Blog Posts Tagged with "Open Source"

369dec31d888693bba6b6e0f39c14ce3

Help Create an Easy to Use Open Source Risk Equation

October 09, 2012 Added by:Matt Neely

The information security industry has attempted to adapt existing Risk Management practices for the task of managing information security. Numerous frameworks have been devised over the years, including FAIR, OCTAVE, ISO 27001/27005 and NIST 800-53/NIST 800-39, just to name a few...

Comments  (0)

812d096e189ecbac061ebfe343f91e1e

To “Open Source” or “Not to Open Source”

July 27, 2012 Added by:Andrew Sanicola

Many open source products have add-ons, extensions, plug-ins etc. which make them attractive. While the core application itself is mostly secure, it is these extensions and plug-ins contributed by many diverse developers and organizations that introduce vulnerabilities into the open source product as a whole...

Comments  (0)

54a9b7b662bfb0f0445d1661d7ed180b

Free Power on the Grid?

July 15, 2012 Added by:Jayson Wylie

Sometimes the wrong people get the code and use it maliciously. It is in the nation’s best interest to keep the power infrastructure safe and keep meters fool proof, but it depends on how effective a tool is to be able to effectively manipulate the technology to an individual’s own financial advantage...

Comments  (0)

48062676f7b2fc521b0b32a3c6494469

Anonymity and E-Commerce in the Black Market with Tor

July 02, 2012 Added by:gaToMaLo r. amores

A skilled attacker may be able to determine you are using a VPN to connect to Tor by fingerprinting traffic streams. Tor traffic is padded to 512 byte size packets, normal VPN traffic is not. By filtering for 512 byte streams, an attacker can determine who all is using Tor in a given area...

Comments  (1)

F2792196079f2c16cd02be6e9ff5b3da

Why Open Source is Not Always the Best Bet

July 02, 2012 Added by:DHANANJAY ROKDE

Although open source software appears fantastic at the outset, they often come with an indirect price to pay, and it takes a lot of time for the organization to realize this. If your organization is hit by the ‘using open source to reduce costs’ wave, here are a few points you to look at before taking the leap...

Comments  (1)

69dafe8b58066478aea48f3d0f384820

KeePass Vulnerability Exposes Password Lists

June 28, 2012 Added by:Headlines

“The bug will be injected on the remote way, affects the local validation (html/xml) and change the technic back when remotely transferring the password lists. The injection of the malicious URL/domain context can be done via auto save of URLs (victim) or manually (reproduce)," the researchers stated...

Comments  (1)

759c37c6aff04cd46262f93652b5fad5

SecureState Contributes to the SQLMap Project

June 18, 2012 Added by:Spencer McIntyre

Custom-coded applications make SQLi very difficult to exploit in an automated fashion, and most of detection tools are particularly effective against only a few select Database Management Systems (DBMSes). However, the open source SQLMap tool is capable of exploiting a variety of DBMSes....

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Hooray! An Open-Source Password Analyzer Tool...

June 08, 2012 Added by:Brent Huston

The time it takes to crack a password is the only true measure of its worth. Morris has created a tool for administrators that allows them to configure a password policy based on the time to crack, the possible technology that an attacker might be using, and the password protection technology in use...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Webinar: Keeping Your Open Source Software Secure

May 09, 2012 Added by:Infosec Island Admin

Understand why collaboration is invaluable in keeping proprietary systems secure. Learn how to share private information in public forums without harming your organization. Identify what tools are available to your organization for collaboration, notification, and knowledge-sharing...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Webinar: Keeping Your Open Source Secure

April 24, 2012 Added by:Infosec Island Admin

Understand why collaboration is invaluable in keeping proprietary systems secure. Learn how to share private information in public forums without harming your organization. Identify what tools are available to your organization for collaboration, notification, and knowledge-sharing...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Open Source Code in the Enterprise - Keys to Avoiding Vulnerabilities

April 18, 2012 Added by:Rafal Los

There is no debate in the open vs. closed source software question. Either can be made well, or poorly. Either open source or closed source can be relatively secure, or riddled with easy-to-exploit holes. We don't need to rehash this, but there appears to be some new data...

Comments  (0)

759c37c6aff04cd46262f93652b5fad5

Exploit for Liferay XSL Code Execution Released

April 11, 2012 Added by:Spencer McIntyre

Researchers are releasing a Metasploit module that can exploit a vulnerability in an open source web content management system called Liferay in the XSLT processing engine that is used to allow setting dynamic XML feeds to be displayed as content on a page...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Adobe Releases Open Source Malware Analyzer Tool

April 03, 2012 Added by:Headlines

"Malware Classifier uses machine learning algorithms to classify Win32 binaries – EXEs and DLLs – into three classes: 0 for 'clean,' 1 for 'malicious,' or 'UNKNOWN.' The tool extracts seven key features from a binary, feeds them to one or all of the four classifiers..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

IC3: Browser Bot Infection and HTML Attachment Malware

March 28, 2012 Added by:Headlines

The open source browser can now function like a bot and accept commands. It can process the content of the current page where it is located, redirect the user, halt the loading of particular pages, steal passwords, run executables, and even kill itself...

Comments  (0)

296634767383f056e82787fcb3b94864

An Open Source Methodology to Attack Critical Infrastructure

March 20, 2012 Added by:Jeffrey Carr

Attackers with moderate skills can cause disruption to outright destruction of critical infrastructure at low cost and in short order. Contrary to popular wisdom, an attack against a nuclear power or hydro-electric plant doesn't require the resources of a nation state...

Comments  (0)

E973b16363b3de77b360563237df7e32

Choosing Secure Data Storage - A Difficult Dance

February 20, 2012 Added by:Bozidar Spirovski

There are multiple pros and cons across our storage systems parameters, but at first glance, the enterprise storage systems have the upper hand. Bear in mind though, such systems always come with exorbitant pricing, especially on any upgrades after the initial purchase...

Comments  (0)

Page « < 1 - 2 - 3 > »