NetSec
  corner   



HOME

LINUX

CYBERLAW

VIRTUALIZATION

Bugtraq

Packetstorm

FD

GrokLaw


RSS Feed


Netsec, comsec, infosec and IA news, research and trends

 

1.31.2007

 
Video of Windows XP 0-Day in the Wild

 
GRC's ultra high security password generator

 
For those who noticed that there are multiple svchost entries in their TASKLIST logs.

 
Blocking unwanted Parasites with a Host File



1.30.2007

 
TechWorld: How to protect your DNS servers from hackers

 
Michael Sutton's BLOG: Evaluating Security Tools

 
Fundamental Computer Investigation Guide For Windows

 
Real-ID: Costs and Benefits

 
Nissan Motor Is Suing Nissan Computer For Trademark Infringement, Trademark Dilution And Cyber-Squatting - from Daniel



1.29.2007

 
The recent data breach at TJX demonstrates the important of encrypting sensitive data. Larry Ponemon, of the Ponemon Institute, states that encryption can help minimize the effects of a breach and insulate firms from liability.

 
Yet another web based Caesar cipher - from Bill



1.26.2007

 
ACFE: 2006 Report to the Nation on Occupational Fraud & Abuse

 
FCW.COM: Three National Institutes of Standards and Technology (NIST) articles:



Article found on FCW.COM: Data Protection



1.25.2007

 
DIEBOLD VOTING MACHINE KEY COPIED FROM PHOTO AT COMPANY'S OWN ONLINE STORE!

 
Call for Papers - The 7th Annual Digital Forensic Research Workshop (DFRWS 2007)

 
ForensicWiki maintains a great list of Upcoming Events

 
CIA - Now on Facebook

 
CONFERENCE: NSI's Impact 2007. The National Security Institute's 22nd Annual National Security Forum April 2 - 4, 2007 • Falls Church, VA

 
Download: TechRepublic's Ultimate Guide to Enterprise Wireless LAN Security



1.24.2007

 
Cisco Security Advisory: Crafted TCP Packet Can Cause Denial of Service

 
Cisco Security Advisory: Crafted IP Option Vulnerability

 
Cisco Security Advisory: IPv6 Routing Header Vulnerability

 
Digest: NSI's Security Newswatch for 20 Jan 2007



1.23.2007

 
802.11n in all but name: draft hardware in the clear

 
Crypto Law Survey

 
Generating Policies for Defense in Depth



1.22.2007

 
Rootkits for Fun and Profit

 
INTERNET RESOURCES FOR COMPUTER FORENSICS



1.21.2007

 
SPIE-IPv6: Single IPv6 Packet Traceback



1.20.2007

 
Investigations Involving the Internet and Computer Networks

 
Swedish bank hit by 'biggest ever' online heist



1.19.2007

 
List of frequently seen TCP and UDP ports and what they mean.



1.18.2007

 
Three from SearchSecurity.Com:
Improve Web application security with threat modeling

Ten Dos and Don'ts for Secure Coding

Software security flaws begin and end with Web application security

 
Review: Six Rootkit Detectors Protect Your System (Interesting Result...)

The Surprising Security Threat: Your Printers (Not really surprising if you think about it...)

 
Now, for something a little different... The MIT IFTFP Hack Gallery

 
PDF Download: Security in the World of Web 2



1.17.2007

 
Open Source Digital Forensics Tools: The Legal Argument by Brian Carrier

 
Immunity SILICA - Redefining Penetration Testing

 
Digital Forensics using Linux and Open Source Tools by Bruce Nikkel

 
Evaluating Commercial Counter-Forensic Tools - by Matthew Geiger of Carnegie Mellon University

 
Zero-Day exploits are exploits that come out after the public release of a particular vulnerability and before (or on the same day) of a patch for that vulnerability. This window of opportunity can be minutes, days, weeks or even longer and Zero-Day refers to this period of time.

eEye Research is a company that has made a commitment to stay on top of current vulnerabilities, create solutions for them and as one of their services, provide an online Zero-Day information Control Panel that they call the Zero-Day Tracker to list all active and patched Zero-Day vulnerabilities, complete with full descriptions, work-arounds and other important information.

 
Jefferson Lab - Open House

 
Choosing Secure Passwords from Matt

 
Comprehensive list of downloads: NSA Security Guidelines

 
Download: TCP: Fundamentals and General Operations



1.16.2007

 
Rootkit Basics

 
Malicious Intrusion Techniques - A Review of Rootkits, Bots, Trojan Horses, and Remote Access Trojans (RATs)

 
On the Effectiveness of Probabilistic Packet Marking for IP Traceback under Denial of Service Attack

 
Backtracking Intrusions

 
Database Journal: The Role of the DBA Related to Insider Threats and Regulatory Compliance



1.15.2007

 
FBI: NEW TWIST CONCERNING THREAT AND EXTORTION E-MAILS

 
Rainbow table targets Word, Excel crypto

 
Uninformed Journal Volume 6



1.14.2007

 
Tables of Equivalents for people going from Windows to Linux

 
The Epic Battle of Software and the current battle lines.



1.13.2007

 
Security, privacy and DRM: My wishes for 2007



1.12.2007

 
Free Magazine Subscription: Information Security Magazine

 
CIO Blogs: I'm violating our corporate email policy...and I love it!



1.11.2007

 
Developer.com: Securing a Web Service the Low-Tech Way

 
Linux Lockpicks for Whitehat Locksmiths

 
Here is the paper referenced in Theobromine's post earlier today: Technology Collection Trends in the U.S. Defense Industry - 2006

 
Getting Physical with the Digital Investigation Process

 
Computer Forensics Field Triage Process Model

 
The Enhanced Digital Investigation Process Model

 
Open Source Spying

 
iDefense: Remote Arbitrary Code Execution Vulnerabilities in Vista & IE 7.0 - Prize Amount: $8,000 - $12,000 - Submission Deadline: Before Midnight EST on March 31, 2007

 
Spy transmitters in Canadian coins - Canadian coins containing tiny transmitters have mysteriously turned up in the pockets of at least three American contractors who visited Canada, says a branch of the U.S. Defence Department.



1.10.2007

 
Presentation - Backtracking Algorithmic Complexity Attacks Against a NIDS

Paper - Backtracking Algorithmic Complexity Attacks Against a NIDS

 
Download: NIST: Information Security Handbook: A Guide for Managers

 
Download: NIST: Glossary of Key Information Security Terms

 
Computer & Network Forensics - Presentation by Dr. Peter Stephenson

 
For Windows Vista Security, Microsoft Called in Pros - from Andy

 
Attack of the Zombie Computers Is Growing Threat - from Andy

 
Seagate's Full Disk Encryption

 
Download: "The 60 Minute NSA Network Security Guide"



1.09.2007

 
How to Save the Classics

 
Sony fined by French court for DRM music

 
2007 Predictions

 
The Insider Threat To Information Systems by By Eric D. Shaw, Ph.D., Keven G. Ruby, M.A. and Jerrold M. Post - from Glen

 
Microsoft Excel Long Palette Heap Overflow Vulnerability - Office is going to continue to be the source of enterprise vulnerability for some time to come. I see no end. Feature creep has it's price.

 
Daily Dave: Today's patches - Microsoft January Bulletin



1.08.2007

 
Security Hole Found in Adobe Acrobat Reader Browser Plug-In

 
Black Hat USA 2007 - Registration Only $1095 until Feb 28th

 
"10 things you should know about privacy protection and IT"



1.07.2007

 
Attack of the Zombie Computers Is Growing Threat

 
"The Pitfalls of Full Disk Encryption"



1.06.2007

 
On-the-fly RAM Tests

 
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Secure Access Control Server

 
President Bush to U.S. citizens - I now have the right to read your postal mail without your knowledge or a warrant.



1.05.2007

 
IE users at risk for 284 days in 2006

 
Voice over IP under threat

With Fedora 7, "There will be no more releases of Fedora Core or Fedora Extras." Just Fedora.



1.04.2007

 
The Month of Apple Bugs, Apple responds by assigning an engineer to fix the problems.

 
The Darknet and the Future of Content Distribution by Peter Biddle, Paul England, Marcus Peinado, and Bryan Willman

 
HD-DVD DRM Cracked

 
13 Easy Ways to Safeguard Your Privacy in 2007 - from Aaron

 
Steps for Recovering from a UNIX or NT System Compromise

 
Patent lawsuit filed over Bluetooth tech - from Daniel

 
NAC: A User’s Guide - from Glen

 
Encrypted file system recovery

 
VMware Workstation 6.0 Beta Release



1.03.2007

 
FDIC Putting an End to Account-Hijacking Identity Theft

 
Forensic Focus: Computer Forensics News, Information, and Community

 
"Five Hackers Who Left a Mark on 2006"



1.02.2007

 
Stealing Your Family Vacation: Memories of a Media Card
Bluetooth Hijacking (phone)

 
Peltier Associates - 2006 Year in Review

 
The Art of Software Security Assessment - Fun With Impersonation



1.01.2007

 
Open Relay DataBase (ORDB) blacklist project shuts down





This page is powered by Blogger.


Site Meter Locations of visitors to this page