Clik here to view.
Oracle Critical Patch Update April 2012
Oracle releases its Critical Patch Updates (CPUs) on a quarterly schedule and today made public its April edition with patches for many of its product lines. Oracle patches are usually so massive (88...
View ArticleClik here to view.
Hack Naked TV Episode 31
In this edition of Hack Naked TV we discuss AV an how we fail to implement it correctly in our environments. Links for this episode: Bypassing AV for the sake of Forensic Analysts everywhere A couple...
View ArticleClik here to view.
Apple Remote Fail
So I decided to go for the whole Apple TV thing and it was very easy to install as expected. The only odd thing was that as I was navigating through the NetFlix menus, I noticed my Mac’s volume going...
View ArticleClik here to view.
Protecting the Systems that Power Our Nation
Mark Trump is an application engineer at FoxGuard Solutions. FoxGuard provides cyber security and regulatory compliance assistance for critical infrastructure and industrial control systems. Recently,...
View ArticleClik here to view.
Network Security Podcast, Episode 274
The gang is scattered to the wind. Rich is off at some random Margaritaville and Zach is pretending he has a real life and a new job or something. So Martin called out the cavalry and is joined...
View ArticleClik here to view.
United States Army: Security Recruiting, The Challenge
Interesting screed, via Network World's Ellen Messmer detailing the challenges faced by the Army of the United States of America, in that branch of the service's efforts targeting the recruitment of...
View ArticleClik here to view.
Clik here to view.
Career Advice Tuesday – “ I Have Nothing Against Profit”
Dear Infosecleaders: I am writing to you because I would like some advice on how to make a transition as an Information Security leader from a non-profit entity to a large enterprise. For the past five...
View ArticleClik here to view.
InfoSec Daily Podcast Episode 647
Episode 647 - Quantum Encryption,TriCk, 100 days, Mimikatz, and MySQL DoS
View ArticleClik here to view.
SBN Sponsor Post
Get the very latest news all in one place. Become a Facebook fan of RSA Conference. http://on.fb.me/p1hr8l
View ArticleClik here to view.
Year Of Security for Java – Week 16 – Set a Soft Session Timeout
What is it and why should I care? A session timeout is an important security control for any application. It specifies the length of time that an application will allow a user to remain logged in...
View ArticleClik here to view.
Prototyping Mitigations with DBI Frameworks
A couple weeks ago I had the privilege of both attending my first Austin Hackers Association meeting and speaking at the first Infosec Southwest conference in Austin, Texas. I had been wanting to visit...
View ArticleClik here to view.
Review: GFI LanGuard – An enterprise solution on an SMB budget
Having tried out other GFI software and been truly happy with them, we decided to try out another one of their products, GFI LanGuard. GFI LanGuard offers patch management, software deployment,...
View ArticleClik here to view.
Incite 4/18/2012: Camión de Calor
It was a Mr. Mom weekend, so I particularly appreciated settling in at the coffee shop on Monday morning and getting some stuff done. And it wasn’t just trucking the kids around to their various...
View ArticleClik here to view.
Stored Cross Site Scripting via File Upload
Stored Cross-Site Scripting (XSS) is one of the major flaw in Web Applications, and it is also one of the difficult form of Cross-Site Scripting to be detected by Automated Scanners. A simple example...
View ArticleClik here to view.
AV Is Dead. Again. Apparently.
A hat-tip to Kurt Wismer for drawing my attention via Security Memetics to a test (of sorts) described on a SANS web site. @robtlee specifically claims that “This isn’t an anti-AV or HIDS write-up…”...
View ArticleClik here to view.
ICANN Oops…
http://www.icann.org/en/news/announcements/announcement-14apr12-en.htm Actually, can anybody find a web site privacy policy for icann.org? Maybe I’m blind, but I can’t find it… “14 April 2012...
View ArticleClik here to view.
No Reservations – Remote Access Trojan Pilfers Credit Cards from Hotels
Our intelligence center researchers recently uncovered attack code being sold in underground forums that uses a remote access Trojan to steal credit card information from a hotel point of sale (PoS)...
View ArticleClik here to view.
Reported bad domains
CLKTURN.NET ICANN Registrar: Todaynic.com Created 9 March 2012 IP: 85.93.18.203 Registrant: Marcos P Robledo, marcosprobledoint@gmail.com Shares IP with advirginmobile.com and impsserv.com (that first...
View ArticleClik here to view.
New Bill wants internet to be censored from porn by default
A new Bill wants to protect children by requiring all users to opt-in if they want to access porn. This would create a system of censorship by default. Is this necessary when parents already have...
View Article