Network Security

201d6e4b7cd0350a1a9ef6e856e28341

Bipartisan Policy Committee Report on Cyber Security of the Electric Grid – What’s Missing

March 17, 2014 Added by:Joe Weiss

I believe the only means for cyber threats to cause long term and wide-spread grid failure is through compromising the control systems of facilities leading to physical damage of long-lead time critical equipment such as transformers and turbines.

Comments  (0)

9fb165a9b7dfef2a9f8ac7d69b22a42c

Monitoring Android Network Traffic Part I: Installing The Toolchain

March 13, 2014 Added by:Vince Kornacki

TCPDUMP is extremely useful for monitoring network traffic when debugging applications and performing penetration tests. Unfortunately Android mobile devices do not include the TCPDUMP program. However, do not despair.

Comments  (0)

Ebb72d4bfba370aecb29bc7519c9dac2

On Threat Intelligence Sources

March 05, 2014 Added by:Anton Chuvakin

Where does threat intelligence come from?

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

SOHO pharming attack hit more that 300,000 devices worldwide

March 04, 2014 Added by:Pierluigi Paganini

Another mass compromise of small office/home office (SOHO) wireless routers has been uncovered by researchers from security firm Team Cymru.

Comments  (0)

7ddc1f3000a13e4dfec28074e9e7b658

Congress Must Update Email Privacy Law

February 27, 2014 Added by:Electronic Frontier Foundation

A bill co-sponsored by Reps. Kevin Yoder, Tom Graves, and Jared Polis—HR 1852, The Email Privacy Act—seeks to update ECPA by requiring a probable cause warrant whenever the government wants to access your online private messages.

Comments  (0)

01ceb9281b3fb3dbb90c3efbe327717e

What's The Next Reflection Attack

February 20, 2014 Added by:Alan Woodward

Two years ago we were all talking about DNS reflection attacks and the possibility that they may make an appearance. A year later they did just that, and on a massive scale.

Comments  (0)

Ebb72d4bfba370aecb29bc7519c9dac2

How to Make Better Threat Intelligence Out of Threat Intelligence Data?

February 19, 2014 Added by:Anton Chuvakin

One of the key uses for threat intelligence (TI) data is making better threat intelligence data out of it.

Comments  (0)

Ebb72d4bfba370aecb29bc7519c9dac2

On NTP Reflection DDoS: 1990s Strike Back?

February 18, 2014 Added by:Anton Chuvakin

Sure, I admire the ability of attackers to find all the opportunities for amplification DDoS. DNS – check, NTP – check, SNMP – pending… However, I definitely can not hold the the same admiration for the “defenders” (if they can be called that) who still allow spoofed packets to leave their networks.

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Monitoring: an Absolute Necessity (but a Dirty Word Nonetheless)

February 17, 2014 Added by:Brent Huston

There is no easier way to shut down the interest of a network security or IT administrator than to say the word "monitoring." You can just mention the word and their faces fall as if a rancid odor had suddenly entered the room! And I can’t say that I blame them.

Comments  (2)

03b2ceb73723f8b53cd533e4fba898ee

Crowd-Funding Site Kickstarter Hacked

February 17, 2014 Added by:Pierluigi Paganini

The popular crowd funding website Kickstarter is the lastest victim of a data breach.

Comments  (0)

Ebb72d4bfba370aecb29bc7519c9dac2

Threat Intelligence is NOT Signatures!

February 10, 2014 Added by:Anton Chuvakin

If you are receiving a list of IPs from somewhere and then blindly dropping them into your ACLs or NIPS signatures, you are not doing threat intelligence (TI).

Comments  (4)

D8853ae281be8cfdfa18ab73608e8c3f

Hostname Bruteforcing on the Cheap

February 03, 2014 Added by:Rob Fuller

There are some great discussions on the NoVA Hackers mailing list. One such discussion was about what the best way to do dns hostname brute forcing was and which tool is better than another. For me, I just use the command line and then parse the results (or just ask the deepmagic.com database ;–)

Comments  (0)

E595c1d49bf4a26f8e14ce59812af80e

The Workplace of the Future and What It Means for Network Security

January 28, 2014 Added by:Patrick Oliver Graf

The convergent trends of BYOD, the consumerization of IT and mobility are causing rapid shifts in employees’ expectations for their work environment. Employees are driving the change by working remotely and on their own devices resulting in the workplace itself becoming increasingly flexible.

Comments  (0)

7ddc1f3000a13e4dfec28074e9e7b658

Why the FCC Can't Actually Save Net Neutrality

January 27, 2014 Added by:Electronic Frontier Foundation

Some people have condemned last week’s court decision to reject the bulk of the Federal Communications Commission’s (FCC) Open Internet Order as a threat to Internet innovation and openness. Others hailed it as a victory against dangerous government regulation of the Internet. Paradoxically, there is a lot of truth to both of these claims.

Comments  (0)

6d117b57d55f63febe392e40a478011f

Israeli Defense Systems Hacked with Xtreme RAT Trojan

January 27, 2014 Added by:Anthony M. Freed

The attackers used a spear-phishing email designed to look like it was sent by the country’s Shin Bet secret security service which contained a malicious attachment that infected the systems with the Xtreme RAT software, a remote access tool.

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Business Impact Analysis: A Good Way to Jumpstart an Information Security Program

January 27, 2014 Added by:Brent Huston

BIA (business impact analysis) is traditionally seen as part of the business continuity process. It helps organizations recognize and prioritize which information, hardware and personnel assets are crucial to the business so that proper planning for contingency situations can be undertaken.

Comments  (0)

Page « < 2 - 3 - 4 - 5 - 6 > »