OS & Software
Skynet, the potential use of Tor as a bulletproof botnet
December 10, 2012 Added by:Pierluigi Paganini
In September 2012 the German security firm G Data Software detected a botnet with a particular feature, it is controlled from an Internet Relay Chat (IRC) server running as a hidden service of the Tor...
Comments (0)
Flipping Malware: A Profit Opportunity for Corporate IT Departments
December 09, 2012 Added by:Jeffrey Carr
Some of the more forward-looking DOD contractors who have robust internal CERT with engineers who do reverse-engineering could be in the best position to offer free or low-cost network defense to corporations who want to "flip" the malware found on their network for a nice profit...
Comments (1)
Sophos Security Threat Report 2013, today... tomorrow
December 07, 2012 Added by:Pierluigi Paganini
Sophos was one of the first security firms that has published a report on the security landscape the upcoming year. The document provides an interesting overview on most common and dangerous cyber threats to determine the level of penetration in different countries...
Comments (0)
Japan Aerospace Exploration Agency hit again by malware
December 03, 2012 Added by:Pierluigi Paganini
The New Your Times has recently published the news the Japan Aerospace Exploration Agency was hit by a virus that stolen secret information on newest rockets from an internal computer...
Comments (0)
Weaponizing the Nokia N900 – Part 4.0 – A Three Year Anniversary!
November 25, 2012 Added by:Kyle Young
I still believe the best phone for hackers is the Nokia N900 and it is a shame that Nokia decided to go the way of Microsoft. I personally believe that Nokia should have gone the route of an Android/Linux hybrid mobile operating system, but that’s just my opinion...
Comments (1)
W32.Narilam, the malware that hit databases in Middle East
November 25, 2012 Added by:Pierluigi Paganini
W32.Narilam is a worm that attempts to spread by copying itself to all drives and certain shared folders on the compromised computer, the malware doesn’t include modules to steal information from the victims....
Comments (0)
F-Secure Mobile threat report Q3/2012, cyber threats in the ether
November 06, 2012 Added by:Pierluigi Paganini
The rapid diffusion of Android devices has had the effect of increasing the number of malware developed for the OS. During the third quarter 51,447 unique samples were detected. Google has tried to secure it’s OS with the introduction of an additional security layer named Bouncer...
Comments (0)
Russian Underground is just part of a global criminal network
November 01, 2012 Added by:Pierluigi Paganini
Programming services and software sales was the most common service in the criminal market, where it is possible to buy customized malware agents and any kind of applications to conduct a cyber attack such as spammers, brute-force tools and DDoS bots and exploit toolkits...
Comments (0)
Getting System the Lazy Way
October 31, 2012 Added by:f8lerror
We know all that many users are local administrators. We also know we can send or drop binaries to these users and they will run whatever we want them to. The problem lies in when they run the binary if they don’t run it as admin we may not be able to get system level access. To be honest that is the level I want...
Comments (0)
Optimism... or Special Interests?
October 31, 2012 Added by:Jayson Wylie
There seems to be some political purpose to the current interests around Kaspersky. They are becoming involved in investigating malware of a cyber weapon nature instead of the constant pursuit of Trojan variants and financial fraud that is more damaging to the masses originating around their home office...
Comments (0)
TrendMicro Q3 Security Report
October 24, 2012 Added by:Pierluigi Paganini
Trend Micro has released the 3Q 2012 SECURITY ROUNDUP that presents a worrying trend for malware growth which increased 483%. This includes cyber espionage malware and also destructive malicious agents targeting mainly the mobile world and in particular Google Android platform...
Comments (0)
Sidestepping Microsoft SQL Server Authentication
October 21, 2012 Added by:Brandon Knight
Penetration testers love compromising systems during assessments, and the most important portion of a penetration test is getting access to critical data and systems. So, post exploitation I generally head for the database servers. Depending on the permissions of the target there may be another hurdle to bypass...
Comments (2)
Flame, miniFlame, the mystery of an on going cyber espionage campaign
October 16, 2012 Added by:Pierluigi Paganini
Last May The Iranian Computer Emergency Response Team (MAHER) detected a new malware which hit the country named Flame, also known as Flamer or Skywiper. Kaspersky Lab and CrySyS Lab also identified the malware, recognized as a powerful cyber espionage tool that hit mainly Windows systems in the Middle East...
Comments (0)
Hacktivists Using Shortened Links to Hide Malware Servers
October 15, 2012 Added by:Dan Dieterle
“Most did not recognise that people using fake profiles, perhaps masquerading as school friends, could capture information and movements. Few consider the possibilities of data mining and how patterns of behaviour can be identified over time..."
Comments (0)
What is the Dorkbot Worm That is Attacking Skype Users?
October 12, 2012 Added by:Pierluigi Paganini
What would happen if a malware compromises a communication system adopted daily by 663 million users? Security experts have issued an alert to Skype users about an ongoing attack that tries to induce them to click a link that spreads malware...
Comments (0)
GAO Invites FDA to Improve Information Security for Medical Devices
October 08, 2012 Added by:Pierluigi Paganini
In the last decade the number of cyber incidents related to technologies that surround us is growth exponentially, the principal concerns are related to all those objects with an "intelligent component" that we daily use expose on internet for different purposes...
Comments (5)
- Identity & Access Management: Give Me a REST
- Over-Sharing Riskier than Government Snooping
- 20 Critical Security Controls: Control 13 – Boundary Defense
- Redefining Social Networking
- Creating Your Own Privacy & ROI
- Security Intelligence for the Enterprise - Part 1
- Why are Cybercrimes NOT Always White-collar Crimes?
- From the SMB to Security Guru: Five Ways IT Pros Can Manage Security on a Budget
- Balancing Act Between Privacy and Security
- The NSA’s Word Games Explained: How the Government Deceived Congress in the Debate over Surveillance Powers