Items Tagged with "Network Security"


Migrating South: The Devolution Of Security From Security

December 20, 2012 Added by:Ian Tibble

Is the typical security portfolio of system administrators wide enough to form the foundations of an effective information security program? Not really. In fact its some way short. Security Analysts need to have a grasp not only on file system permissions, they need to know how attackers actually elevate privileges...

Comments  (0)


The Ultra-Legacy Problem - Systems so old...

December 19, 2012 Added by:Rafal Los

Say you're a sizeable institution here and that over the last two decades you've amassed lots of platforms that run your business, in a time before the Information Security organization did much more than install anti-virus on your desktop... and now that technical debt has come back to haunt you...

Comments  (3)


Hackers at the Controls

December 16, 2012 Added by:Jayson Wylie

An FBI report details what could be the hacking elite sect of Anonymous, Antisec, using a backdoor to compromise an air-conditioning control system in New Jersey. This leaves me to the question of how vulnerable the government and private sectors are for these types of compromise...

Comments  (1)


Israel’s Cyber Defenses Protect Government Sites from 44 Million Attacks

December 11, 2012 Added by:Dan Dieterle

Israel’s cyber defense is hard at work blocking millions of incoming cyber attacks. There have been millions of hacking attempts against government sites that have been intercepted with reportedly only one successfully taking down it’s target. And that for only a few minutes...

Comments  (0)


Managing the Social Impact of Least Privilege

December 10, 2012 Added by:Paul Kenyon

In organizations where IT policy hasn’t been enforced or where users expect to have full autonomy over PCs, the transition to least privilege desktops must be carefully planned, so the IT department doesn’t face a user revolt. Make sure to set users’ expectations accordingly...

Comments  (0)


Compliance Combines with Vulnerability Scanning to Create Aegify

December 10, 2012 Added by:Michelle Drolet

Two security firms, the established Rapid7 vulnerability manager and eGestalt, a cloud-based compliance management provider, have signed an OEM deal that will do something for the IT security industry that hasn’t been done before: a combination security and compliance posture management...

Comments  (1)


Flipping Malware: A Profit Opportunity for Corporate IT Departments

December 09, 2012 Added by:Jeffrey Carr

Some of the more forward-looking DOD contractors who have robust internal CERT with engineers who do reverse-engineering could be in the best position to offer free or low-cost network defense to corporations who want to "flip" the malware found on their network for a nice profit...

Comments  (1)


Port 9100/TCP Probes

December 06, 2012 Added by:Brent Huston

Now this is a little interesting. It is likely meant to be a validation probe that the printer device’s embedded web server is online and that the device is operational. BUT, the “Python-urllib/2.7″ made us suspicious. Perhaps this isn’t a usual printer request?

Comments  (0)


FreeBSD Servers Hacked: Lessons on SSH Public Key Authentication

December 04, 2012 Added by:Mark Baldwin are recommending that anyone who downloaded and installed any of their third-party packages between September 19 2012 and November 11 2012 reinstall their systems. Obviously this could be a big burden for a lot of organizations...

Comments  (4)


Windows 8 Forensics: USB Activity

December 03, 2012 Added by:Dan Dieterle

When I started working on Windows 8 USB drive forensics, I assumed it would be similar to Windows 7. I created a fresh Windows 8 VM and plugged a thumb drive into my local system. The VM recognized it as it should. I shut the VM down and opened it in EnCase to examine what happened...

Comments  (0)


Two New SQL Security Books from Syngress

November 29, 2012 Added by:Ben Rothke

Since SQL is so ubiquitous on corporate networks, with sites often running hundreds of SQL servers; SQL is prone to attacks. SQL injection is a technique often used to attack databases through a website and is often done by including portions of SQL statements in a web form entry field...

Comments  (0)


Hackers hit International Atomic Energy Agency (IAEA) agency

November 29, 2012 Added by:Pierluigi Paganini

The group of hackers who named itself Parastoo Farsi have exposed contacts for more than 100 nuclear experts and scientists, the word Parastoo is Farsi and refers to a bird species like the swallow and an Iranian girl's name...

Comments  (0)


Low-Cost Ways to Make Your Network More Secure

November 26, 2012 Added by:Marc Quibell

There are improvements you can introduce that are seamless, low-cost , don't present a new burden to your users, and/or are easy to implement. So in between your major IT Security projects that may or may not happen, why not improve you security posture and lower your overall risks?

Comments  (2)


LTE networks vulnerable to jamming, a question of national security

November 18, 2012 Added by:Pierluigi Paganini

"These comments describe extremely effective attacks can be realized, using fairly low complexity. It would be in the interest of public safety to take measures to reduce the vulnerability of Public Safety LTE, and lower the likelihood of an effective jamming attack..."

Comments  (0)


Unconventional Defense - Taming a wild environment with CCRM

November 15, 2012 Added by:Rafal Los

Configuration, Change and Release Management is crucial to being an effective information security organization in an enterprise large, or small. If you don't have a handle on the rate of change in your enterprise, you have absolutely no hope of effectively securing anything...

Comments  (0)


Reverse Deception: Organized Cyber Threat Counter-Exploitation

November 14, 2012 Added by:Ben Rothke

Every organization of size and scope is a target, and many of the world’s largest firms and governments have been victims. In Reverse Deception: Organized Cyber Threat Counter-Exploitation, Dr. Max Kilger and his co-authors provide an effective counterintelligence approach in which to deal with APT...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »