Monday, January 12, 2009
Around The Horn vol.1,7
Alert
Jan 11, 2009 (19 hours ago)
Caveat Emptor, (Sun, Jan 11th)
from SANS Internet Storm Center, InfoCON: green
Jon dropped us a note pointing to an interesting article by Gene Spafford on the dangers of automati ...(more)...
Security News
4:01 AM (2 hours ago)
OWASP (Open Web Application Security Project) Testing Guide v3 Released
from Darknet - The Darkside by Darknet
This project’s goal is to create a “best practices” web application penetration testing framework which users can implement in their own organizations and a “low level” web application penetration testing guide that describes how to find certain issues. Version 3 of the Testing Guide was released in last month in...Read the full post at darknet.org.uk
4:01 AM (2 hours ago)
Cisco Vulnerability Given ‘Write Once, Run Anywhere’ Treatement
from Darknet - The Darkside by Darknet
This is an interesting development in router security, Cisco bugs have been popping up now and then - not that often - but usually when they do they are quite serious. The problem with them was you needed so many variations unless you were just targeting one specific router, with that specific version of IOS and [...]Read the full post at darknet.org.uk
Jan 11, 2009 (18 hours ago)
How do you get started in Information security?
from SANS Technology Institute - Security Laboratory
This article considers getting started in computer and network security (physical or facilities security is out of the scope of this writing). This is an introduction; you may want to consider our introductory course if you find you are interested in learning more about security, intro to Information Security. -- Aurora Report says this is an older post but always a nice refresher.
Jan 11, 2009 (18 hours ago)
2005-08-25 - GIAC Honors Paper
from SANS Press Room
GIAC Honors Paper Computer Forensics Investigation Analyze an Unknown Image
6:30 AM (16 minutes ago)
National Academy calls for export restriction rethink
from Ars Technica by jonathan@arstechnica.com (Jonathan M. Gitlin)
The National Academy of Sciences has released a report on national security, export controls, and visa regulations, and it suggests that these issues need serious reform.
-- Aurora Report says nice to start out a little slow on a Monday , don't forget Microsoft Black Tuesday and Oracle Quarterly Patches are due out tomorrow.
Subscribe to:
Post Comments (Atom)
My Blog List
-
-
Patch Tuesday, May 2024 Edition - Microsoft today released updates to fix more than 60 security holes in Windows computers and supported software, including two "zero-day" vulnerabilities i...2 hours ago
-
Google to Roll Out 'Gems,' Personalized Versions of Gemini - CNET - The announcement came during Google's annual developers conference.
2 hours ago -
-
Cybersec chiefs team up with insurers to say 'no' to ransomware bullies - Guidebook aims to undermine the criminal business model The latest effort to reduce the number of ransom payments sent to cybercriminals in the UK involve...6 hours ago
-
Anybody knows that this URL is about? Maybe Balena API request?, (Wed, Feb 7th) - Yesterday, I noticed a new URL in our honeypots: /v5/device/heartbeat. But I have no idea what this URL may be associated with. Based on some googleing, I ...3 months ago
-
Best EDR Of The Market (BEOTM) – Endpoint Detection and Response Testing Tool - BestEDROfTheMarket is a naive user-mode EDR (Endpoint Detection and Response) tool designed to serve as a testing ground4 months ago
-
My Last Email with W. Richard Stevens - In the fall of 1998 I joined the AFCERT. I became acquainted with the amazing book *TCP/IP Illustrated, Volume 1: The Protocols* by W. Richard Stevens...
10 months ago -
Comic for March 12, 2023 - Dilbert readers - Please visit Dilbert.com to read this feature. Due to changes with our feeds, we are now making this RSS feed a link to Dilbert.com.1 year ago
-
87% of Container Images in Production Have Critical or High-Severity Vulnerabilities - At the inaugural CloudNativeSecurityCon, DevSecOps practitioners discussed how to shore up the software supply chain.1 year ago
-
Vulnerability Summary for the Week of November 29, 2021 - Original release date: December 6, 2021 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info abb -- rtu50...2 years ago
-
AA21-336A: APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus - Original release date: December 2, 2021 Summary *This joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (AT...2 years ago
-
20 years of CGISecurity: What appsec looked like in the year 2000 - Just realized that 20 years have passed since I started this site to learn more about web security threats. What 'appsec' looked like in 2000 OWASP didn't ...3 years ago
-
Ransomware: Why one city chose to the pay the ransom after falling victim - Posted by InfoSec News on Aug 12 https://www.zdnet.com/article/ransomware-why-one-city-chose-to-the-pay-the-ransom-after-falling-victim/ By Danny Palmer Z...3 years ago
-
What the newly released Checkra1n jailbreak means for iDevice security - There are reasons to embrace it. There are reasons to be wary of it. Here's the breakdown.4 years ago
-
Privacy and Mobile Device Apps - Original release date: July 9, 2019 | Last revised: November 15, 2019 What are the risks associated with mobile device apps? Applications (apps) on your sm...4 years ago
-
44CON 2018 - 12th-14th September, London (UK) - Posted by Steve on Feb 28 44CON 2018 is the UK's best annual Security Conference and Training event. The conference spans 2.5 days with training on the 1...6 years ago
-
Cryptopp Crypto++ 5.6.4 octets Remote Code Execution Vulnerability - Crypto++ (aka cryptopp and libcrypto++) 5.6.4 contained a bug in its ASN.1 BER decoding routine. The library will allocate a memory block based on the leng...6 years ago
-
V2V Communications security considerations - The future of vehicles, road infrastructure and driving are changing. We are progressing with vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) ...7 years ago
-
vTech – ignorance is no defence (and neither are weasel words) - This morning, Troy Hunt published a blog post alerting to a recent change in the Terms & Conditions published by children’s toy manufacturer vTech. The cha...8 years ago
-
DOJ probing claims U.S. drug agency 'collaborated' with NSA on intelligence - The U.S. Justice Dept. said it was "looking into the issues" raised by an Reuters story, that one of its law enforcement agencies collaborated with the NSA...10 years ago
-
-
-
-
-
-
-
-
-
Posts
No comments:
Post a Comment