Add Backtrack Tools Into Ubuntu11.04
Updated: 2011-09-30 01:16:00
Qlogic Fabric Freedom Equals More Convergence
Updated: 2011-09-30 01:11:00Network Computing www.networkcomputing.com RSS Newsletters Current Issue Issue Archives Slideshows Whitepapers About Us Howard Marks Bio Contact Archive Howard Marks Network Computing Blogger Home News and Analysis Pro Reports Tech Centers Deduplication End to End APM Next Gen Network Private Cloud IPv6 WAN Security Channels Backup Recovery Cloud Computing Cloud Storage Data Center Data Protection Networking Mgmt Servers Storage Storage Mgmt UC VoIP Virtualization WAN App Acceleration Wireless Bloggers Lee H . Badman Frank Berry Jeff Doyle Stephen Foskett Mike Fratto David Hill Howard Marks Joe Onisick Jim Rapoza Tom Trainer Upcoming Events Interop New York Oct 3-7 Register now to attend Interop New York , the IT industry's most comprehensive conference and expo . Learn about importantCloudFlare Rolls Out Free IPv6-to-IPv4 Translation Service
Updated: 2011-09-30 01:01:00Network Computing www.networkcomputing.com RSS Newsletters Current Issue Issue Archives Slideshows Whitepapers About Us Home News and Analysis Pro Reports Tech Centers Deduplication End to End APM Next Gen Network Private Cloud IPv6 WAN Security Channels Backup Recovery Cloud Computing Cloud Storage Data Center Data Protection Networking Mgmt Servers Storage Storage Mgmt UC VoIP Virtualization WAN App Acceleration Wireless Bloggers Lee H . Badman Frank Berry Jeff Doyle Stephen Foskett Mike Fratto David Hill Howard Marks Joe Onisick Jim Rapoza Tom Trainer Upcoming Events Interop New York Oct 3-7 Register now to attend Interop New York , the IT industry's most comprehensive conference and expo . Learn about important innovations that help get business done while cutting costs and increasingIT Pros Lack Tools to Protect Enterprises From Employee Social Media Use
Updated: 2011-09-29 20:23:57
IT professionals have accepted there are positive benefits to using social media, but they lack the tools necessary to protect enterprises from cyber-threats that enter through social networking sites. - IT professionals consider social media as a positive business tool
within the enterprise, but they were concerned they didn't have the
right technology and policies to deal with the dangers, a recent report
found.
The quot;Global Survey on Social Media Risks quot; from the Ponemon Institu...The SSD dilemma, (Thu, Sep 29th)
Updated: 2011-09-29 17:06:11As early as 15 years ago, when memory sticks and SD cards started to become more and more prevalent, ...(more)...QLogic Sets The Stage For Networking’s Future
Updated: 2011-09-29 16:39:00Network Computing www.networkcomputing.com RSS Newsletters Current Issue Issue Archives Slideshows Whitepapers About Us Home News and Analysis Pro Reports Tech Centers Deduplication End to End APM Next Gen Network Private Cloud IPv6 WAN Security Channels Backup Recovery Cloud Computing Cloud Storage Data Center Data Protection Networking Mgmt Servers Storage Storage Mgmt UC VoIP Virtualization WAN App Acceleration Wireless Bloggers Lee H . Badman Frank Berry Jeff Doyle Stephen Foskett Mike Fratto David Hill Howard Marks Joe Onisick Jim Rapoza Tom Trainer Upcoming Events Interop New York Oct 3-7 Register now to attend Interop New York , the IT industry's most comprehensive conference and expo . Learn about important innovations that help get business done while cutting costs and increasingNessus Plugin Spotlight: SSL Certificates
Updated: 2011-09-29 13:45:04: : Careers News Events Contact Support About Tenable Enter search text Solutions Solutions Overview Compliance Vulnerability Scanning Vulnerability Management Configuration Auditing Log Management SIEM Products Products Overview Nessus Scanner Nessus ProfessionalFeed SecurityCenter Log Correlation Engine Passive Vulnerability Scanner Services Services Overview Nessus Perimeter Service QuickStart Services Training Certification Training Certification Overview Become Certified Courses Delivery Methods Training Schedule eLearning Portal Expert Resources Expert Resources Overview Whitepapers Webinars Videos Discussion Forum Tenable Blog Partners Partners Overview Become a Partner Strategic Partners Enterprise Channel Partners Subscription Channel Partners Professional Services Partners StoreDecoding Mysql Char() to Ascii With Shell Script
Updated: 2011-09-29 11:26:00Microsoft Forefront Threat Management Gateway - Voted WindowSecurity.com Readers' Choice Award Winner - Firewall Software
Updated: 2011-09-29 08:48:09Microsoft Forefront Threat Management Gateway was selected the winner in the Firewall Software category of the WindowSecurity.com Readers' Choice Awards. Symantec Endpoint Protection and VIPRE Antivirus Business were runners-up while Astaro Security Gateway Software Appliance was second runner-up.
I helped write this
Updated: 2011-09-29 05:19:49When I left Verizon Business, I stuck around all of July for one reason and one reason only: I’d been working with the folks at Verizon for several months to collect all the data we could about the Reports on Compliance we had done in 2010. I like my ex-coworkers, but it was really the [...]Most Organizations Slipping Out of PCI Compliance Within a Year: Survey
Updated: 2011-09-28 23:28:50A Verizon Business report found that organizations that have been validated as being PCI-DSS compliant are no longer meeting standards a year later. - Retailers
and merchants are still falling short of payment card security requirements,
according to a new report.
The
latest Payment Card Industry Compliance Report found that a majority of small
businesses in the United States, Europe and Asia have fallen short of
maintaining compliance with ...Cisco Event Response: Semi-Annual Cisco IOS Software Security Advisory Bundled Publication http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep11.html, (Wed, Sep 28th)
Updated: 2011-09-28 19:31:18...(more)...Mozilla Fixed Security Flaws in Latest Firefox, Thunderbird Release
Updated: 2011-09-28 18:11:39Mozilla fixed a handful of critical vulnerabilities in Firefox 7 and Thunderbird 3.15. Users should be sure to download it from the actual Mozilla site and not get scammed. - Mozilla fixed eight known security flaws in the latest
version of the popular Firefox Web browser. Mozilla also fixed a cross-site
scripting bug in Firefox 6, six weeks after its release.
Firefox 7, released Sept. 27, contains fixes for six
quot;critical quot; and two quot;moderate quot; vuln...All Along the ARP Tower!, (Wed, Sep 28th)
Updated: 2011-09-28 17:03:04Address Resolution protocol [1] in IPv4 is a method in which 48 bit ethernet addresses are matche ...(more)...Microsoft Gets Court Order to Shut Down Kelihos Botnet, Names Defendants
Updated: 2011-09-28 16:38:01Microsoft obtained a court order to block the command and control servers held by the Kelihos botnet, also known as Waldedac 2.0 before it could grow and become more disruptive. - Days after wrapping up its civil case against the Rustock
botnet, Microsoft is back in court, this time to shut down the Kelihos network.
Using the same
technique that had worked so well in its previous campaigns against the Rustock
and Waledac, Microsoft asked the United States District Court...Troubleshooting Event Log Entries
Updated: 2011-09-28 03:59:45
In this article the author will review some of the tips, concepts, tools, and overall approaches in determining the root cause of log events.Network Security Podcast, Episode 254
Updated: 2011-09-28 01:03:06We’re back! Not that we actually left, but we’ve all been so tied up in each of our own lives that we’ve let the podcast slip the last month or so. We’re working on a more permanent arrangement and some of the issues that have cropped up lately are getting solved, but we will probably [...]Pentagon Extends Cyber-Defense Pilot, Will Recruit More Companies
Updated: 2011-09-28 00:55:25The Pentagon is considering the pilot program in which it shares classified threat intelligence with the private sector a success and will extend it to November. - The Department of Defense is planning
to extend the cyber-defense pilot program in which it shares classified threat
intelligence with defense contractors and other companies.
The Defense Industrial Base Cyber-Pilot
provides member organizations with classified information about viruses,
malwar...New feature in JUNOS to drop or ignore path attributes., (Tue, Sep 27th)
Updated: 2011-09-27 23:06:10Some readers have been writing in saying they are seeing parts of their network drop peering for &ld ...(more)...Firefox 3.6.23 security update is out and so is version 7 (time to break some add-on), (Tue, Sep 27th)
Updated: 2011-09-27 21:46:31...(more)...Spammers Hijack Email Marketer Accounts to Send Malicious Messages
Updated: 2011-09-27 20:54:52Spammers are finding it more lucrative to compromise email marketing firms and exploit their resources to send out malicious messages. - Attackers are
increasingly targeting email marketing firms and corporate email accounts to
power their spam campaigns, Websense Security researchers reported.
Websense
Security Labs has observed a rise in spam being sent from corporate Webmail
accounts, wrote David Saunders, email threat resear...Senate Committee Approves Data Breach Bills Despite Heavy Opposition
Updated: 2011-09-27 20:29:20While the Senate Judiciary Committee approved three data breach and privacy bills, it's still unclear whether a federal data breach notification law will pass this year. - The Senate Judiciary Committee approved three data security
and privacy bills over strong objections from Republican members last week. The
opposition may complicate efforts to pass comprehensive cyber-security
legislation this year, observers said.
Committee members voted along party lines, 10 ...Sneak Peek: Free Third-Party Application Patching
Updated: 2011-09-27 18:49:42
Third-party client side exploits continue to be a favored attack vector especially in widely deployed tools like Adobe Reader and Internet browsers. Recent studies show that third-party programs are responsible for 69% of the vulnerabilities on a typical endpoint. Unfortunately, for many smaller companies the process of identifying these vulnerabilities and then efficiently patching them [...]ICMP Shell
Updated: 2011-09-27 18:48:00iScanner - Tool to detect and remove malicious codes and web page
Updated: 2011-09-27 18:43:00Java Deobfuscate Trick And Tools
Updated: 2011-09-27 18:29:00BoxTone Adds Automated Compliance Management to MDM Platform
Updated: 2011-09-27 15:46:08BoxTone enhances its mobile device management platform with automated security policy, compliance management capabilities and Active Directory integration. - BoxTone
has added automated compliance management capabilities to its mobile device
management software.
The
Enterprise Mobile Management platform has been updated to include a fully
automated policy and compliance management engine, a real-time mobile security
dashboard, analytics, alerting a...MySQL.com compromised spreading malware, (Mon, Sep 26th)
Updated: 2011-09-26 22:50:32MySQL.com have been compromised and spreading malware ...(more)...Attackers Subvert MySQL.com With BlackHole Exploit Kit to Serve Malware
Updated: 2011-09-26 21:18:05Cyber-criminals injected JavaScript code to divert visitors from MySQL.com to a malicious site hosting BlackHole malware toolkit in a drive-by-download attack. - Unknown attackers compromised the main Website of open-source
database MySQL and served malware to unsuspecting visitors for a short
period of time on Sept. 26.
Attackers injected JavaScript code on MySQL.com, owned by
Oracle, to divert visitors to malicious Websites hosting the BlackHole exploi...U.S. Government Proposal Would Enlist ISPs to Fight Botnets
Updated: 2011-09-26 20:51:26The U.S. departments of Homeland Security and Commerce have issued a request for proposal to develop a program which would have major ISPs detect and notify customers they are part of a bot army. - Homeland Security and Commerce departments are considering a
voluntary program in which Internet service providers will proactively detect
infected computers participating in a botnet.
The Department of Homeland Security, National
Telecommunications and Information Administration and the Nationa...Microsoft's Windows 8 Security Includes UEFI Secure Boot
Updated: 2011-09-26 14:48:54Microsoft's Windows 8 security measures include secure boot. As demonstrated at BUILD, this means compromised systems can refuse to boot. - Microsoft is detailing some of its
security procedures for Windows 8.
Key to Windows 8s platform integrity
architecture is its Unified Extensible Firmware Interface (UEFI), a set of
specifications for how the operating system communicates with platform firmware
during the boot-up process. UE...Facebook Timeline Moves Closer to the 'Creepy Line'
Updated: 2011-09-26 05:33:31Facebook's Timeline user interface is raising eyebrows and heart rates from media and pundits who fear the social network is becoming a little too revealing. - Google's (NASDAQ:GOOG) Executive
Chairman Eric Schmidt took a lot of flak from the media for a comment he made at
an event at the Newseum in Washington, D.C., last October.
Schmidt,
responding to a question about the possibility of Google developing some kind
of neurological implant, replied: ...Howto: Command For Information Gathering Of Windows Post Exploitation
Updated: 2011-09-25 05:30:00Anonymous, SSL Worries, Spear Phishing Lead Week's Security News
Updated: 2011-09-25 05:09:48A recap of the past week's IT security news includes multiple spear phishing attacks, arrests of suspected Anonymous and LulzSec members and concerns about SSL security. - Major Spear phishing attacks continued to make headlines in the past week. Japan's largest defense contractor, Mitsubishi Heavy Industries, disclosed it had discovered more than 80 servers and computers had been infected with several types of malware in its headquarters, manufacturing plants and shi...SSL/TLS (part 3), (Sun, Sep 25th)
Updated: 2011-09-25 03:08:01I was hoping for a more official release of the document, but you will be able to find the docume ...(more)...simple-shellcode-generator.py By Didier Stevens
Updated: 2011-09-24 05:15:00Wave Systems Acquires Safend to Expand Security, Encryption Portfolio
Updated: 2011-09-24 02:02:29Wave Systems acquired Safend, a provider of endpoint data loss prevention, including port and device control, encryption for removable media, content inspection and discovery. - Wave Systems has acquired Israeli company Safend for
approximately $12.8 million to expand its portfolio of security and encryption
products.
The Cupertino Calif-based paid $1.1 million in cash and 5.2
million shares of Wave Systems common stock, valued at $2.214 per share to
close the deal, W...Researchers Claim Attack Tool Can Crack Encrypted Web Traffic
Updated: 2011-09-24 01:59:43SSL is under attack once again, as this time two researchers claim to have come up with an attack tool, dubbed BEAST, that can crack SSL traffic used to secure Websites - Security researchers are set to unveil the attack tool
capable of breaking the encryption algorithm that protects Websites. Hours
before the presentation, cryptography experts provided recommendations on how
to defend Websites from the exploit.
Researchers Thai Duong and Juliano Rizzo are schedu...SSL/TLS Vulnerability Details to be Released Friday (Part 2), (Fri, Sep 23rd)
Updated: 2011-09-24 01:08:29The presentation at ekoparty finished a little while ago. No real details are yet available ...(more)...How to undo send in gmail
Updated: 2011-09-24 00:09:00TLS 1.2 - Look before you Leap !, (Thu, Sep 22nd)
Updated: 2011-09-22 15:53:50There's been a lively discussion on vulnerabilities in TLS v1.0 this week, based on an article poste ...(more)...Metasploit Spoofing Log Messages.
Updated: 2011-09-22 05:17:00Nessus Top Ten - #9 "Nessus Detects Misconfiguration"
Updated: 2011-09-21 18:47:50: Careers News Events Contact Support About Tenable Enter search text Solutions Solutions Overview Compliance Vulnerability Scanning Vulnerability Management Configuration Auditing Log Management SIEM Products Products Overview Nessus Scanner Nessus ProfessionalFeed SecurityCenter Log Correlation Engine Passive Vulnerability Scanner Services Services Overview Nessus Perimeter Service QuickStart Services Training Certification Training Certification Overview Become Certified Courses Delivery Methods Training Schedule eLearning Portal Expert Resources Expert Resources Overview Whitepapers Webinars Videos Discussion Forum Tenable Blog Partners Partners Overview Become a Partner Strategic Partners Enterprise Channel Partners Subscription Channel Partners Professional Services Partners StoreVote for Tenable!
Updated: 2011-09-21 14:47:46Data Leakage Prevention
Updated: 2011-09-21 07:59:32Infocon: green
Updated: 2011-09-20 16:39:49The SSD dilemmaAnue Network Monitoring Switches Handle 40G Networks
Updated: 2011-09-20 16:00:00Network Computing www.networkcomputing.com RSS Newsletters Current Issue Issue Archives Whitepapers About Us Home News and Analysis Pro Reports Tech Centers Deduplication End to End APM Next Gen Network Private Cloud IPv6 WAN Security Channels Backup Recovery Cloud Computing Cloud Storage Data Center Data Protection Networking Mgmt Servers Storage Storage Mgmt UC VoIP Virtualization WAN App Acceleration Wireless Bloggers Lee H . Badman Frank Berry Jeff Doyle Stephen Foskett Mike Fratto David Hill Howard Marks Joe Onisick Jim Rapoza Tom Trainer Upcoming Events Interop New York Oct 3-7 Register now to attend Interop New York , the IT industry's most comprehensive conference and expo . Learn about important innovations that help get business done while cutting costs and increasingAnue Network Monitoring Switches Handle 40G Networks
Updated: 2011-09-20 16:00:00Network Computing www.networkcomputing.com RSS Newsletters Current Issue Issue Archives Slideshows Whitepapers About Us Home News and Analysis Pro Reports Tech Centers Deduplication End to End APM Next Gen Network Private Cloud IPv6 WAN Security Channels Backup Recovery Cloud Computing Cloud Storage Data Center Data Protection Networking Mgmt Servers Storage Storage Mgmt UC VoIP Virtualization WAN App Acceleration Wireless Bloggers Lee H . Badman Frank Berry Jeff Doyle Stephen Foskett Mike Fratto David Hill Howard Marks Joe Onisick Jim Rapoza Tom Trainer Upcoming Events Interop New York Oct 3-7 Register now to attend Interop New York , the IT industry's most comprehensive conference and expo . Learn about important innovations that help get business done while cutting costs and increasingCracking OS X Lion Passwords
Updated: 2011-09-20 04:52:00
DroidSheep. [ Session Hijacking Tool On Android]
Updated: 2011-09-19 05:31:00PoC: Hacking Facebook with HTML5 By @skeptic_fx
Updated: 2011-09-19 03:48:00
Droidsheep : Android Application for Session Hijacking
Updated: 2011-09-17 01:26:00
Automating Scanner Updates
Updated: 2011-09-15 22:56:03Software is written by people and inevitably has mistakes and requires maintenance. This maintenance can be in the form of security updates to patch vulnerabilities, service packs and hot fixes to correct functional problems, and general maintenance to cover required updates for signatures and other time-dependent functions. When working with security solutions, detection methods often [...]NetworkMiner 1.1 Released
Updated: 2011-09-15 18:25:00We are today very proud to release version 1.1 of NetworkMiner! The new releases of NetworkMiner (open source version) and NetworkMiner Professional (commercial version) includes the following features: Extraction of parameters sent to Google Analytics into NetworkMiner's “Host Details”. These para[...]Top Ten Things You Didn't Know About Nessus Video - #9 Nessus Detects Misconfiguration
Updated: 2011-09-15 17:42:51Next up on our Nessus top ten list is #9, which covers how to use Nessus configuration auditing to discover information about your system configurations. The following video presents use cases and examples, from PCI compliance to detecting viruses: Please visit Tenable's YouTube channel for more Nessus and SecurityCenter videos!List of Rogue Certificate That Was Create In Diginotar Incident.
Updated: 2011-09-15 14:36:00IPhone secret codes | iPhone tricks
Updated: 2011-09-15 14:26:00Link For Download Slide And White Paper From DefCon19
Updated: 2011-09-15 14:23:00FileServe, Filesonic and wupload pemium link generator
Updated: 2011-09-15 14:18:00<pThe US Government Wants to Secure Your Data. Well, Sort Of.
Updated: 2011-09-15 01:52:59Earlier today, George Hulme reported on a recently-introduced piece of legislation, the Personal Data Protection and Breach Accountability Act of 2011 (or PDPBAA for short, which sounds like how my last is pronounced sometimes), geared toward protecting customer data from theft or loss. Senator Richard Blumenthal (D-CT) hopes that this new bill will “prevent and [...]Microsoft Patch Tuesday – September 2011
Updated: 2011-09-14 10:27:49Quite unsurprisingly (as they accidentally leaked them last Friday), Microsoft released 5 security bulletins today. This month is fairly moderate, with none of the bulletins rating a critical rating. Included in the bulletins is the second update to WINS this year (MS11-070). As a reminder, if you are running WINS and you can’t really remember [...]Eight Things You Can Do Today to Improve Security on Your Microsoft Network
Updated: 2011-09-14 06:59:52Hoping to affect change at the ISC2
Updated: 2011-09-14 04:08:19It might just be a pipe dream to hope that these folks can make any significant change at the ISC2, but the fact that they’re trying is more than I’ve ever done. Which is why I’m hoping you’ll throw a little support behind the five people Jack Daniel is highlighting who want to run for [...]Microsoft Patch Tuesday Roundup - September 2011
Updated: 2011-09-14 01:06:52: Careers News Events Contact Support About Tenable Enter search text Solutions Solutions Overview Compliance Vulnerability Scanning Vulnerability Management Configuration Auditing Log Management SIEM Products Products Overview Nessus Scanner Nessus ProfessionalFeed SecurityCenter Log Correlation Engine Passive Vulnerability Scanner Services Services Overview Nessus Perimeter Service QuickStart Services Training Certification Training Certification Overview Become Certified Courses Delivery Methods Training Schedule eLearning Portal Expert Resources Expert Resources Overview Whitepapers Webinars Videos Discussion Forum Tenable Blog Partners Partners Overview Become a Partner Strategic Partners Enterprise Channel Partners Subscription Channel Partners Professional Services Partners StoreMultiple Dictionaries or Wordlists Using John the Ripper
Updated: 2011-09-12 17:52:00Common Hazards That Cause Home Fires
Updated: 2011-09-12 14:01:08
Today I have a guest commentary on the changes in security landscape since 2001 in Threatpost. So as I look back over the last 10 years I don’t see much of a change in the vulnerability-scape, if you will, but in the threat landscape. New classes of attackers have gone mainstream and global. They are [...]Post-Exploitation Without A TTY
Updated: 2011-09-12 05:48:00Reverse Shell Cheat Sheet
Updated: 2011-09-11 19:54:00Post Exploitation Command Lists
Updated: 2011-09-11 01:30:00New Worm Spreading via RDP Connections
Updated: 2011-09-08 21:56:59Since its discovery last week the Morto worm has received quite a lot of attention, primarily for becoming the first worm to use Remote Desktop Protocol (RDP) as an attack vector. Remote Desktop Protocol (RDP) is commonly used on Windows Servers and Workstations to allow remote connections and control of a machine. Morto doesn’t exploit any specific vulnerability in RDP, it uses a brute force password attack to gain access to systems and then replicate itself.How To Leverage MS SharePoint for UVM Reports
Updated: 2011-09-08 18:25:29One of the most important facets regarding security is escalating data to the proper individuals in a timely manner. This is generally done using reports or some form of email alerts. In the context of reports, securing and proper distribution of the contents is just as important as the data contained within. In other words, [...]Windows Security Tools
Updated: 2011-09-07 06:59:53
In this article the author discusses the following Microsoft security tools - MBSA, Security templates, SCW and SCM. Stuxnet? Night Drag0n? Nope,You Got Pwned by a Printer.
Updated: 2011-09-07 01:48:11
At the recent BlackHat and DefCon conferences, our annual eEye Research Team T-shirt was one of the more memorable ones we’d done in a while (and if you remember 2005, that’s saying something). In keeping with the theme of Security in Context, the shirt parodied the fear that attacks like Stuxnet, NightDragon and Operation Aurora had [...]Network Security Podcast, Episode 253
Updated: 2011-09-07 00:57:17After a week off due to… life… we’re back Zach had to phone in for this one as he gets settled into his Hipster’s Paradise Pad in NYC (well, Brooklyn). But believe it or not, we manage to find some things to talk about *other* than DigiNotar! (Okay, we do talk about it, but mostly [...]A story I’m only beginning to learn
Updated: 2011-09-05 13:47:17I’ve only been at Akamai a month, but I’ve already started to understand how special a person Daniel Lewin must have been. Maybe not perfect, but definitely special. His loss on September 11, 2001 rocked the company to its core, but it also inspired the people working there to be the best they can be [...]