Entries by admin

Stuxnet was a directed attack with insider knowledge expert says

Stuxnet appeared on the scene earlier this summer, though it was written more than a year ago. The code, its mechanics, the way it moved from system to system using Zero-Day vulnerabilities in Windows, everything about it was both frightening and shady. The hype given to it was justified, if only because it was a targeted payload, aimed at critical infrastructure.

The EnCase Evidence File Format

The EnCase evidence file can also be referred to as a forensic image file. The concept of an image file is where the entire drive contents of a target media is copied to a file and checksum values are calculated to verify the integrity (useful in court cases) of the image file (often referred to […]

Creating a Comprehensive Vulnerability Assessment Program for a Large Company Using QualysGuard

ulnerability Assessment, according to wikipedia.org, is the process of

identifying and quantifying vulnerabilities in a system. Vulnerability assessment

can be used against many different types of systems such as a home security

alarm, the protection of a nuclear power plant or a military outpost. Note that

vulnerability assessment is different from risk assessments even though they share

some of the same commonalities. Vulnerability Assessment concerns itself with

the identification of vulnerabilities, the possibilities of reducing those

vulnerabilities and improving the capacity to manage future incidents. This paper

will focus primarily on vulnerability assessment as it pertains to information

technology infrastructure and how utilizing QualysGuard can ease the burden on

your technology staff.

‘Here You Have’ Worm Runs Wild Hitting U.S. Organizations Hard

Last week a hacker named, “Iraq resistance” who has been trying to unite other like-minded hackers in a cyber jihad effort towards US initiated a malicious computer worm know as the “Here you have” worm. A computer worm is a self-replicating malware computer program that uses computer networks to send copies of itself to other computers on a network without any user intervention.

Spammers Stay Busy Despite Pushdo Botnet Hit

From the shutdown of McColo to last week’s disruption of the Pushdo botnet, spammers have continually found ways to stay in business.

Nearly 20 of the 30 command and control (CnC)servers associated with Pushdo were taken offline last week due to efforts by security vendor LastLine. The servers were supported by eight hosting providers, some of which did not respond to the vendor’s requests for action.