This is the first chapter from the Introduction to Security and Network Forensics book by Prof Bill Buchanan. Book: Introduction to Security and Network Forensics, ISBN: 084933568X. There is more information at: http://asecuritybook.com/unit01.html The HD version is at: http://youtu.be/iHtJxxLJtdw
Intro to Sec. and Net. Forensics: 1 Intro. to Security Read More »
By Bill Brenner Core Security recently hired Research Now to poll 100 CEOs and 100 C-level security practitioners regarding the level of attention CEOs pay to threats against their companies. According to the findings Core released this morning, that level of attention isn’t much. “The survey found that these two exec groups remain far apart
Are CEOs nodding off in those security meetings? Read More »
Certain versions of the open source database software can be hacked simply by entering a wrong password over and over again A security vulnerability affecting certain versions of open source database software MySQL allows hackers to gain access by simply entering an incorrect password repeatedly. The vulnerability was reported over the weekend by Sergei Golubchik,
“Tragically comedic” MySQL security flaw exposed Read More »
ajai singh Full Credit goes to MaXe for his amazing thread ___ -:: Introduction ::- ___ What is XSS and what does it refer to?XSS aka Cross Site Scripting is a client-side attack where an attacker can craft a malicious link, containing script- code which is then executed within the victim’s browser when the target
The Beginners Guide to XSS Read More »
Your birthday. The names of your friends and family. The name of your hometown or where you live. If someone knew these things about you, you might expect them to be an acquaintance or a friend; someone you would trust with this information. However the information that once formed the social currency of trust is
LinkedIn confirmed some have been breached, experts say users can check to see if yours is one By Brandon Butler, Network World As reports have swirled throughout the day that approximately 6.5 million LinkedIn passwords have been leaked, security experts have been trying to figure out what happened, as well as checking to see if
How to determine if your LinkedIn password has been compromised Read More »
An unknown hacker posted the lists online and asked for help in cracking them. by Dan Goodin A partial list of the 6.5 million passwords leaked by someone identified as dwdm. The list contains strong passwords that were unique to LinkedIn, leading to speculation that’s were the passwords originated. Dan Goodin, Ars Technica An unknown
8 million leaked passwords connected to LinkedIn, dating website (updated) Read More »
True, sometimes the big discoveries are the daughters of the case. That’s what happened to Panos Ipeirotis, a researcher of the New York University, he has discovered a new technique of attack on his Amazon web service using Google Spreadsheets. The methods of attack is a DDoS type and the researcher has named it as
Google used as cyber weapon. New attack method found Read More »
lame Malware Spread Via Rogue Microsoft Security Certificates Microsoft released an emergency Windows update on Sunday after revealing that one of its trusted digital signatures was being abused to certify the validity of the Flame malware that has infected computers in Iran and other Middle Eastern Countries. The patch revoked three intermediate Microsoft certificates
Flame Malware Spread Via Rogue Microsoft Security Certificates Read More »
Finding out your Gmail account was hacked would be bad news, but how about if that attack was from suspected state-sponsored hackers? “Warning: We believe state-sponsored attackers may be attempting to compromise your account or computer.” If Google suspects you’ve been targeted by such bad actors, then Google Online Security Blog announced you will see that
Gmail hacked by cyber-spies? Google issues security warning for state-sponsored attacks Read More »
