Blog Posts Tagged with "Network Security"

099757b145caa6965ea51494adbc25ba

How to Secure Windows 2000... For a Limited Time

September 07, 2012 Added by:Drayton Graham

A number of organizations are still using Windows 2000. It is up to the organization to determine the acceptable risk for continued use of Windows 2000-based systems. If Windows 2000 is a necessity at this time within your environment, here are some security techniques you can implement...

Comments  (0)

E11e506024f5d2b70f037b9af4734f33

Tallinn Manual on International Law Applied to Cyber Warfare

September 06, 2012 Added by:Stefano Mele

The Tallinn Manual pays particular attention to international law governing the use of force as an instrument of national policy and laws regulating the conduct of armed conflict, also labeled the law of war, the law of armed conflict, or international humanitarian law...

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Finishing the Security Automation Job

September 06, 2012 Added by:Tripwire Inc

SACM needs to grow upward and outward from where the SCAP efforts have gotten – move from controls into control frameworks and support the policies, processes, and procedures derived from Operational Risk Management. We’ve got a lot of work ahead. It’s all worth it...

Comments  (3)

D8853ae281be8cfdfa18ab73608e8c3f

Let Me Out of Your .NET Work: Intro

September 05, 2012 Added by:Rob Fuller

The problem I find with these tools is that they are still straight TCP. I know most networks still allow some ports directly outbound and these tools are still quite valid. During the span between these two tools being released, MrB released a site that listens on all 65k ports...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Securing Your Application Perimeter: What to Test for Vulnerabilities

September 05, 2012 Added by:Fergal Glynn

When dynamic scanning engines were first designed they were primarily tools for penetration testers to use on a few select web applications deemed critical enough to warrant serious testing. But times have changed, every Internet facing application is now a potential attack surface...

Comments  (0)

924ce315203c17e05d9e04b59648a942

Is Packet Capture Critical? Heck Yes...

September 04, 2012 Added by:Richard Stiennon

Beaconing detection is a feature in the fastest growing security solutions in the market. I am tracking most of these vendors at 100% annual growth rates, a sure sign of a trend. Intelligent packet capture is a must-have technology in every cyber defense armament...

Comments  (1)

25c95f8b408153139da509683b7b6603

Whitelisting Traffic: A practical Exercise for Network Defenders

September 04, 2012 Added by:Johannes Ullrich, Ph.D.

Host-based intrusion detection has seen some significant advances and it has come to encompass a lot more than what we currently understand as "anti-virus" or "anti-malware". All too often we still mirror network-based intrusion detection and are looking for signatures of "badness"...

Comments  (0)

54a9b7b662bfb0f0445d1661d7ed180b

Network Forensics -Tracking Hackers Through Cyberspace

September 04, 2012 Added by:Jayson Wylie

I highly recommend this book for seasoned network security professionals and those responsible for forensics to help set a foundation of proper approach, reporting and evidence collection for identifying an incident and being able to show proof and record...

Comments  (0)

7d55c20d433dd60022642d3ab77b8efb

Latest SAP Security News

August 29, 2012 Added by:Alexander Polyakov

The most interesting thing is that the SAP HostControl is exposed to the Internet by many companies. Speaking numbers, 10% of companies that use SAP worldwide expose the SAP HostControl service to the Internet. I think you can imagine what can be done to those companies if hackers exploited this hole...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Cross-Protocol Chained Pass the Hash for Metasploit

August 29, 2012 Added by:Rob Fuller

Every so often someone writes a Metasploit Module that is pretty epic. July 12th was one such day, and as soon as you do you can start using this (using the example resource file to put a file, cat it out, enum shares available, list files on a share) then psexec all from a single URL being loaded...

Comments  (0)

3e35900ae6facc6c146a85c435c71d82

Cyberheists: Biggest Threat Facing American Businesses

August 28, 2012 Added by:Ben Rothke

It is no myth that there is plenty of money and digital assets on networks worldwide. Those that want to secure those assets need to safeguard them. This book is written specifically for smaller to medium size businesses that often lack the staff and budget necessary to ensure effective information security...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Oil and Natural Gas Pipeline Intrusion Campaign

August 28, 2012 Added by:Infosec Island Admin

ICS-CERT onsite analysis included a search for host-based and network-based indicators to identify additional hosts for further analysis. ICS-CERT hashed files from approximately 1700 machines and compared them to hashes of known malicious files and examined proxy logs to identify any suspicious network activity...

Comments  (1)

86d8831c7ce6fcda920aac867a984d98

Ghost USB Honeypot: Interview with Project Leader Sebastian Poeplau

August 27, 2012 Added by:InfoSec Institute

Ghost is a honeypot for detecting malware that spreads via USB devices. It first tries to emulate a USB thumb drive. If the malware identifies it as a USB thumb drive, it will trick the malware into infecting it. Ghost then looks for write based requests on the drive, which is an indication of a malware...

Comments  (1)

44fa7dab2a22dc03b6a1de4a35b7834a

Cyber Attacks Increasingly Target Small Companies

August 26, 2012 Added by:Bill Gerneglia

Your company may not be the primary target, an attacker may use your organization as a stepping-stone to attack another. Don't be the weakest link in the supply chain. Information is power, the attackers know this, and successful attacks can result in significant financial loss...

Comments  (4)

E313765e3bec84b2852c1c758f7244b6

Which Application Testing is Right for Your Organization?

August 23, 2012 Added by:Brent Huston

Billions of dollars and millions of identities are at stake every day. In the past, security professionals thought firewalls, Secure Sockets Layer, patching, and privacy policies were enough to protect websites from hackers. Today, we know better. Whatever your industry — you should have consistent testing...

Comments  (0)

3e35900ae6facc6c146a85c435c71d82

The Seven Qualities of Highly Secure Software

August 23, 2012 Added by:Ben Rothke

Behind nearly every vulnerability is poorly written software. The 7 Qualities of Highly Secure Software highlights qualities that are essential to stop insecure code. This is a highly valuable book that can be of significant use to every stakeholder, from those in the boardroom to the head of application development...

Comments  (0)

Page « < 5 - 6 - 7 - 8 - 9 > »