Items Tagged with "hackers"


Energy Sector Cyber Espionage: Chinese Hackers are not Alone

September 29, 2012 Added by:Pierluigi Paganini

Since last month a new campaign of cyber attacks have hit the Energy sector, all is started with the incidents to Saudi Aramco and RasGas companies, in both cases a malware infected internal networks without impacting on the production systems...

Comments  (0)


Video: Do I Have to Secure All My Applications?

September 24, 2012

Attackers take advantage of any externally facing web application. If you think about a web application is not mission because it’s not touching data and if there is a SQL Injection vulnerability that exists in there attackers can use that to gain a foothold inside the network...

Comments  (0)


Death Match: Peter the Great Versus Sun Tzu

September 21, 2012 Added by:Infosec Island Admin

The paper, “Peter the Great Versus Sun Tzu” alleges that a comparison can be made between the varying actors in malware creation. They have broken this down into a battle royal between the “Asians” and the “Eastern Europeans” which is just patently stupid...

Comments  (1)


Fifty Shades of Grey Hat: Hacking and Ethics

September 19, 2012 Added by:Tripwire Inc

The grey hat is more interested in the “how” than the “why”. There is a respect for the black hat's technical abilities, while keeping a wary eye on them. Some grey hats have had run ins with the law, not due to being malicious, but because curiosity got the best of them...

Comments  (1)


Recovering Login Sessions, Loaded Drivers, and Command History with Volatility

September 18, 2012 Added by:Michael Ligh

Learn about the undocumented windows kernel data structures related to RDP logon sessions, alternate process listings, and loaded drivers. See how Volatility can help you forensically reconstruct attacker command histories and full input/output console buffers...

Comments  (0)


Top Hats For Everyone!

September 11, 2012 Added by:Jim Palazzolo

If you give public attention to your adversary, the stronger they get. We keep using terms like “Hacker” and “Black Hat”. I understand the need to classify the behavior. However, are we inadvertently giving individuals too much inherited power by recognizing them in context and connotation?

Comments  (2)


Terminal Services Attack Reductions Redux

September 10, 2012 Added by:Brent Huston

Our testing of the “rdp-sec-check” tool showed it to be quite useful in determining the configuration of exposed Terminal Services and in hardening them. Keep in mind, it is likely useful to harden the Terminal Services implementations internally to critical systems as well...

Comments  (1)


Hackers Grabbed Twelve Million Apple IDs from FBI

September 05, 2012 Added by:Dan Dieterle

Is the information legit? If so, why would an FBI agent have a list of twelve million Apple ID’s which in some cases can be used to access information just as a password would? And how did the hacker group exploit this particular agent’s laptop and recover information from it?

Comments  (0)


The Inevitability of a Data Breach

September 05, 2012 Added by:Rafal Los

Only after many years of beating the drum that non-security professionals are waking up to the fact that security cannot be an after-thought in development. It'll take another five years before business executives are comfortable with the notion that they will be breached...

Comments  (0)


Real World Information Security

September 05, 2012 Added by:Tripwire Inc

Alex uncovered a poorly designed web page and convinced it to give up its secrets. What followed was a quick RDP war trying to plant our backdoor. I found myself with root level access having blasted away at it using Metasploit and uncovered several Easter eggs instructors had planted...

Comments  (0)


Is Packet Capture Critical? Heck Yes...

September 04, 2012 Added by:Richard Stiennon

Beaconing detection is a feature in the fastest growing security solutions in the market. I am tracking most of these vendors at 100% annual growth rates, a sure sign of a trend. Intelligent packet capture is a must-have technology in every cyber defense armament...

Comments  (1)


Banks Should Promote EMV

September 04, 2012 Added by:Robert Siciliano

“EMV transactions require an authentic card validated either online by the issuer using a dynamic cryptogram or offline with the terminal... EMV transactions also create unique transaction data, so that any captured data cannot be used to execute new transactions...”

Comments  (0)


Anonymous: A Hot Autumn is Coming...

September 04, 2012 Added by:Pierluigi Paganini

We can continue to the bitter end, but the lesson we must learn is that Anonymous has now become a part of our daily life, an element with which every security expert will have to face sooner or later. Continuing to ignore the phenomenon of hacktivism is very dangerous...

Comments  (0)


Infosec Recruiters Examine Security Career Trends

August 30, 2012 Added by:InfoSec Institute

"Penetration testers, the guys that come onto the sites—they’re highly in demand... In terms of technology, I think these guys see security in a different light than other people. They sort of can see it as a whole picture. Penetration testers are looking at it in a completely different light...."

Comments  (3)


Who's Responsible for the Saudi Aramco Network Attack?

August 28, 2012 Added by:Jeffrey Carr

Iran is at the center of every significant aspect of this attack. It is the only nation with access to the original Wiper virus from which Shamoon was copied. Perhaps Iran has learned something from Russia about the strategy of misdirection via the government's recruitment of patriotic hackers...

Comments  (4)


Throwing Stones in Glass Houses: Views on the Security Industry

August 26, 2012 Added by:Rafal Los

The Information Security industry is rife with negativity. Why are we so quick to pile on to others' pain? Isn the security community just more cynical by nature, is it psychological? Are we wired this way? As an industry, our goal is to create more resilient, more secure' and more defensible postures for everyone...

Comments  (1)

Page « < 1 - 2 - 3 - 4 - 5 > »