still Short-Sheeted

July 17, 2011 Added by:Kevin McAleavey

Client-side "layered security" is a mess. It fails because people are so irritated by all the alerts that they don't understand. They no longer trust their security arrangements, and when they visit a site that offers a rogue antivirus and no alert pops up, they let it run for a second opinion...

Comments  (0)

E973b16363b3de77b360563237df7e32

Software Security Degree Programs

July 17, 2011 Added by:Bozidar Spirovski

More institutions are providing programs and degrees focused on the security aspect of information technology than ever before. Part of the reason for this is the significant projected increase in the number of jobs available in the field...

Comments  (1)