Blog Posts Tagged with "CERT"
Phishing Campaign Using Spoofed US-CERT Emails
January 11, 2012 Added by:Headlines
US-CERT has received reports of a phishing email campaign that uses spoofed US-CERT email addresses. This campaign appears to be targeting a large number of private sector organizations as well as federal, state, and local governments...
Comments (0)
US CERT: Hash Table Collision Attack Vulnerability
January 04, 2012 Added by:Headlines
US-CERT is aware of reports stating that multiple programming language implementations, including web platforms, are vulnerable to hash table collision attacks. This vulnerability could be used by an attacker to launch a denial-of-service attack against websites using affected products...
Comments (0)
CERT Warns of Holiday Phishing and Malware Campaigns
December 06, 2011 Added by:Headlines
"US-CERT encourages users and administrators to use caution when encountering email messages and take the following preventative measures to protect themselves from phishing scams and malware campaigns..."
Comments (0)
US and EU Hold First Joint Cyber Atlantic Exercise
November 04, 2011 Added by:Headlines
"The Cyber Atlantic exercise is part of the ongoing EU-U.S. partnership to strengthen mutual capabilities for addressing emerging threats to global networks... stakeholders focus on cyber incident management, enhancing public-private partnerships, and raising awareness about cyber threats..."
Comments (0)
Open Source Registry Decoder 1.1 Tool Released
November 02, 2011 Added by:Andrew Case
We are announcing the release of Registry Decoder 1.1, a free and open source tool. We are reaching out to practitioners and research groups (professional and academic) in an attempt to proliferate Registry Decoder. We would appreciate any plugins contributed from these communities...
Comments (0)
Are You Cyber Savvy?
October 25, 2011 Added by:Joel Harding
What really set him apart was Social Engineering combined with his hacking. He did his research, he would study, he would probe, and then he would do whatever it took to get a password, to get a free account, to get root access, to get into a facility and physically touch the system...
Comments (0)
The CERT Oracle Secure Coding Standard for Java
October 18, 2011 Added by:Ben Rothke
The CERT Oracle Secure The CERT Oracle Secure Coding Standard for Java is an invaluable guide that provides the reader with the strong coding guidelines and practices in order to reduce coding vulnerabilities that can lead to Java and Oracle exploits...
Comments (0)
DHS Releases Cyber Security Evaluation Tool (CSET)
September 27, 2011 Added by:Headlines
The Department of Homeland Security's National Cyber Security Division (NCSD) has released a Software tool set to better enable organizations to examine risks to industrial control systems (ICS) and implement more secure protocols for protecting the nation's critical infrastructure...
Comments (0)
CERT Malaysia Releases DNSwatch Tool
August 30, 2011 Added by:Headlines
"DNSwatch will help you avoid known bad websites or sites that will trick your computer into downloading and installing malicious programs on your computer. Even better, DNSwatch will also prevent you from accessing malicious websites that you may not even know your computer is trying to access..."
Comments (0)
CERT Warns of Iconics SCADA Software Vulnerability
May 13, 2011 Added by:Headlines
GenVersion.dll is a component used by the WebHMI interface. By passing a specially crafted string to the SetActiveXGUID method, it is possible to overflow a static buffer and execute arbitrary code with the privileges of the logged on user. Users could be lured to malicious sites...
Comments (1)
Computer Incident Response and Product Security
April 03, 2011 Added by:Ben Rothke
Be it a IRT, CIRT, CERT, or CSIRT, whatever the term used, companies desperately need a team to formally respond to computer security incidents. The simple equation is that to the degree the incident is quickly identified, handled and ameliorated, so is the damage contained...
Comments (0)
Dutch National Cyber Security Strategy - Blessing or Curse?
March 31, 2011 Added by:Don Eijndhoven
For now, very few experts take these measures seriously and fear that our National cyber defense posture will be weakened rather than strengthened. Let´s hope that this is not the case, because various research papers already point to The Netherlands as a haven for malware...
Comments (2)
Attacks on Federal Networks Increased Forty Percent
March 24, 2011 Added by:Headlines
"DHS anticipates that malicious cyber activity will continue to become more common, more sophisticated and more targeted — and range from unsophisticated hackers to very technically competent intruders using state-of-the-art techniques," said DHS spokesman Chris Ortman...
Comments (0)
ENISA Releases Comprehensive Study on Botnet Threat
March 08, 2011 Added by:Headlines
"Botnets: 10 Tough Questions” is a policy-level distillation of ENISA’s consultation with top experts from all sides of the fight against botnets, including Internet Service Providers, security researchers, law enforcement, Computer Emergency Response Teams and anti-virus vendors...
Comments (0)
Report Concludes Internet Kill Switch is a Bad Idea
January 18, 2011 Added by:Headlines
Instead of centralized control mechanisms such as the kill switch, the report recommends efforts be focused on the further development of strategic computer emergency response teams (CERTS) which can assess situations and affect productive measures to mitigate large scale cyber events...
Comments (0)
Security Researcher Dancho Danchev Reported Missing
January 16, 2011 Added by:Headlines
Security researcher Dancho Danchev has been reported as missing since late summer 2010. “Dancho’s alive but he’s in a lot of trouble," one source said, and another source revealed they received a letter in which Danchev outlined concerns that he may be under surveillance from the Bulgarian government...
Comments (0)
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform
- Mobile Security Processes Could Be Applied to Medical Devices: Bluebox
- The Emperor Is Naked!
- Infographic: Keeping Web Applications Safe