Built-in Windows Command-Line Security Tools
Wednesday, May 28th, 2008Links: Built-in Windows commands to determine if a system has been hacked More built-in Windows commands for system analysis
Archive for May, 2008
Links: Built-in Windows commands to determine if a system has been hacked More built-in Windows commands for system analysis
New SQL Injection Attacks Exploit Adobe Flash Flaw
Wednesday, May 28th, 2008Mass SQL injection attack, take four: Yet another wave of SQL injection attacks is exploiting an Adobe Flash vulnerability that appears to be coming from the same series of attacks originating from China. The intent, as in previous attacks, has been to steal online gamers’ password credentials. But given the persistence ...
When To Layer Encryption
Wednesday, May 28th, 2008I used to joke about the client that once told me their management mandated “double encryption” on all financial information after a breach. In their case, they were encrypting their database and backup tapes. Not that there isn’t a valid reason to encrypt databases and backup tapes, but the way ...
Free Sysinternals Windows utilities now available online, 24/7
Wednesday, May 28th, 2008If you troubleshoot Windows PCs for fun or profit, then chances are you’ve used one or more tools from Sysinternals. Microsoft bought the company and its amazing library of diagnostic, troubleshooting, and management utilities in 2006, and the collection has been continually updated ever since. It’s also still completely free. A few weeks ...
Firefox 3 RC2 Confirmed
Wednesday, May 28th, 2008On today’s Firefox 3 status meeting, the need for a second release candidate was confirmed and it has been tentatively targeted for early June. RC2 will fix about a couple dozen bugs including some top crashers, some affecting performance and localization related. Most of the bugs already have patches waiting for ...
10 essential security downloads for Windows
Wednesday, May 28th, 2008To use an Internet-connected computer is to be insecure and place your privacy in danger. Spyware, viruses, Trojans and assorted malware are everywhere on the Net, trying to hop onto your PC and cause damage. Snoopers want to get at your personal information for nefarious purposes, such as identity theft. Operating ...
Less is more (secure)
Wednesday, May 28th, 2008Complexity is the enemy of security. Simple systems are inherently more secure than complex solutions. We see this idea validated again and again in security. Unfortunately, our IT systems are getting more and more complex as we depend on technology to fuel business growth and innovation. But do we really need ...
fgdump 2.1.0 and pwdump 1.7.1 Released - Dump LanMan & NTLM Hashes
Wednesday, May 28th, 2008The major change is both tools now support 64-bit targets! Good news for us. pwdump6 is a password hash dumper for Windows 2000 and later systems. It is capable of dumping LanMan and NTLM hashes as well as password hash histories. It is based on pwdump3e, and should be stable on ...
Cisco IOS Rootkit Demonstrated
Tuesday, May 27th, 2008Last Thursday at the EUSecwest conference, security researcher Sebastian Muniz of Core Security Technologies demonstrated a proof-of-concept rootkit for Cisco's IOS router operating system.A root kit consists of one or several related applications designed to give the program user root or administrator privileges on a given computer, whether or not ...
New Adobe Flaw Being Used in Attacks
Tuesday, May 27th, 2008An unpatched bug in Adobe Systems' Flash Player software is being exploited by online criminals, Symantec reported Monday. Few details on the bug are available, but the flaw lies in the latest version of the Adobe Flash Player browser plugin, which is widely used by Internet surfers to view animated Web ...