Secuobs.com : 2013-04-16 14:36:44 - Bill Mullins' Weblog Tech Thoughts - Boston Marathon explosions online resource guide Organizations are setting up sites useful for tracking down friends and family, donating blood, or finding out the latest news after the Boston Marathon tragedy Free cloud storage for life CNET has Continue reading
↧
Tech Thoughts Daily Net News April 16, 2013
↧
The Risks Associated with Third-Party Software Components
Secuobs.com : 2013-04-16 15:03:04 - Acunetix Web Application Security Blog - I was recently contacted by a colleague in an information security leadership position who was concerned about his developers using some third-party plug-ins for an enterprise application they were rolling out His developers wanted to install these third-party components in The post The Risks Associated with Third-Party Software Components appeared first on Acunetix
↧
↧
Scada en France une sécurité de temps de crise
Secuobs.com : 2013-04-16 15:05:12 - CNIS mag - Thomas Houdy, du Cert Lexsi, publie un billet très synthétique sur la sécurité industrielle et ses méthodes Article raisonné et raisonnable traitant de deux réalités la vulnérabilité endémique des systèmes de contrôle de processus particulièrement depuis leur windowisation intensive et l augmentation des fameuses APT, opération d espionnage industriel systématique visant toute infrastructure possédant
↧
Using Posh-SecMod PowerShell Module to Automate Nessus Part 2
Secuobs.com : 2013-04-16 15:05:39 - Blog - Working with Policies --------------------- Policies in Nessus is where we define what a scan is going to do from What plugins to run What types of plugin should run and which should not Concurrency Port Scanning Settings Credentials and many many many more This is why when I started looking at using PowerShell for automation I came to the conclusion that creating polices and editing them is much better in a GUI than in a shell But still I included some basic functions for working with policies Lets start by listing what policies are in the server PS Show-NessusPolicy -Index 0 PolicyID PolicyName PolicyOwner Visibility -------- ---------- ----------- ---------- -4 Internal Network Scan Tenable Policy Distributio shared -3 Web App Tests Tenable Policy Distributio shared -2 Prepare for PCI-DSS audits Tenable Policy Distributio shared -1 External Network Scan Tenable Policy Distributio shared 8 Exploit Available Only carlos private 7 Moderate Scan carlos private 6 All Plugins with Full Scan carlos private We can make copies of existing Policies PS Copy-NessusPolicy -Index 0 -PolicyID 8 PolicyID PolicyName PolicyOwner Visibility -------- ---------- ----------- ---------- 9 Copy of Exploit Available carlos private We can also remove exiting policies PS Remove-NessusPolicy -Index 0 -PolicyID 9 True You can also download the XML for a policy as a XML Net Object, you can download the XML in to file quite easily using the methods offered by Net PS C Show-NessusPolicy -Index 0 -PolicyID 1 PolicyID PolicyName PolicyOwner Visibil -------- ---------- ----------- ------- 1 Mobile Devices Audit carlos private PS C MobilePolicy Get-NessusPolicyXML -Index 0 -PolicyID 1 PS C MobilePolicySave env HOMEPATH Desktop mobilepolicyxml You can also manipulate the object and query quite easyly in powershe the Policy XML to get more detailed information about a given policy PS C MobilePolicy Get-NessusPolicyXML -Index 0 -PolicyID 1 PS C MobilePolicyNessusClientData_v2policypolicyContentsFamilySelectionFamilyItem FamilyName Status ---------- ------ MacOS X Local Security Checks disabled DNS disabled Gain a shell remotely disabled Solaris Local Security Checks disabled Port scanners disabled Web Servers disabled SMTP problems disabled Service detection disabled CGI abuses XSS disabled Mandriva Local Security Checks disabled Databases disabled Debian Local Security Checks disabled Denial of Service disabled Default Unix Accounts disabled Settings disabled HP-UX Local Security Checks disabled Backdoors disabled VMware ESX Local Security Checks disabled SCADA disabled General disabled Red Hat Local Security Checks disabled FreeBSD Local Security Checks disabled CGI abuses disabled Windows User management disabled Netware disabled Peer-To-Peer File Sharing disabled Slackware Local Security Checks disabled SNMP disabled Fedora Local Security Checks disabled Gentoo Local Security Checks disabled Ubuntu Local Security Checks disabled Misc disabled FTP disabled Firewalls disabled Windows Microsoft Bulletins disabled Junos Local Security Checks disabled Mobile Devices enabled Windows disabled Policy Compliance disabled SuSE Local Security Checks disabled RPC disabled CentOS Local Security Checks disabled CISCO disabled Scientific Linux Local Security Checks disabled AIX Local Security Checks disabled I do promise in the future a bit more manipulation of policies, command line in this case will not be as flexible as the GUI but it should help for some simple tasks I m looking at the simpler JSON API added in the HTML5 interface for this, it will limit the functions to only version 5x but then again we are all using the latest version, right Winking smile Working with Scan Templates --------------------------- Scan templates are the most used method for storing specific configuration for scan that already have a policy configured and a set of targets selected The scan Templates can also be scheduled to run at specific intervals I have written some functions for creating and launching scan templates Before creating a Scan Template we first need to know the IDs of the existing policies since that ID is used in the creation since we may have several policies with the same name but with different settings In this next example I want to create a template for scanning my home development network where I host all my virtual machines PS Show-NessusPolicy -Index 0 PolicyID PolicyName PolicyOwner Visibility -------- ---------- ----------- ---------- -4 Internal Network Scan Tenable Policy Distributio shared -3 Web App Tests Tenable Policy Distributio shared -2 Prepare for PCI-DSS audits Tenable Policy Distributio shared -1 External Network Scan Tenable Policy Distributio shared 8 Exploit Available Only carlos private 7 Moderate Scan carlos private 6 All Plugins with Full Scan carlos private PS New-NessusScanTemplate 0 -TemplateName Dev Lab Full Scan -PolicyID 6 -Targets 192168101-192168102 TemplateID template-b9d6c48e-516a-fe81-4294-458df6acfd45a74d7adc86d4815b PolicyID 6 PolicyName Name Dev Lab Full Scan Owner carlos Targets 192168101-19216810254 As you can see the creation of the template is quite simple The targets can be either individual hosts and or ranges separated by commas with no spaces between them or a PowerShell collection that can be passes also Lets take a look at the scan templates we have on the server PS Show-NessusScanTemplate -Index 0 TemplateID template-b9d6c48e-516a-fe81-4294-458df6acfd45a74d7adc86d4815b PolicyID 6 PolicyName All Plugins with Full Scan Name Dev Lab Full Scan Owner carlos Targets 192168101-19216810254 Each scan template has a unique Template ID we use this ID when we work with the template Lets update the existing template targets, I want to have it cover the same range bust skip some hosts I do not want scanned, I can do this using other functions provided by Posh-SecMod for working with IPs PS excludelist 1921681020,1921681080,19216810200,19216810201 PS ips New-IPRange -CIDR 192168100 24 PS targets ips IPAddressToString -notin excludelist pourcents IPAddressToString PS Update-NessusScanTemplate -Index 0 -TemplateID template-b9d6c48e-516a-fe81-4294-458df6acfd45a74d7adc86d4815b -Targets targets TemplateID template-b9d6c48e-516a-fe81-4294-458df6acfd45a74d7adc86d4815b PolicyID 6 PolicyName Name Dev Lab Full Scan Owner carlos Targets 192168101 192168102 192168103 192168104 192168105 192168106 192168107 192168108 192168109 1921681010 1921681011 1921681012 1921681013 1921681014 1921681015 1921681016 1921681017 1921681018 1921681019 1921681020 1921681021 1921681022 1921681023 1921681024 1921681025 1921681026 1921681027 1921681028 1921681029 1921681030 1921681031 1921681032 1921681033 1921681034 1921681035 1921681036 1921681037 1921681038 1921681039 1921681040 1921681041 1921681042 1921681043 1921681044 1921681045 1921681046 1921681047 1921681048 1921681049 1921681050 1921681051 1921681052 1921681053 1921681054 1921681055 1921681056 1921681057 1921681058 1921681059 1921681060 1921681061 1921681062 1921681063 1921681064 1921681065 1921681066 1921681067 1921681068 1921681069 1921681070 1921681071 1921681072 1921681073 1921681074 1921681075 1921681076 1921681077 1921681078 1921681079 1921681080 1921681081 1921681082 1921681083 1921681084 1921681085 1921681086 1921681087 1921681088 1921681089 1921681090 1921681091 1921681092 1921681093 1921681094 1921681095 1921681096 1921681097 1921681098 1921681099 19216810100 19216810101 19216810102 19216810103 19216810104 19216810105 19216810106 19216810107 19216810108 19216810109 19216810110 19216810111 19216810112 19216810113 19216810114 19216810115 19216810116 19216810117 19216810118 19216810119 19216810120 19216810121 19216810122 19216810123 19216810124 19216810125 19216810126 19216810127 19216810128 19216810129 19216810130 19216810131 19216810132 19216810133 19216810134 19216810135 19216810136 19216810137 19216810138 19216810139 19216810140 19216810141 19216810142 19216810143 19216810144 19216810145 19216810146 19216810147 19216810148 19216810149 19216810150 19216810151 19216810152 19216810153 19216810154 19216810155 19216810156 19216810157 19216810158 19216810159 19216810160 19216810161 19216810162 19216810163 19216810164 19216810165 19216810166 19216810167 19216810168 19216810169 19216810170 19216810171 19216810172 19216810173 19216810174 19216810175 19216810176 19216810177 19216810178 19216810179 19216810180 19216810181 19216810182 19216810183 19216810184 19216810185 19216810186 19216810187 19216810188 19216810189 19216810190 19216810191 19216810192 19216810193 19216810194 19216810195 19216810196 19216810197 19216810198 19216810199 19216810200 19216810201 19216810202 19216810203 19216810204 19216810205 19216810206 19216810207 19216810208 19216810209 19216810210 19216810211 19216810212 19216810213 19216810214 19216810215 19216810216 19216810217 19216810218 19216810219 19216810220 19216810221 19216810222 19216810223 19216810224 19216810225 19216810226 19216810227 19216810228 19216810229 19216810230 19216810231 19216810232 19216810233 19216810234 19216810235 19216810236 19216810237 19216810238 19216810239 19216810240 19216810241 19216810242 19216810243 19216810244 19216810245 19216810246 19216810247 19216810248 19216810249 19216810250 19216810251 19216810252 19216810253 19216810254 Launching and Managing Scans ---------------------------- There are 2 ways to launch scans Launch a Scan using an existing policy Launch a Scan using a Scan Template Lets first launch a scan using a policy and giving it a list of targets PS Invoke-NessusScan -Index 0 -PolicyID 7 -Name Lab Scan 1 -Targets 192168101-19216810100 ScanID 0c0a28e2-824a-3606-4bd2-965d0da1c62272dde8c29f1faa6d ScanName Lab Scan 1 Owner carlos Status running Date 4 14 2013 2 21 02 AM Now lets look at invoking the scan using a pre-configured template PS Invoke-NessusScanTemplate -Index 0 -TemplateID template-b9d6c48e-516a-fe81-4294-458df6acfd45a74d7adc86d4815b ScanID a3fb5b8c-60db-1dda-fac7-ee46c0d0a638ea8ce79ab209483c ScanName Dev Lab Full Scan Owner carlos Status running Date 4 14 2013 2 21 50 AM As it can be seen for repeated scans the template is the way to go since it is already named, a policy is already set and a target list is already present For quick scans of single devices or hosts the launching of scans using policies is better We can take a look at the scans with the Show-NessusScans function PS Show-NessusScans 0 ScanID a3fb5b8c-60db-1dda-fac7-ee46c0d0a638ea8ce79ab209483c ScanName Dev Lab Full Scan Owner carlos Status running Date 4 14 2013 2 21 50 AM ScanID 0c0a28e2-824a-3606-4bd2-965d0da1c62272dde8c29f1faa6d ScanName Lab Scan 1 Owner carlos Status running Date 4 14 2013 2 21 02 AM As you will be able to see each scan has a unique ScanID, this is what we will use as the way to identify scans so we can manipulate them Lets look at suspending a scan with Suspend-NessusScan PS Suspend-NessusScan -Index 0 -ScanID 0c0a28e2-824a-3606-4bd2-965d0da1c62272dde8c29f1faa6d ScanID 0c0a28e2-824a-3606-4bd2-965d0da1c62272dde8c29f1faa6d ScanName Lab Scan 1 Owner carlos Status pausing Date 4 14 2013 2 21 02 AM We can resume the scan with Resume-NessusScan PS Resume-NessusScan -Index 0 -ScanID 0c0a28e2-824a-3606-4bd2-965d0da1c62272dde8c29f1faa6d ScanID 0c0a28e2-824a-3606-4bd2-965d0da1c62272dde8c29f1faa6d ScanName Lab Scan 1 Owner carlos Status resuming Date 4 14 2013 2 21 02 AM We can also stop the scan Stop-NessusScan PS Stop-NessusScan -Index 0 -ScanID 0c0a28e2-824a-3606-4bd2-965d0da1c62272dde8c29f1faa6d ScanID 0c0a28e2-824a-3606-4bd2-965d0da1c62272dde8c29f1faa6d ScanName Lab Scan 1 Owner carlos Status stopping Date 4 14 2013 2 21 02 AM One thing to keep in mind even if you stop the scan that what it has found to that point will still be saved as report
↧
Et le BAFTA revient à un datacentre britannique
Secuobs.com : 2013-04-16 15:08:09 - Global Security Mag Online - Pour les experts réunis à Nice pour la conférence Datacentres 2013, la forte croissance des contenus numériques amènera les datacentres à jouer le premier rôle auprès des professionnels du cinéma et de la télévision La croissance exponentielle des contenus numériques produits pour la télévision et le cinéma fait que la question de l'archivage et du stockage devient un réel problème pour l'industrie des médias Le nombre d'heures filmées est si élevé que la problématique de l'archivage et du stockage se - Marchés
↧
↧
Belgium Update on Personal Data Security Breaches
Secuobs.com : 2013-04-16 15:25:22 - Office of Inadequate Security - Patrick Van Eecke writes Following several recent widely publicized data breaches in Belgium, the Privacy Commission issued
↧
New Products 4 13 2013 video
Secuobs.com : 2013-04-16 15:48:35 - adafruit industries blog - New Products 4 13 2013 video Alkaline 9V Battery 0 02 Micro HDMI to HDMI Cable 2 meter 0 47 Modela Ninja Pibow Enclosure for Raspberry Pi Model A Computer 1 55 PiBow VESA Mounting Layer Plate 3 30 mbed Application Board 4 13
↧
Ask an Engineer 4 13 2013 video
Secuobs.com : 2013-04-16 15:48:35 - adafruit industries blog - Ask an Engineer 4 13 2013 video Every Saturday night at 10pm ET join us for our weekly live video chatroom Visit http adafruitcom ask for more info You can ask anything about electronics, kits at Adafruit or just stop in to meet other makers who are building cool things At the end of the chat we give away a
↧
Frustrate, Disrupt, Evade
Secuobs.com : 2013-04-16 16:04:21 - CounterMeasures Security Privacy Trust - Much of the focus on Advanced Persistent Threat and targeted attack prevention methodology can be related to the Lockheed Martin Cyber Kill Chain, which is itself based on the conventional US military targeting doctrine find, fix, track, target, engage, assess F2T2EA methodology The Cyber Kill Chain comprises seven phases Reconnaissance, Weaponization, Delivery, Exploitation, Installation,
↧
↧
Hope 9 - Lightning Friday
Secuobs.com : 2013-04-16 16:11:56 - SecurityTube.Net - A dozen talks over two days, each around five minutes in length These were presented after the Friday and Saturday keynote addresses IMAGE
↧
Measuresoft ScadaPro exploit
Secuobs.com : 2013-04-16 16:11:56 - SecurityTube.Net - ScadaPro is Real Time Data Acquisition software for Microsoft Windows Optimised to use the powerful real time, multi-tasking features of Windows, ScadaPro provides integrated data acquisition, monitoring, data logging, mimic development and report generation It is designed as mission critical software running on a mission critical operating system IMAGE
↧
Hardware and Software Keyloggers
Secuobs.com : 2013-04-16 16:11:56 - SecurityTube.Net - In this video Dan Honkanen talking about Keyloggers He will explain hardware and software keylogger Why we are using Keloggers and how to use keylogger If your machine is infected with keyloggers so you can learn how to detect that keylogger IMAGE
↧
90pourcents of game hacks and cracks contain malware
Secuobs.com : 2013-04-16 16:14:06 - Help Net Security News - Computer and online gaming is big business for companies creating the games, but a considerable drain on the finances of gamers, so it should not come as a surprise that many of the latter decide agai
↧
↧
Most enterprises encounter problems with open source software
Secuobs.com : 2013-04-16 16:14:06 - Help Net Security News - Univa's 2013 Free and Open Source Software report finds that Free and Open Source Software FOSS is prominent within businesses today with 76pourcents using it internally However, 75pourcents of those users experie
↧
First anti-malware product for UEFI
Secuobs.com : 2013-04-16 16:14:06 - Help Net Security News - Kaspersky Lab released Kaspersky Anti-Virus for UEFI KUEFI an anti-malware solution which can protect the user s PC before the operating system even starts loading UEFI, or Unified Extensible
↧
FBI and Cell Phone Surveillance
Secuobs.com : 2013-04-16 16:14:48 - Schneier on Security - We're learning a lot about how the FBI eavesdrops on cell phones from a recent court battle
↧
The CISO s Guide to Advanced Attackers Sizing Up the Adversary New Series
Secuobs.com : 2013-04-16 16:15:04 - Security Bloggers Network - Every year there seems to be a new shiny object that works security marketeers into a frenzy The Advanced Persistent Threat hype continues to run amok 3 years in and doesn t seem to be abating at all Of course, there is still lot of confusion about what the APT is, and Rich s post from early 2010 does a good job of highlight our views That being said, most security vendors are predictable animals and adhere to the maxim, if all you have is a hammer, everything looks like an APT Thus, it makes no difference what the security product or service does, it s being positioned as the answer to APT Of course, this isn t very helpful to security professionals that actually have to protect important things And it s definitely not helpful to Chief Information Security Officers CISOs that have to communicate their organization s security program and set realistic objectives and manage expectations accordingly So, per usual, your friends at Securosis will help you focus on what s important, and be able to wade through the hyperbole to understand what s hype and what s reality in our new series called The CISO s Guide to Advanced Attackers This series will provide a high level view of these so-called advanced attacks, designed to help a CISO-level audience understand what they need to know, and map out a clear 4-step process to deal with advanced attackers and the techniques they use Before we get started I want to thank Dell SecureWorks for agreeing to potentially license the content at the end of the project As with all our research, we will produce The CISO s Guide to Advanced Attackers independently and objectively, and tell you what you need to know Not what any vendor wants you to hear Defining Advanced Attacks ------------------------- First let s slay the common belief that advanced attackers always use advanced attacks That s just not the case Of course, there are the innovative attacks like Stuxnet, stealing the RSA token seeds to attack US Defense sector customers, and compromising Windows Update using stolen certificate authority signing keys But those attacks are the exception, not the rule These attackers are very business-like in their operations They won t use a fancy, advanced attack unless they need to They d just as soon get an unsuspecting office worker to click on a phishing email and subsequently use a known Adobe Reader exploit to provide the attacker with presence in your environment There is no award for these folks to use unique attacks This concept necessarily changes the way you need to think about your adversaries The attacks you ll see will vary greatly depending on the attacker s mission and their assessment of the most likely means to compromise your environment A better way to get your arms around potential advanced attacks is to first understand the potential target s and mission Then you profile the specific attacker, based on their likelihood to be interested in the target Then you can get a feel for the likely tactics you ll face and evaluate the controls that may be able to deter the attackers or at least slow them down The security industry machine would have you believe that implementing a magic malware detection box on your perimeter or locking down your endpoints will block the advanced attacker Per usual, you can t believe everything you see at a security conference, so let s break down exactly how to determine what kind of threat you are facing Evaluate the Mission -------------------- Having the senior security role in an organization yes, Mr Ms CISO - we re talking to you means accepting the reality that the job is less about doing stuff and more about defining the security program and evangelizing the need for security with senior management and peers A key first part of this process is to learn what s important in your environment, and thus would be an interesting target for an advanced attacker Since you have neither unlimited resources nor the capabilities to protect against every attack, you ll need to prioritize your defenses The way your prioritize is to focus on protecting your valuable stuff So the first order of business in dealing with advanced attackers is to understand what they are likely to be looking for And that most likely looks like your 1 Intellectual Property 2 Customer Data protected 3 Business operations proposals, logistics, etc 4 Everything else It s unlikely that you can really understand what s important to your organization by sitting in your office So a big part of this involves talking to senior management and your peers to get a feel for what s important to them After a few of these conversations, it should be pretty clear what s really important and people will get fired if it s compromised and what s less important Once you understand what the likely targets of an advanced attacker can be yes, the important stuff , then you can take a reasonably educated guess as to the adversary you ll be facing Profile the Adversary --------------------- Yes, it seems kind of simplistic to just make generic assumptions of the kind of attackers you ll face depending on what you are trying to protect And to be clear, it kind of is, but you have to start somewhere So let s describe quickly a very high level view of the adversary Keep in mind, many security researchers and research organizations have assembled dossiers on the potential attackers, which we ll discuss when we talk about threat intelligence in the next post 1 Unsophisticated These folks tend to do smash and grab attacks, where they use some publicly available exploit perhaps leveraging tools like Metasploit or some kind of packaged attack kit These folks are opportunistic and will take what they can get 2 Organized Crime A clear step up the food chain is the organized crime attacker These folks invest in security research, test their exploits, and have a plan to exfiltrate and then monetize what they find They are still pretty opportunistic, but can be quite sophisticated in attacking payment processors and large scale retailers They tend to be most interested financial data, but have also been known to steal IP if they can sell it and or use brute force approaches like DDoS threats to extort victims 3 Competitor At times your competitors will use unsavory means to gain advantage in product development or looking for information on competitive bids These folks tend to be most interested in intellectual property and business operations data 4 State-sponsored Of course you re probably most familiar with the alleged Chinese military attackers, but to be clear, you can bet every large nation state has a team of attackers practicing offensive tactics As Rich described, the Chinese are a bit different in that they use military resources to gain economic advantage, but all the same these folks are interested in pretty much everything And depending on the attacker, may not be overly concerned with concealing their presence in your environment Of course there are many other kinds of adversaries, depending on how granular you want to get How relevant profiling those additional classes of adversaries will be is specific to your situation The process will be the same, and the above list provides a decent initial stab at the kinds of folks you ll see trying to get into your stuff The Dangers of Assuming ----------------------- You know the old saying about assuming anything, right So we ll go through the initial process to identify your most likely targets and back into the kinds of adversaries you re likely to face Then you need to plan that you ll be wrong In security, it s a fools errand to think you have the answers So once you ve done what you can to protect yourself, then you ll need to ensure you have sufficient monitoring in place to detect something that isn t part of your general battle plan You can t eliminate surprise in this business, but you can lessen the impact of seeing an unexpected attack from a different adversary targeting a lower valued in your thinking anyway target Although we are focused on dealing with advanced attackers in this series, everything you ll do will be applicable to the unsophisticated The Process For Advanced Attacks -------------------------------- As always, we at Securosis tend to be process centric So let s put in place a high level process to deal with these kinds of attacks and attackers Thoughout the rest of the series we ll dig into each of these steps with specifics about what you need to do 1 Threat Intelligence Information Sharing One of the key defensive capabilities to deal with advanced attackers is to know who they are, where they are coming from, and what attacks they are using This involves leveraging external threat intelligence to learn from the misfortunes of others 2 Data Collection and Data Mining The next step in the process is to implement a comprehensive monitoring initiative instrumenting networks, systems, applications and data with sensors to look for the indications of imminent attack defined by threat intelligence 3 Verification When you believe you are being targeted, you ll need to do an initial damage assessment and kick your incident response process into gear This involves verifying, validating, and ultimately figuring out the root cause, degree of compromise and damage resulting from the attack 4 Breaking the Kill Chain Once the attack has been verified and the root cause has been identified, the organization needs to decide how to break the kill chain, or remediate the issue This is a non-trivial decision requiring feedback from senior management, legal counsel, and very likely law enforcement and government entities Ultimately all of these functions need to become systematic as part of your security program We ll wrap up the series by talking about how your program needs to handle these advanced attacks, while paying attention to the other stuff like hygiene, typical security attacks, and compliance So strap in, we ll start things up tomorrow by delving into the kinds of security threat intelligence you ll need to understand when and how you re likely to be attacked - Mike Rothman 0 Comments Subscribe to our daily email digest
↧
↧
Self-Practice
Secuobs.com : 2013-04-16 16:15:04 - Security Bloggers Network - Practicing intrusion analysis can be a worthy investment of your time when an alert you begin investigating turns out to be a critical event, such as a compromised server or data leakage of your companies informationAs you add to your arsenal, whether
↧
Malware Analysis on a shoe-string budget
Secuobs.com : 2013-04-16 16:15:04 - Security Bloggers Network - April 24th, which is a Wednesday, we have a really great Hacker Hotshot to share with you The event, titled Malware Analysis on a shoe-string budget is being presented by Michael Boman Micheal s presentation which by the way will always be on the same URL as above is going to share three main things Continue Reading The post Malware Analysis on a shoe-string budget appeared first on Concise Courses Information Security Blog
↧
Boston Officials Did Not Shut Down Cell Network After Marathon Bombing
Secuobs.com : 2013-04-16 16:23:06 - Slashdot Your Rights Online - An anonymous reader writes with this excerpt from Motherboard about the immediate aftermath of yesterday's bomb attack in Boston, which attempts to explain the unsurprisingly poor accessibility of the cellular network after the blasts Gut instinct suggests that the network must've been overloaded with people trying to find loved ones At first, the Associated Press said it was a concerted effort to prevent any remote detonators from being used, citing a law enforcement official After some disputed that report, the AP reversed its report, citing officials from Verizon and Sprint who said they'd never had a request to shut down the network, and who blamed slowdowns on heavy load Motherboard's Derek Mead was able to send text messages to both his sister and her boyfriend, who were very near the finish line, shortly after the bombing, which suggests that networks were never totally shut down Still, shutting down cell phone networks to prevent remote detonation wouldn't be without precedent It is a common tactic in Pakistan, where bombings happen with regularity IMAGE IMAGE Share on Google Read more of this story at Slashdot IMAGE IMAGE IMAGE IMAGE
↧