• New SCADA Plugins for Nessus and Tenable PVS

    Updated: 2012-01-31 13:30:23
    : Careers News Events About Tenable Contact Support Enter search text Solutions Solutions Overview Continuous Monitoring Compliance Vulnerability Scanning Vulnerability Management Configuration Auditing Log Management SIEM SCADA Security Compliance Products Products Overview Nessus Scanner SecurityCenter Log Correlation Engine Passive Vulnerability Scanner Services Services Overview Nessus Perimeter Service QuickStart Services Partners Partners Overview Become a Partner Strategic Partners Enterprise Channel Partners Subscription Channel Partners Professional Services Partners Training Certification Training Certification Overview Become Certified Courses Delivery Methods Training Schedule eLearning Portal Resources Resources Overview Tenable Blog Webinars Whitepapers Video Tutorials

  • Terror Defense Based on Resilience Rather than Avoidance

    Updated: 2012-01-31 10:22:42
    America is wide open and trusting. This shouldn’t change. The idea of stopping terrorist attacks from occurring is simply asinine in this light, as it’s just too easy to walk into a mall and cause havoc. The message to terrorists (also heard by the American people) should not be, We’ll stop people from setting off [...]

  • Easy Wireless Honey-Pots using Win7 and Metasploit

    Updated: 2012-01-31 07:00:00

  • ISC StormCast for Tuesday, January 31st 2012 http://isc.sans.edu/podcastdetail.html?id=2293, (Tue, Jan 31st)

    Updated: 2012-01-31 06:36:22
    ...(more)...

  • Investors Warned of Email Accounts Being Hacked to Illegally Transfer Funds

    Updated: 2012-01-31 05:18:31
    Malicious fraudsters are breaking into email accounts to transfer funds from online brokerage accounts and other forms of stock fraud. - An independent regulator for securities firms has warned investors of a growing number of financially motivated attacks targeting email accounts. Malicious attackers are compromising user email accounts and sending trading instructions, the Financial Industry Regulatory Authority said in an inv...

  • Google Tells Congress It's Changing Privacy Policies, Not Practices

    Updated: 2012-01-31 05:02:40
    Google Jan. 31 responded to senators' concerns that the company was infringing on user privacy with its forthcoming privacy policy changes. - Google (NASDAQ:GOOG) Jan. 31 assured Congress that it is changing its privacy policies to make them easier to manage and improve the company's existing Web services for its users. quot;By folding more than 60 product-specific privacy policies into our main Google one, we're explaining our priv...

  • Android.Counterclank an Aggressive Mobile Ad Network, Not Malware: Lookout

    Updated: 2012-01-31 03:56:30
    Lookout Mobile Security takes Symantec to task for calling Counterclank malware, arguing that it's just an aggressive ad network. Symantec said users still need to be warned about adware. - Despite Symantec's warning to the contrary, Android.Counterclank is not malware, according to researchers at Lookout Mobile Security. Android.Counterclank is a botlike threat that can receive commands from remote servers to carry out certain actions, as well as steal information from infected d...

  • See SpiderLabs blog post regarding HOIC DDoS Analysis and Detection http://blog.spiderlabs.com/2012/01/hoic-ddos-analysis-and-detection.html, (Tue, Jan 31st)

    Updated: 2012-01-31 03:45:36
    ...(more)...

  • OSINT tactics: parsing from FOCA for Maltego, (Tue, Jan 31st)

    Updated: 2012-01-31 03:44:09
    One practice I strongly suggest you undertake, for both yourselves and your organizations, is Open S ...(more)...

  • Google, Microsoft Team Up to Fight Phishing, Spoofed Emails With DMARC

    Updated: 2012-01-31 00:56:36
    Fifteen companies including PayPal, Google, Microsoft and Facebook are banding together to fight domain-based phishing and other email scams with the new DMARC specification. - Google, Yahoo, Microsoft and other major email providers are committed to stomping out phishing attacks and other email-based Web scams. Major brands, such as Bank of America and Facebook, joined large email providers to announce Jan. 30 the new Domain-based Message Authentication, Reporting an...

  • McAfee Updates Mobile Security With Remote Tracking, Data Wipes

    Updated: 2012-01-30 21:24:12
    McAfee's latest Mobile Security 2.0 enables remote data wipes, tracking and locks, as well as the ability to tell when applications are accessing personal data. - McAfee introduced a new version of Mobile Security to protect smartphones and tablets from malicious applications and Web malware. Mobile Security 2.0 offers antivirus, anti-theft services and protection from malicious Websites and applications, McAfee said Jan. 30. The security software also ...

  • Scanning for pcAnywhere

    Updated: 2012-01-30 19:00:00

  • Megaupload Data Subject to Deletion by Hosting Providers Feb. 2

    Updated: 2012-01-30 18:29:42
    With Megaupload's financial assets frozen and unable to pay its bills, the hosting companies storing the data may begin deleting the data Feb. 2. - All the photos, video and files stored on file-sharing site Megaupload could be permanently deleted from its servers sometime this week, according to federal prosecutors. Megaupload contracted with third-party hosting companies to store the actual files that users uploaded to the server. However, t...

  • Basics: Five Switching Settings You Must Know

    Updated: 2012-01-30 14:00:00
    : Network Computing www.networkcomputing.com RSS Newsletters Current Issue Issue Archives Slideshows Whitepapers About Us Home News and Analysis Research Tech Centers Deduplication End to End APM IPv6 Next Gen Network Private Cloud Public Cloud WAN Security Channels Backup Recovery Cloud Computing Cloud Storage Data Center Data Protection Networking Mgmt Openflow Servers Storage Storage Mgmt UC VoIP Virtualization WAN App Acceleration Wireless Bloggers Lee H . Badman Frank Berry Stephen Foskett Mike Fratto David Hill Jeremy Littlejohn Howard Marks Joe Onisick Upcoming Events Cloud Connect Santa Clara Feb 13-16, 2012 Cloud Connect brings together the entire cloud eco-system to better understand the transformation we're experiencing and promises to be the defining event of the cloud

  • #6 Scanning IPv6 - Top Ten Things You Didn't Know About Nessus

    Updated: 2012-01-30 13:00:00
    The video below is part 6 in our series of the top ten things you didn't know about Nessus and covers information related to IPv6 scanning using Nessus: Further Reading: Nessus - IPv6 Scanning

  • Android App - Network Spoofer

    Updated: 2012-01-30 08:11:00

  • ISC StormCast for Monday, January 30th 2012 http://isc.sans.edu/podcastdetail.html?id=2290, (Mon, Jan 30th)

    Updated: 2012-01-30 04:54:20
    ...(more)...

  • Google, EU Data Privacy Policies Lead Week's Security News

    Updated: 2012-01-29 22:34:14
    Data privacy was on everyone's minds this past week as the European Union proposed changes to its 17-year-old regulations while Google changed its privacy policy and Android malware scanned user data. - Data privacy dominated security headlines this past week as the European Commission set out to change its 17-year-old data privacy law. The changes would not be applicable to just companies that are based or operate in the European Union, but to every company that does business with an EU citizen...

  • Mormons and Politics | Salon

    Updated: 2012-01-29 19:46:31
    Romney avoids mentioning it, but Smith ran for president in 1844 as an independent commander in chief of an “army of God” advocating the overthrow of the U.S. government in favor of a Mormon-ruled theocracy. Challenging Democrat James Polk and Whig Henry Clay, Smith prophesied that if the U.S. Congress did not accede to his [...]

  • Prepare The Mobile Ship For Ludicrous Speed!

    Updated: 2012-01-29 17:30:00
    Network Computing www.networkcomputing.com RSS Newsletters Current Issue Issue Archives Slideshows Whitepapers About Us Lee H . Badman Bio Archive Lee H . Badman Network Computing Blogger Home News and Analysis Research Tech Centers Deduplication End to End APM IPv6 Next Gen Network Private Cloud Public Cloud WAN Security Channels Backup Recovery Cloud Computing Cloud Storage Data Center Data Protection Networking Mgmt Openflow Servers Storage Storage Mgmt UC VoIP Virtualization WAN App Acceleration Wireless Bloggers Lee H . Badman Frank Berry Stephen Foskett Mike Fratto David Hill Jeremy Littlejohn Howard Marks Joe Onisick Upcoming Events Cloud Connect Santa Clara Feb 13-16, 2012 Cloud Connect brings together the entire cloud eco-system to better understand the transformation we're

  • How NetFlow Keeps Networks Running, People Alive

    Updated: 2012-01-29 13:51:00
    , Network Computing www.networkcomputing.com RSS Newsletters Current Issue Issue Archives Slideshows Whitepapers About Us Home News and Analysis Research Tech Centers Deduplication End to End APM IPv6 Next Gen Network Private Cloud Public Cloud WAN Security Channels Backup Recovery Cloud Computing Cloud Storage Data Center Data Protection Networking Mgmt Openflow Servers Storage Storage Mgmt UC VoIP Virtualization WAN App Acceleration Wireless Bloggers Lee H . Badman Frank Berry Stephen Foskett Mike Fratto David Hill Jeremy Littlejohn Howard Marks Joe Onisick Upcoming Events Cloud Connect Santa Clara Feb 13-16, 2012 Cloud Connect brings together the entire cloud eco-system to better understand the transformation we're experiencing and promises to be the defining event of the cloud

  • Android Counterclank Malware Assails Android Market: Symantec

    Updated: 2012-01-29 10:54:37
    Symantec has detected a new Trojan horse called Android.Counterclank, which attaches to applications in the Android Market and may be used to run malicious code on users' smartphones and tablets. - A nasty piece of malware called Android.Counterclank that Symantec (NASDAQ:SYMC) said has the highest distribution of any malware this year to date is making the rounds on Android smartphones and tablet computers. Symantec counts anywhere from 1 million to 5 million combined downloads of the...

  • Google Privacy Policy Update Challenged by Lawmakers

    Updated: 2012-01-28 12:00:30
    Google is under fire in Congress for its new privacy policy changes to unify user information from 60 Web services under one single policy. - Several U.S. senators Jan. 26 fired off a bipartisan letter to Google CEO Larry Page, asking for more information about the search engine provider's revised privacy policy. Google Jan. 24 announced that it will aggregate 60 of its Web services under one single privacy policy. Under this new...

  • วิเคราะห์การโจมตีและผลกระทบต่อการโดนโจมตีของเว็บไซด์ Me by TMB

    Updated: 2012-01-28 11:13:00

  • IP Spoofing Attack Tool List

    Updated: 2012-01-28 05:08:00

  • Hash Identifier Tool

    Updated: 2012-01-28 04:56:00

  • Low IQ & Conservative Beliefs Linked to Prejudice | LiveScience

    Updated: 2012-01-27 20:59:38
    As suspected, low intelligence in childhood corresponded with racism in adulthood. But the factor that explained the relationship between these two variables was political: When researchers included social conservatism in the analysis, those ideologies accounted for much of the link between brains and bias. People with lower cognitive abilities also had less contact with people [...]

  • Security Onion includes NetworkMiner

    Updated: 2012-01-27 20:45:00
    Doug Burks released a new ISO of his popular IDS/NSM Linux distro "Security Onion" a couple of days ago. This new ISO includes an installation of NetworkMiner straight out of the box. You can retrieve the Live install CD of Security Onion here: http://sourceforge.net/projects/security-onion/files/s[...]

  • On Customer Service

    Updated: 2012-01-27 19:44:23
    I think a lot about customer service. Or, what I really mean is that I get angry a lot about customer service. I’m not speaking of the declining competence of tech support for a phone or Internet service, but more about things like restaurants or coffee shops, i.e. places that are supposed to be providing [...]

  • #7 Nessus Versus Malware - Top Ten Things You Didn't Know About Nessus

    Updated: 2012-01-27 14:08:08
    : Careers News Events About Tenable Contact Support Enter search text Solutions Solutions Overview Continuous Monitoring Compliance Vulnerability Scanning Vulnerability Management Configuration Auditing Log Management SIEM SCADA Security Compliance Products Products Overview Nessus Scanner SecurityCenter Log Correlation Engine Passive Vulnerability Scanner Services Services Overview Nessus Perimeter Service QuickStart Services Partners Partners Overview Become a Partner Strategic Partners Enterprise Channel Partners Subscription Channel Partners Professional Services Partners Training Certification Training Certification Overview Become Certified Courses Delivery Methods Training Schedule eLearning Portal Resources Resources Overview Tenable Blog Webinars Whitepapers Video Tutorials

  • SSH Password attacks using domain name elements as userid, (Fri, Jan 27th)

    Updated: 2012-01-27 10:08:01
    A reader (Thanks Jim!) mentioned earlier today that his SSHlogs were showing access attempts u ...(more)...

  • CISCO Ironport C & M Series telnet vulnerability, (Fri, Jan 27th)

    Updated: 2012-01-27 09:52:03
    In case you missed it there is a vulnerability in the CISCOIronport telnet service. Details ca ...(more)...

  • ISC StormCast for Friday, January 27th 2012 http://isc.sans.edu/podcastdetail.html?id=2287, (Fri, Jan 27th)

    Updated: 2012-01-27 04:15:17
    ...(more)...

  • ISC Feature of the Week: ISC Link Back, (Wed, Jan 25th)

    Updated: 2012-01-27 03:32:10
    Overview Need to attribute information to ISC? Want to provide users with an avenue to visit the I ...(more)...

  • Weekly News Round Up

    Updated: 2012-01-26 22:50:17
    Happy Friday everybody, and welcome to another installment of our Weekly News Roundup. It certainly was another busy week in the application security world, with several cyber attacks, new regulations, and updated security measures making headlines. Veracode’s Marketing team rounded up some interesting articles on some of the biggest topics of the week. Give them [...]

  • Verdasys Offers Enterprise Data Leak Protection as Managed Service

    Updated: 2012-01-26 22:44:05
    It seems every IT function can now be offered on-demand. Verdasys is launching its enterprise data leak protection system, Digital Guardian, as a managed security service. - Verdasys is moving its data leak prevention portfolio to the cloud to help enterprises protect their data stored on its networks and still reduce costs. The company introduced two new offerings Verdasys Managed Service for Information Protection (MISP) and Verdasys Information Protection as a S...

  • EU 24-Hour Data Breach Notification Rule 'Unworkable': ATandT Executive

    Updated: 2012-01-26 18:21:10
    AT&T's chief privacy officer says the 24-hour deadline to notify customers of a data breach that is set by new European Union data privacy regulations is "absolutely unworkable" and would end up forcing companies to notify all possible customers about a breach rather than just those affected. - New data privacy regulations being implemented by the European Union will present serious complications for U.S. companies doing business in Europe, according to an IT security and data privacy executive who took part in a panel at the George Washington University School of Law in Washington, D.C. ...

  • Enterasys Addresses Wired-Wireless Pain

    Updated: 2012-01-26 15:00:00
    Network Computing www.networkcomputing.com RSS Newsletters Current Issue Issue Archives Slideshows Whitepapers About Us Home News and Analysis Research Tech Centers Deduplication End to End APM IPv6 Next Gen Network Private Cloud Public Cloud WAN Security Channels Backup Recovery Cloud Computing Cloud Storage Data Center Data Protection Networking Mgmt Openflow Servers Storage Storage Mgmt UC VoIP Virtualization WAN App Acceleration Wireless Bloggers Lee H . Badman Frank Berry Stephen Foskett Mike Fratto David Hill Jeremy Littlejohn Howard Marks Joe Onisick Upcoming Events Cloud Connect Santa Clara Feb 13-16, 2012 Cloud Connect brings together the entire cloud eco-system to better understand the transformation we're experiencing and promises to be the defining event of the cloud computing

  • Catbird Unveils vSecurity 5.0 for Virtualized and Cloud Computing

    Updated: 2012-01-26 13:50:48
    Catbird's vSecurity 5.0 is built on industry-standard, network-based security technologies for a set of services protecting virtual, cloud and physical networks. - Catbird, a specialist in security and compliance for virtual, cloud and physical networks, announced the next generation of its vSecurity platform, vSecurity 5.0, which integrates directly with the hypervisor to provide automated control, visibility and efficiency. Its vCompliance engine monitor...

  • Howto: Use WeBaCoo - Web Backdoor Cookie Script-Kit

    Updated: 2012-01-26 09:47:00

  • SQL Injection Cheat Sheet By NT Object Inc.

    Updated: 2012-01-26 09:33:00

  • Howto: Install Metasploit on your Ipad2(iOS5.0.1)

    Updated: 2012-01-26 09:03:00

  • Authenex ASAS - Voted WindowSecurity.com Readers' Choice Award Winner - Authentication / Smart Cards

    Updated: 2012-01-26 07:00:16
    Authenex ASAS was selected the winner in the Authentication / Smart Cards category of the WindowSecurity.com Readers' Choice Awards. Smart Enterprise Guardian and eToken were runner-up and second runner-up respectively.

  • Great Impressions

    Updated: 2012-01-26 05:40:13
    via youtube.com Posted via email from danielmiessler.com | posterous Related ContentNew Headz Up App | SNLAn Intro to DubstepThe Samsung Smart WindowIf China Attacks America (A Must See)Hitler Finds Out There’s No iPhone 5

  • NetBIOS spoofing for attacks on browser

    Updated: 2012-01-26 03:51:00

  • pcAnywhere users – patch now!, (Wed, Jan 25th)

    Updated: 2012-01-26 03:24:59
    Symantec released a patch for pcAnywhere products that fixes couple of vulnerabilities, among which ...(more)...

  • Symantec Warns pcAnywhere Users to Disable Tool Due to Source Code Theft

    Updated: 2012-01-26 03:06:05
    Symantec has confirmed that pcAnywhere users are at "increased risk" because attackers have stolen source code to the remote control tool. - The saga over Symantec's stolen code took another twist as the company acknowledged that pcAnywhere customers are at risk for man-in-the-middle attacks and new exploits. The breach actually occurred on Symantec servers in 2006, and attackers stole source code to several Norton security product...

  • Secret Government Talks Create Treaty Stricter Than SOPA, PIPA

    Updated: 2012-01-25 23:41:48
    NEWS ANALYSIS: The U.S. Trade Representative apparently negotiated in secret a new intellectual property treaty with restrictions far more onerous than SOPA or PIPA to avoid a congressional review and public objections. - Imagine, if you will, SOPA with even more restrictions than the bill that was shelved by Congress last week. Now imagine that its administered by a shadowy international organization that has no accountability under U.S. law, but can still order your ISP to monitor your personal communications. Fina...

  • Attackers Using DNS Poisoning to Hijack Website Domains, Divert Traffic

    Updated: 2012-01-25 23:16:52
    Several "activist hackers" appear to be using DNS poisoning and other attacks against the Domain Name System to divert users away from legitimate sites. - Instead of just launching distributed denial-of-service attacks, cyber-attackers have started hijacking domain names and redirecting traffic from legitimate sites to malicious ones. The hacker group Anonymous recently managed to hijack the Domain Name System record for CBS.com and redirected all tr...

  • Human Memory Schema: is_real ; is_dream ; is_fantasy

    Updated: 2012-01-25 11:20:31
    :

  • Extending Burp Suite to solve reCAPTCHA | Web App Security

    Updated: 2012-01-25 10:52:07
    By extending the Burp Suite and integrating it with a CAPTCHA solving farm you can enable the automated bypassing of CAPTCHA within all burp tools; seamlessly replacing all CAPTCHA with their correct solutions. via idontplaydarts.com One of the coolest Burp extensions I’ve ever seen. Posted via email from danielmiessler.com | posterous Related ContentSession Handling Improvements [...]

  • New Malware Protection Using Big Data Analytics From Sourcefire

    Updated: 2012-01-25 10:48:45
    One of the more interesting features is called File Trajectory. This tracks file movement within the enterprise, allowing organizations to identify the entry point and propagation path of malware. As you see from the below display, you have a list of every endpoint that has touched a particular file. via readwriteweb.com Interesting. Posted via email [...]

  • Enhancing Endpoint Security for Windows Desktops (Part 2)

    Updated: 2012-01-25 07:59:33
    In this article the author will discuss how least privilege can help protect the computer from local user attacks, as well as how data leak protection can help protect the corporate assets from being sent inappropriately across the Internet.

  • Noah’s Ark Theory Owned

    Updated: 2012-01-25 04:12:04
    Related ContentMiss USA 2011 – Should Evolution Be Taught in School?An Unbelievable Football GoalApplying Pressure to People’s Religious BeliefsCarl Sagan Talks Politics [40 Seconds]Noam Chomsky Owns Israeli Interviewer

  • Hack Tips: Blackberry Enterprise Server Exploitation

    Updated: 2012-01-25 03:29:00

  • Network Security Podcast, Episode 265

    Updated: 2012-01-25 02:04:25
    Unless you were hiding under a rock the last few weeks you’ve probably heard about the Stop Online Piracy Act (SOPA), Protect IP Act (PIPA) and their even more evil brother Anti-counterfiting Trade Agreement (ACTA).  Many sites went dark last week, including Securosis, in protest and SOPA/PIPA were at least stalemated for the moment, if [...]

  • F5 Networks ‘Fixes’ Data Center Security

    Updated: 2012-01-24 16:00:00
    Network Computing www.networkcomputing.com RSS Newsletters Current Issue Issue Archives Slideshows Whitepapers About Us Home News and Analysis Pro Reports Tech Centers Deduplication End to End APM IPv6 Next Gen Network Private Cloud Public Cloud WAN Security Channels Backup Recovery Cloud Computing Cloud Storage Data Center Data Protection Networking Mgmt Openflow Servers Storage Storage Mgmt UC VoIP Virtualization WAN App Acceleration Wireless Bloggers Lee H . Badman Frank Berry Stephen Foskett Mike Fratto David Hill Jeremy Littlejohn Howard Marks Joe Onisick Upcoming Events Cloud Connect Santa Clara Feb 13-16, 2012 Cloud Connect brings together the entire cloud eco-system to better understand the transformation we're experiencing and promises to be the defining event of the cloud

  • 2012 Social Security Blogger Awards

    Updated: 2012-01-24 14:17:51
    In case you haven’t heard, Veracode has been nominated for two awards at the 2012 Social Security Blogger Awards: Best Corporate Security Blog and Single Best Blog Post or Podcast of the Year. Let me first say that we are absolutely thrilled to be nominated for these awards and are honored to be listed amongst [...]

  • Research Finds Outstanding Issues Could Derail Win 8 Migration

    Updated: 2012-01-24 14:06:00
    Network Computing www.networkcomputing.com RSS Newsletters Current Issue Issue Archives Slideshows Whitepapers About Us Home News and Analysis Research and Reports Tech Centers Deduplication End to End APM IPv6 Next Gen Network Private Cloud Public Cloud WAN Security Channels Backup Recovery Cloud Computing Cloud Storage Data Center Data Protection Networking Mgmt Openflow Servers Storage Storage Mgmt UC VoIP Virtualization WAN App Acceleration Wireless Bloggers Lee H . Badman Frank Berry Stephen Foskett Mike Fratto David Hill Jeremy Littlejohn Howard Marks Joe Onisick Upcoming Events Cloud Connect Santa Clara Feb 13-16, 2012 Cloud Connect brings together the entire cloud eco-system to better understand the transformation we're experiencing and promises to be the defining event of the

  • IBM And NEC Leverage OpenFlow For High-Performance Networking

    Updated: 2012-01-24 14:01:00
    Network Computing www.networkcomputing.com RSS Newsletters Current Issue Issue Archives Slideshows Whitepapers About Us Home News and Analysis Pro Reports Tech Centers Deduplication End to End APM IPv6 Next Gen Network Private Cloud Public Cloud WAN Security Channels Backup Recovery Cloud Computing Cloud Storage Data Center Data Protection Networking Mgmt Openflow Servers Storage Storage Mgmt UC VoIP Virtualization WAN App Acceleration Wireless Bloggers Lee H . Badman Frank Berry Stephen Foskett Mike Fratto David Hill Jeremy Littlejohn Howard Marks Joe Onisick Upcoming Events Cloud Connect Santa Clara Feb 13-16, 2012 Cloud Connect brings together the entire cloud eco-system to better understand the transformation we're experiencing and promises to be the defining event of the cloud

  • DDIVRT-2011-39 SolarWinds Storage Manager Server SQL Injection Authentication Bypass

    Updated: 2012-01-24 13:53:00

  • If Gingrich Wins the Primary, Obama Gets a Second Term

    Updated: 2012-01-24 13:51:16
    ,

  • Rise Of HTML5 Brings With It Security Risks

    Updated: 2012-01-24 13:30:00
    Network Computing www.networkcomputing.com RSS Newsletters Current Issue Issue Archives Slideshows Whitepapers About Us Home News and Analysis Pro Reports Tech Centers Deduplication End to End APM IPv6 Next Gen Network Private Cloud Public Cloud WAN Security Channels Backup Recovery Cloud Computing Cloud Storage Data Center Data Protection Networking Mgmt Openflow Servers Storage Storage Mgmt UC VoIP Virtualization WAN App Acceleration Wireless Bloggers Lee H . Badman Frank Berry Stephen Foskett Mike Fratto David Hill Jeremy Littlejohn Howard Marks Joe Onisick Upcoming Events Cloud Connect Santa Clara Feb 13-16, 2012 Cloud Connect brings together the entire cloud eco-system to better understand the transformation we're experiencing and promises to be the defining event of the cloud

  • Howto: Use shellcodeexec to bypass antivirus

    Updated: 2012-01-23 04:57:00

  • Small Python Backdoor

    Updated: 2012-01-21 17:57:00

  • 5 Things That Keep a CISO up at Night

    Updated: 2012-01-20 20:02:06
    Recently I had the unique experience to attend a presentation given by the CISO of a major entertainment network which took place at eEye’s annual sales and marketing kickoff.  It was an excellent presentation, where he shared things like his past experiences, how he and his team select security products and which metrics matter most [...]

  • If You’re An Average Worker, You’re Going Straight To The Bottom | Seth Godin

    Updated: 2012-01-20 19:34:08
    ,

  • Howto: Simple Outlook Web Access Phishing

    Updated: 2012-01-20 03:49:00

  • Bypass screensaver/locker program on xorg 1.11 and up

    Updated: 2012-01-20 03:20:00

  • Obama Blasts GOP Candidates on Booing of Gay Soldier at Debate

    Updated: 2012-01-20 00:53:07
    via youtube.com So satisfying to see them being ridiculed for being bigoted idiots. Posted via email from danielmiessler.com | posterous Related ContentHitler Finds Out There’s No iPhone 5If China Attacks America (A Must See)David Simon on the End of the American EmpireAdding Malware to Android ApplicationsChick-fil-A

  • Google’s Browser Security Principles | ZDNet

    Updated: 2012-01-20 00:33:26
    Defense in depth: Our goal in designing Chrome’s security architecture was to layer defenses, and avoid single points of failure. Chrome’s sandbox architecture represents one of the most effective parts of this strategy, but it’s far from the only piece. We also employ the best available anti-exploit technologies—including ASLR, DEP, JIT hardening, and SafeSEH—along with [...]

  • Howto: Crack WPS & WPA Wifi with reaver

    Updated: 2012-01-19 15:42:00

  • Cloud Based Application Security Testing

    Updated: 2012-01-19 14:15:43
    Evan Fromberg, Sr. Director of Channel Sales and Business Development here at Veracode, recently wrote a guest post on Rackspace’s Cloud Blog. In his post, Evan talks about the emergence of a growing need for businesses of all sizes to increase speed to market. He examines the impact of this trend on the adoption of [...]

  • Howto: Use BeEF with Metasploit4.2.0-dev

    Updated: 2012-01-19 11:26:00

  • Identity (Management) Crisis (Part 1): The evolution of identity concepts

    Updated: 2012-01-18 09:00:01
    In this article we'll take a look at how the concept of identity has evolved particularly in the legal and technological realms.

  • Howto: Banner Grabbing

    Updated: 2012-01-18 04:32:00

  • Howto: Harvesting Boarding Pass with Google Dork

    Updated: 2012-01-18 04:25:00

  • Andrew Sullivan: How Obama’s Long Game Will Outsmart His Critics | The Daily Beast

    Updated: 2012-01-17 14:36:36
    :

  • Andrew Sullivan on ObamaCare | The Daily Beast

    Updated: 2012-01-17 14:28:02
    Yes, it crosses the Rubicon of universal access to private health care. But since federal law mandates that hospitals accept all emergency-room cases requiring treatment anyway, we already obey that socialist principle—but in the most inefficient way possible. Making 44 million current free-riders pay into the system is not fiscally reckless; it is fiscally prudent. [...]

  • TIL: Cousin Means Common Ancestor

    Updated: 2012-01-17 04:35:21
    :

  • Who’s To Blame for the Financial Crisis | NPR Intelligence Squared

    Updated: 2012-01-17 00:23:30
    Related ContentA Look at Canadian Health CareIntelligence Squared: Hitchens vs. CatholicsThe Best Encapsulation of an Average Relationship I’ve Ever SeenNPR Intelligence SquaredGuillaume Nery Underwater Base Jump

  • Try a Book

    Updated: 2012-01-16 21:04:22
    via thedoghousediaries.com Posted via email from danielmiessler.com | posterous Related ContentHow to Nap | Boston GlobeA Digital IO WorkflowBrowser CombatDon’t Be a Cryptic AssCare Wolf

  • Programming as a Life Skill

    Updated: 2012-01-16 20:12:32
    Perhaps the most obvious and powerful of changes in our world is the penetration of computers into our personal lives. This is penetration to the point of integration — to the point of augmentation. No surprise there; everyone’s talking about it. One less obvious result of this monumental shift, however, is that the skill of [...]

  • New Headz Up App | SNL

    Updated: 2012-01-16 19:10:38
    via youtube.com I pre-ordered. Posted via email from danielmiessler.com | posterous Related ContentAn Intro to DubstepGreat ImpressionsThe Samsung Smart WindowHitler Finds Out There’s No iPhone 5If China Attacks America (A Must See)

  • Scanning Redux: TCP and UDP

    Updated: 2012-01-16 08:12:00

  • CVE-2011-4107 PoC - phpMyAdmin Local File Inclusion via XXE injection

    Updated: 2012-01-16 08:01:00

  • Bypassing the XSS Filters : Advanced XSS Tutorials for Web application Pen Testing

    Updated: 2012-01-13 03:38:00

  • ddosim v0.2 (Application Layer DDOS Simulator)

    Updated: 2012-01-13 03:23:00

  • Kojoney SSH Honeypot, installation (CentOS) and configuration

    Updated: 2012-01-11 16:32:00

  • Enhancing Endpoint Security for Windows Desktops (Part 1)

    Updated: 2012-01-11 10:00:03
    In this article, the author will discuss some of the most important aspects of endpoint security, including endpoint firewalls, endpoint password policy, endpoint least privilege, and endpoint data leak protection.

  • Microsoft Patch Tuesday - January 2012

    Updated: 2012-01-11 05:16:58
    : Careers News Events Contact Support About Tenable Enter search text Solutions Solutions Overview Compliance Vulnerability Scanning Vulnerability Management Configuration Auditing Log Management SIEM Products Products Overview Nessus Scanner SecurityCenter Log Correlation Engine Passive Vulnerability Scanner Services Services Overview Nessus Perimeter Service QuickStart Services Partners Partners Overview Become a Partner Strategic Partners Enterprise Channel Partners Subscription Channel Partners Professional Services Partners Training Certification Training Certification Overview Become Certified Courses Delivery Methods Training Schedule eLearning Portal Resources Resources Overview Tenable Blog Webinars Whitepapers Video Tutorials Support Support Overview Support Portal Discussion

  • Microsoft Patch Tuesday – January 2012

    Updated: 2012-01-11 02:55:26
    Before we get started on this month’s releases, just a quick reminder that Microsoft released an out-of-band (OOB) security bulletin (MS11-100) late last month. That brought their 2011 total to 100 bulletins – so much for keeping it in double digits. To start off the new year, today Microsoft released seven bulletins. Microsoft finally tamed [...]

  • Network Security Podcast, Episode 264

    Updated: 2012-01-11 00:10:44
    As Zach prepares for his jaunt down to Miami Beach, Rich waxes paranoid about his newfangled Microsoft-powered car — and the prospect of Martin remotely hacking throttling the engine.  It’s hard to imagine a few of Rich’s ‘friends’ won’t try hard to get their hands on his new remote and the system port on his [...]

  • Open tabs 01/09/12

    Updated: 2012-01-09 14:24:15
    Still feels a little funny to be putting the ’12′ in the year column, doesn’t it?  I’m sure the feeling will go away by March or April.  And it’s getting started as an interesting year already, with Symantec’s source code and courts approving warrantless GPS monitoring.  I bet neither of those were captured in the [...]

  • Security Considerations for Cloud Computing (Part 1) - Virtualization Platform

    Updated: 2012-01-04 05:59:32
    This article looks at some of the security issues related to virtualization in the cloud.

  • Network Security Podcast, Episode 263

    Updated: 2012-01-04 00:20:07
    It’s our first show of the New Year… wherein Rich describes server upgrades good and bad, being a victim in a data breach, and we discuss the rest of the latest news. We have to say, it’s a weird start to the year. Network Security Podcast, Episode 263, January 3, 2012 Time: 36:45 Show Notes: [...]

Current Feed Items | Previous Months Items

Dec 2011 | Nov 2011 | Oct 2011 | Sep 2011 | Aug 2011 | Jul 2011