Network Security


2014 ICS Cyber Security Conference – Mark Your Calendar

June 02, 2014 Added by:Joe Weiss

It's official! The 2014 (the 14th) ICS Cyber Security Conference will be held October 20 – 23, 2014 at the Georgia Tech Hotel and Conference Center in Atlanta.

Comments  (0)


Iranian Hackers Target US Military Personnel via Social Media

May 29, 2014 Added by:Dan Dieterle

People trust and share way too much on social media sites, and unfortunately this extends to government employees and military troops around the world.

Comments  (0)


"Back to Basics": What does this mean?

May 28, 2014 Added by:Dave Shackleford

So what ARE “the very basics”? And how exactly do we “get back to them”?

Comments  (0)


Vigilance: Maintaining an Effective Enterprise Security Posture

May 27, 2014 Added by:Tripwire Inc

So the question for us, security professionals and dabblers alike, is how do we make this moment one that makes a difference?

Comments  (0)


Effective NTLM / SMB Relaying

May 22, 2014 Added by:Rob Fuller

Most of the tools to exploit it either catch the authentication in NTLMv2/NTLMv1 (which is not always easy to crack) or assume administrative access (because they attempt to PSEXEC with the incoming session). Well, since MS08-068 that's much harder to pin down.

Comments  (0)


The Electric Industry Still Doesn't Understand What Sophisticated Attackers Are After

May 21, 2014 Added by:Joe Weiss

Stuxnet and Aurora utilized design features of the system or controllers to attack physical systems. Stuxnet and Aurora are not traditional network vulnerabilities and cannot be found or mitigated by using traditional IT security techniques.

Comments  (1)


A Deep Dive into the House's Version of Narrow NSA Reform: The New USA Freedom Act

May 20, 2014 Added by:Electronic Frontier Foundation

Here's how the House version of the USA Freedom Act compares to the Senate's version, what the new House version of the USA Freedom Act does, and what it sorely lacks.

Comments  (0)


Advanced Cyber Threat Techniques

May 19, 2014 Added by:Ali Golshan

Security can no longer be a bolted on solution to the existing infrastructure - it needs to start integrating with the mesh of the existing infrastructure.

Comments  (0)


Proactively Hardening Systems Against Intrusion: Configuration Hardening

May 13, 2014 Added by:Tripwire Inc

What do we mean when we talk about “hardening systems” to repel exploits and withstand intrusions? Much of this is captured in three simple concepts.

Comments  (0)


Researchers Find Evidence of Bogus Certs Used in HTTPS Connections

May 12, 2014 Added by:Anthony M. Freed

Though the threat has been recognized in theory for some time, researchers have now found direct evidence that bogus digital certificates not issued and authorized by legitimate site owners have been employed in establishing seemingly secure HTTPS connections.

Comments  (0)


DOE Cyber Security Procurement Language – Is It Comprehensive Enough

May 06, 2014 Added by:Joe Weiss

DOE recently issued their revised report on Cyber security procurement Language for Energy Delivery Systems dated April 2014.

Comments  (0)


SecurityWeek Acquires Industrial Control System Cybersecurity Conference Series

April 28, 2014 Added by:InfosecIsland News

SecurityWeek announced that it has acquired the ICS Cybersecurity Conference series, the leading organizer of cybersecurity-focused events for the industrial control systems sector.

Comments  (0)


Heartbleed Facts and Fictions

April 28, 2014 Added by:Rebecca Herold

Here are the most common questions, and associated answers, that I’ve received from several of my small- to midsized clients about Heartbleed that have involved the most confusion; let’s clear up that misunderstanding!

Comments  (0)


The Enterprise Network: Effective Protection Strategies

April 24, 2014 Added by:John Grady

The first step is to think strategically, which means creating policies and procedures aimed at the enterprise network as a whole rather than handling issues case by case.

Comments  (0)


Detecting OpenSSL-Heartbleed with Nmap & Exploiting with Metasploit

April 21, 2014 Added by:Dan Dieterle

You can now quickly detect the OpenSSL-Heartbleed vulnerability very quickly on a network using the ever popular nmap command, and with the latest modules from Metasploit you can quickly see the exploit in action.

Comments  (0)


Understanding What Constitutes Your Attack Surface

April 21, 2014 Added by:Tripwire Inc

Put simply, your attack surface is the sum of your security risk exposure. Put another way, it is the aggregate of all known, unknown and potential vulnerabilities and controls across all software, hardware, firmware and networks.

Comments  (0)

Page « < 2 - 3 - 4 - 5 - 6 > »