|
EH-Net
|
|
May 21, 2013, 03:23:59 AM
|
|
3932
|
Ethical Hacking Discussions and Related Certifications / Malware / Spam, Phishing and Zombie Stats
|
on: January 17, 2006, 12:17:13 PM
|
Here are some interesting numbers from CipherTrust: Sources of Spam United States 37.76% Republic of Korea 18.07% China 8.4% France 3.52% Canada 3.26% Phishing Attacks CitiBank 54.16% Smith Barney 13.48% SunTrust 10.02% Paypal 7.57% Wells Fargo 5.42% ZombieMeter - This month's Top 10 Country Percentage Total United States 19.08% 964020 China 14.56% 735598 South Korea 9.61% 485492 Germany 5.99% 302618 France 5.69% 287368 Brazil 5.56% 281168 Japan 3.70% 186691 United Kingdom 3.13% 158009 Spain 2.96% 149634 For updated numbers and other stats: http://www.ciphertrust.com/resources/statistics/Don |
|
|
|
|
3933
|
EH-Net / Calendar Of Events / IT Security World 2006
|
on: January 17, 2006, 11:52:18 AM
|
This Event is Under Development -- Details Coming Soon! IT Security World Conference & Expo 2006A blockbuster program that tackles the full spectrum of security challenges and offers real-world, unbiased solutions in focused technical sessions, getting to the heart of your e-security and network demands. The Sector Summits Supplement your IT Security World Conference experience by attending one of the highly targeted Summits below: - FinSec - Tailored to the needs of information security professionals in the financial sector
- GovernmentSec - For those in state and federal service who need to focus on the security interests of government
- HealthSec - A proven roadmap for healthcare information security professionals to optimize security in a HIPAA and e-health world
- CISO Executive Summit - A unique opportunity for today's IT security thought leaders to swap ideas and learn from their peers in leading organizarions
Location: San Francisco, CAhttp://www.misti.com/default.asp?page=65&Return=70&ProductID=5091 |
|
|
|
|
3934
|
EH-Net / Calendar Of Events / InfoSec World 2006
|
on: January 17, 2006, 11:48:20 AM
|
Don't miss this year's event with an all new program packed with powerful keynotes and seasoned speakers, bonus sessions, special programs, a buzzing expo hall, networking receptions, live demos and so much more! To help you meet your infosec challenges in 2006 we're building a blockbuster event that is better than ever! Real-world solutions in over 90 targeted sessions and 17 workshops, PLUS: - The InfoSec World Expo
- The CISO Executive Summit
- The Security Compliance Summit
- Technology Update Sessions
- Beat-the-System Hacker Challenge
- Wake-Up Bonus Session
- And much, much more!
This year's keynote addresses will expand your mind and inspire you to think about information security from fresh perspectives: Tom Ridge First Secretary of Homeland Security; Former Governor of Pennsylvania Peter Bergen Prominent Terrorism Analyst; Author, Holy War Inc.: Inside the Secret World of Osama Bin Laden Kevin Ashton Co-Founder and Former Executive Director, Auto-ID Center, MIT; Author, The Internet of Things: RFID, Sensors and the New Age of Business & Computing Jeff Jonas Chief Scientist and Distinguished Engineer, IBM Entity Analytics Disney's Coronado Springs Resort 1000 West Buena Vista Lake Buena Vista, FL 32830-1000 Reservations Direct Telephone: (407) 939-1020 FAX: (407) 939-1012 http://www.misti.com/CoronadoHotelInfoSec World Conference & Expo 2006April 3-5, 2006, Orlando, FL Optional Workshop(s): April 1, 2, 5, 6 & 7, 2006 Expo Dates: April 3 & 4 |
|
|
|
|
3935
|
Features / /root / IE7 More Secure Than Firefox & Netscape
|
on: January 17, 2006, 11:25:57 AM
|
Let's stir up a little controversy, shall we? We all know the problems of IE and how MS is reworking the browser based on great competition from Firefox. And, although still in beta, an interesting article in this month's Information Security Magazine picked IE7 as the most secure. http://informationsecurity.techtarget.com/magItem/0,291266,sid42_gci1154841,00.htmlYou do have to register to see the full article, so know that going in.You be the judge and let the discussion begin. Let's try to keep this civil and on topic. Let's talk about IE7 (beta) and not previous versions. Don |
|
|
|
|
3936
|
Resources / Tools / HoneyMonkey - Microsoft Research Honeypot
|
on: January 17, 2006, 10:51:43 AM
|
Strider HoneyMonkey is a Microsoft Research project to detect and analyze Web sites hosting malicious code. The intent is to help stop attacks that use Web servers to exploit unpatched browser vulnerabilities and install malware on the PCs of unsuspecting users. Such attacks have become one of the most vexing issues confronting Internet security experts. Strider HoneyMonkey is a project of the Cybersecurity and Systems Management group in Microsoft Research. http://research.microsoft.com/HoneyMonkey/Don |
|
|
|
|
3937
|
EH-Net / Calendar Of Events / Re: ShmooCon 2006
|
on: January 15, 2006, 10:11:03 PM
|
ShmooCon Makes Washington Post with Windows Wireless Flaw Windows Wireless Flaw a Danger to Laptops
At the ShmooCon gathering in Washington, D.C., today, old-school hacker and mischief maker Mark "Simple Nomad" Loveless released information on a staggeringly simple but very dangerous wireless security problem with a feature built into most laptop computers running any recent version of the Microsoft Windows operating system.
Laptops powered by Windows XP or Windows 2000 with built-in wireless capabilities (these includes most laptops on the market today) are configured so that when the user opens up the machine or turns it on, Windows looks for any available wireless connections. If the laptop cannot link up to a wireless network, it creates what's known as an ad-hoc "link local address," a supposed "private network" that assigns the wireless card a network address of 169.254.x.x (the Xs represent a random number between 1 and 254).
Microsoft designed this portion of Windows so that the address becomes associated with the name or "SSID" of the last wireless network from which the user obtained a real Internet address. The laptop then broadcasts the name of that network out to other computers within a short range of the machine (which may vary depending a number of things, including the quality of the laptop's embedded network card and things that may obstruct the signal, like walls, e.g.).
What Loveless found was that by creating a network connection on his computer that matches the name of the network the target computer is broadcasting, the two computers could be made to associate with one another on the same link local network, effectively allowing the attacker to directly access the victim's machine. For full story: http://blogs.washingtonpost.com/securityfix/2006/01/windows_feature.htmlDon |
|
|
|
|
3938
|
Resources / Links to cool sites. / NIST - History of Computer Security
|
on: January 15, 2006, 10:03:57 PM
|
Never hurts to know from where you came.
This list of papers was initially distributed on CD-ROM at NISSC '98. These papers are unpublished, seminal works in computer security. They are papers every serious student of computer security should read. They are not easy to find. The goal of this collection is to make them widely available. This list was compiled by the Computer Security Laboratory of the Computer Science Department at the University of California, Davis. http://csrc.nist.gov/publications/history/
Happy reading, Don |
|
|
|
|
3939
|
Columns / Editor-In-Chief / Chicago Bears Out - 24 In
|
on: January 15, 2006, 09:56:57 PM
|
To show I do have somewhat of a normal life... The NFL Playoffs just got less interesting, for me at least. My home town Chicago Bears were eliminated today.  All is not lost. The 5th season of 24 started tonight.  As always, it was action packed, loaded with surprises and chock full of computer tech. What's not to love. Jazzed about watching the next 2 hours tomorrow night. Hope the wife can keep the young one preoccupied! Never hurts to have an off topic post every know and then. Don |
|
|
|
|
3940
|
Ethical Hacking Discussions and Related Certifications / General Certification / Re: What's the first cert to get?
|
on: January 13, 2006, 05:40:50 PM
|
First of all thanks for the compliment on the site. Much appreciated. Before I give you some thoughts, let me ask a few questions. Do you have a degree? Do you desire to eventually move into management or do you want to stay in the trenches and become an elite geek? I know you just started your 'professional career', but how many years exp. do you have in IT? in security? Do you like the OS side (MCSE, RHCE, etc.) or more of the network side (Cisco)? Do you code? Every path can be different. Not everyone has to start with an entry level CompTIA cert. Some can move ahead without them. Some really need it for the basic knowledge. Others need it to get into the swing of taking tech exams. This will help me start to answer your question. Don PS - Peruse our sister site for a broader view of security cert info - http://www.certifiedsecuritypro.com |
|
|
|
|
3941
|
Resources / Tools / Ophcrack 2 - The Fastest Windows Password Cracker
|
on: January 13, 2006, 12:10:31 AM
|
Whether or not you think it's a good idea to share these kinds of tools, we should always keep in mind that it is for educational uses. Let this be a reminder that as computers get faster, it becomes easier and faster to crack passwords. That is why 2 factor authentication, biometrics and pass-phrases are becoming the recommended way to go. That being said... go play and let us know what you think. http://ophcrack.sourceforge.net/Don |
|
|
|
|
3943
|
Resources / News from the Outside World / Symantec Rootkit Removed From SystemWorks
|
on: January 12, 2006, 11:50:32 PM
|
Symantec acknowledged that it was deliberately hiding a directory from Windows APIs as a feature to stop customers from accidentally deleting files but, prompted by warnings from security experts, the company shipped a SystemWorks update to eliminate the risk. A spokesman for Symantec referenced the Sony flap in a statement sent to eWEEK, but downplayed the risk to consumers. "In light of current techniques used by today's malicious attackers, Symantec re-evaluated the value of hiding the [previously cloaked] directory. Though the chance of an attacker using [it] as a possible attack vector is extremely slim, Symantec's update further protects computers by displaying the directory," the spokesman said. For full story: http://www.eweek.com/article2/0,1895,1910077,00.aspDon |
|
|
|
|
Loading...
|
Show Posts
General Certification : CPT Practical Submission
