Category: General Security

06/23/10

Permalink 03:19:11 pm, by Zach Brewer, 295 words
Categories: Security Advisories, General Security, BigFix

Application Whitelisting and MS Authenticode

F-Secure has recently reported of "…tens of thousands of malware samples that have been signed (with MS Authenticode)."MS Authenticode uses digital signatures (code signing) to authenticate software and inform the user of the fact that the software w… more »

06/14/10

Permalink 11:58:08 am, by Zach Brewer, 75 words
Categories: General Security, Pen Testing

Extend MetaSploit Meterpreter Ruby to Allow Direct Windows API Calls (Railgun)

An interesting MetaSploit extension was recently posted to the MetaSploit mailing list. Railgun is an extension that allows for direct access to the Windows API (any existing or uploaded DLL on the target system) through Meterpreter. Railgun knows arou… more »

05/19/10

Permalink 05:21:22 pm, by Zach Brewer, 176 words
Categories: General Security, Pen Testing

MetaSploit Releases "MetaSploitable" Vulnerable Pen-Testing Image

A common question in the security world is "what do you recommend for a pen-testing lab?" This question is typically followed by another question (at least when I'm asked): What specifically are you interested in - web application security (SQL injecti… more »

05/17/10

Permalink 10:57:27 am, by Larry Boggis, 303 words
Categories: General Security

"If Interested" - Latest Email (419) Scam

It's Monday, and this one was just too funny not to post. My favorite line is: "In order to become our financial manager for cooperation with private individuals You ARE NOT OBLIGED TO HAVE ANY HIGHER OR PROFESSIONAL EDUCATION." --Complete Email Be… more »

04/20/10

Permalink 10:21:27 am, by Chad Sullivan, 104 words
Categories: General Security

OWASP Top 10 for 2010 Released

The OWASP has released its Top 10 for 2010 document which can be found here. As published on their site, the top 10 Risks are: A1: Injection A2: Cross-Site Scripting (XSS) A3: Broken Authentication and Session Management A4: Insecure Direct Ob… more »

1 2 3 4 5 6 7 8 9 10 11 ... 19 >>

Priveon, Inc.

Today's complex security and networking solutions require a great deal of knowledge to successfully support and operate. Priveon uses the field experience of its expert staff to develop and maintain a positive reinforcement loop between business practices and to provide the latest information to our customers. The information posted here is supported by Priveon subject-matter experts.

Search

XML Feeds

Archives

©2010 by Priveon, Inc.