Semicolon attack
M$ IIS webserver is vulnerable to an attack using a semicolon in conjunction with benign extensions to fool it into executing malware.
Security humour
"X-Mas Capture the Flag" challenge
File recovery
Ever deleted a file by accident? Well... you don't need to be a forensics guru to reclaim the deleted file.
From the genuises who created, CCleaner, comes Recuva... a portable tool that you can copy to a flash drive and insert into any machine to recover lost files. This is ideal compared to installing recovery tools as it reduces the risk of accidentally writing over files that you wish to repossess.
In my demo, my "Recycle Bin" is emptied. I launch Recuva Portable and initiate a scan of my local drive. It displays a deleted file for restoration. Upon recovery, I am able to view my original data.
You need administrative access to the target system in order to scan for deleted files. On the flip side, this exercise shows how rudimentary it is to recover files and thus you need to protect your privacy by wiping files that you no longer need. Eraser is the solution for you.
From the genuises who created, CCleaner, comes Recuva... a portable tool that you can copy to a flash drive and insert into any machine to recover lost files. This is ideal compared to installing recovery tools as it reduces the risk of accidentally writing over files that you wish to repossess.
In my demo, my "Recycle Bin" is emptied. I launch Recuva Portable and initiate a scan of my local drive. It displays a deleted file for restoration. Upon recovery, I am able to view my original data.
You need administrative access to the target system in order to scan for deleted files. On the flip side, this exercise shows how rudimentary it is to recover files and thus you need to protect your privacy by wiping files that you no longer need. Eraser is the solution for you.
NeXpose Metasploit integration
With Rapid7's funding of Metasploit, both NeXpose and Metasploit are seamlessly integrated to automatically scan and remotely exploit target machines. Far out!!! I ran the plugin to successfully exploit my vulnerable virtual machine.
NeXpose vs Nessus
I've used Nessus for years. I only recently heard of NeXpose after Rapid7 started funding Metasploit and promised to integrate their scanner with Metasploit. I decided to give NeXpose a whirl. The learning curve wasn't steep when using the scanner.
Scanned the same target machine with Nessus.
The 2 scanners produce the same result but I always believe in the need to use multiple tools to assess vulnerabilities in infrastructures, networks, systems and applications to uncover the full state of insecurity.
ThreatExpert
Found out about this resource from attending a Symantec security seminar today. ThreatExpert provides a list of free services including a "Memory Scanner". This tool scans your memory for malware. Users can submit suspicious files for analysis to discover the file's behaviour without having to execute it.
Code injection via English text?
Session video recording vs keystroke logging
Visually, it is easier to comprehend what is occurring during a session when reviewing a recording as compared to keystrokes. However, recordings consume a lot of storage and cannot be indexed for easy searching unlike keylogging. Session video recording is more secure as it does not record the privilege password. It is also less intrusive because no software or tweaking is required on the endpoint system.
The jury is still out on session video recording. It is a good concept but its disadvantages currently outweigh its benefits.
The jury is still out on session video recording. It is a good concept but its disadvantages currently outweigh its benefits.
Subscribe to:
Posts (Atom)
-
This annoying message popped up after I ran the update in avast! in Ubuntu yesterday. avast! crashes every time I attempt to launch it after...
-
I decided to install a digital certificate for my Gmail account. This is simple and free to set up. Apply for a free certificate from Comod...