NOTE: For this to work you obviously need network connectivity first! this is explained here Ok guys, finally this is the definitive guide from the Backtrack guys themselves (source): Update Back|Track Linux: apt-get update && apt-get upgrade && apt-get dist-upgrade Update Metasploit: cd /pentest/exploits/framework3 && svn update Update the Social-Engineer Toolkit (SET): cd /pentest/exploits/SET && …
Thanks to Tadek for contributing to this weekly security news bulletin Feedback and/or contributions to make this better are appreciated and welcome Highlighted quotes of the week: “The media (and general community) responses on the nuke meltdown highlight human inability to contextualize risk.” – Rich Mogull “Getting a lot of enquiries lately to help orgs …
Category Index Hacking Incidents / Cybercrime Unpatched Vulnerabilities Software Updates Business Case for Security Web Technologies Network Security Mobile Security Privacy General Funny Hacking Incidents / Cybercrime Open Letter to RSA Customers [www.rsa.com] Like any large company, EMC experiences and successfully repels multiple cyber attacks on its IT infrastructure every day. Recently, our security systems …
This blog post will explain how to configure stunnel to allow non-SSL speaking tools (like for example netcat) to communicate with SSL protocols, in our example we will use HTTPS. Before stunnel, direct attempt of using a non-SSL tool: # nc www.example.com 443 HEAD / HTTP/1.0 .. 400 Bad Request Bad Request Your browser sent …
Feedback and/or contributions to make this better are appreciated and welcome Highlighted quotes of the week: “Pwn2own breaking news: browsers still have vulnerabilities, and there still are people who know how to exploit them.” – Michal Zalewski “Just reached a company CEO on his cell to tell him that his firm’s dbase & cust. CCs …
Category Index Hacking Incidents / Cybercrime Software Updates Business Case for Security Web Technologies Network Security Database Security Mobile Security Physical Security Tools Funny Hacking Incidents / Cybercrime Cord Blood Registry Notifies 300,000 Of Potential Data Loss [www.darkreading.com] Backup tapes stolen from employee's car contained unencrypted data The Cord Blood Registry earlier this week …
Thanks to Tadek and Toby for contributing to this weekly security bulletin! Feedback and/or contributions to make this better are appreciated and welcome Highlighted quotes of the week: “As a majority of security professionals know, there is more risk and a higher probability of an attacker causing mayhem from within an organisation than from outside …
Category Index Hacking Incidents / Cybercrime Unpatched Vulnerabilities Software Updates Business Case for Security Web Technologies Network Security Mobile Security Cryptography Privacy Funny / Odd Hacking Incidents / Cybercrime GhostMarket cyber crime forum fraudsters jailed [www.v3.co.uk] Four British men sentenced for their part in the largest cyber crime forum ever discovered The UK founder …
Quick note: As there seems to be an interest regarding mobile security I have decided to include that section of the full news in the summary, so the order for the summary will be now: business case for security, cloud security, mobile security, network security, web technologies, OWASP secure development guide snippet. You can always …
Category Index Hacking Incidents / Cybercrime Software Updates Business Case for Security Web Technologies Network Security Database Security Cloud Security Mobile Security Privacy and Censorship General Tools Funny Hacking Incidents / Cybercrime SpamIt, Glavmed Pharmacy Networks Exposed [krebsonsecurity.com] An organized crime group thought to include individuals responsible for the notorious Storm and Waledac worms …
