Among the myriad of challenges that penetration testers/ ethical hackers / auditors face today , effecient sharing of information about the vulnerability scans and exploits that have been identified presents itself as the greatest challenge. A tool to overcome this challenge will be a boon to pen testers. Continue reading “Dradis – A tool for sharing pen test reports”
Home is a hotbed for viruses
As per the 2011 Parent-Teen Internet Safety Report of GFI Software, in a survey of 1,070 adults and teenagers, at least 90% of parents who have work computers reveal that they have taken them home and used them for non-work related purposes, and 37% of these said they let their teens use them as well. Continue reading “Home is a hotbed for viruses”
How hackers operate?
People who try to breach computer security should be called crackers ideally, rather than hackers.So, hackers, as popularly defined, are computer experts who spend enormous amounts of time trying to breach the security of networks, Web servers and email servers. Normally hackers use a selection of specialist software to identify the weaknesses, which are then exploited. Continue reading “How hackers operate?”
Is it safe to bank online?
The answer is not very safe. Internet banking is automatically conducted over a relatively safe kind of Internet connection called Secure Socket Layers, and the banks themselves have high security which is rarely breached, but the weak link is your own personal computer. Continue reading “Is it safe to bank online?”
Assessing Internet Explorer 9
In September 2010, Microsoft commissioned a study to see how effectively Web browsers protect users against socially engineered malware and malicious websites, which are websites that look benign, but aim to convince visitors to download and execute malicious software. NSS Labs conducted tests involving six browsers using real-world threats that showed the beta version of Microsoft’s Internet Explorer 9 (IE9) does a better job of defending against real-world malware than any other browser. Continue reading “Assessing Internet Explorer 9”
Whaling – an advanced and more focused model of Phishing
Whaling describes the most focused type of phishing currently encountered by businesses or government – targeted attacks against groups of high-level executives within a single organization, or executive positions common to multiple organizations (e.g. the CTO or CFO).
In a whaling attack, the phisher focuses upon a very small group of senior personnel within an organization and tries to steal their credentials – preferably through the installation of malware that provides back-door functionality and keylogging.
Continue reading “Whaling – an advanced and more focused model of Phishing”
With hacking, music can take control of your car
Remote-controlled car hacking is a real possibility, researchers say
Researchers at the University of California, San Diego, and the University of Washington have spent the past two years combing through the myriad computer systems in late-model cars, looking for security flaws and developing ways to misuse them. In a new paper, they say they’ve identified a handful of ways a hacker could break into a car, including attacks over the car’s Bluetooth and cellular network systems, or through malicious software in the diagnostic tools used in automotive repair shops.
Continue reading “With hacking, music can take control of your car”
Lessons from the Sony Playstation Network Hack
Sony Playstation’s network was hacked into about a week ago. Read on for a CIO’s checklist.
Continue reading “Lessons from the Sony Playstation Network Hack”
ISO Standard for Cloud Security to augment the Cloud Controls Matrix
The Cloud Security Alliance (CSA) has announced that it will partner with ISO to develop key standards for cloud security.
CSA will have a key role in the development of cloud security and privacy standards under ISO/IEC.
Continue reading “ISO Standard for Cloud Security to augment the Cloud Controls Matrix”
Emerging Research – Make Weak Passwords Strong
It has been a consistent challenge to ensure strong password controls due the human element involved. Researchers at the Max Planck Institute for Physics in Dresden, Germany, may have found a solution. Continue reading “Emerging Research – Make Weak Passwords Strong”