Vulns & Alerts


Adapting Vulnerability Management to Address Advanced Persistent Threats

March 19, 2014 Added by:Tripwire Inc

In addition to being one of the top SANS Critical Security Controls and part of numerous other compliance frameworks, vulnerability management is generally accepted as basic security hygiene today for corporate networks.

Comments  (0)


Recent Development of ICS Exploits Continues Upward Trend of Security Research

March 19, 2014 Added by:Joel Langill

One very important part of a well-rounded ICS Security Management System is situational awareness of the actual risks facing industrial systems in terms of both vulnerabilities disclosed and the ease in converting these proof-of-concept (PoC) disclosures into workable exploit modules.

Comments  (0)


The Windows XP Rundown is Really About Security

March 18, 2014 Added by:Praveen Manohar

Now is an appropriate time to discuss the implications of the end of XP support and explore what the rundown is really all about: security.

Comments  (0)


Bipartisan Policy Committee Report on Cyber Security of the Electric Grid – What’s Missing

March 17, 2014 Added by:Joe Weiss

I believe the only means for cyber threats to cause long term and wide-spread grid failure is through compromising the control systems of facilities leading to physical damage of long-lead time critical equipment such as transformers and turbines.

Comments  (0)


Chinese Hackers help China build J-20 Stealth Fighter with US Tech

March 17, 2014 Added by:Dan Dieterle

According to defense officials, starting in 2007 Chinese hackers were involved in a massive, multi-year cyber espionage program dubbed, 'Operation Byzantine Hades', that targeted foreign governments and industry.

Comments  (0)


Target Should be Our Target

March 14, 2014 Added by:Wayde York

The press has come out with the fact that Target received a warning about malware and hacking before 40 million credit cards were compromised. While we should not string up the security analysts at Target, we may have to spank their managers.

Comments  (0)


Is the Agent.btz malware the link between Snake and Red October?

March 13, 2014 Added by:Pierluigi Paganini

The agent.btz malware may have served as starting point for malware Turla and the malicious code used in the Red October campaign.

Comments  (0)


Russian “Cyber” Snake attacking Ukrainian Systems

March 11, 2014 Added by:Dan Dieterle

Everyone is expecting Russia to attack Ukrainian computer systems, but the truth may be that they have been doing so right along.

Comments  (0)


What Will A Russia-Ukraine Cyberwar Look Like?

March 06, 2014 Added by:Richard Stiennon

Five and a half years since Georgia we can expect a little more sophistication in the arsenal that Russia can bring to bear.

Comments  (0)


Apple Fixes iOS SSL Validation Flaw That Enables Man-in-the-Middle Attacks

February 21, 2014 Added by:Mike Lennon

Apple has released iOS 7.0.6 which patches a flaw in iOS that enables a man-in-the-middle attack of encrypted (SSL) connections

Comments  (1)


Iterative DNS Brute Forcing

February 20, 2014 Added by:Rob Fuller

Over the years of doing DNS record collection I have noticed one thing, most domains have a large number of short hostnames that are easy to remember, usually 4 characters or less. I’m sure you already know where I’m going with this, I wanted to brute force all possible hostnames up to 4 characters.

Comments  (0)


Profiling hacking for hire services offered in the underground

February 18, 2014 Added by:Pierluigi Paganini

Surfing in various cyber criminal forums or visiting some hidden services in the DeepWeb, it is quite easy to discover forums dedicated to facilitating the matching of supply and demand.

Comments  (0)


Stopping Remote Access Breaches with “Honey”

February 07, 2014 Added by:Patrick Oliver Graf

A new approach, called “Honey Encryption”, could potentially offer more effective digital security by making fake data appear to be legitimate and valuable information to hackers.

Comments  (6)


GCHQ ran a DoS attack on chatrooms used by Anonymous and LulzSec

February 06, 2014 Added by:Pierluigi Paganini

New slides leaked by Snowden and published by NBC News reveal that GCHQ ran DoS attack on chatrooms used by Anonymous and LulzSec.

Comments  (4)


How serious is the Aurora vulnerability for nuclear plants?

February 04, 2014 Added by:Joe Weiss

This risk is certainly more probable than once in a million years which is the minimum criteria for the safety analysis to address specific threats.

Comments  (0)


Search Engines for OSINT and Recon

February 03, 2014 Added by:Dave Shackleford

There’s an amazing number of awesome search facilities that can be useful when doing OSINT and recon work for pen testing. I’ll list a lot of different sites that I have discovered and use regularly for both.

Comments  (0)

Page « < 3 - 4 - 5 - 6 - 7 > »