By Kurt L Hudson Public key based cryptographic algorithms strength is determined based on the time taken to derive the private key using brute force methods. The algorithm is deemed to be strong enough when the time required to derive private key is prohibitive enough using the computing power at disposal. The threat landscape continues […]
RSA keys under 1024 bits are blocked Read More »
Gartner analyst says the future lies in a hybrid physical/virtual security technology By Ellen Messmer, Network World Gartner analyst Neil MacDonald’s specialty is security, and he not only keeps a close eye on what security vendors are doing, but he’s an advocate for change as fundamental network technologies evolve. Virtualization is having an enormous impact,
Metasploit code on Github gives remote access to BigIP By Richard Chirgwin • Get more from this author Mid-Tier Enterprises A vulnerability in F5 kit first announced in February may be in the wild, with code posted to Github purporting to be an exploit. The original advisory stated that vulnerable installations of F5’s BigIP and
Exploit posted for vulnerable F5 kit Read More »
This is the first chapter from the Introduction to Security and Network Forensics book by Prof Bill Buchanan. Book: Introduction to Security and Network Forensics, ISBN: 084933568X. There is more information at: http://asecuritybook.com/unit01.html The HD version is at: http://youtu.be/iHtJxxLJtdw
Intro to Sec. and Net. Forensics: 1 Intro. to Security Read More »
By Bill Brenner Core Security recently hired Research Now to poll 100 CEOs and 100 C-level security practitioners regarding the level of attention CEOs pay to threats against their companies. According to the findings Core released this morning, that level of attention isn’t much. “The survey found that these two exec groups remain far apart
Are CEOs nodding off in those security meetings? Read More »
Certain versions of the open source database software can be hacked simply by entering a wrong password over and over again A security vulnerability affecting certain versions of open source database software MySQL allows hackers to gain access by simply entering an incorrect password repeatedly. The vulnerability was reported over the weekend by Sergei Golubchik,
“Tragically comedic” MySQL security flaw exposed Read More »
ajai singh Full Credit goes to MaXe for his amazing thread ___ -:: Introduction ::- ___ What is XSS and what does it refer to?XSS aka Cross Site Scripting is a client-side attack where an attacker can craft a malicious link, containing script- code which is then executed within the victim’s browser when the target
The Beginners Guide to XSS Read More »
Your birthday. The names of your friends and family. The name of your hometown or where you live. If someone knew these things about you, you might expect them to be an acquaintance or a friend; someone you would trust with this information. However the information that once formed the social currency of trust is
LinkedIn confirmed some have been breached, experts say users can check to see if yours is one By Brandon Butler, Network World As reports have swirled throughout the day that approximately 6.5 million LinkedIn passwords have been leaked, security experts have been trying to figure out what happened, as well as checking to see if
How to determine if your LinkedIn password has been compromised Read More »
An unknown hacker posted the lists online and asked for help in cracking them. by Dan Goodin A partial list of the 6.5 million passwords leaked by someone identified as dwdm. The list contains strong passwords that were unique to LinkedIn, leading to speculation that’s were the passwords originated. Dan Goodin, Ars Technica An unknown
8 million leaked passwords connected to LinkedIn, dating website (updated) Read More »
