April 05, 2011 Added by:Ben Zvaifler
A new wave of cyber warfare has taken form, targeting our information and threatening the stability of our nation's government and corporations worldwide. Security and privacy professionals have answered with innovative techniques in a constantly shifting environment...
April 04, 2011 Added by:J. Oquendo
Is there a solution to the ever continuing FUD machine? Cyberwarfare is over-hyped and misrepresented. The fact is, even responsible individuals get it wrong consistently. This is how and why we fail, and will continue to fail, to defend against "computer related" attacks...
April 04, 2011 Added by:Scot Terban
People in the know are worried that Stuxnet was released into systems that were not completely understood. Iran, being as hard to get intel on, may have had configurations that the creators of Stuxnet did not account for, and it could indeed have caused a larger catastrophe...
April 04, 2011 Added by:Stefan Fouant
For this exam, you are really going to need to get your hands on several J-Series routers, or at the very least some M/T/MX-Series routers with Adaptive Services capabilities. This might require additional hardware on non J-Series devices...
March 31, 2011 Added by:Dan Dieterle
Serious security gaps were found at NASA during a recent audit. The fact that a government run entity has been attacked, and then apparently ignored a plan to remedy the situation, speaks volumes about our nation's ability - or maybe better said desire - to thwart hacking attempts...
March 29, 2011 Added by:Anthony M. Freed
Libyan Psyops Campaign? The Jester appears to be performing some kind of a bit.ly-obfuscated intermediary-based code injection to plant articles in the The Tripoli Post and The Malta Independent reporting that Gaddafi's troops are suffering from low morale and deserting their posts...
March 28, 2011 Added by:Robb Reck
Cyber warfare raises the possibility that weapons may not fire when we count on them, or healthcare systems may not function properly when lives are at stake. The appropriate level of acceptable risk in these areas is extremely small and requires the very best security measures we can implement...
March 26, 2011 Added by:Rob Fuller
The following are good adds to your DNS brute force list. These are all SRV records so make sure your type is set correctly. SRV records tell you the port in the answer. I don't know of any DNS tools that utilize SRV as part of their process, but scripting dig to do so isn't tough...
March 25, 2011 Added by:Dan Dieterle
“We believe that state actors have developed cyberweapons to cripple infrastructure targets in ways tantamount to kinetic assaults. Some of these weapons could potentially destroy hardware as well as data and software..."
March 25, 2011 Added by:Robert Siciliano
Governments around the globe realize that it serves their military objectives to be well positioned online. The saying used to be, “He who controls the seas controls the world,” and then it was, “He who controls the air controls the world.” Now it’s all about controlling cyberspace...
March 24, 2011 Added by:Pascal Longpre
Documents leaked in the attack on HBGary shed light on numerous rootkit technologies designed to evade or bypass mainstream detection software and circumvent protections thought to be unbreakable by design. Malware like this also renders disk encryption, DLP and SIEM solutions mostly irrelevant...
March 23, 2011 Added by:J. Oquendo
Administrators and engineers can and should take an altogether different approach to security. We may never be able to stop random attackers from knocking on our door, we can however stop answering the door. This is another failure from security management right on down to the engineering level...
March 22, 2011 Added by:Ben Rothke
With the benefits of AMI come security and privacy issues, and those open the metering infrastructure to thieves, stalkers, and a range of other threats. AMI also opens up a new set of privacy issues in that the AMI devices will be collecting significant amounts of personal energy data...
March 22, 2011 Added by:Rob Fuller
I ran into the 'getvncpw' meterpreter script issue on pentests in the past but didn't know much about the whacked out version of DES that RFB (the VNC protocol) was using. Not being a fan of manually editing a binary and compiling each time, I had a password to crack I wanted to find another way...
March 21, 2011 Added by:J. Oquendo
McAfee is making a run to become the security industry's "Minitru". Regardless of my view of the security landscape, I believe that there is an increasing need to share information between companies that are under attack or that have been compromised. However, I doubt this could ever happen...
March 21, 2011 Added by:Scot Terban
Hubris/A5h3r4/Metric have broken into the inner circle of one cell of Anonymous. I say "cell" because I do not think that these users are the actual full scale leaders. These folks, if the chat transcripts are true, are the ones behind the HBGary hack and at least one of them the Gawker hack...
Mobile Security Processes Could Be Applied t... Johnnie Nix on 05-21-2013
ATM Security (And Really Learning from the P... Johnnie Nix on 05-21-2013
New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013