Network->General
Cyber Security Strategies Summit: Security in a Digital World
April 05, 2011 Added by:Ben Zvaifler
A new wave of cyber warfare has taken form, targeting our information and threatening the stability of our nation's government and corporations worldwide. Security and privacy professionals have answered with innovative techniques in a constantly shifting environment...
Comments (0)
The Art of Cyber Warfare - Educational Fail
April 04, 2011 Added by:J. Oquendo
Is there a solution to the ever continuing FUD machine? Cyberwarfare is over-hyped and misrepresented. The fact is, even responsible individuals get it wrong consistently. This is how and why we fail, and will continue to fail, to defend against "computer related" attacks...
Comments (2)
Stuxnet’s Potential for A Chernobyl-Style Incident at Bushehr
April 04, 2011 Added by:Scot Terban
People in the know are worried that Stuxnet was released into systems that were not completely understood. Iran, being as hard to get intel on, may have had configurations that the creators of Stuxnet did not account for, and it could indeed have caused a larger catastrophe...
Comments (0)
Preparation Tips for the JNCIE-ER Certification Exam
April 04, 2011 Added by:Stefan Fouant
For this exam, you are really going to need to get your hands on several J-Series routers, or at the very least some M/T/MX-Series routers with Adaptive Services capabilities. This might require additional hardware on non J-Series devices...
Comments (0)
NASA Systems Are Still Too Vulnerable to Attack
March 31, 2011 Added by:Dan Dieterle
Serious security gaps were found at NASA during a recent audit. The fact that a government run entity has been attacked, and then apparently ignored a plan to remedy the situation, speaks volumes about our nation's ability - or maybe better said desire - to thwart hacking attempts...
Comments (0)
Patriot Hacker The Jester's Libyan Psyops Campaign
March 29, 2011 Added by:Anthony M. Freed
Libyan Psyops Campaign? The Jester appears to be performing some kind of a bit.ly-obfuscated intermediary-based code injection to plant articles in the The Tripoli Post and The Malta Independent reporting that Gaddafi's troops are suffering from low morale and deserting their posts...
Comments (0)
Defense in Depth is Necessary, But Not Sufficient
March 28, 2011 Added by:Robb Reck
Cyber warfare raises the possibility that weapons may not fire when we count on them, or healthcare systems may not function properly when lives are at stake. The appropriate level of acceptable risk in these areas is extremely small and requires the very best security measures we can implement...
Comments (0)
Interesting DNS Stuff - SRV Records
March 26, 2011 Added by:Rob Fuller
The following are good adds to your DNS brute force list. These are all SRV records so make sure your type is set correctly. SRV records tell you the port in the answer. I don't know of any DNS tools that utilize SRV as part of their process, but scripting dig to do so isn't tough...
Comments (0)
State Actors Develop Cyberweapons to Cripple Infrastructure
March 25, 2011 Added by:Dan Dieterle
“We believe that state actors have developed cyberweapons to cripple infrastructure targets in ways tantamount to kinetic assaults. Some of these weapons could potentially destroy hardware as well as data and software..."
Comments (9)
Seven Types of Hacker Motivations
March 25, 2011 Added by:Robert Siciliano
Governments around the globe realize that it serves their military objectives to be well positioned online. The saying used to be, “He who controls the seas controls the world,” and then it was, “He who controls the air controls the world.” Now it’s all about controlling cyberspace...
Comments (0)
HBGary Rootkits: Catch Me If You Can!
March 24, 2011 Added by:Pascal Longpre
Documents leaked in the attack on HBGary shed light on numerous rootkit technologies designed to evade or bypass mainstream detection software and circumvent protections thought to be unbreakable by design. Malware like this also renders disk encryption, DLP and SIEM solutions mostly irrelevant...
Comments (3)
Cyber Warfare Decomposition... Fail
March 23, 2011 Added by:J. Oquendo
Administrators and engineers can and should take an altogether different approach to security. We may never be able to stop random attackers from knocking on our door, we can however stop answering the door. This is another failure from security management right on down to the engineering level...
Comments (2)
Next Generation Power Grid Security
March 22, 2011 Added by:Ben Rothke
With the benefits of AMI come security and privacy issues, and those open the metering infrastructure to thieves, stalkers, and a range of other threats. AMI also opens up a new set of privacy issues in that the AMI devices will be collecting significant amounts of personal energy data...
Comments (0)
Metasploit VNC Password Extraction
March 22, 2011 Added by:Rob Fuller
I ran into the 'getvncpw' meterpreter script issue on pentests in the past but didn't know much about the whacked out version of DES that RFB (the VNC protocol) was using. Not being a fan of manually editing a binary and compiling each time, I had a password to crack I wanted to find another way...
Comments (1)
Security Vendors Vow to Defend Against Cyber-Boogeyman
March 21, 2011 Added by:J. Oquendo
McAfee is making a run to become the security industry's "Minitru". Regardless of my view of the security landscape, I believe that there is an increasing need to share information between companies that are under attack or that have been compromised. However, I doubt this could ever happen...
Comments (4)
Anonymous #HQ: Inside The Secret War Room
March 21, 2011 Added by:Scot Terban
Hubris/A5h3r4/Metric have broken into the inner circle of one cell of Anonymous. I say "cell" because I do not think that these users are the actual full scale leaders. These folks, if the chat transcripts are true, are the ones behind the HBGary hack and at least one of them the Gawker hack...
Comments (2)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)