• Why Flame is Lame, (Thu, May 31st)

    Updated: 2012-05-31 17:55:02
    We have gotten a number of submissions asking about Flame, the malware that was spotted ...(more)...

  • Metasploit 4 on iPhone 4S & iPad 2

    Updated: 2012-05-31 16:56:00

  • SCADA@Home: Your health is no secret no more!, (Thu, May 31st)

    Updated: 2012-05-31 14:33:02
    One of my interest recently has been what I call SCADA@Home. I use this term to refer to ...(more)...

  • How Mobile Apps are Invading Your Privacy Infographic

    Updated: 2012-05-31 14:30:32
    Every week it seems like there is a new story about a popular website or application having privacy issues that put its users at risk. With millions of apps receiving billions of downloads, it is important users are aware of the risks that they face when downloading and using apps. This infographic uses real world cases to outline the threat to user privacy posed by mobile apps.

  • NASA Man-in-the-Middle Attack: Why you should use proper SSL Certificates, (Thu, May 31st)

    Updated: 2012-05-31 07:15:44
    A posting to pastebin, by a group that calls itself Cyber Warrior Team from Iran, claims ...(more)...

  • Ketamine Improves Bipolar Depression Within Minutes

    Updated: 2012-05-31 06:15:41
    When the patients received ketamine, their depression symptoms significantly improved within 40 minutes, and remained improved over 3 days. Overall, 79% of the patients improved with ketamine, but 0% reported improvement when they received placebo. via medicaldaily.com A truly stunning find. I imagine a ton of good is going to come from this. I wonder [...]

  • Putting out the Flames

    Updated: 2012-05-31 05:28:36
    Stop me if you’ve heard this one before: there is a new piece of malware and this one is even worse than the last one. It is bigger, scarier, more complex and will take years, according to some estimates, to actually ever know what the malware really does. And of course it already has a [...]

  • ISC StormCast for Thursday, May 31st 2012 http://isc.sans.edu/podcastdetail.html?id=2569, (Thu, May 31st)

    Updated: 2012-05-31 04:14:19
    ...(more)...

  • White House Enlists Government, Industry in Botnet Offensive

    Updated: 2012-05-30 23:38:33
    The White House on May 30 introduced a government-industry alliance that will carry out a series of initiatives aimed at curtailing malware-driven botnets through information sharing, global collaboration and public education. - The White House has announced a series of initiatives in partnership with government agencies and the private sector to combat botnets. The initiatives, which were announced May 30 at an event at the White House, are the result of a partnership between the Homeland Security and Commerce Department...

  • Flame Malware Origins Remain Murky, but Its Sophistication Is Clear

    Updated: 2012-05-30 21:37:14
    NEWS ANALYSIS: The Flame malware that has been discovered infecting computer systems mainly in the Middle East is raising more questions than answers about its origins. Researchers dont really know if it's new, if it's actually state-sponsored or where it really came from. - The blogosphere and the nontech media are all abuzz about Flame, the newly exposed malware that is apparently wreaking havoc with Iranian computers. Its also creating problems elsewhere in the Middle East, but apparently hasnt spread significantly beyond there. But is Flame really a new threat, or ...

  • It's Phishing Season! In fact, it's ALWAYS Phishing Season!, (Wed, May 30th)

    Updated: 2012-05-30 18:42:26
    It's always great to hear from our readers, we just got this note in from Tom on a phish that he rec ...(more)...

  • What's in Your Lab?, (Wed, May 30th)

    Updated: 2012-05-30 16:14:15
    The discussion about labs got me thinking about what we all have in our personal labs. The &qu ...(more)...

  • Too Big to Fail / Too Big to Learn?, (Wed, May 30th)

    Updated: 2012-05-30 16:06:37
    There's an interesting trend that I've been noticing in datacenters over the last few years. T ...(more)...

  • Detecting Known Malware Processes Using Nessus

    Updated: 2012-05-30 15:55:00
    : Careers News Events About Tenable Contact Support Enter search text Solutions Solutions Overview Compliance Configuration Auditing Continuous Monitoring Federal Government Log Management Mobile Device Security SCADA Security Compliance SIEM Vulnerability Management Vulnerability Scanning Products Products Overview Nessus Scanner SecurityCenter Log Correlation Engine Passive Vulnerability Scanner Services Services Overview Nessus Perimeter Service QuickStart Services Partners Partners Overview Become a Partner Strategic Partners Enterprise Channel Partners Subscription Channel Partners Professional Services Partners Training Certification Training Certification Overview Become Certified Courses Delivery Methods Training Schedule eLearning Portal Resources Resources Overview Podcasts RSS

  • Facebook, LinkedIn Used by Employers for Monitoring: Gartner

    Updated: 2012-05-30 10:27:38
    Employee monitoring through social media platforms can improve security, but it raises important ethical and legal considerations, a Gartner report indicates. - It might be worth thinking about keeping your friends close, but keeping your Facebook friends carefully cordoned off from the eyes of your employers, if a recent report from IT research firm Gartner is any indication. The study found that corporate monitoring of employee behavior on social media si...

  • Small-Business Security Spending to Top $5.6B in 2015: IDC

    Updated: 2012-05-30 10:07:16
    Adoption of cloud computing and mobile devices is boosting IT security spending among small businesses, according to an IDC report. - Small and midsize businesses' spending on security technology is growing at a healthy clip and is set to pass $5.6 billion in 2015, according to a new report from IDC. In fact, SMBs' spending on security products and services is projected to nearly double the 5 percent to 6 percent annual growth pr...

  • With the convergence of mobile devices, mobile security is a clear focus

    Updated: 2012-05-30 09:00:04
    This article will look at emerging technologies in mobile security, the security risks surrounding mobile platforms and steps to secure your mobile devices and their contents.

  • Network Security Podcast, Episode 279

    Updated: 2012-05-30 03:52:39
    Zach was a little late, but Rich and Martin start with talks of their recent travels (Martin wins) and prepping for DefCon. Then we jump into the latest super hot security news. Network Security Podcast, Episode 279, May 29, 2012 Time: 38:34 Show notes: IBM bans Siri. Must not like the snark. FBI forms net [...]

  • ISC StormCast for Wednesday, May 30th 2012 http://isc.sans.edu/podcastdetail.html?id=2566, (Wed, May 30th)

    Updated: 2012-05-30 03:31:52
    ...(more)...

  • U.N. Warns Member Countries of 'Flame' Cyber-Spying Malware

    Updated: 2012-05-30 00:15:55
    A United Nations technology agency is issuing an alert for countries to be on the lookout for cyber-espionage malware known as Flame, which has hit computer systems in the Middle East heavily, according to Reuters. - The United Nations' International Telecommunication Union is issuing a warning for nations to be on guard for the newly identified Flame malware, according to a report. quot;This is the most serious [cyber] warning we have ever put out, quot; Marco Obiso, cyber-security coordinator for the U.N.'s...

  • Speeding up the Web and your IDS / Firewall, (Tue, May 29th)

    Updated: 2012-05-29 22:11:09
    HTTP as a protocol has done pretty well so far. Initially intended to be a delivery medium for scien ...(more)...

  • Internet Defense League Ready to Battle CISPA, Other Internet Threats

    Updated: 2012-05-29 20:36:56
    The new organization is designed to work as an early-warning system against federal legislation the group thinks will endanger privacy and freedom on the Web. - Some of the organizers of the Internet protest that led to Congress ditching the controversial SOPA and PIPA legislation in January are now looking to make it easier to fight back against similar federal bills. Alexis Ohanian, co-founder of the social media site Reddit, and Fight for the Future hav...

  • Retina Insight Pivot Grids, Custom Report Sharing on eEye Forums

    Updated: 2012-05-29 19:04:19
    Around this time last year I wrote a blog on the Pivot Grids within Retina Insight and how they allow a user to custom build historical reports based on almost every piece of data collected by Retina Insight. Recently I spoke with an analyst on this same topic and he was very pleased to see that we [...]

  • Software-Defined Networking Market to Soar to $2B–But Not Yet

    Updated: 2012-05-29 18:40:00
    Network Computing www.networkcomputing.com RSS Newsletters Current Issue Issue Archives Slideshows Whitepapers About Us Home News and Analysis Research Tech Centers Deduplication End to End APM IPv6 Next Gen Network Private Cloud Public Cloud WAN Security Channels Backup Recovery Cloud Computing Cloud Storage Data Center Data Protection Networking Mgmt Openflow Servers Storage Storage Mgmt UC VoIP Virtualization WAN App Acceleration Wireless Bloggers Lee H . Badman Greg Ferro Stephen Foskett Mike Fratto David Hill Jeremy Littlejohn Jeff Loughridge Howard Marks Joe Onisick Upcoming Events Interop NY Oct . 1-5 Interop is the only event to give you a comprehensive and unbiased understanding of all the latest innovations-including cloud computing , virtualization , security , mobility and data

  • Silver Peak Updates WAN Optimization

    Updated: 2012-05-29 14:21:00
    Network Computing www.networkcomputing.com RSS Newsletters Current Issue Issue Archives Slideshows Whitepapers About Us Home News and Analysis Research Tech Centers Deduplication End to End APM IPv6 Next Gen Network Private Cloud Public Cloud WAN Security Channels Backup Recovery Cloud Computing Cloud Storage Data Center Data Protection Networking Mgmt Openflow Servers Storage Storage Mgmt UC VoIP Virtualization WAN App Acceleration Wireless Bloggers Lee H . Badman Greg Ferro Stephen Foskett Mike Fratto David Hill Jeremy Littlejohn Jeff Loughridge Howard Marks Joe Onisick Upcoming Events Interop NY Oct . 1-5 Interop is the only event to give you a comprehensive and unbiased understanding of all the latest innovations-including cloud computing , virtualization , security , mobility and data

  • SSLsplit – transparent and scalable SSL/TLS interception

    Updated: 2012-05-29 09:47:00

  • SQLCake - an automatic sql injection exploitation kit

    Updated: 2012-05-29 09:29:00

  • ISC StormCast for Tuesday, May 29th 2012 http://isc.sans.edu/podcastdetail.html?id=2563, (Tue, May 29th)

    Updated: 2012-05-29 02:43:24
    ...(more)...

  • Blank Label Shirts

    Updated: 2012-05-28 18:14:16
    Many peacocks hide their feathers and call that their pride. ~ Frederich Nietzsche I am getting ready to consider moving from Brooks Brothers to Blank Label shirts. I have been getting more into the quality of my shirts over the last couple of years, and as of about a year ago I’ve been 100% Brooks [...]

  • The Great Gatsby Curve

    Updated: 2012-05-28 17:14:56
    As he shows, America is both especially unequal and has especially low mobility. But he also argues that because we are even more unequal now than we were a generation ago, we should expect even less social mobility going forward. via krugman.blogs.nytimes.com An interesting system for estimating social mobility based on parental income at a [...]

  • What’s Your Heinlein Score?

    Updated: 2012-05-28 14:03:02
    Robert Heinlein wrote a book a long time ago called Time Enough for Love in which he described all the various things a human being should be able to do. It closely maps with Ralph Waldo Emerson’s concept of a full person, evidently. Go here to calculate your score on this test (your Heinlein score). [...]

  • Annoy, Attribute, and Attack

    Updated: 2012-05-28 12:00:00

  • THC-Hydra password bruteforcing with john the ripper - http://funoverip.net

    Updated: 2012-05-28 06:07:00

  • jasagerpwn - Jasager attack vector script for BackTrack 5 and Ubuntu.

    Updated: 2012-05-28 06:04:00

  • Google, the Ultimate Private Intelligence Agency, Is Raising EU's Ire

    Updated: 2012-05-27 18:06:06
    NEWS ANALYSIS: Google's privacy policies allow the company to collect information about anyone and to combine information from a wide variety of sources into an overall, highly detailed profile that tells everything there is to know about you. However, Google will soon have to come to terms with the European Union's privacy laws, which ban this kind of comprehensive data collection about it citizens. - One of the secrets to really effective spying is to collect all available information about your target, no matter how mundane or trivial. This approach has been used by government intelligence agencies since the beginning of spies. The CIA and NSA collect vast quantities of such information, and th...

  • Apple iOS Needs Antivirus Protection: Kaspersky

    Updated: 2012-05-26 16:55:41
    CEO Eugene Kaspersky says iOS-based devices, such as the iPhone and iPad, will need antivirus software, and he laments that Apple won't let his company develop it. - When more than 600,000 Mac users were under siege last month by the Flashback malware infecting their systems, officials at Kaspersky Lab were among the most vocal critics of Apples response to the security problem. They and security experts from other organizations chastised Apple for the two-mont...

  • N.J. Mayor, Son Arrested For Hacking Political Rival's Website

    Updated: 2012-05-26 16:51:27
    The mayor of a northern New Jersey city has been charged with conspiring with his son to bring down a Website calling for the mayor's recall and intimidate anyone involved with it. - A New Jersey mayor has been arrested along with his son on charges they conspired to hack a Website calling for the mayor's ouster as part of a campaign to target the mayor's critics. Felix Roque, mayor of the Hudson County town of West New York, and his son Joseph Roque were arrested Thursday for ...

  • Sam Harris and Bruce Schneier Debate Airport Profiling | Samharris.org

    Updated: 2012-05-26 06:49:55
    It is still not clear to me what you actually recommend—nor is it clear why your views about profiling, if true, wouldn’t extend to all intelligence work, or even to immigration. Should we issue visas to people at random, or should we pay more attention to those applying from Yemen, Pakistan, and Somalia? For those [...]

  • Configuration Mistakes Make for Costly Security Gaps

    Updated: 2012-05-25 18:54:31
    Earlier this week, Brian Prince over at Security Week posted an article on a subject that we’ve always been passionate about here at eEye, now BeyondTrust, Research – and that’s configuration.  More specifically, the incredible impact that smart, effective configuration can have on reducing attack surface for any size organization. From Brian’s article, I agree [...]

  • AirMagnet Planner Gives Cisco Small Business Wireless a Boost

    Updated: 2012-05-25 16:55:00
    Network Computing www.networkcomputing.com RSS Newsletters Current Issue Issue Archives Slideshows Whitepapers About Us Lee H . Badman Bio Archive Lee H . Badman Network Computing Blogger Home News and Analysis Research Tech Centers Deduplication End to End APM IPv6 Next Gen Network Private Cloud Public Cloud WAN Security Channels Backup Recovery Cloud Computing Cloud Storage Data Center Data Protection Networking Mgmt Openflow Servers Storage Storage Mgmt UC VoIP Virtualization WAN App Acceleration Wireless Bloggers Lee H . Badman Greg Ferro Stephen Foskett Mike Fratto David Hill Jeremy Littlejohn Jeff Loughridge Howard Marks Joe Onisick Upcoming Events Interop NY Oct . 1-5 Interop is the only event to give you a comprehensive and unbiased understanding of all the latest

  • Google Again Clashing With Regulators Over Privacy

    Updated: 2012-05-25 12:56:06
    This time, it's French regulators who are saying that the search giant is being uncooperative with investigators probing the company's new privacy policies. - Google officials once again are being accused by regulators of not being cooperative with investigators looking into privacy issues concerning the dominant Web 2.0 company. This time, the complaints are coming from Europe Union (EU), where a French agency taking the lead in the investigation over q...

  • How to use SQLMap POST Request Injection

    Updated: 2012-05-25 04:37:00

  • Researchers Propose Way to Thwart Fraudulent Digital Certificates

    Updated: 2012-05-24 22:04:18
    Two researchers have submitted a draft proposal to the Internet Engineering Taskforce about a way to catch forged SSL certificates and address challenges to the level of trust in certificate authorities. - Two researchers have proposed an extension to TLS, or transport layer security, as a solution to some of the security challenges facing the Secure Sockets Layer certificate ecosystem. Their proposal comes after a troublesome year for certificate authorities (CAs) during which a number of high-profi...

  • Email Security: 10 Steps for Dealing With Dangerous Messages

    Updated: 2012-05-24 19:51:12
    : IT Security Network Security News Reviews eWeek HOME NEWS REVIEWS STORAGE SECURITY DESKTOPS NOTEBOOKS MOBILITY Cloud BLOGS WHITE PAPERS WEBCASTS New Era Networks Security News Security Reviews Security Blogs IT Infrastructure Government IT Open Source Applications Videos All eWeek Topics Home IT Security Network Security News Reviews News Reviews Email Security : 10 Steps for Dealing With Dangerous Messages IT Security Network Security News Reviews : Email Security : 10 Steps for Dealing With Dangerous Messages By Jeffrey Burt on 2012-05-24 The recent success authorities have had in taking down dangerous botnets has helped drive down the amount of spam flooding into business and consumer email accounts . In a report on security in 2011 released late last year , Cisco Systems found a

  • A CISO’s Guide to Application Security – Featured Series

    Updated: 2012-05-24 16:04:20
    Over the past several weeks, Veracode Director of Marketing Fergal Glynn has been authoring a series on application security for security news blog Threatpost. Titled “A CISO’s Guide to Application security,” the five-part series focuses on defining application security, outlining the elements of a comprehensive appsec program, educating about application and software related risks, determining the true cost of a data breach, and providing recommendations to CISOs for managing enterprise-level appsec. Now that the series has come to a conclusion we have highlighted each post below along with links to the full articles.

  • BYOD Policies vs. the Realities of Corporate IT

    Updated: 2012-05-24 15:23:00
    . Network Computing www.networkcomputing.com RSS Newsletters Current Issue Issue Archives Slideshows Whitepapers About Us Greg Ferro Bio Archive Greg Ferro Home News and Analysis Research Tech Centers Deduplication End to End APM IPv6 Next Gen Network Private Cloud Public Cloud WAN Security Channels Backup Recovery Cloud Computing Cloud Storage Data Center Data Protection Networking Mgmt Openflow Servers Storage Storage Mgmt UC VoIP Virtualization WAN App Acceleration Wireless Bloggers Lee H . Badman Greg Ferro Stephen Foskett Mike Fratto David Hill Jeremy Littlejohn Jeff Loughridge Howard Marks Joe Onisick Upcoming Events Interop NY Oct . 1-5 Interop is the only event to give you a comprehensive and unbiased understanding of all the latest innovations-including cloud computing ,

  • More Throughput, Higher VM Densities Drive 10GbE Adoption

    Updated: 2012-05-24 14:52:00
    , Network Computing www.networkcomputing.com RSS Newsletters Current Issue Issue Archives Slideshows Whitepapers About Us Home News and Analysis Research Tech Centers Deduplication End to End APM IPv6 Next Gen Network Private Cloud Public Cloud WAN Security Channels Backup Recovery Cloud Computing Cloud Storage Data Center Data Protection Networking Mgmt Openflow Servers Storage Storage Mgmt UC VoIP Virtualization WAN App Acceleration Wireless Bloggers Lee H . Badman Greg Ferro Stephen Foskett Mike Fratto David Hill Jeremy Littlejohn Jeff Loughridge Howard Marks Joe Onisick Upcoming Events Interop NY Oct . 1-5 Interop is the only event to give you a comprehensive and unbiased understanding of all the latest innovations-including cloud computing , virtualization , security , mobility and

  • Automating SQLMap with data from wapiti By Brandon Perry

    Updated: 2012-05-24 07:37:00

  • Panda Cloud Office Protection - Voted WindowSecurity.com Readers' Choice Award Winner - Endpoint Security

    Updated: 2012-05-24 06:00:02
    Panda Cloud Office Protection was selected the winner in the Endpoint Security category of the WindowSecurity.com Readers' Choice Awards. AccessPatrol and Netwrix USB Blocker were runner-up and second runner-up respectively.

  • Google Android, Windows Malware Skyrockets in Q1: McAfee Report

    Updated: 2012-05-23 23:39:08
    A new report from McAfee said the amount of Android malware detected during the first quarter of 2012 shot up 1,200 percent. Malware targeting Windows PCs jumped as well, the firm reported. - Mobile malware targeting Google Android devices exploded in the first few months of 2012, according to a new report from McAfee. Nearly 7,000 Android threats were identified and collected through the end of the 2012 first quarter, according to McAfee's threat report. This represents a more tha...

  • Puppet Labs, EMC Team Up on Infrastructure Management Tool

    Updated: 2012-05-23 21:40:00
    , Network Computing www.networkcomputing.com RSS Newsletters Current Issue Issue Archives Slideshows Whitepapers About Us Home News and Analysis Research Tech Centers Deduplication End to End APM IPv6 Next Gen Network Private Cloud Public Cloud WAN Security Channels Backup Recovery Cloud Computing Cloud Storage Data Center Data Protection Networking Mgmt Openflow Servers Storage Storage Mgmt UC VoIP Virtualization WAN App Acceleration Wireless Bloggers Lee H . Badman Greg Ferro Stephen Foskett Mike Fratto David Hill Jeremy Littlejohn Jeff Loughridge Howard Marks Joe Onisick Upcoming Events Interop NY Oct . 1-5 Interop is the only event to give you a comprehensive and unbiased understanding of all the latest innovations-including cloud computing , virtualization , security , mobility and

  • Google Warning Web Users of DNSChanger Malware Infections

    Updated: 2012-05-23 20:25:43
    Google is alerting users infected with DNSChanger malware that they should clean their computers or face possibly losing Internet access in July. The FBI issued a warning of its own about the malware in April. - Google is warning Web users infected with the DNSChanger malware that if they do not clean their computer before the FBI's impending deadline, they may lose access to the Internet. Google said it plans to notify as many as 500,000 users that are still infected with the malware, which was used by ...

  • IBM Bans Apple's Siri on Big Blue Networks for Security Reasons

    Updated: 2012-05-23 19:52:32
    IBM has banned Apple's Siri digital assistant--along with other apps and services--from its networks out of concern for security and privacy. Big Blue realizes the move to enable workers to bring their own devices to work offers both benefits and challenges. - As well-mannered and well-intentioned as she may be, Apples Siri is not welcome at IBM at least not on the companys networks. According to an MIT Technology Review report, IBM has banned the use of Apples Siri digital assistant on its networks because of security and privacy concerns. “The compan...

  • HULK DDoS Tool

    Updated: 2012-05-23 18:15:46
    “Enforcing Python’s engines, I wrote a script that generates some nicely crafted unique Http requests, one after the other, generating a fair load on a webserver, eventually exhausting it of resources. this can be optimized much much further, but as a proof of concept and generic guidance it does its job. As a guideline, the main [...]

  • Wordpress version finder

    Updated: 2012-05-23 18:04:00

  • Microsoft Switching to CVRF For Security Bulletins

    Updated: 2012-05-23 17:45:06
    The framework has also recently received an update but, most important of all, has also received a very prominent backer: Microsoft. “Even though many vendors have followed Microsoft’s lead in providing comprehensive security updates to customers, the formats vendors use vary. CVRF provides the entire industry with a way to share and present data in [...]

  • Why So Many Climate Scientists Are Becoming More Vocal on Climate Change | ThinkProgress

    Updated: 2012-05-23 14:17:39
    Climate scientists have been consistently downplaying and underestimating the risks for three main reasons. First, their models tended to ignore the  myriad amplifying carbon cycle feedbacks that we now know are kicking in (such as the defrosting tundra). Second, they never imagined that the nations of the world would completely ignore their warnings, that we [...]

  • Bring Your Own Device To Work: Security Nightmare?

    Updated: 2012-05-23 08:00:06
    In this article the author discusses the pros and cons of allowing users the ability to use their own device for work activities.

  • PDF Examiner

    Updated: 2012-05-23 06:42:00

  • ป้องกันเด็กเข้าเว็บไม่เหมาะสมด้วย Open DNS

    Updated: 2012-05-23 05:59:00

  • Network Security Podcast, Episode 278

    Updated: 2012-05-23 00:29:18
    After the scary Canadians ransacked our show, Rich needed some alone time in the cornfields of some midwestern state. Respecting Rich’s need for “meditation” (or a quick sell of all of his Facebook shares), Martin and Zach, in their respective bleary-eyed states, recorded anyway. Network Security Podcast, Episode 278, May 22, 2012 Time:  37:05 Show notes: [...]

  • Chrome continues its march to security domination. We nod knowingly.

    Updated: 2012-05-22 18:18:36
    As security researchers, we’re always looking for ways to put the security conversation in the spotlight; be it an interesting fact, figure or editorial. By now you’ve probably read about how Google Chrome has achieved the number one browser position, worldwide (according to StatCounter). Coming in at about 32.76% of the global browser market share, [...]

  • Free Wi-Fi: Friend or Foe? Infographic

    Updated: 2012-05-22 10:45:18
    Did you know that during the course of this year, the number of Wi-Fi connected devices will exceed the world’s population? This incredible statistic highlights the ubiquitous nature of Wi-Fi. However, the convenience of having public Wi-Fi available practically everywhere comes at the cost of greater risk to users. This infographic delves into the anatomy of a Wi-Fi hack and simple precautions Wi-Fi users should take to ensure that they are surfing safely.

  • BDD-Security and Resty-Burp

    Updated: 2012-05-22 04:07:54
    BDD-Security is a framework written in Java and based on JBehave and Selenium 2 (WebDriver) that uses predefined security tests and an integrated security scanner to perform automated security assessments of web applications. Don’t scanning tools already to that? Partly. Scanning tools are good at finding certain types of vulnerabilities, such as injection vulnerabilities (Cross [...]

  • Sam Harris Owning Illogical Liberals

    Updated: 2012-05-21 18:00:52
    To see how the denial of the obvious has become a new article of faith for secular liberals, consider the response I received from Chris Stedman. In an article published in The Huffington Post, Stedman urged me to visit a mosque with him. This invitation was much celebrated online. Many people appear to believe that [...]

  • Fables Should be Taught as Fables

    Updated: 2012-05-21 17:27:13
    Fables should be taught as fables, myths as myths, and miracles as poetic fantasies. To teach superstitions as truths is a most terrible thing. The child mind accepts and believes them, and only through great pain and perhaps tragedy can he be in after years relieved of them. ~ Hypatia of Alexandria Related ContentMistranslated Myths [...]

  • Concepts vs. Convention

    Updated: 2012-05-21 16:21:59
    .

  • Student Fail

    Updated: 2012-05-21 12:01:34
    Posted via email from danielmiessler.com | posterous Related Content4S FlowerFlowers and StoneCrescent Tree Shadows from EclipseOverlooking SFCouldn’t Care Less

  • Cyberwar: You're Doing It Wrong!

    Updated: 2012-05-21 12:00:00
    Cyberwar remains a hot topic of conversation in both political and technology circles. But Tenable Chief Security Officer Marcus Ranum asserts that much of the discussion has been--and remains--misleading and inaccurate. In this presentation from the 2012 RSA Conference, Marcus outlines his thoughts on the multiple problems that comprise cyberwar to get past the hype and articulate what risks actually exist. Watch now on YouTube.

  • วิธีการทดสอบเจาะระบบเว็บไซด์ที่ใช้ CMS ชื่อดัง

    Updated: 2012-05-21 09:23:00

  • IOSEC - HTTP Anti Flood Security Gateway Module

    Updated: 2012-05-21 09:11:00

  • Crescent Tree Shadows from Eclipse

    Updated: 2012-05-21 02:45:52
    Posted via email from danielmiessler.com | posterous Related Content4S FlowerStudent FailFlowers and StoneOverlooking SFCouldn’t Care Less

  • Revelo: The Javascript Deobfuscator!

    Updated: 2012-05-18 17:28:00

  • Weekly News Roundup

    Updated: 2012-05-18 16:38:04
    Happy Friday all, and I hope everyone had a great week. Here are the top headlines from this past week in the security world. Enjoy! Cyber Security Index: “Cyber Security Index Highlights Political Threats, Business Partner Risk” by Paul Roberts (@paulfroberts). This article from Threatpost looks at this year’s Index of Cyber Security score of [...]

  • File Integrity Auditing with Nessus

    Updated: 2012-05-18 12:00:00
    : Careers News Events About Tenable Contact Support Enter search text Solutions Solutions Overview Compliance Configuration Auditing Continuous Monitoring Federal Government Log Management Mobile Device Security SCADA Security Compliance SIEM Vulnerability Management Vulnerability Scanning Products Products Overview Nessus Scanner SecurityCenter Log Correlation Engine Passive Vulnerability Scanner Services Services Overview Nessus Perimeter Service QuickStart Services Partners Partners Overview Become a Partner Strategic Partners Enterprise Channel Partners Subscription Channel Partners Professional Services Partners Training Certification Training Certification Overview Become Certified Courses Delivery Methods Training Schedule eLearning Portal Resources Resources Overview Podcasts RSS

  • Silicon Valley’s View of Money

    Updated: 2012-05-18 11:35:28
    But here in one of the richest corners of the country, the tech elite display an ambivalent, sometimes contradictory approach to wealth. Money, as one scholar of the Valley described it, is treated as a measuring stick, gauging the power of the companies that entrepreneurs have built, rather than a thing to display. “They use [...]

  • The Starcraft 2 Debate

    Updated: 2012-05-18 07:20:37
    I’ve been having a long-running debate with two other hardcore gamer friends of mine about a comment that was made a couple years ago about Starcraft 2. The game had just come out and the three of us were chatting about it when they asked me what I thought of the end of the game. [...]

  • HULK, Web Server DoS Tool

    Updated: 2012-05-18 04:23:00

  • eEye’s May Patch Tuesday Assessment Now Available On Demand

    Updated: 2012-05-17 23:00:22
    Miss our live VEF webinar earlier this week? In case you did, I’ve put all of the content together for you below. Enjoy! Additionally, access this month’s Security Bulletin, a list of all the Audit IDs, and the PDF of the presentation. If you have additional questions you’d like to ask the research team about [...]

  • Interview with Dan Guido at SOURCE Boston 2012 – Part 3

    Updated: 2012-05-17 16:18:42
    In this, our third and final interview segment with Dan Guido, Co-Founder and CEO of Trail of Bits, Dan talks about how organizations should prepare to face security threats, and attack vectors that pose the greatest threat to enterprises today. Watch the interview.

  • Work Smarter with Retina Insight Threat Analyzers

    Updated: 2012-05-17 15:00:45
    It keeps happening over and over again. I speak to a prospect, and they do not want yet another vulnerability report with pages and pages of assets and vulnerabilities. Every tool vulnerability assessment scanner can produce this with various degrees of customization and consolidation but a 1,000 page report for a few dozen assets doesn’t [...]

  • Plugin Spotlight: Mac OS X FileVault Plaintext Password Logging

    Updated: 2012-05-17 13:45:00
    : : Careers News Events About Tenable Contact Support Enter search text Solutions Solutions Overview Compliance Configuration Auditing Continuous Monitoring Federal Government Log Management Mobile Device Security SCADA Security Compliance SIEM Vulnerability Management Vulnerability Scanning Products Products Overview Nessus Scanner SecurityCenter Log Correlation Engine Passive Vulnerability Scanner Services Services Overview Nessus Perimeter Service QuickStart Services Partners Partners Overview Become a Partner Strategic Partners Enterprise Channel Partners Subscription Channel Partners Professional Services Partners Training Certification Training Certification Overview Become Certified Courses Delivery Methods Training Schedule eLearning Portal Resources Resources Overview Podcasts RSS

  • Diablo III Launch Woes

    Updated: 2012-05-16 22:58:17
    I am stunned that Blizzard has had such a poor launch for Diablo III. I couldn’t even get onto the server for two hours on the first night, and I just got killed by Belial because the lag was so bad that I was unable to even move. We’re talking FPM (frames per minute) here. [...]

  • BeyondTrust and eEye Acquisition Announcement Now On Demand

    Updated: 2012-05-16 22:22:47
    By now you’ve heard the exciting news that eEye was acquired by BeyondTrust. We are both very excited about the acquisition and look forward to what the future has in store. Earlier this week executives from both companies hosted a live webcast where they discussed the benefits, our joint value proposition and how our products will [...]

  • New Nessus Feature Added: CSV Export

    Updated: 2012-05-16 20:25:00

  • Retina Now Offers Custom Audits for Android Devices

    Updated: 2012-05-16 15:00:21
    When a marketing buzz word sticks like BYOD (Bring Your Own Device), it is inevitable to see it everywhere in an effort to capitalize on the momentum; blogs, literature, SEO, social media, etc. In the past, we have seen great terms like “ecosystem”, “framework”, and my personal favorite “distributed computing”, rise and fall in marketing. [...]

  • First Look at Dynamic Access Control in Windows Server 2012

    Updated: 2012-05-16 07:00:21
    The author takes a look at Dynamic Access Control in Windows Server 2012.

  • LFI with SQL Injection

    Updated: 2012-05-15 04:49:00

  • Nice backdoor, ZTE.

    Updated: 2012-05-14 09:28:00

  • Plugin Spotlight: RuggedOS Telnet Server Default 'factory' Account Backdoor

    Updated: 2012-05-14 04:08:41
    : : Careers News Events About Tenable Contact Support Enter search text Solutions Solutions Overview Compliance Configuration Auditing Continuous Monitoring Federal Government Log Management Mobile Device Security SCADA Security Compliance SIEM Vulnerability Management Vulnerability Scanning Products Products Overview Nessus Scanner SecurityCenter Log Correlation Engine Passive Vulnerability Scanner Services Services Overview Nessus Perimeter Service QuickStart Services Partners Partners Overview Become a Partner Strategic Partners Enterprise Channel Partners Subscription Channel Partners Professional Services Partners Training Certification Training Certification Overview Become Certified Courses Delivery Methods Training Schedule eLearning Portal Resources Resources Overview Podcasts RSS

  • WebVulScan - web application vulnerability scanner

    Updated: 2012-05-13 11:36:00

  • sqlcake - Automatic SQL injection and database information gathering tool.

    Updated: 2012-05-13 06:04:00

  • eEye Digital Security Acquired by BeyondTrust

    Updated: 2012-05-10 01:46:09
    Earlier this morning we announced that eEye Digital Security has agreed to be acquired by BeyondTrust, the industry’s leading provider of Privileged Identity Management (PIM) solutions. This is a very exciting milestone in the history of eEye Digital Security, a company that has long been at the forefront of security product leadership and innovative security [...]

  • To Whitelist or To Not Whitelist

    Updated: 2012-05-09 07:00:03
    In this article the author investigates whitelisting methods as a way to control which applications users can use, as opposed to privilege management solutions which can dramatically reduce the attack surface within an organization.

  • Our Newest Release – Retina CS 3.1

    Updated: 2012-05-07 15:08:13
    Our product team has just put the finishing touches on the newest release of Retina CS, our award-winning Threat Management Console. Version 3.1 expands our market leadership in innovation for helping IT secure the technologies being widely deployed today. As it has been since halfway through 2011, Retina CS remains the only unified vulnerability and [...]

  • NMAP Script - NSE for detecting vulnerable PHP-CGI setups (CVE2012-1823)

    Updated: 2012-05-05 04:36:00

Current Feed Items | Previous Months Items

Apr 2012 | Mar 2012 | Feb 2012 | Jan 2012 | Dec 2011 | Nov 2011