Information Security Definitions – Zero Day Attack (0 Zero Attack)
/
0 Comments
A zero-day attack or threat is a computer threat that tries to exploit unknown, undisclosed or unpatched computer application vulnerabilities. The term Zero Day is also used to describe unknown or Zero day viruses.
Zero-day exploits are released before the vendor patch is released to the public. Zero-day exploits generally circulate through the ranks of attackers until finally being released on public forums. The term derives from the age of the exploit. A zero-day exploit is usually unknown to the public and to the product vendor.
CBT Nuggets Review of the Certified Ethical Hacker (CEH) Course
CBT Nuggets site is a good resource for online video training. There were a few minor issues that come with age, such as the site intermemos.com no longer being available, but away from that, the content and presentation of the material was really good and easy to follow. The training package went into a lot of detail and in some cases going over the really basic information that most candidates for the CEH should already have a full grasp on, at least in my opinion. The prices are fair and consistent with other training sites, the one thing I would point out is if you get the 30 day license, you really make sure you have the time during that month to complete the training; there are approximately 11 and ½ hours of material in this course.
Enabling DVD playback in Ubuntu 9.04
I have just finished installing Ubuntu 9.04 on a Gateway laptop, everything worked well from video to wireless until I popped in a DVD to watch. Did the updates and still nothing, until I ran across this command on the Internet, tried it and everything is golden now.
SC Magazine Strengthens Commitment to Canadian Information Security with Inaugural SC Congress Canada
TORONTO - June 3, 2010: Today, SC Magazine announced the SC Congress Canada, the newest venue for information security industry leaders to convene and discuss lessons learned and best practices to help organizations address the burgeoning landscape of security threats and regulatory mandates. Public registration will soon open for the SC Congress Canada taking place in Toronto on November 16-17, 2010.
Webcams and your Privacy…
Cybercrime expert Gregory Evans explains the potential risks hackers can pose to webcams on your system and how to ensure your safety and privacy online.
This issue is a problem as in the case against a Pennsylvania school district that turned on the webcam of various student's school-issued laptops while the computers and captured images of "inappropriate activity" in the student's home.
October is National Cybersecurity Awareness Month
The National Cybersecurity Awareness Month officially kicked off today Monday, October 4, 2010 in Washington DC at The Lockheed Martin’s Global Vision Center (GVC). The campaign for this year is titled, "Stop. Think. Connect." This aims to empower citizens to make choices that contribute to the overall security of the Internet; according to a White House proclamation issued last Friday.
MGT414: SANS® +S™ Training Program for the CISSP® Certification Exam
MGT414: SANS® +S™ Training Program for the CISSP® Certification Exam will prepare you to pass the CISSP® Certification Exam. This course is an accelerated review course that focuses solely on the ten domains of knowledge as determined by ISC2. Test-taking tips and strategies are also discussed.
FCC Approves the use of “White Space”, What is the Security Concern?
On September 23rd of 2010 the FCC approved the usage of “White Space” for wireless networking access. White Space is the frequency that are between television broadcast channels and many of them became free when TV broadcasters switched from analog signals to digital signals.
“White Space” and a Possible Security Concern
The FCC will be ruling on the usage of “White Space” for wireless networking access today (9/23/2010). White Space is the frequencies that are between television broadcast channels and many of them became free when TV broadcasters switched from analog signals to digital signals.
Stuxnet was a directed attack with insider knowledge expert says
Stuxnet appeared on the scene earlier this summer, though it was written more than a year ago. The code, its mechanics, the way it moved from system to system using Zero-Day vulnerabilities in Windows, everything about it was both frightening and shady. The hype given to it was justified, if only because it was a targeted payload, aimed at critical infrastructure.
