Category: Information Security
-
Conflicted by Conflicker
As posted in the “Waiting for the Worms” article below the conflicker worm was MIA on April 1st along with all the Gloom N Doom forecasted by the IT security industry. There is an interesting article posted by SearchSecurity.com that talks about not only possible reasons for the fizzle of the worm but also the […]
-
Article: How to evaluate and manage UTM for network security
Unified threat management (UTM) is a promising approach to consolidating security controls, including firewalls, intrusion prevention, anti-virus, content filtering, and reporting. Read More Here
-
Waiting for the Worms
As anyone who have heard any news media source lately may already know. Today is April Fool’s Day, and also “worm” day. For those that are unfamiliar the worms first started back in 1988 and was released by accident (so the story goes) by a researcher named Robert Morris. Today this has evolved quite a […]
-
Excerpt from “The Truth About Identity Theft”
It is common to read about various social engineering attack scenario’s in many of today’s IT security based books. None the less just like the need to constantly drill this information into the minds of the non tech users of many organizations. It makes for a better story when the scenario can be drawn from […]
-
Exploiting Intel CPU cache mechanism
Since I did not get out to Black Hat DC last month I was just reviewing the papers and came across one very interesting one. Aside from the white paper I also enjoy the story about the new “Friends” disclosing such an exploit brings. All in all a good read and just more wood for […]
-
Tuning your hacking skills in a ‘Hacker Space’
A newer trend in the field of “Hacking” is the use of “Hacker Spaces”. Picture a community lab with various hardware/software for you to refine your skills in a controlled and safe environment. While this may not be a way to gain true real-world experience. It does help nuture your skill from a casual or […]
-
Interview with Charlie the man behind the pwn2own Macbook Hacks
During the PWN2OWN security competition the hacker best known for hacking the iPhone, discusses hacking fully patched Macbooks in under 2 min shares some information. Yes, I took down the Mac in under a minute each time. However, this doesn’t show the fact that I spent many days doing research and writing the exploit before […]
-
Critical IE Flaw & Emergency Patch
New 0 Day in the wild.. For those poor souls still using Internet Explorer take heed! Here are the details on the vulnerability and the emergency patch Good Luck! And if you haven’t already Do Yourself A Favor
-
The DoS of GRC Revisited
[In keeping with the theme of the day] Being the Attacker can be fun (in that evil sort of way) but being the Attackee is never a good time. I often times recall the story told by Steve Gibson of GRC.com about his battle with a DDoS attack launched by a 13 year old hacker […]
-
Fighting SSH Brute Force
To anyone that has had to deal with this issue, I feel you. I can recall less than 2 years ago how an SSH brute force attempt, our preventive/corrective actions, and their response (a weak DoS attempt) triggered a change in our internal process regarding SSH access to the outside world. There was a fairly […]