Dr. Jim Kennedy explains why seaport security is an issue which potentially impacts all businesses and describes the measures that should be taken to maximise seaport cyber security.
Read more »Dr. Jim Kennedy explains why seaport security is an issue which potentially impacts all businesses and describes the measures that should be taken to maximise seaport cyber security.
Read more »Training: February 16-17
Briefings: February 18-19
More information on the event can be found on the organizer web site.
Read more »LinkedIn is a popular social networking site where you can manage business contacts online. Since you can set up a profile with links to your own website, it seems to attract criminals’ attention as well. A Google search reveals that several hundred fake LinkedIn profiles from nude “Kirsten Dunst” to nude “Hulk Hogan” exist already. The rogue profiles look all alike, with a picture of the celebrity and three links to the parts of the “nude video” like shown in the following picture.
Read more »By specifying an empty share name, in the right circumstances, it is possible to access the root directory of a Samba file server
Read more »A lot of companies think that they can make the full solution from scratch, including all technical mechanisms for security and encryption. The enterprise customer should tread very lightly when evaluating solutions with custom encryption.
Read more »"Micro-blogging site Twitter had to temporarily suspend accounts belonging to Barack Obama, Britney Spears and other celebrities after they were hijacked by miscreants and used to spread scandalous and false information that appeared to come from their owners."–Twitter's veracity chewed up by Britney's four-foot vagina
Read more »The [Maine] Bureau of Financial Institutions has issued a report on the costs of data security breaches to Maine banks and credit unions.
The study found that of the 75 financial institutions that responded, 71 were affected by a data breach since Jan. 1, 2007, incurring combined expenses totaling more than $2 million, according to a state press release.
Together, the breaches resulted in unauthorized or fraudulent transfers at 25 institutions, including 265 accounts and $75,000 at one institution.
Read more »"Another good rule is to only choose security vendors who also perform Vulnerability Research and Development ("R&D"). That is to say that the vendor must frequently perform security research against technology, identify vulnerabilities in that technology, create exploits for those vulnerabilities and must release formal security advisories. If they don't then chances are they don't know how to do it, but why is R&D important?
Read more »I've been an infrequent yet admiring user of Metasploit for about four years, but I've never tried it on Windows. It strikes me as being something I "just shouldn't do," like running Nmap on Windows or (shudder) Snort on Windows. However, while preparing labs for my upcoming class, I thought I would give version 3.2 a try.
Read more »Google's free services are being heavily exploited by spammers to redirect visitors to sites touting knockoff designer drugs and scams, according to the latest rankings from Spamhaus.org, a group that tracks unsolicited commercial e-mail. Last month, Security Fix called attention to Microsoft's persistent ranking on Spamhaus's running list of the "Top 10 Worst Spam Service ISPs". Now that Microsoft has cleaned up its act, it appears the bad guys are moving on to Google, which is now ranked #4 on the list (#1 being the worst).
Read more »GSO has always had a habit of disabling registration and we have done this before. Now we have opened registration back up after a few months of it being closed. Why do we close registration? Well we want to provide the best resource to our active users for discussing topics. Unfortunately the spammers and kiddies take advantage so we shut it down to preserve the community. So now we are opening backup with Captcha enabled to increase the resistance to spammers. So do yourself a favor and if you have been waiting to sign up do it now.
Read more »Over the holidays Marcin @ tssci security offered up a python script for brute forcing the HTTP OPTIONS on directories. One of the reasons someone would want this information is because if you're (accidentally, of course) allowing PUT methods on any directories, someone can upload something nasty and potentially execute an attack. The availability of PUT makes XSS attacks simple even for script kiddies, for example.
Read more »The next DOJOSEC is this week. I've been invited to speak about the latest compliance trends in PCI and FDCC. Also presenting will be Shaf Ramsey of TechGaurd Security and Dale Beauchamp of the Transportation Security Administration. Mr. Ramsey will discuss the future of virtual worlds such as HIPIHI and the implications they will have for information security. Mr. Beauchamp is a digital forensics expert and will discuss practical memory analysis. The time and location of the event are:
Read more »VeriSign announced an immediate transition to the SHA-1 algorithm on new RapidSSL brand certificates. The transition to the SHA-1 algorithm came within a few hours of the public unveiling of an MD5 fl...
Read more »Netcraft's SSL Survey shows that 14% of valid third party SSL certificates have been issued using MD5 signatures an algorithm that has recently been demonstrated to be vulnerable to attack by produc...
Read more »So, the economy has changed a great deal over the past few months since Lee Kushner and I announced our survey on career management in information security. And we’ve had some great responses.
Read more »Global organizations often have challenges creating a comprehensive security program. Too much central control and the regions either feel ignored, so chafe at security cost allocations and pay only nominal attention to the program, causing great risk to the overall organization. Or they fill the vacuum by creating their own shadow program that often eclipses the corporate security message in their locale. Too little centralization and the regional initiatives tend to focus too locally and miss the more global risks.
Read more »Hardening is the process of securing a system by reducing its surface of vulnerability. By the nature of operation, the more functions a system performs, the larger the vulnerability surface.
However, all system hardening efforts follow a generic process. So here is a checklist and diagram by which you can perform your hardening activities.
Read more »Couple of great posts over on AttackResearch on Dissecting a Multistage Web Attack that uses IE7 0day Parts 1 & 2.http://blog.attackresearch.com/?q=node/4http://blog.attackresearch.com/?q=node/5
Read more »Kaspersky Lab releases technical preview of Kaspersky Anti-Virus for Windows 7. Kaspersky Lab, a leading developer of secure content management systems, announces the release of a technical prototype of Kaspersky Anti-Virus for Windows 7.
Read more »The Yasukuni Shrine has long been the target of angry young Chinese netizens. This past week it seems a few Chinese hackers attacked the Shrine's Web site and posted the following message along with a Chinese flag:
Read more »So you have submitted your page to GSO and want to get additional votes for your post or article. Now you can add a dynamic voting button to the page.
Read more »1. The DNS patch. It was and is possible to change the IP address of any website on a non-patched DNS server with an attack that would take less than a minute. It took the Belgian ISP's more than 2 weeks after public pressure from a belgian webforum to get their DNS servers in order. But the DNS problem has also a consequence for all kinds of webservices, going from SSL to mail to VOIP and so on. It is everywhere and we can't live without.
Read more »A new browser war or sorts has begun to emerge of late. But it's not where you would expect. This time it's in the area of privacy, a key area of importance for so many. So since this is becoming such a big thing of late, a company named iSec has done a privacy test on all the ma ...
Read more »Journalspace.com has fallen and can't get up. The post on their site describes how their entire database was overwritten through either some inconceivable OS or application bug, or more likely a malicious act. Regardless of how the data was lost, their undoing appears to have been that they treated drive mirroring as a backup and have now paid the ultimate price for not having point-in-time backups of the data that was their business." The site had been in business since 2002 and had an Alexa page rank of 106,881. Quantcast said they had 14,000 monthly visitors recently.
Read more »Portable Executable file infection is a subject I always found to be sketchy. There was always a piece of the puzzle missing in my case... In this article I hope to clarify the matter and hopefully provide a good starting point for those wanting to learn how such tools work.I want to mention that I'm writing this article with an intention of educating others. You may start out with PE infection, but eventually I hope that you'll move onto authoring PE protection tools and exploiting your newly found knowledge in a positive and ethical manner.
Read more »A very common theme in action movies is walking away with the stolen goods in plain sight. Although popular in movies, the subject of hiding information is often overlooked in information security. Here is an analysis of how easy it is to hide valuable information in harmless files.
Read more »What is the best way to wipe a drive? What utility should I use? How many passes is enough? Should I bother wiping a drive if it is encrypted already?
Read more »The video highlights the symptoms experienced on exploited phones; it doesn't show how to perform the attack. The attacking phone has been kept off screen. (It isn't difficult to find the CCC video at this point.)
Curse of Silence Effects
Read more »
Recent comments
18 hours 40 min ago
17 hours 53 min ago
19 hours 50 min ago
1 day 26 min ago
1 day 37 min ago
1 day 3 hours ago
1 day 5 hours ago
4 days 4 hours ago
4 days 4 hours ago
6 days 9 hours ago