background preloader

Security

Facebook Twitter

Pentagon food court computers hacked, exposing employees' bank information. Russian hacker group exploits satellites to steal data, hide tracks. Jumping on the Website Tracking Code bandwagon. The Aggressor Project (Preview) If you’ve run into me at a conference during the 2015 calendar year, there’s a strong chance you’ve heard about or saw the Aggressor project.

The Aggressor Project (Preview)

Aggressor is a ground-up rewrite of Cobalt Strike’s team server and client to better serve its Red Team Operations and Adversary Simulation use cases. I expect to ship this work as Cobalt Strike 3.0. It’s due for release at DerbyCon 2015 (September 2015). Maltelligence. On 18 February 2013, Mandiant, released an unprecedented report – “APT1: Exposing One of China’s Cyber Espionage Units”.

Maltelligence

Mandiant claims that they have identified evidence linking an APT attack group, APT1 (aka Comment Crew) to the Military Cover Designator 61398 of the People’s Liberation Army (PLA). Chinese officials have vigorously denied any link to what Mandiant’s accusations of these APT activities. OODA Loop - UN: China Arms Firm Sold $20M in Weapons to South Sudan. OODA Loop - US Intelligence Community Keys in on the Russian ‘Troll Army’ Manipulating Social Media. OODA Loop - Report: Iran hardliners call on parliament to reject landmark nuclear deal. We talk to Allan about NewsLink. This blog post presents our new transform hub item called NewsLink that we have just released on the Transform Hub.

We talk to Allan about NewsLink

NewsLink aims to assist in identifying and monitoring patterns in information posted on the Internet from a wide range of sources including Twitter, blog posts and news articles. OODA Loop - FBI Alert: Middle-Eastern Males Approaching Family Members of US Military Personnel. “In May 2015, the wife of a US military member was approached in front of her home by two Middle-Eastern males.

OODA Loop - FBI Alert: Middle-Eastern Males Approaching Family Members of US Military Personnel

The men stated that she was the wife of a US interrogator. When she denied their claims, the men laughed. My Favorite Burp Suite Extensions. OODA Loop - The Ketamine Connection: the story of how a worrying new drug trade is made in China. OODA Loop - Contractors Hacked Other Contractors and Agencies for Financial Gain. OODA Loop - US Jets Intercept Russian Bombers Off California, Alaska. OODA Loop - Pentagon Contractors Rank Below Retailers and Banks When it Comes to Cybersecurity. Sequential and Cumulative Strategies: Implications for Cyber Crime and Conflict. Answers to Questions from the nVisium SecCasts Panel. I was asked to be on on a panel for nVisium's SecCasts.

Answers to Questions from the nVisium SecCasts Panel

Our episode should be out next week, so spoiler alert...my answers are below: If readers/friends/community want additional details on something let me know. Here are the answers to the questions I received ahead of time - What security projects are you currently interested in? Lets Call Stunt Hacking What it is, Media Whoring. Running System Commands Against Multiple SSH Servers with Fabric. Computer Crime Info » Blog Archive » Open Source Intelligence Techniques 4th Edition. Hacking%20-%20Nessus%20NMAP%20Commands. Firefox OS for smartphones, incredible platform for Developers. Mozilla’s Firefox OS, the mobile operating system from the company that makes the Firefox browser build entirely on open web standards and having ability to beat Android or iOS.

Firefox OS for smartphones, incredible platform for Developers

Firefox OS is Mozilla's ambitious attempt to build an operating system that brings more openness to the walled gardens of Apple's iOS and Google's Android. New Operating Systems for Smartphones Its a new mobile operating system built entirely using open web standards and with codename Boot to Gecko, means a Linux distro that automatically loads Gecko or in more simple words apps for Firefox OS are basically just websites written in HTML, JavaScript, and CSS.

The Web is the Platform, which means not only taking down barriers, but also a lighter system that makes your apps run smoothly and an optimal battery life. Firefox OS written with basic HTML, CSS, and JavaScript Battling against other mobile platforms Firefox OS will not be directly battling against other mobile platforms.

Easy, powerful and Open for Developers. Pakistan Domain Registrar PKNIC Hacked. PKNIC, The Pakistan domain registrar of .com.pk, .pk, org.pk and others domains has been reportedly hacked again yesterday.

Pakistan Domain Registrar PKNIC Hacked

Batistam/VMInjector. Altor Networks Delivers New Security, Monitoring and Compliance. With a fresh Series B funding round of $10 million, winner of this year’s “Most Innovative Company” at the RSA Conference, Altor Networks, has just introduced the latest version of its flagship security product for virtual data centers and clouds.

Altor Networks Delivers New Security, Monitoring and Compliance

Due to concerns about security and compliance within virtualized environments, CIOs, CISOs and IT Directors want to be certain that the measures for auditing and protecting virtualized servers are equivalent to what is in place for the physical network. By unplugging the physical connections in the virtualization process, many enterprises are opening themselves to vulnerabilities and “blind spots” in their infrastructures that they’re often unaware of. In a March 2010 report, Gartner predicts that through 2012, 60 percent of virtualized servers will be less secure than the physical servers they replace. Monitoring in a Virtualized Environment. Virtualization Expo on Ulitzer Monitoring is essential to ensure the availability, security and usability of IT infrastructure.

Monitoring in a Virtualized Environment

However, as essential as monitoring is, it's never complete. There are always challenges in keeping pace with new innovations in infrastructure technologies. New cloud-based security service. Posted on 22 June 2010.

New cloud-based security service

WatchGuard launched a cloud-based, web security service - Reputation Enabled Defense. Coupled with WatchGuard XTM or XCS security appliances, this service gives businesses and their employees protection against malware, botnets and other web-based threats. According WatchGuard researchers, 38 percent of the web contains malicious code, and this number is growing exponentially. Additionally, 77 percent of websites with malicious code are legitimate sites that have been hijacked by hackers, which is directly attributable to why 57 percent of data theft occurs over the web.

“Safe Internet practices are no longer limited to avoiding high-risk websites or utilizing black and white lists,” said Charles Kolodgy, Research VP, Security Products at IDC.