The Network Security. Org

RSS Feed Homepage

Articles: 1, 2, 3, 4, 5, 6, 7

Encrypt volumes through a cross platform GUI with TrueCrypt 5.0
2008-03-21 07:49:00
Last month the True Crypt Foundation released TrueCrypt 5.0, which finally introduces a Linux GUI for the cross-platform encryption application. TrueCrypt 5.0’s numerous other enhancements include a Mac OS X port, XTS operation mode, the ability to encrypt a system partition or drive under Windows, and the addition of the SHA-512 hash algorithm.
More About: Encryption , Network Security , Cross

The threat of the Ajax Super Worm
2008-03-21 07:46:00
The rapid evolution of ?Web 2.0? has sparked the convergence of social networking on a massive scale and the adoption of new combinations of technologies that significantly increase the so-called ?attack-surface?. This combination offers irresistible opportunities to organised crime.
More About: Network Security , Malware , Super , Worm , Ajax

eEye to Add Retina Web App Scanner
2008-03-14 07:13:00
eEye Digital Security tomorrow will make its first foray into the Web vulnerability space — with a new member of its Retina Security Scanner family that roots out Web application flaws. eEye founder and former CTO and chief hacking officer Marc Maiffret first revealed eEye?s plans to add Web application scanning to its portfolio in ...
More About: Network Security

FTP Hacking on the Rise
2008-03-12 15:18:00
The File Transfer Protocol (FTP) has attracted renewed interest lately, but not in a good way: The bad guys are now using the ?70s disco-era file transfer technology to serve up bot malware, and even as a backdoor into some enterprises that neglect to lock down their FTP servers.
More About: Network Security , Malware , Rise

Microsoft Patches 12 Office Security Holes
2008-03-12 15:16:00
Microsoft today issued four updates to fix at least a dozen security vulnerabilities in its Office software products. All of the updates earned Microsoft’s "critical" label, meaning attackers could exploit the flaws to break into Windows systems with little or no help from users.
More About: Security , Microsoft , Network Security , Vulnerabilities

Malware removes rival rootkits
2008-03-04 14:55:00
Miscreants have created a strain of malware capable of removing rootkits from compromised PCs, only to install almost undetectable backdoor code of its own. The Pandex Trojan stops previously installed rootkits from working by removing their hooks into system calls.
More About: Network Security , Malware , Rootkits

Security holes in VLC media player patched
2008-03-04 14:52:00
The developers of the open source media player VLC have closed several security holes. These would have allowed attackers to inject and execute malicious code using manipulated Realtime data streams or crafted video files. The latest version, 0.8.6e, is available to download and fixes the flaws.
More About: Security , Media Player , Media , Player , Holes

Five basic mistakes of security policy
2008-03-04 14:50:00
As I mentioned in my last article, security policies serve to protect (data, customers, employees, technological systems), define (the company’s stance on security), and minimize risk (internal and external exposure and publicity fallout in the event of a breach).
More About: Security , Policy , Basic

Windows XP SP3 Security
2008-02-29 15:04:00
The reality is that not every organisation has upgraded to Windows Vista. With Windows XP (launched in 2001 and still being sold) Microsoft have released service pack 3, the latest and probably the last version.
More About: Security , Windows Xp

NetworkMiner - Passive Sniffer & Packet Analysis Tool for Windows
2008-02-28 06:52:00
NetworkMiner is a passive network sniffer/packet capturing tool for Windows with an easy to use interface. It can detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse PCAP files for off-line analysis.
More About: Analysis , Tool , Packet , Sniffer

Stolen FTP Credentials Offered for Sale: Major Firms at Risk
2008-02-28 06:49:00
Cybercriminals are selling a new crimeware package that can automatically infect nearly 9,000 FTP servers at some major global companies, researchers said today. Researchers at Finjan say they recently stumbled upon a Website selling and trading these stolen FTP server administrator credentials in a software-as-a-service model.
More About: For Sale , Network Security , Sale , Stolen , Risk

VMWare opens hypervisor to security apps
2008-02-28 06:40:00
Virtual-machine software maker VMWare announced on Wednesday a way for security programs to access the company’s software and protect virtual systems in a way not possible today.
More About: Security , Network Security , Safe , Vmware

Critical VMware bug lets attackers zap real Windows
2008-02-26 07:19:00
A critical vulnerability in VMware Inc.’s virtualization software for Windows lets attackers escape the "guest" operating system and modify or add files to the underlying "host" operating system, the company has acknowledged.
More About: Real , Vmware , Critical

Cult of the Dead Cow turns Google into a vulnerability scanner
2008-02-26 07:16:00
The "Cult of the Dead Cow" hacker group ? cDc for short ? has published a tool that searches for vulnerabilities and private information across the web. Using well-chosen Google search queries, Goolag Scan discovers links to vulnerable web applications, back doors, or documents inadvertently put on the internet that contain sensitive information.
More About: Vulnerabilities , Vulnerability

Email typosquatting poses leakage threat
2008-02-26 07:14:00
Companies and political organizations should put more effort into registering mis-typed versions of their primary domain, not only to protect visitors to their Web sites but also to prevent e-mails from accidentally leaking out, a security researcher said on Wednesday.
More About: Email , Threat

Researchers crack FileVault, BitLocker with canned air hack
2008-02-26 07:04:00
One of the adages of computing is that no hardware is safe when a hacker has physical access to the machine. In an age of booming laptop sales, people haven’t found that reassuring and have frequently turned to disk encryption in an effort to protect their personal data.
More About: Encryption , Network Security , Hack , Vulnerabilities , Vault

Black Hat: Dtrace a Rootkit?
2008-02-26 07:00:00
Sun’s Dtrace application was developed primarily as a tool to help monitor functions on Solaris . According to a pair of security researchers at the Black Hat conference, you can also use Dtrace as the basis for a rootkit-like tool for offensive and defensive security operations.
More About: Network Security , Application Security , Black Hat

Experts hammer Web 2.0 security
2008-02-26 06:58:00
Even as social networking darling Facebook prepares a version of its online networking application aimed specifically at enterprise users, legions of security experts are getting behind the idea that the sites represent a serious threat to businesses and other organizations.
More About: Security , Network Security , Malware , Web 2 , Experts

Free Web Filtering Service Taps User Input
2008-02-26 06:55:00
First it was the community-driven phish reporting site, and now, a people-powered Web filtering service: Open DNS tomorrow will launch a free, user-powered Web categorization and filtering service in the spirit of its PhishTank site.
More About: Network Security , Service , Free

Stripping Away Malware Armor
2008-02-26 06:51:00
Security analysts use stealth to win the "arms race" against malware. Getting around the defense mechanisms that malware writers erect isn’t easy. From packers to run-time obfuscators, software-armoring techniques create problems for reverse engineers and security analysts.
More About: Malware , Armor , Stripping

Google scanning is it legal?
2008-02-26 06:48:00
If content is placed on the public web it is almost a foregone conclusion that search engines such as Google will spider and index it. It’s also very likely that a link to that content will eventually turn up in someone’s search results, and that someone will follow the link and see the content.
More About: Scanning , Legal

The Future of Encryption
2008-02-19 07:09:00
In today?s world the protection of sensitive data is one of the most critical concerns for organizations and their customers. This, coupled with growing regulatory pressures, is forcing businesses to protect the integrity, privacy and security of critical information. As a result cryptography is emerging as the foundation for enterprise data security and compliance, and ...
More About: Encryption , Network Security , Future , Privacy , The Future

Harvard Web site hacked, database on file sharing site
2008-02-19 07:07:00
One of Harvard University’s Web sites appeared on Monday to have been hacked, with its contents appearing on the BitTorrent file-sharing network. A compressed 125 M-byte file claiming to be the database for the Web site of Harvard’s Graduate School of Arts and Sciences is available via the BitTorrent P-to-P (peer to peer) network.
More About: File Sharing , Network Security , File

FrSIRT finds flaws in MySQL
2008-02-19 07:04:00
Researchers at a French security organisation have uncovered a number of security vulnerabilities in the MySQL database application, the open source software used to support many Web 2.0 applications. FrSIRT, the French Security Incidence Response Team, reported Thursday that it has identified seven vulnerabilities in MySQL.
More About: Network Security , Vulnerabilities , Mysql

Analyze This Malware
2008-02-18 09:07:00
No matter how you measure it, malware is proliferating at unprecedented levels. Last month, PandaLabs and AV-Test each joined the lists of vendors and researchers reporting massive malware growth in 2007. PandaLabs says it now receives an average of over 3,000 new strains of malware every day. AV-Test saw an increase from 973,000 unique malware ...
More About: Network Security , Malware , Analyze

Is Banking Online Getting Any Safer?
2008-02-18 09:06:00
Banking online has become extremely pervasive and is becoming more and more common. But has it reached a point where it?s actually safer than going to your local branch?
More About: Network Security , Banking , Online

Tips For Improving Users Security Awareness
2008-02-15 07:34:00
As much as most IT managers wish otherwise, security remains a top concern of most departments. According to a recent survey commissioned by GFI (www.gfi.com) of senior executives and IT managers at more than 450 small to midsized enterprises, security and system downtime are their top daily concerns, with 71% of respondents mentioning both. (more…)
More About: Security , Tips , Awareness , Users

A Guide to Different Kinds of Honeypots
2008-02-15 07:30:00
Honeypots come in many shapes and sizes and are available to mimic lots of different kinds of applications and protocols. We shall take the definition of a honeypot as "a security resource whose value lies in being probed, attacked, or compromised"[Spitzner02]. That is, a honeypot is a system we can monitor to observe how attackers behave, a system which is designed to lure attackers away from more valuable systems and/or a system which is designed to provide early warning of an intrusion to the target network. A honeypot may be used for all three applications at the same time. (more…)
More About: Guide

Computer Users Expect More Mac Attacks
2008-02-15 07:22:00
Computer users are becoming increasingly pessimistic about the Mac’s ability to sustain its mostly malware-free existence. Sophos, a computer security company, surveyed 355 computer users, asking them whether they believed Apple’s Macintosh computers will be targeted more frequently by malware in the future. (more…)
More About: Computer , Expect , Users , Attacks

Password Cracking Wordlists and Tools for Brute Forcing
2008-02-15 07:19:00
I quite often get people asking me where to get Wordlists, after all brute forcing and password cracking often relies on the quality of your word list. Do note there are also various tools to generate wordlists for brute forcing based on information gathered such as documents and web pages. (more…)
More About: Tools , Password , Cracking