Link Here
1. Ethical Hacking and Penetration Testing
2. Footprinting and Reconnaissance
3. TCP/IP Basics and Scanning
4. Enumeration and Verification
5. Hacking and Defending Wireless/Modems
6. Hacking and Defending Web Servers
7. Hacking and Defending Web Applications
8. Sniffers and Session Hijacking
9. Hacking and Defending Windows Systems
10. Hacking and Defending Unix Systems
11. Rootkits, Backdoors, Trojans and Tunnels
12. Denial of Service and Botnets
13. Automated Penetration Testing Tools
14. Intrusion Detection Systems
15. Firewalls
16. Honeypots and Honeynets
17. Ethics and Legal Issues
Sunday, December 19, 2010
Saturday, November 20, 2010
Saturday, November 6, 2010
Be careful those that sit next to you on the plane...
Interesting imposter case link hereLink to pdf
Wednesday, November 3, 2010
Monday, November 1, 2010
Monday, October 25, 2010
Monday, September 27, 2010
Linkedin Fake Email - Password Stealing SPAM
Starting this morning, Monday 9/26, at 10am GMT, cyber criminals sent spam email messages targeting the LinkedIn social media community.
Victims are emailed an alert link with a fictitious social media contact request. These messages accounted for as much as 24% of all spam sent within a 15-minute interval. Clicking the link, victims are taken to a web page that says "PLEASE WAITING.... 4 SECONDS" and redirects them to Google. During those four seconds, the victim's PC is infected with the ZeuS data theft malware by a drive-by download. ZeuS embeds itself in the victim's web browser and captures personal information, such as online banking credentials, and is widely used by criminals to pilfer commercial bank accounts.
Organizations should encourage individuals to delete such requests, especially if they do not know the name of the contact. This is the second spam attack this month, preceded by the "Here You Have" email worm a few weeks ago. Cisco expects to see more spam messages containing malware sent to organizations to collect personal information.
Victims are emailed an alert link with a fictitious social media contact request. These messages accounted for as much as 24% of all spam sent within a 15-minute interval. Clicking the link, victims are taken to a web page that says "PLEASE WAITING.... 4 SECONDS" and redirects them to Google. During those four seconds, the victim's PC is infected with the ZeuS data theft malware by a drive-by download. ZeuS embeds itself in the victim's web browser and captures personal information, such as online banking credentials, and is widely used by criminals to pilfer commercial bank accounts.
Organizations should encourage individuals to delete such requests, especially if they do not know the name of the contact. This is the second spam attack this month, preceded by the "Here You Have" email worm a few weeks ago. Cisco expects to see more spam messages containing malware sent to organizations to collect personal information.
Thursday, September 23, 2010
Evercookie....why would you "ever" want this...Privacy other concerns
Link Here
evercookie is a javascript API available that produces
extremely persistent cookies in a browser. Its goal
is to identify a client even after they've removed standard
cookies, Flash cookies (Local Shared Objects or LSOs), and
others.
evercookie accomplishes this by storing the cookie data in
several types of storage mechanisms that are available on
the local browser. Additionally, if evercookie has found the
user has removed any of the types of cookies in question, it
recreates them using each mechanism available.
evercookie is a javascript API available that produces
extremely persistent cookies in a browser. Its goal
is to identify a client even after they've removed standard
cookies, Flash cookies (Local Shared Objects or LSOs), and
others.
evercookie accomplishes this by storing the cookie data in
several types of storage mechanisms that are available on
the local browser. Additionally, if evercookie has found the
user has removed any of the types of cookies in question, it
recreates them using each mechanism available.
Monday, September 13, 2010
Saturday, August 28, 2010
Thursday, August 12, 2010
Wednesday, August 11, 2010
Sunday, August 1, 2010
Microsoft Out of Band Patch - Monday Aug, 2
Microsoft is planning to release an out of band patch addressing the "Shortcut" vulnerability. The patch is scheduled for release on Monday, August 2nd, at 10am PDT.
Sunday, July 25, 2010
Friday, July 2, 2010
Sunday, June 27, 2010
Monday, June 14, 2010
Saturday, June 12, 2010
Sunday, May 30, 2010
Friday, May 28, 2010
Friday, May 21, 2010
Sunday, April 25, 2010
Sunday, April 18, 2010
Friday, April 16, 2010
Friday, April 9, 2010
IAM Reading
There are three volumes for this series and they are written very well!!.
I am listing volume III which i recently completed a review of.
IAM Success Tips: Volume III: Identity Access Management Design and Architecture Tips (Volume 3) (Paperback)
I am listing volume III which i recently completed a review of.
IAM Success Tips: Volume III: Identity Access Management Design and Architecture Tips (Volume 3) (Paperback)
Wednesday, April 7, 2010
Tuesday, March 30, 2010
Sunday, March 28, 2010
Saturday, March 27, 2010
Monday, March 22, 2010
Saturday, March 20, 2010
Monday, March 15, 2010
Saturday, March 6, 2010
IT Risk 101
Things to ask during problem/incident/risk management:
1. What is the issue?
2. What is the impact?
3. What is probability of this occurring once or repeating?
4. How can this be fixed?
5. Who is going to fix it?
6. How much is it going to cost?
7. How long is it going to take?
8. How is the fix going to be lined up with the overall long term strategy and architecture?
1. What is the issue?
2. What is the impact?
3. What is probability of this occurring once or repeating?
4. How can this be fixed?
5. Who is going to fix it?
6. How much is it going to cost?
7. How long is it going to take?
8. How is the fix going to be lined up with the overall long term strategy and architecture?
Wednesday, March 3, 2010
Tuesday, March 2, 2010
Sunday, February 28, 2010
Sunday, February 14, 2010
Saturday, February 6, 2010
Monday, January 18, 2010
SMB : Tips for Avoiding Data Stealing Malware
Create an internet use policy
Train employees
Implement a web content filter
Keep anti-virus solutions updated
Reduce privileges
Deploy application whitelisting and heuristic detection
Consider dedicating a PC only for online banking, not for surfing or email
Source: CyberPatrol/FBI
Train employees
Implement a web content filter
Keep anti-virus solutions updated
Reduce privileges
Deploy application whitelisting and heuristic detection
Consider dedicating a PC only for online banking, not for surfing or email
Source: CyberPatrol/FBI
Wednesday, January 6, 2010
Monday, January 4, 2010
Subscribe to:
Posts (Atom)
