Penetration Testing
75 Stories
Why you should hack your own systems
Insight perspective If you want to make sure your systems are safe from hackers, you've got to test, test and test, says analyst.
Tags: Hacking, Operating systems, Web servers, Spam and phishing, Data security, Security, Network security, Security Management, Phishing, SANS Institute
TCP flaws puts Web sites at risk
News Researchers testing a port scanner discover multiple flaws within the TCP stack which could create denial of service attacks under controlled circumstances.
Tags: Security, Web sites, TCP, Vulnerability, Flaw, penetration testing, podcast, DNS, denial of service, Sweden
Researchers to offer tool for hacking Oracle DBes
News During their upcoming presentation at Black Hat and Defcon hacker conferences, security experts will release tool that can be used to break into Oracle databases.
Tags: Business applications, Databases, Vulnerability, Database, Tool, SQL, SQL Injection, e-mail, hacking, Oracle Corp.
Understanding risk, threat and vulnerability
Techguide IT security, like any other technical field, has its own specialized language developed to make it easier for experts to discuss the subject. It pays to understand this jargon when researching security.
Tags: Security Management, Network security, Data security, Authentication, Security, Vulnerability, Attack, CompTIA, Chad Perrin, penetration testing
Ethical hackers get industry association
News The Council of Registered Ethical Security Testers has been launched to provide a trade body and professional body for penetration testers.
Tags: Security, Risk Management, Aviva Plc., Industry Association, Information Security, Web Application, Infosecurity Europe, penetration testing, London, Hacker
Microsoft launches Blue Hat security conference
News Dan Kaminsky and others will make presentations to Microsoft employees at the company's eighth Blue Hat security conference.
Tags: Security, Microsoft Corp., Conference, CSS, software company, penetration testing, software, DNS, Redmond, researcher
Get a complete security toolkit with BackTrack 3
Techguide The BackTrack LiveCD provides over 300 different tools that can be used by security professionals or system administrators. Vincent Danen tells you how to create a portable version on a USB keychain.
Tags: Open source, Linux, Security Management, Security applications/tools, KDE, Security, Tool, USB, reverse engineering, Computer
Rootkit threatens Cisco routers
News Routers and voice over IP phones could be compromised by attacks such as the Da IOS Rootkit disclosed over the weekend at a European security conference.
Tags: VoIP, Security, Routing/switching, Operating systems, Cisco Systems Inc., Rootkit, Password, phone, penetration testing, software
Security expert: DNS attacks are happening
News IOActive researcher Dan Kaminsky says people are looking for unpatched DNS systems and some attacks are due to a fatal vulnerability with the DNS Web address lookup system.
Tags: Network security, Domain names, Security, Vulnerability, Attack, Password, Server, phone, sensitive information, penetration testing
Massive, coordinated DNS patch released
News A fundamental flaw within the Domain Name System is being addressed by multiple vendors.
Tags: Security, Domain Name, Flaw, penetration testing, DNS, bank, researcher, 32-bit, ZyXEL Communications Corp., Internet
Security researchers and vendors to call a truce?
News news analysis Security researchers pull presentation on Web attack method to give Adobe time to develop a patch in the latest case of researchers voluntarily restraining on disclosing vulnerabilities. Is compromise the answer?
Tags: Security, Vulnerability, penetration testing, Compaq Tru64 UNIX, software, hacking, professor, researcher, Adobe Systems Inc., computer security
US on hunt for 1,000 cybersecurity experts
News US Department of Homeland Security has been given the go-ahead to hire the staff in a push to improve the country's response to cyber incidents.
Tags: Data security, PC security, Security, Network security, Cybersecurity Expert, Cybersecurity, network, U.S. Department Of Homeland Security, Internet Attack, Information Security
Researchers exploit flaws in SSL, domain authentication system
News Dan Kaminsky and Moxie Marlinspike explain how flaws in the way domain names are verified on the Internet could allow attackers to impersonate a site and steal information from unsuspecting Web surfers.
Tags: Network security, Data security, Authentication and encryption, Web sites, Authentication, Security, SSL, Domain Name, Web Browser, Vulnerability
Adobe: Time to step up security plate?
Insight From a security perspective, Adobe looks an awful lot like Microsoft did back when Windows was getting blasted by viruses and vulnerabilities and before Redmond beefed up its defenses.
Tags: Network security, Security Management, PC security, Data security, Business applications, Adobe Systems Inc., Macromedia Flash Player, Security, Adobe Acrobat Reader, patch management
Conficker worm strikes ANZ Bank
News Australia and New Zealand Banking Group confirmed on Tuesday that it has become the victim of a virus attack, believed to be the infamous Conficker worm.
Tags: Viruses and worms, Security Management, Data security, PC security, Microsoft Corp., RPC, Worm, Spam, Spokesperson, Australia
