• The Future of Cars: Connected Vehicles Infographic

    Updated: 2013-04-30 14:49:58

  • Howto: Brute Force MSSQL With Nmap

    Updated: 2013-04-30 08:44:00

  • ISC StormCast for Tuesday, April 30th 2013 http://isc.sans.edu/podcastdetail.html?id=3275, (Tue, Apr 30th)

    Updated: 2013-04-30 02:53:48
    ...(more)...

  • Fortinet Debuts Secure Wireless LAN Platform

    Updated: 2013-04-30 02:45:00
    The offering leverages capabilities of the FortiOS 5 operating system, including policy enforcement of all wired and wireless network traffic.

  • Report Fake Tech Support Calls submission form reminder, (Mon, Apr 29th)

    Updated: 2013-04-29 22:01:57
    Previously we detailed this project in

  • Is the Passive Vulnerability Scanner an Intrusion Detection System?

    Updated: 2013-04-29 20:55:17
    When I was at RSA earlier this year, I gave a variety of media interviews and product demos about Tenable solutions. I demonstrated Nessus detecting malicious processes and the Passive Vulnerability Scanner (PVS) providing an audit trail of all network activity that led up to the infection. I also showed how the Log Correlation Engine (LCE) correlated PVS logged DNS queries to known botnets.

  • AT&T Enters Home Security Market With IP-Based Digital Life

    Updated: 2013-04-29 16:20:00
    On April 26 AT&T introduced its Digital Life home security and automation solution in an initial 15 markets.

  • Howto: Installing Kali In Raspberry Pi with Mac OSX

    Updated: 2013-04-29 16:16:00

  • My Current Opinion on Women in Technology

    Updated: 2013-04-29 03:34:39
    There are many opinions on why there are so many fewer women working in highly technical IT jobs than men. Here I’ll take each of the main arguments I’ve heard and summarize it forcefully in my own words–as if it were my own argument. Then I’ll give my own short analysis at the end. The [...]Related Posts:Who Wants to Date the High-powered Female CEO?Women in the Netherlands work less, have lesser titles and aDisambiguation of the ‘Women in Technology ProblemMy Opinion on Women in Information TechnologyAdd Women to Groups to Make Them Smarter

  • ISC StormCast for Monday, April 29th 2013 http://isc.sans.edu/podcastdetail.html?id=3272, (Mon, Apr 29th)

    Updated: 2013-04-29 03:03:32
    ...(more)...

  • SANS's Alan Paller discusses the threat of cyberterrorism on CNN, (Sun, Apr 28th)

    Updated: 2013-04-28 22:38:26
    On the heels of the fake Tweet this past week regarding injury to President Obama, and the sub ...(more)...

  • What is "up to date anti-virus software"?, (Fri, Apr 26th)

    Updated: 2013-04-28 08:22:43
    On the heels of my

  • Phishers Breaking Into Web Hosting Servers to Launch Mass Attacks

    Updated: 2013-04-27 00:15:00
    A report from the Anti-Phishing Working Group says cyber-attackers are breaking into Web servers and then using them to blast phishing pages across the Internet.

  • VMware security updates - vCenter Server - https://www.vmware.com/security/advisories/VMSA-2013-0006.html, (Fri, Apr 26th)

    Updated: 2013-04-26 18:12:56
    ...(more)...

  • AT&T Launches Digital Life Home Security System in 15 Markets

    Updated: 2013-04-26 05:01:00
    AT&T saw a niche for a wireless, personalized, app-based home security solution. Its Digital Life will be in 50 U.S. markets by year's end.

  • ISC StormCast for Thursday, April 25th 2013 http://isc.sans.edu/podcastdetail.html?id=3269, (Fri, Apr 26th)

    Updated: 2013-04-26 02:11:30
    ...(more)...

  • Consumers Unhappy, Frustrated with Password Security: Survey

    Updated: 2013-04-26 01:30:00
    Nearly half of all consumers distrust online sites that rely on passwords for security and will abort transactions when they forget their passwords, according to a Ponemon Institute survey.

  • CipherCloud Update Helps Admins Handle 'Rogue IT'

    Updated: 2013-04-25 23:54:00
    Cloud Data Discovery enables enterprises to adopt SaaS and cloud applications while ensuring that their compliance policies are fully met.

  • Guest Diary: Dylan Johnson - A week in the life of some Perimeter Firewalls, (Thu, Apr 25th)

    Updated: 2013-04-25 22:50:44
    [Guest Diary: Dylan Johnson BSc.CISSP] [A week in the life of some Perimeter Firewalls]

  • ICANN Blog: How to Report a DDoS Attack? A worthwhile read: http://blog.icann.org/2013/04/how-to-report-a-ddos-attack/, (Thu, Apr 25th)

    Updated: 2013-04-25 22:50:31
    ...(more)...

  • Anti-Phishing Workgroup Publishes 2012 Global Phishing Report. Download here: http://docs.apwg.org/reports/APWG_GlobalPhishingSurvey_2H2012.pdf, (Thu, Apr 25th)

    Updated: 2013-04-25 22:47:47
    ...(more)...

  • The Big Red Button and the Kill Switch

    Updated: 2013-04-25 15:10:39
    Contact Careers Blog Store Languages English Deutsch Products Solutions Partners Resources Support Training About Search form Search Products Solutions Partners Training Certification Support Store Blog About Careers Contact Products Products Overview Nessus Family of Products Nessus Vulnerability Scanner Nessus Perimeter Service Unified Security Monitoring Platform SecurityCenter SecurityCenter Continuous View Passive Vulnerability Scanner Log Correlation Engine Solutions Solutions Overview Compliance PCI NERC CIP FISMA HIPAA CyberScope SCAP Center for Internet Security CIS Industry Finance Government Healthcare Higher Education Retail Energy Technology Vulnerablity Management Mobile Device Security Malware Malicious Behavior Configuration Auditing Patch Auditing Log Management SIEM

  • An Interesting Approach to Contract Negotiation

    Updated: 2013-04-24 20:40:09
    In general, you can use this approach unilaterally but you are going to have to teach the other side how to give in the context of negotiation.Think about what you would want if you were on the other side and ask them to think about the same thing.Write down the most you are willing to [...]Related Posts:The Main Difference I See Between Today’s Liberals andDaniel Ellsberg on Secret Information | Mother JonesInteresting Analysis of Karl Marx’s WritingI Will Be Paying Full Price For TextMate 2 — Even If…Give it five minutes | 37signals

  • Tenable Network Security Podcast Episode 166 - "Nessus 5.2 New Features"

    Updated: 2013-04-24 20:39:03
     

  • Group Policy Changes: Windows Server 2012, Windows 8 and Window RT (Part 1)

    Updated: 2013-04-24 11:46:49
    In this series of articles, we’ll be taking a look at changes in Group Policy and how you can best use them to your benefit in keeping your Windows network as secure as possible.

  • Sophie – a web SQL shell [IIS Shell]

    Updated: 2013-04-24 06:12:00

  • Our company, our mission: Bringing cybercriminals to justice

    Updated: 2013-04-24 05:11:06
    Tenable holds a zero tolerance policy for employees and partners with regards to malicious digital activity. It is our mission to defend cyberspace from the activities of hackers, thieves and spies and we remain committed to bringing such criminals to justice. Matt Flannery is not and has never been an employee of Tenable Network Security.

  • Network Security Podcast, Episode 310

    Updated: 2013-04-23 23:36:49
    After a hectic couple of weeks — conferences, travel, and city-wide lockdowns – recovery is sorely needed, but we push through a relatively lively show with a teaser for a bigger debate^Wdiscussion slated for next week.  And somehow the podcast just keeps getting a little longer every week. Network Security Podcast, Episode 310, April 23, 2013 [...]

  • Web-based threats finally getting the respect they deserve?

    Updated: 2013-04-23 16:05:46
    The recently released Microsoft Security Intelligence Report shows that web-based propagation vectors have surpassed traditional malware propagation vectors as the largest threats to distributed network environments. While I agree with Microsoft’s assessment of the threat landscape, I don’t think this is anything new; it is just the current state of a long running trend.

  • Facebook Privacy: CyberSecurity 101

    Updated: 2013-04-23 15:30:16
    While Facebook grants its users lots of control over their privacy settings, keeping up with the latest privacy controls can be difficult. As a result, many users end up sharing their information and photos with a far wider audience than intended. This edition of our CyberSecurity 101 series should serve as a user guide for configuring Facebook privacy settings for optimal security.

  • Cyber Attacks Growing More Sophisticated, Targeting IT Firms

    Updated: 2013-04-23 14:00:00
    The report found 184 nations house communication hubs, or command and control (CnC) servers.

  • Hadoop Poses a Big Data Security Risk: 10 Reasons Why

    Updated: 2013-04-23 08:25:00
    Though it wasn't created with security in mind, Hadoop is becoming a necessary platform for companies wanting to get the biggest bang out of big data.

  • Nessus 5.2 Released

    Updated: 2013-04-23 05:00:00
    Tenable is excited to announce a new release of the Nessus vulnerability scanner! This major release provides several new features and enhancements, including enhanced post-scan analysis tools, expanded OS support and integration, and improved usability.

  • Veracode at Infosec Europe 2013

    Updated: 2013-04-22 18:22:38
    Our team is overseas this week in London for the 18th annual Infosecurity Europe conference. Stop by the Veracode stand(H21) to learn about S.O.U.P. and what you can do to stop it from hurting your company. We will also be giving away £500 GBP to a random lucky winner!

  • New Artificial Intelligence Approach Based on Thermodynamics

    Updated: 2013-04-22 17:33:10
    The new research proposes that entropy is directly connected to intelligent behavior. "[The paper] is basically an attempt to describe intelligence as a fundamentally thermodynamic process," said Wissner-Gross. The researchers developed a software engine, called Entropica, and gave it models of a number of situations in which it could demonstrate behaviors that greatly resemble intelligence. They patterned [...]Related Posts:Bird Hunted To Near Extinction Due To Infuriating…Women Voters Can’t Help Fawning Over Sexist GOP |…Higgs Data Hints at Universe End | ABC ScienceBeautiful People Really ARE More Intelligent | Psychology…A Brilliant Discussion on the Founding of Our Country | The…

  • Dear Conservatives: 1984 Was Written by a Socialist Warning Against Right-wing Totalitarianism

    Updated: 2013-04-22 06:12:47
    :

  • So Happy I Could Die

    Updated: 2013-04-22 04:57:38
    I’ve always been about “becoming”, striving, trying to shed what I didn’t like about myself in order to become that better person and experience the good life. Well, It occurred to me the other day that I’ve lived a great life already, and I can officially change modes. I can officially change from not being [...]Related Posts:Friends in VegasHome for One Year</liThe Difference Between Pursuing Happiness and Pursuing…Parent to Child Propagation of False MeaningAnother Way to be Immortal

  • Boston: Authorities Missed Intelligence Opportunities

    Updated: 2013-04-22 04:14:41
    :

  • Why the Response to the Boston Bombing Was a Failure

    Updated: 2013-04-21 04:58:23
    Many are celebrating the outcome of the Boston bombing standoff that happened yesterday. They shouldn’t be. One of the two suspects was captured alive, and on the surface that appears to be a victory, but to any trained eye both the handling of the event, and its outcome, were a colossal failure. The Goals of [...]Related Posts:Terror Defense Based on Resilience Rather than AvoidanceInformation Security ResilienceThe Answer to Terrorism is ResilienceHow the Norwegians Reacted to Terrorism | SchneierDear Conservatives: 1984 Was Written by a Socialist Warning…

  • Collection of web application backdoors and malware, in PHP, JSP, ASP, etc.

    Updated: 2013-04-20 15:00:00

  • Howto: Fix Google Chrome Can Not Be Run As Root (Backtrack - Ubuntu)

    Updated: 2013-04-19 04:17:00

  • If iOS is Less Secure, Why Does Android Get Attacked?

    Updated: 2013-04-18 18:57:31
    Apple’s iOS mobile operating system accounted for almost all the mobile OS vulnerabilities documented in 2012, but Google’s Android mobile OS accounted for almost all the malware. When it comes to application security, do ‘bad neighborhoods’ matter?

  • Upping the Ante: Tenable’s Log Correlation Engine Now Standard in SecurityCenter Continuous View

    Updated: 2013-04-18 15:10:10
    After a very successful launch of SecurityCenter Continuous View (CV) last year, Tenable has further enhanced the analytical power and value of SecurityCenter CV with the addition of Tenable’s Log Correlation Engine (LCE) as a standard component of the solution.

  • A Summary of iOS and Android Usage Statistics

    Updated: 2013-04-18 05:58:55
    So who is winning — iOS or Android?You had to ask, huh?On some level, it’s too crude a question to take very seriously. There are just too many ways to define “winning,” and neither platform leads in every area. But here’s the closest thing to an objective answer I can manage.“Android if you’re talking about [...]Related Posts:iPhone Versus Android | Nielsen StatsAndroid Isn’t About Building a Mobile Platform | TightWindiPhone and Android Marketshare in March 2011 | NielsenApple is About to Gut Google’s Map Revenue | ForbesFlipboard CEO Not Even Developing for Android

  • Questions You Should Ask About Gun Control

    Updated: 2013-04-18 05:44:17
    I saw a thread on Reddit recently about gun control laws and thought the gist was worth capturing here. If gun control legislation was actually effective, wouldn’t there be a ton of data we could point to as evidence of that fact? Not necessarily, but probably. There are many factors at play with such things, [...]Related Posts:My Current Thoughts on Gun ControlLooking to Science for Answers to Gun Control PoliticsThe Zero-Control Argument Against Free WillSome Pro Gun Control Evidence from AustraliaMy Comment on the NYT Free Will Article<img src="http://feeds.feedburner.com/~r/danielmiessler/~4/-wrmWGKTans" height="1" width="1"/

  • Using Nessus to Discover Malware and Botnet Hosts

    Updated: 2013-04-18 05:09:00
    When performing a vulnerability scan (or even a penetration test), you must be able to spot a host that is already compromised, contains malware, or is part of a botnet. When malware exists on a host you're testing, the right course of action is to switch from scanning or penetration testing mode into forensics mode to determine how the system was compromised and implement a plan to remove the backdoors that may exist.

  • Howto: Setup IPv6 Network With Ubuntu

    Updated: 2013-04-18 05:02:00

  • My Friend Writes Like This

    Updated: 2013-04-17 17:54:47
    A bird hit my windshield on the freeway, on the way home from work this morning. I pulled over on the next exit, and picked it’s wrecked body out of my windshield wiper, and it opened its eye, and slowly closed it. I like to think that it opened its eyes one more time, and [...]Related Posts:Freedom to ThinkThe Best Interface is No Interface | Cooper JournalWorking from HomeWhat Is Social Psychology, Anyway? | EdgeFacebook Is Secretly Building A Phone | Techcrunch

  • If You’re Blogging on Facebook, Stop It

    Updated: 2013-04-17 16:30:43
    ,

  • Securing and Auditing High Risk Files on Windows Servers

    Updated: 2013-04-17 10:50:02
    In this article we will discuss how to properly secure files that are high risk to the organization and track when someone accesses the file successfully and also unsuccessfully.

  • Coding Bootcamps Are Thriving

    Updated: 2013-04-17 01:41:39
    Instead, he quit his job and spent his savings to enroll at Dev Bootcamp, a new San Francisco school that teaches students how to write software in nine weeks. The $11,000 gamble paid off: A week after he finished the program last summer, he landed an engineering job that paid more than twice his previous [...]Related Posts:A List of Things to Know About San Francisco | The Art of…A List of Starbucks Clover Stores in San FranciscoThe Simple Barrier to the Rich Being Willing to Pay More…How to Write Without Writing | Coding HorrorAll San Francisco Crime Data in a Developer-friendly Format…

  • Tenable Network Security Podcast Episode 165 - "New VMware Configuration Audits"

    Updated: 2013-04-17 01:00:00
     

  • Webinar: The (In)Security of Vendor-Supplied Software

    Updated: 2013-04-16 19:55:51
    What vulnerabilities threaten the integrity of your software supply chain and data? Can your enterprise really influence software vendors to meet your most important security policies and remediate insecure software? Enterprises are taking on unbounded risk as a result of increased investment in outsourced, commercial, SaaS, mobile and open source applications. Enterprises are leaving themselves particularly vulnerable because buyers so rarely think to secure the software they purchase. Why accept this risk?

  • Topera - IPv6 Port Scanner

    Updated: 2013-04-16 15:31:00

  • Linux/UNIX Patch Auditing Using Nessus

    Updated: 2013-04-16 01:00:00
    Nessus can check that your Linux and UNIX systems are up-to-date with the latest patches. Tenable has released more than 1,000 plugins this year that check for local Linux and UNIX operating system's missing patches. This includes kernel patches and security updates to software packages being maintained by each distribution.

  • The History of Programming Languages Infographic

    Updated: 2013-04-15 21:04:04

  • New Nessus VMware vSphere/vCenter Audits Now Available

    Updated: 2013-04-15 17:30:00
    Tenable has implemented new checks using the VMware SOAP API, and we have developed APIs for both ESXi and vCenter. Supported versions are ESXi 4.x/5.x and vCenter 4.x/5.x <br /

  • Neil deGrasse Tyson Harms Science Education by Rejecting Atheism

    Updated: 2013-04-15 07:04:55
    In the video above, Neil deGrasse Tyson (our generation’s Carl Sagan) takes what appears to be intellectual high ground by denying that the term “atheism” has any use in our society. Would that this were true. What he fails to acknowledge in his argument is the active anti-intellectualism that’s so rampant in our country. This [...]Related Posts:Neil deGrasse Tyson is Agnostic Because He Doesn’t…Neil deGrasse Tyson’s Reddit AMANeil deGrasse Tyson on the Death of American DreamsNeil deGrasse Tyson on the Meaning of Life | RedditEducation in the United States :: Sam Harris

  • Does News Consumption Destroy Creativity?

    Updated: 2013-04-15 03:13:42
    I don’t know a single truly creative mind who is a news junkie – not a writer, not a composer, mathematician, physician, scientist, musician, designer, architect or painter. On the other hand, I know a bunch of viciously uncreative minds who consume news like drugs. via News is bad for you – and giving up reading [...]Related Posts:Looking for an iPhone News ApplicationIncreasing Creativity By Clearly Separating Your Input and…Path to true happiness ‘revealed’ | BBC NEWS…How Roger Ailes Built the Fox News Fear Factory | Rolling…Higgs Data Hints at Universe End | ABC Science

  • Exploitsearch.net - Exploit Search Engine

    Updated: 2013-04-14 14:08:00

  • Insurance Companies Make U.S. Healthcare Expensive

    Updated: 2013-04-13 17:00:27
    .

  • We Used to Sleep Twice Per Night?

    Updated: 2013-04-13 06:45:38
    "From his cocoon of books in Virginia, Ekirch somehow rediscovered a fact of life that was once as common as eating breakfast. Every night, people fell asleep not long after the sun went down and stayed that way until sometime after midnight. This was the first sleep that kept popping up in the old tales. [...]Related Posts:FuturePundit: One Night Of Sleep Not Enough To Make Up…Sleepytime Sleep OptimizerSleep and ExerciseHow Little Sleep Can You Get Away With? | NYTimes.comSleeping for less than six hours may cause early death,…

  • Existentialism and Free Will

    Updated: 2013-04-13 05:31:20
    I was just doing some reading on Existentialism to make sure I wasn’t misusing the word. Turns out I was, or might have been. A number of the “definitions” or interpretations of the word indicate a requirement of “self-created meaning”. I use it that way as well, but I don’t believe in free will, and [...]Related Posts:Existentialism, by AletteMisuse of the Word ‘Irony’What This Site is AboutOne Person Who “Gets” Free Will In the Exact…Finally, Someone Else Gets the Free Will Issue

  • What This Site is About

    Updated: 2013-04-13 04:50:45
    And when I say “this site”, I’m really saying “me”. Existentialism: How to create our own meaning and our own happiness, since it doesn’t exist intrinsically in our universe Happiness: How to become more fulfilled in life Productivity: How to be more effective in everything you do, leading to #2 Beauty and Wonder: Finding and [...]Related Posts:3 Trends for an Advancing Human CivilizationLooking For an Information Architecture and Design CompanyThe Difference Between Pursuing Happiness and Pursuing…Designing My New LogoFree Will Revisited

  • Children Are Not a Rescue from a Lack of Meaning in Your Life

    Updated: 2013-04-13 04:16:21
    I often challenge people to describe why their lives have meaning. In most cases, the answers are deeply unsatisfying, both to me and to the person answering. Most people describe going to work at a job that could potentially suck more (an indication of victory), and ambling towards some sort of nebulous progression that is [...]Related Posts:Parent to Child Propagation of False MeaningThe Alien Social Scientist Test for MeaningThe Future of Human Identity and ReproductionConcepts vs. ConventionShallow on Purpose

  • Game of Thrones: The Books vs. the TV Series

    Updated: 2013-04-13 04:00:28
    : .

  • Philosophy vs. Science

    Updated: 2013-04-13 03:57:19
    .

  • The Three Rules of Life

    Updated: 2013-04-13 03:36:57
    Thoroughly embrace and enjoy the life you have Constantly work to build the life you want Never let #2 interfere with #1Related Posts:So Happy I Could DieFriends in VegasA Depressing Truth About Friendship in AdulthoodTwo People Who Show Me How Lame I AmThe Alien Social Scientist Test for Meaning

  • Neil deGrasse Tyson is Agnostic Because He Doesn’t Like How Atheists Behave

    Updated: 2013-04-11 05:13:08
    Interesting. I can hear the nodding muscles in Carl’s neck from here. I find it fascinating that he doesn’t distance himself from atheists technically, however. He’s not saying he’s not an atheist. He’s saying he doesn’t group himself with them. He’s simply choosing to not be part of that conversation because he thinks it’s below [...]Related Posts:Neil deGrasse Tyson Harms Science Education by Rejecting…A Deductive Argument for Most Agnostics Being AtheistsWhy Sam Harris is Somewhat Incorrect About Rejecting the…The Asteroid Situation in PerspectiveAtheists and Christmas

  • The Windows Server 2012 Simplified DirectAccess Wizard Overview (Part 1)

    Updated: 2013-04-10 10:17:50
    In this article, we'll discuss some of the changes in the DirectAccess wizard that have been included in Windows Server 2012.

  • Network Security Podcast, Episode 309

    Updated: 2013-04-10 00:13:54
    Due to a last minute work engagement, Rich is not present on tonight’s show. Martin and Zach attempt to compensate for Rich’s absence by being snark but also half-asleep.  We’ll leave it to you to figure out which half of that we feel is most like Rich. Network Security Podcast, Episode 309, April 9, 2013 [...]

  • Practical Identification of SQL Injection Vulnerabilities By US-Cert

    Updated: 2013-04-09 09:48:00

  • Metasploit 4.5.0-dev Cheat Sheet By TerrorByte

    Updated: 2013-04-09 09:44:00

  • Detecting TOR Communication in Network Traffic

    Updated: 2013-04-06 21:55:00
    The anonymity network Tor is often misused by hackers and criminals in order to remotely control hacked computers. In this blog post we explain why Tor is so well suited for such malicious purposes, but also how incident responders can detect Tor traffic in their networks. The privacy network Tor ([...]

  • An Inside look at avoiding cloud risks

    Updated: 2013-04-03 10:02:23
    In this article the author will cover recent events that have exposed millions of users due to lack of planning and contingency.

  • Network Security Podcast, Episode 308

    Updated: 2013-04-02 23:51:46
    Getting three security professionals to slow down long enough to record a podcast together is always a challenge and tonight was harder than usual.  Part of the problem is that there are so many interesting stories going on right now.  But the fact that we all have jobs and families is a much bigger part [...]

Current Feed Items | Previous Months Items

Mar 2013 | Feb 2013 | Jan 2013 | Dec 2012 | Nov 2012 | Oct 2012