ISC StormCast for Monday, October 31st 2011 http://isc.sans.edu/podcastdetail.html?id=2098, (Mon, Oct 31st)
Updated: 2011-10-31 02:23:47
...(more)...
Mac Malware, DoS Tools, Cyber-War Lead Week's Security News
Updated: 2011-10-31 01:17:52
The past week's leading IT security news included more Mac malware, denial-of-service attack tools, and more details about various cyber-attacks around the world. -
Mac malware dominated the news this week, as security researchers uncovered a new Trojan capable of hijacking Mac OS X systems and launching denial-of-service attacks on another server, downloading additional malware on the infected system and providing attackers with remote access on to the comp...Cyber-Attackers Already Targeting Critical Infrastructure: DHS
Updated: 2011-10-30 17:01:53Cyber-attacker are already targeting the country's financial services, transportation and other critical infrastructure and have come close to crashing portions of them. - Cyber-attacks have already come close several times to
shutting down parts of the country's critical infrastructure, according to the U.S.
Department of Homeland Security Secretary.
The number of cyber-attacks on financial systems,
transportation and other networks is growing, Secretary Janet Na...Open tabs 10/30/11
Updated: 2011-10-30 14:12:32It was a good week. I took off Monday for Miami and the Hacker Halted conference where I caught up with a number of friends and enjoyed some good talks. George Kurtz from McAffee was very educational, first because of his subject matter, “Have we lost the war on Security”, but also because he’s a [...]The Sub Critical Control? Evidence Collection, (Sat, Oct 29th)
Updated: 2011-10-29 23:19:49In CC 18 we discussed incident handling that encompasses planning for and implementing Incident R ...(more)...Facebook Adds Security Tools to Protect User Accounts From Hacker Takeovers
Updated: 2011-10-28 21:35:44Two new security features, App Passwords and Trusted Friends are designed to help Facebook users regain control over their accounts even if they are compromised and protect themselves from malicious third-party apps - Facebook is testing out two new security features to help
users protect their accounts from being compromised by malicious third-party
apps or hackers.
In an Oct. 26 blog post, the social networking giant
unveiled the quot;trusted friends quot; feature to help users regain control
of their acc...Critical Control 20: Security Skills Assessment and Training to fill Gaps, (Fri, Oct 28th)
Updated: 2011-10-28 18:37:45There's two parts to this control - one focuses on users, the other on security and IT staff. Keepi ...(more)...Open tabs 10/28/11
Updated: 2011-10-28 16:25:24I spent the week at the Hacker Halted conference in Miami and had a great time. Except for the part where my iPad gave me an error message stating it needed to be restored from back up and commenced a reboot cycle. Which lasted until Wednesday afternoon. Nothing like being at a security convention and [...]Chinese Military Hackers Blamed for Attacking Two U.S. Satellites
Updated: 2011-10-28 05:52:28A draft report from the U.S. China Economic and Security Review Commission said attackers had interfered with two U.S. satellites. The report strongly hinted there was a China connection. - Cyber-attackers interfered
with two U.S. government satellites several times over a two-year period,
according to an upcoming report from a congressional commission.
The intrusions on the
satellite occurred four times in 2007 and 2008, according to a draft of a
report from the U.S.-China Econom...ISC StormCast for Friday, October 28th 2011 http://isc.sans.edu/podcastdetail.html?id=2095, (Fri, Oct 28th)
Updated: 2011-10-28 03:35:50...(more)...Critical Control 19: Data Recovery Capability, (Fri, Oct 28th)
Updated: 2011-10-28 02:08:31Incident responders may not always keep the business continuity planning (BCP) or management ( ...(more)...Software Update Potpourri, (Thu, Oct 27th)
Updated: 2011-10-28 00:27:18A couple of updates were released recently that are worth calling to your attention. Qu ...(more)...Spammers Using Own URL-Shortening Services for Pharmacy Spam
Updated: 2011-10-27 21:15:54Symantec uncovered a spam gang that launched its own URL-shortening Websites to generate links to pharmaceutical spam sites instead of relying on popular services. - Spammers have found a way to
circumvent security measures at URL-shortening Websites that detect and remove
malicious links. They are creating their own services on the .info domain,
Symantec researchers found.
Symantec has identified more
than 80 sites set up by spammers to shorten Website ad...Juniper Offers OpenFlow Source Code To Developers
Updated: 2011-10-27 16:00:00Network Computing www.networkcomputing.com RSS Newsletters Current Issue Issue Archives Slideshows Whitepapers About Us Home News and Analysis Pro Reports Tech Centers Deduplication End to End APM Next Gen Network Private Cloud IPv6 WAN Security Channels Backup Recovery Cloud Computing Cloud Storage Data Center Data Protection Networking Mgmt Servers Storage Storage Mgmt UC VoIP Virtualization WAN App Acceleration Wireless Bloggers Lee H . Badman Frank Berry Jeff Doyle Stephen Foskett Mike Fratto David Hill Jeremy Littlejohn Howard Marks Joe Onisick Jim Rapoza Tom Trainer Upcoming Events Interop New York Oct 3-7 Register now to attend Interop New York , the IT industry's most comprehensive conference and expo . Learn about important innovations that help get business done while cuttingCritical Control 18: Incident Response Capabilities, (Thu, Oct 27th)
Updated: 2011-10-27 12:30:13Some time ago I was brought in to help an organization create their Incident Response Team. Work ...(more)...Converting Packets to Syslog
Updated: 2011-10-27 12:00:00Tenable Nessus - Voted WindowSecurity.com Readers' Choice Award Winner - Security Scanner Software
Updated: 2011-10-27 07:49:42Tenable Nessus was selected the winner in the Security Scanner Software category of the WindowSecurity.com Readers' Choice Awards. GFI LANguard and Retina Unified Vulnerability Management were runner-up and second runner-up respectively.
Tsunami Trojan Hijacks Mac OS X to Launch DDoS Attacks, Remote Access
Updated: 2011-10-27 05:43:09Formerly a Linux backdoor, the Tsunami Trojan targets Macs to launch denial-of-service attacks. Attackers can download additional malware and remotely access infected Macs. - Malware authors have ported
a Trojan originally written for Linux systems to hijack Mac OS X systems,
security researchers found. Once compromised, the Macs could be used to launch
denial-of-service attacks.
The Tsunami Trojan works by
latching onto a host. Tsunami appears to be derived from K...ISC StormCast for Thursday, October 27th 2011 http://isc.sans.edu/podcastdetail.html?id=2092, (Thu, Oct 27th)
Updated: 2011-10-27 03:51:36...(more)...Symantec's Q2 Results Boosted by Cyber-Attack Fears, Demand for Data
Updated: 2011-10-27 03:14:27Symantec posted strong fiscal second-quarter results based on continuing demand for security and storage products despite weak PC demand and an uncertain economy. - Fear
of cyber-threats and ongoing demand for digital information boosted Symantec's
second-quarter performance as enterprises and consumers continued to buy its
security and backup products, the company said.
The
company reported fiscal second-quarter revenue of $1.68 billion, a 14 percent
in...New Mac Trojan Proves There's No Such Thing as a Malware-Proof Platform
Updated: 2011-10-27 02:21:27News Analysis: Hackers have rewritten old Linux code to create a Trojan called Tsunami that attacks Apple Mac OS X computers. It's time to accept the fact that any operating system can be attacked by malware. - We've
been hearing the stories for years about how Apple's Macintosh is immune to
malware. For years I've heard the smug claims from Mac owners about how it's
too bad that Windows users have to load their computers with antivirus software
to be safe, but Mac owners don't. For years I've known it...Mitsubishi Heavy Admits 'Possibility' Cyber-Attackers Stole Sensitive Data
Updated: 2011-10-26 18:04:54A month after Mitsubishi Heavy Industries said there was "no possibility" that data was stolen after cyber-attackers infected 83 servers, the company now reports it's "possible." - Mitsubishi
Heavy Industries, Japan's largest defense contractor, said it is possible that
attackers who had breached its networks and infected several machines with
malware had also stolen some sensitive information.
While
it fell short of an outright admission, the company's statement was a s...U.S. Energy Department Networks' Weak Security Invite Cyber-Attacks: Audit
Updated: 2011-10-26 15:32:09According to an inspector general report, the U.S. Department of Energy continues to have serious network security issues for the second year in a row and is regularly hit by cyber-attackers. - The Department of Energy has
been hit by multiple cyber-attacks in the past year, costing the federal
government over $2 million to recover, according to a recent audit report.
An annual review of the
Department of Energy's unclassified networks revealed a number of security
issues, including ...The Theoretical "SSL Renegotiation" Issue gets a Whole Lot More Real !, (Wed, Oct 26th)
Updated: 2011-10-26 15:02:09For years, we have been taught (warned?) that establishing an SSL session consumes much more in the ...(more)...Google Doles Out Over $26K for Chrome 15 Security Flaws
Updated: 2011-10-26 13:20:04Google Oct. 25 paid out over $26,000 to security researchers who found 18 flaws in Chrome 15, including several high-risk issues. Chrome 15 includes a new New Tab page, too. -
Google (NASDAQ:GOOG) launched its latest Chrome 15
browser to the stable channel and shelled out $26,511 for 18 security flaw
discoveries,
shattering the previous payout record of $17,000 set in August.
Some $12,174 of that total was paid to Sergey
Glazunov for finding five high-risk, cross...The Unpatchables
Updated: 2011-10-26 12:58:29: Careers News Events Contact Support About Tenable Enter search text Solutions Solutions Overview Compliance Vulnerability Scanning Vulnerability Management Configuration Auditing Log Management SIEM Products Products Overview Nessus Scanner Nessus ProfessionalFeed SecurityCenter Log Correlation Engine Passive Vulnerability Scanner Services Services Overview Nessus Perimeter Service QuickStart Services Training Certification Training Certification Overview Become Certified Courses Delivery Methods Training Schedule eLearning Portal Expert Resources Expert Resources Overview Whitepapers Webinars Videos Discussion Forum Tenable Blog Partners Partners Overview Become a Partner Strategic Partners Enterprise Channel Partners Subscription Channel Partners Professional Services Partners StoreCritical Control 17:Penetration Tests and Red Team Exercises, (Wed, Oct 26th)
Updated: 2011-10-26 11:40:52Another diary compliments of Handler in training Russ McRee: Penetration testers an ...(more)...Managing Active Directory with Forefront Identity Manager (FIM) 2010
Updated: 2011-10-26 05:00:02
In this article, the author walks you through some of the features and capabilities of Forefront Identity Manager (FIM) to help you decide if it's the right platform for your company.Hackers Release DoS Attack Tool Targeting SSL Servers
Updated: 2011-10-25 21:19:45A hacker group has released a proof-of-concept tool that exploits how encryption keys can be renegotiated to launch a distributed denial of service attack against Secure Sockets Layer servers. -
A tool designed to launch denial of service attacks can bring down
Secure Sockets Layer servers using just a laptop computer and a
standard DSL connection.
Developed by a German group called The Hacker's Choice,
THC-SSL-DOS tool is intended to be a proof-of-concept to disclose
quot;fishy s...Dealing with "Untouchable" Systems
Updated: 2011-10-25 13:00:00: Careers News Events Contact Support About Tenable Enter search text Solutions Solutions Overview Compliance Vulnerability Scanning Vulnerability Management Configuration Auditing Log Management SIEM Products Products Overview Nessus Scanner Nessus ProfessionalFeed SecurityCenter Log Correlation Engine Passive Vulnerability Scanner Services Services Overview Nessus Perimeter Service QuickStart Services Training Certification Training Certification Overview Become Certified Courses Delivery Methods Training Schedule eLearning Portal Expert Resources Expert Resources Overview Whitepapers Webinars Videos Discussion Forum Tenable Blog Partners Partners Overview Become a Partner Strategic Partners Enterprise Channel Partners Subscription Channel Partners Professional Services Partners StoreBusinesses Suffer From False Sense of Cyber-Security: Symantec Report
Updated: 2011-10-25 12:22:15A majority of businesses do not have Internet usage policies that clarify which Websites and services employees can use. - The majority of small business owners believe Internet security is
critical to their success and that their companies are safe from
ever-increasing cyber-security threats even as many fail to take
fundamental precautions, according to a survey of U.S. small businesses
sponsored by Symantec and t...Researchers Crack XML Encryption Mechanism, Propose New Standard
Updated: 2011-10-25 04:00:51A flaw in XML Encryption leaves major Web services vulnerable to potential attack unless Apache, Red Hat, IBM, Microsoft and other major XML framework providers adopt a new standard. - Security
researchers have cracked the major XML framework used to encrypt data in major
Web applications.
Two
researchers from Germany's Ruhr-University demonstrated a practical attack
against XML's cipher block chaining module at the ACM Conference on Computer
and Communications Security in ...FBI Wishes for a Network Security Utopia That Can Never Exist
Updated: 2011-10-25 02:13:27News Analysis: While it's true that a totally secure alternate Internet will protect against hackers and terrorists, by the time it's expanded to cover everybody it won't be secure for anybody. - When
Shawn Henry, FBI executive assistant director, suggested during a
conference in Baltimore that a second, secure Internet be created to protect
critical infrastructure against increasingly sophisticated attacks, he made a
good point. A separate secure network could help reduce serious attack...Cyber Security Awareness for Small Businesses
Updated: 2011-10-24 18:32:01, . Blog About In the News Press Releases Careers Support Technical Support Customer Service User Guides Knowledge Base Training How To Buy Find a Partner Partners Section 179 Deduction Why eSoft Distributed Intelligence Architecture SoftPak Director Whitepapers Blog Test a Site ThreatMonitor eSoft Videos Solutions Small Business Solutions Education Solutions Financial Solutions Health Care Solutions Website Blocking Web Security Email Security Spam Blocking Web Protection Products Services Instagate ThreatWall Software Add-Ons Support Options Demo Virtual UTM Appliances eSoft Sales Promotions Monthly Security Service Home Categories adware attacks blackhat seo compromised sites cyber crime email security exploits firewall fraud internet security malware mobile devices network securityBleeding Life [Buffer Overflow Exploit Pack]
Updated: 2011-10-24 07:11:00This site requires . JavaScript You can still visit a non-dynamic version of this . blogAutomatic Flushing in RawCap
Updated: 2011-10-23 17:24:00The “-f” switch can now be used to force RawCap to immediately flush sniffed packets to disk. I've received multiple emails from RawCap users who run into problems when they want to look at a pcap file from RawCap without terminating the program. What usually happens in this case is that the output[...]Open Tabs 10/23/11
Updated: 2011-10-23 17:07:32Yesterday was a very productive day, and I’m more than a bit proud of myself. I’ve working from home for more than a few years now and I’ve gotten progressively bigger and bigger and in worse and worse shape. I’ve been in worse shape than I am right now, but it’s been a downward trend [...]List Of Javascript Obfuscate Tools
Updated: 2011-10-23 04:51:00This site requires . JavaScript You can still visit a non-dynamic version of this . blogOpen Tabs 10/22/11
Updated: 2011-10-22 13:51:12The problem with having a body clock that thinks it’s on the East Coast even when it’s not is that I’m up early no matter what day of the week it is. I’d like to sleep in, but once thoughts of CDN’s and presentations start dancing in my head, it’s time to get up. Which [...]OSSAMS Alpha – Security Testing Automation and Reporting
Updated: 2011-10-22 07:29:00This site requires . JavaScript You can still visit a non-dynamic version of this . blogHowto: Deobfuscating malicious code.
Updated: 2011-10-22 01:57:00This site requires . JavaScript You can still visit a non-dynamic version of this . blogiPad 2 iOS 5 Lock Screen Bypass Vulnerability
Updated: 2011-10-21 18:25:00This site requires . JavaScript You can still visit a non-dynamic version of this . blogCisco Fellow On Possible Threat To Cisco Of OpenFlow: ‘Folks Get This’
Updated: 2011-10-21 14:19:00: Network Computing www.networkcomputing.com RSS Newsletters Current Issue Issue Archives Slideshows Whitepapers About Us Home News and Analysis Pro Reports Tech Centers Deduplication End to End APM Next Gen Network Private Cloud IPv6 WAN Security Channels Backup Recovery Cloud Computing Cloud Storage Data Center Data Protection Networking Mgmt Servers Storage Storage Mgmt UC VoIP Virtualization WAN App Acceleration Wireless Bloggers Lee H . Badman Frank Berry Jeff Doyle Stephen Foskett Mike Fratto David Hill Howard Marks Joe Onisick Jim Rapoza Tom Trainer Upcoming Events Interop New York Oct 3-7 Register now to attend Interop New York , the IT industry's most comprehensive conference and expo . Learn about important innovations that help get business done while cutting costs andFour Tenable Experts on the Schedule at RSA 2012
Updated: 2011-10-21 14:00:50Howto: Create And Control ZEUS Bot.
Updated: 2011-10-20 21:38:00This site requires . JavaScript You can still visit a non-dynamic version of this . blog“PCI Compliance in a box” Really? #RAGE
Updated: 2011-10-20 21:14:52I knew it had to happen eventually, but that doesn’t lessen my desire to strangle the marketing person responsible for what was probably just a reprinted press release! Or maybe the reporter who came up with the title of the article should be the one throttled. In either case, I can’t let an article that [...]Another First to Market by eEye: Vulnerability Management for Virtual Apps
Updated: 2011-10-20 15:25:19
More and more organizations are implementing virtualized solutions to reduce cost and gain strategic flexibility. As such, eEye continues to enhance Retina’s virtualized scanning capabilities to provide insight over the risks these assets raise for the business. It’s always been such that Retina can scan hypervisors (VMware, Microsoft, and XEN based) and virtualized machines. In [...]Tenable Network Security Named Fastest-Growing Enterprise Network Security Provider in North America on Deloitte’s 2011 Technology Fast 500™
Updated: 2011-10-20 14:07:13Open Tabs 10/20/11
Updated: 2011-10-20 13:41:05The last couple months seem to have flown by. It seems like just yesterday I was complaining about September being gone before I knew it and now it’s almost Halloween. I’m pretty certain no one’s stealing my time, but some days I wonder. In any case there’s stuff to do and places to go today, [...]Kippo The SSH Honeypot
Updated: 2011-10-20 04:49:00This site requires . JavaScript You can still visit a non-dynamic version of this . blogCyber Security Awareness - Cyber Crime
Updated: 2011-10-19 14:25:20, . Blog About In the News Press Releases Careers Support Technical Support Customer Service User Guides Knowledge Base Training How To Buy Find a Partner Partners Why eSoft Distributed Intelligence Architecture SoftPak Director Whitepapers Blog Test a Site ThreatMonitor eSoft Videos Solutions Small Business Solutions Education Solutions Financial Solutions Health Care Solutions Website Blocking Web Security Email Security Spam Blocking Web Protection Products Services Instagate ThreatWall Software Add-Ons Support Options Demo Virtual UTM Appliances eSoft Sales Promotions Monthly Security Service Home Categories adware attacks blackhat seo compromised sites cyber crime email security exploits firewall fraud internet security malware mobile devices network security password security pharmaMicrosoft Private Cloud - Overview of Hypervisor Security
Updated: 2011-10-19 07:00:09Tenable Announces Nessus Auditor Bundles
Updated: 2011-10-18 17:58:32: Careers News Events Contact Support About Tenable Enter search text Solutions Solutions Overview Compliance Vulnerability Scanning Vulnerability Management Configuration Auditing Log Management SIEM Products Products Overview Nessus Scanner Nessus ProfessionalFeed SecurityCenter Log Correlation Engine Passive Vulnerability Scanner Services Services Overview Nessus Perimeter Service QuickStart Services Training Certification Training Certification Overview Become Certified Courses Delivery Methods Training Schedule eLearning Portal Expert Resources Expert Resources Overview Whitepapers Webinars Videos Discussion Forum Tenable Blog Partners Partners Overview Become a Partner Strategic Partners Enterprise Channel Partners Subscription Channel Partners Professional Services Partners Store
Open tabs 10/18/11
Updated: 2011-10-18 17:33:56I used to post some of my reading material at least daily, but got out of the habit because I was using the posts to fuel the podcast. But since I’ve been bad at posting anything at all lately, I’ve decided that I should post at least every few days the articles I’m reading to [...]IPv6: Unstoppable Force Meets Immovable Object
Updated: 2011-10-18 01:00:00: Network Computing www.networkcomputing.com RSS Newsletters Current Issue Issue Archives Slideshows Whitepapers About Us Home News and Analysis Pro Reports Tech Centers Deduplication End to End APM Next Gen Network Private Cloud IPv6 WAN Security Channels Backup Recovery Cloud Computing Cloud Storage Data Center Data Protection Networking Mgmt Servers Storage Storage Mgmt UC VoIP Virtualization WAN App Acceleration Wireless Bloggers Lee H . Badman Frank Berry Jeff Doyle Stephen Foskett Mike Fratto David Hill Howard Marks Joe Onisick Jim Rapoza Tom Trainer Upcoming Events Interop New York Oct 3-7 Register now to attend Interop New York , the IT industry's most comprehensive conference and expo . Learn about important innovations that help get business done while cutting costs andIBM’s Tivoli Tries To Change With The Times
Updated: 2011-10-18 00:24:00Network Computing www.networkcomputing.com RSS Newsletters Current Issue Issue Archives Slideshows Whitepapers About Us Home News and Analysis Pro Reports Tech Centers Deduplication End to End APM Next Gen Network Private Cloud IPv6 WAN Security Channels Backup Recovery Cloud Computing Cloud Storage Data Center Data Protection Networking Mgmt Servers Storage Storage Mgmt UC VoIP Virtualization WAN App Acceleration Wireless Bloggers Lee H . Badman Frank Berry Jeff Doyle Stephen Foskett Mike Fratto David Hill Howard Marks Joe Onisick Jim Rapoza Tom Trainer Upcoming Events Interop New York Oct 3-7 Register now to attend Interop New York , the IT industry's most comprehensive conference and expo . Learn about important innovations that help get business done while cutting costs and increasingSPAM: Google History?
Updated: 2011-10-16 14:38:00This site requires . JavaScript You can still visit a non-dynamic version of this . blogInfoblox Aims To Ease Growing IP Address Management Headaches
Updated: 2011-10-14 17:34:00Network Computing www.networkcomputing.com RSS Newsletters Current Issue Issue Archives Slideshows Whitepapers About Us Home News and Analysis Pro Reports Tech Centers Deduplication End to End APM Next Gen Network Private Cloud IPv6 WAN Security Channels Backup Recovery Cloud Computing Cloud Storage Data Center Data Protection Networking Mgmt Servers Storage Storage Mgmt UC VoIP Virtualization WAN App Acceleration Wireless Bloggers Lee H . Badman Frank Berry Jeff Doyle Stephen Foskett Mike Fratto David Hill Howard Marks Joe Onisick Jim Rapoza Tom Trainer Upcoming Events Interop New York Oct 3-7 Register now to attend Interop New York , the IT industry's most comprehensive conference and expo . Learn about important innovations that help get business done while cutting costs and increasingCreate Backdoor With Evading Antivirus
Updated: 2011-10-14 14:13:00This site requires . JavaScript You can still visit a non-dynamic version of this . blogFretting Over 802.11ac
Updated: 2011-10-14 01:40:00Network Computing www.networkcomputing.com RSS Newsletters Current Issue Issue Archives Slideshows Whitepapers About Us Lee H . Badman Bio Contact Archive Lee H . Badman Network Computing Blogger Home News and Analysis Pro Reports Tech Centers Deduplication End to End APM Next Gen Network Private Cloud IPv6 WAN Security Channels Backup Recovery Cloud Computing Cloud Storage Data Center Data Protection Networking Mgmt Servers Storage Storage Mgmt UC VoIP Virtualization WAN App Acceleration Wireless Bloggers Lee H . Badman Frank Berry Jeff Doyle Stephen Foskett Mike Fratto David Hill Howard Marks Joe Onisick Jim Rapoza Tom Trainer Upcoming Events Interop New York Oct 3-7 Register now to attend Interop New York , the IT industry's most comprehensive conference and expo . Learn about importantRunning NetworkMiner on Linux with Wine
Updated: 2011-10-13 17:51:00Joshua Smith has written a great blog post on toastresearch.com about how to get NetworkMiner running on BackTrack Linux. C. S. Lee (a.k.a. geek00l) has also written a blog post a couple of years ago explaining how to install NetworkMiner on Ubuntu Linux. Unfortunately both these blog posts point t[...]Wire Transfer Phishing Threat
Updated: 2011-10-13 16:41:13This morning I almost fell victim to a new phishing “lure” that is based on a wire transfer notification email (see below). The email was sent to a “generic” distribution list that forwards a copy to me. What made me particularly susceptible to this was partially due to: 1. We rarely do wire transfers 2. Coincidentally (I think) we had a wire transfer recently that was close to the date mentioned in the email.Cisco VDI Blitz Includes Tighter Citrix Relationship
Updated: 2011-10-13 01:11:00Network Computing www.networkcomputing.com RSS Newsletters Current Issue Issue Archives Slideshows Whitepapers About Us Home News and Analysis Pro Reports Tech Centers Deduplication End to End APM Next Gen Network Private Cloud IPv6 WAN Security Channels Backup Recovery Cloud Computing Cloud Storage Data Center Data Protection Networking Mgmt Servers Storage Storage Mgmt UC VoIP Virtualization WAN App Acceleration Wireless Bloggers Lee H . Badman Frank Berry Jeff Doyle Stephen Foskett Mike Fratto David Hill Howard Marks Joe Onisick Jim Rapoza Tom Trainer Upcoming Events Interop New York Oct 3-7 Register now to attend Interop New York , the IT industry's most comprehensive conference and expo . Learn about important innovations that help get business done while cutting costs and increasingCisco Challenges HP Claim That Its Networking Equipment Is Cheapest
Updated: 2011-10-12 16:56:00Network Computing www.networkcomputing.com RSS Newsletters Current Issue Issue Archives Slideshows Whitepapers About Us Home News and Analysis Pro Reports Tech Centers Deduplication End to End APM Next Gen Network Private Cloud IPv6 WAN Security Channels Backup Recovery Cloud Computing Cloud Storage Data Center Data Protection Networking Mgmt Servers Storage Storage Mgmt UC VoIP Virtualization WAN App Acceleration Wireless Bloggers Lee H . Badman Frank Berry Jeff Doyle Stephen Foskett Mike Fratto David Hill Howard Marks Joe Onisick Jim Rapoza Tom Trainer Upcoming Events Interop New York Oct 3-7 Register now to attend Interop New York , the IT industry's most comprehensive conference and expo . Learn about important innovations that help get business done while cutting costs and increasingMicrosoft Patch Tuesday Roundup - October 2011
Updated: 2011-10-12 14:51:01: Careers News Events Contact Support About Tenable Enter search text Solutions Solutions Overview Compliance Vulnerability Scanning Vulnerability Management Configuration Auditing Log Management SIEM Products Products Overview Nessus Scanner Nessus ProfessionalFeed SecurityCenter Log Correlation Engine Passive Vulnerability Scanner Services Services Overview Nessus Perimeter Service QuickStart Services Training Certification Training Certification Overview Become Certified Courses Delivery Methods Training Schedule eLearning Portal Expert Resources Expert Resources Overview Whitepapers Webinars Videos Discussion Forum Tenable Blog Partners Partners Overview Become a Partner Strategic Partners Enterprise Channel Partners Subscription Channel Partners Professional Services Partners StoreUsing the Microsoft Diagnostics and Recovery Toolset (DaRT) for Incident Response
Updated: 2011-10-12 06:59:59Microsoft Patch Tuesday – October 2011
Updated: 2011-10-12 03:51:27Welcome to another exciting episode of Patch Tuesday, where Microsoft has released a total of 8 bulletins concerning 23 CVEs. 2 bulletins are rated as critical, mostly covering issues within Internet Explorer, while the rest are not as riveting. The bulletins this month cover a few memory issues within IE that could possibly allow an [...]Cyber Security Awareness - Workforce Education
Updated: 2011-10-11 18:25:30This weeks’ subject for National Cyber Security Awareness Month is workforce education. Awareness is one of the largest issues facing cyber security today. Many users simply don’t know what dangers they face online. Most security threats involve some sort of human element, making it very important to educate users about the risks and how to spot these attacks.Top Ten Things You Didn't Know About Nessus - #8 Nessus Performs Web Application Scanning
Updated: 2011-10-11 04:37:52WebCookiesSniffer - New cookies sniffer/viewer utility
Updated: 2011-10-10 16:41:00This site requires . JavaScript You can still visit a non-dynamic version of this . blogMSFConsole Prompt Fiddling
Updated: 2011-10-10 15:47:00This site requires . JavaScript You can still visit a non-dynamic version of this . blogWeevely create and manage PHP trojan designed to be hardly detectable
Updated: 2011-10-10 15:25:00This site requires . JavaScript You can still visit a non-dynamic version of this . blogGateway-finder [ Scapy Script find Gateway IP in the LAN]
Updated: 2011-10-10 15:19:00This site requires . JavaScript You can still visit a non-dynamic version of this . blogSkype VoIP Calls Pushing Scareware
Updated: 2011-10-05 21:53:19Today, eSoft is alerting Skype users to a new scam pushing Fake Anti-Virus malware. The scam uses a VoIP call initiated to the Skype user. Users that answer the call hear a pre-recorded message indicating their “security service” is not active. To activate the user is urged to visit a website which leads to the fake anti-virus. Throughout the day, eSoft has received reports from several users receiving these messages. If a user does visit the website, they receive the typical security warnings and infection notices associated with Scareware and Fake Anti-Virus.Tenable Network Security Selected for DoD Assured Compliance Assessment Solution (ACAS) Pilot
Updated: 2011-10-05 18:09:46Hunt Down and Kill Malware with Sysinternals Tools (Part 3)
Updated: 2011-10-05 07:00:25
This third and last installment in the series will cover how to use Process Monitor for detecting changes to the registry and file system that may be made by malware. Cracking MD5/SHA1 Hash In The Cloud
Updated: 2011-10-04 04:10:00This site requires . JavaScript You can still visit a non-dynamic version of this . blogIdentifying suspects through browser language
Updated: 2011-10-03 22:54:00A new feature in version 1.1 of NetworkMiner aids the task of identifying a suspect user by extracting information about browser language and screen resolution sent to Google Analytics. Google Analytics is the most popular website statistics service and is used by roughly half of all websites on th[...]Howto: Install Aircrack-ng In Backtrack 5 On Samsung Galaxy Tab 10.1[P7500]
Updated: 2011-10-03 18:36:00This site requires . JavaScript You can still visit a non-dynamic version of this . blogStop. Think. Connect.
Updated: 2011-10-03 17:17:00STOP. THINK. CONNECT. This simple process can be a lifesaver when it comes to online security. The message is all about taking the time to think and stay secure when engaging in online activities. By taking an extra moment to look for warning signs, spot potential problems and avoid risks users can be much more secure on the Web.