Hackers and cybercrime prevention

Four handy botnet detection techniques and tools: A tutorial

This tutorial will help you determine the right techniques and tools for effective botnet detection. Continue Reading

By

• Karthik R, Contributor

Three automated penetration testing tools for your arsenal

Automated penetration testing tools provide effective exploit libraries and processes to detect network, as well as application vulnerabilities. Our picks. Continue Reading

By

• Harikrishnan R, Contributor

Government vigilance steps up after George Osborne reveals extent of cyber attacks

Security experts have called for UK government departments to be vigilant after chancellor George Osborne revealed that 20,000 e-mails are sent by hostile intelligence agencies to the UK government each month. Continue Reading

By

• Warwick Ashford, Senior analyst

Store dealing with dishonest employees uses internal theft prevention software

A London-based sushi chain expects to save almost £1 million this year with the help of new fraud-detection software. Continue Reading

By

• Ron Condon

Infosec 2011: APT attacks a real threat to business, says security panel

Advanced Persistent Threats are a reality and cannot be dismissed as a myth or media hype, according to a panel of experts debating the top threats at Infosecurity Europe 2011 in London. Continue Reading

By

• Warwick Ashford, Senior analyst

Sophisticated cyber thieves behind Epsilon data breach, says parent company

US marketing firm Epsilon was hit by one of the biggest data thefts to date, the work of highly sophisticated cyber thieves, says parent company Alliance... Continue Reading

By

• Warwick Ashford, Senior analyst

Botnet detection through DNS behavior and clustering analysis

Botnets are fast emerging as one of the most serious threats to Internet security today. This expert tip looks at how botnets can be detected analyzing their unique fast flux characteristics. Continue Reading

By

• Nilesh Sharma and Pulkit Mehndiratta

Advanced Wireshark tutorial: Packet and network security analysis

This Wireshark tutorial will familiarize you with Wireshark’s advanced features, such as analyzing packets and undertaking packet level security analysis. Continue Reading

By

• Karthik R, Contributor

Spotify hit by malicious ads

Spotify, the popular streaming music service, has been displaying malicious advertisements to users of its Free version. Continue Reading

By

• Warwick Ashford, Senior analyst

Hackers steal member email details from TripAdvisor site

A number of TripAdvisor members may receive spam after hackers stole email details from the travel website. Continue Reading

By

• Jenny Williams, University of Gloucestershire

How to stop a DDoS attack after initiation

In this expert response, Nick Lewis explains how to stop a DDoS attack after it has been initiated. Continue Reading

By

• Nick Lewis

Shodan search engine for penetration tests: How-to

A very handy yet simple to use VA/PT tool, Shodan can be of great use to ethical hackers. Here’s a quick Shodan tutorial. Continue Reading

By

• Harikrishnan R, Contributor

RSA hit by advanced persistent threat attacks

RSA, the security division of EMC, has revealed that attackers have stolen information from the company's IT systems Continue Reading

By

• Warwick Ashford, Senior analyst

Adobe warns of zero-day vulnerability in Adobe Flash

Adobe has published a security advisory for a critical vulnerability in Adobe Flash that can be used to take control of an attacked machine. Continue Reading

By

• Warwick Ashford, Senior analyst

Top 7 anti rootkit software for Windows

It can be quite a tough task to kick out rootkits from infected Windows systems. Our list of top anti rootkit software will prove handy. Continue Reading

By

• Aditya Lad, Contributor

Advanced persistent threats - are businesses prepared?

Businesses usually attain adequate levels of IT defences at the point that it becomes more cost effective for cyber criminals to target someone else. Continue Reading

By

• Warwick Ashford, Senior analyst

France's G20 files target of cyber attack

France's files on the G20 meetings were the target of a cyber attack, the country's finance minister has confirmed. Continue Reading

By

• Kathleen Hall, TechTarget

HSBC uses token to secure smartphone banking

HSBC is sending four million online banking customers a security token which will enable them to log in to their online bank account wherever they are, without using a card reader. Continue Reading

By

• Karl Flinders, Chief reporter and senior editor EMEA

Malvertising, pop-up ad virus problems demand more user protection

A recent pop-up ad infection on the London Stock Exchange's website highlights the growing scourge of malicious advertising, or malvertising. Continue Reading

By

• Ron Condon

nullcon 2011 Day Zero: Photo feature

Botnet detection, fuzzing intricacies, Zeus MitMo, VoIP attacks, and more. nullcon Day Zero saw considerable action worth the capture. Continue Reading

By

• Harshal Kallyanpur

ISC releases security fix for Bind DoS vulnerability

The Internet Systems Consortium has published an advisory and an update for the Bind domain name system software versions 9.7.1 to 9.7.2-P3. Continue Reading

By

• Warwick Ashford, Senior analyst

Exxon, Shell, BP hacked in Night Dragon attacks

Exxon Mobil, Royal Dutch Shell and BP were among the oil companies targeted by hackers working through internet servers in China, say US reports. Continue Reading

By

• Warwick Ashford, Senior analyst

Microsoft fixes security flaw in malware protection engine

Microsoft has patched a flaw in its malware protection engine that could be exploited to gain control of victim's computer. Continue Reading

By

• Warwick Ashford, Senior analyst

Quick and dirty Wireshark tutorial

Wireshark has become a very useful tool for many infosec pros. This hands-on Wireshark tutorial will acquaint you with the network sniffer’s capabilities. Continue Reading

By

• Karthik R and Pramod S

New SMB vulnerability identified in Windows XP and Server 2003

A new SMB vulnerability discovered in Windows could open systems to DoS attacks and remote access. The vulnerability, tagged as CVE-2011-0654, has been rated "critical" and confirmed on Windows Server 2003 SP2 and Microsoft Windows XP SP3. Continue Reading

By

• Ron Condon

RSA 2011: RSA, EMC and VMWare advise on defending against advanced persistent threats

Security leaders have outlined ways organisations can better defend against advanced persistent threats (APTs) in a paper published by RSA, the security division of EMC. Continue Reading

By

• Warwick Ashford, Senior analyst

RSA 2011: Cybersecurity leads conference with cloud security keynote

Cybersecurity is one of the key topics at the RSA Conference 2011 taking place this week in San Francisco. Continue Reading

By

• Warwick Ashford, Senior analyst

IT departments are unable to support employee devices

Security concerns are holding companies back from allowing staff to use their own technology at work. Continue Reading

By

• Kathleen Hall, TechTarget

Microsoft's February Patch Tuesday outlines five critical vulnerabilities

Microsoft has released 12 security bulletins addressing 22 vulnerabilities in its monthly security update for February Continue Reading

By

• Warwick Ashford, Senior analyst

Post Office faces legal action over alleged accounting system failures

More than 50 postmasters are planning legal action against the Post Office to reclaim money they paid to the Post Office after being accused of theft and false accounting. Continue Reading

By

• Karl Flinders, Chief reporter and senior editor EMEA

Businesses must learn how to defend against cyberattack, says McAfee

Cybercrime has thrived over the past decade according to recent reports from security firm McAfee, but business can expect even more dramatic change in the next ten years, researchers say. Continue Reading

By

• Warwick Ashford, Senior analyst

Spam level dips

The recent decline in global spam was the result of a halt in the spam-sending activities of three botnets and unrest among pharmaceutical spam-sending gangs, Symantec's latest MessageLabs Intelligence Report has revealed. Continue Reading

By

• Warwick Ashford, Senior analyst

2010 IT security threats point to priorities for 2011, says Sophos

Cyber threats of 2010 highlight the top risks to business for 2011, including social media sites, whistleblowers, and hacktivists, warns security firm Sophos. Continue Reading

By

• Warwick Ashford, Senior analyst

Microsoft January Patch Tuesday misses open security issues

Microsoft's January 2011 Patch Tuesday security update contains only two bulletins, but misses several open security issues. Continue Reading

By

• Warwick Ashford, Senior analyst

Microsoft to patch critical IE vulnerability to block ongoing attacks

Microsoft will issue two security bulletins, addressing a critical vulnerability affecting all versions of WIndows. Continue Reading

By

• SearchSecurity.in Staff

How to use the Microsoft FCIV command-line checksum tool

Downloading files from the Internet always poses a risk, but there are strategies that can make the process more secure. In this tip, Michael Cobb explains how to use the Microsoft FCIV tool to check the hash values of downloaded files and create hashes and checksums of you own. Continue Reading

By

• Michael Cobb

Best practices for (small) botnets

Your enterprise might have a strategy to deal with a large-scale botnet attack, but how would you deal with a micro-botnet that knows how to bypass antivirus and firewalls? Get botnet help with this expert advice. Continue Reading

By

• Marcos Christodonte II

How to use a netstat command in Windows to watch open ports

Mike Cobb shows how a simple command line tool can provide invaluable information about what's happening on your system Continue Reading

By

• Michael Cobb

How to manage firewall testing using Nmap

Nmap includes many features that can be used to circumvent poorly implemented firewalls. Learn how the freely available tool can test your network devices. Continue Reading

By

• Mike Cobb, Contributor

How the Mytob virus caused havoc in the NHS

The Mytob virus has been removed from 5,000 PCs at Continue Reading

By

• Tony Collins

Facing up to security perils of outbound traffic

What about the threat from within and, more specifically, the security issues that arise from outbound traffic risks? Continue Reading

By

• Steve Gold

Windows registry forensics guide: Investigating hacker activities

Ed Skoudis explains how investigators and administrators can interact with the Windows registry to analyse a compromised system. Continue Reading

By

• Ed Skoudis, SANS Technology Institute

Five command line tools to detect Windows hacks

Learn about five of the most useful Windows command-line tools for machine analysis and how they can tell if a machine has been hacked in this tip. Continue Reading

By

• Ed Skoudis, SANS Technology Institute

Podcast: the true cost of IT security

In this interview, Cliff Saran speaks to Martin Sadler, director of HP's Trusted Systems Lab, about how much should we be expected to spend and how much security is enough. Hackers are getting smarter and Martin believes newly trained IT professionals are ill-equipped to deal with the sophisticated nature of modern attacks due to limitations in the current way IT security is taught. Continue Reading

By

• Cliff Saran, Managing Editor

PCI council adds Pin security to remit

The PCI Security Standards Council has added Pin Entry Device (PED) security technology to its payments industry testing portfolio to streamline standardisation. Continue Reading

By

• Computer Weekly Staff

SANS: Attackers may be attempting Trend Micro exploits

The SANS Internet Storm Center (ISC) warns that attackers may be attempting to exploit flaws in Trend Micro products to hijack computer systems. Continue Reading

By

• Bill Brenner

Latest Microsoft flaws affect Windows, IE, Excel

Microsoft released nine security updates Tuesday -- six of them critical -- for flaws in Internet Explorer, Excel and other programs within the Windows OS. Continue Reading

By

• Bill Brenner

Discovery of malware cesspool triggers attack fears

Trend Micro researchers say a malware-infested Web server in Russia, linked to several Italian Web sites, could lead to a large-scale attack. Continue Reading

By

• SearchSecurity.com Staff

Apple releases fixes for Mac OS X, iPhone vulnerabilities

Apple Computer has released software patches fixing critical vulnerabilities in Mac OS X and its newly released iPhone. Continue Reading

By

• Edmund X. DeJesus, Contributor

New hacking technique exploits common programming error

Researchers at Watchfire Inc. say they discovered a new technique that exploits a common dangling pointer error. Continue Reading

By

• Dennis Fisher

Zero-day auction site complicates security efforts, IT pros say

WabiSabiLabi, the eBay-like marketplace for zero-day flaws, will make it tougher for companies to ward off attackers, some IT security professionals say. Continue Reading

By

• Bill Brenner

Zero-day auction site highlights ethical debate

A new auction site plans to cash in on flaw research. Executive Editor Dennis Fisher explores if it's a viable business model and if research should be sold to the highest bidder. Continue Reading

Corporate Mergers and Acquisitions Security Learning Guide

A panel of experts breaks down M&A security priorities and explains the best ways to manage disparate security staffs, technologies and policies. Continue Reading

PCI Council hears complaints, suggestions for changes

Companies with the most stringent security technologies endure hurdles to comply with PCI DSS. Some firms are turning to the upcoming Burton Group Catalyst Conference for answers. Continue Reading

By

• Robert Westervelt, TechTarget

DHS suffered more than 800 cyber attacks in two years

Senior officials at the US Department of Homeland Security have acknowledged hundreds of security lapses but say improvements have been made. Continue Reading

By

• Robert Westervelt, TechTarget

HP to acquire SPI Dynamics for Web security

HP says it will would bolster Web site assessments and Web application vulnerabilities with its acquisition of Atlanta-based SPI Dynamics Inc. Continue Reading

By

• SearchSecurity.com Staff

Will HP do the right thing with SPI Dynamics?

Analysts say HP can dramatically boost its security with the purchase of SPI Dynamics, but some users worry about SPI's technology wilting under the new ownership. Continue Reading

By

• Bill Brenner

Burton Group Catalyst Conference San Francisco 2007

SearchSecurity.com brings you the latest news, interviews, podcasts and more from the Burton Group Catalyst Conference 2007 in San Francisco. Continue Reading

Why hacking contests, 'month-of' projects don't help

Ivan Arce, chief technology officer of Core Security Technologies explains why he thinks hacking contests and public vulnerability disclosure projects do little to improve IT security. Continue Reading

By

• Bill Brenner

Microsoft patches Windows Vista, IE 7

Microsoft fixed 15 flaws in a variety of products Tuesday, including Windows XP, Vista and Internet Explorer 7. Attackers could exploit the most serious flaws for remote code execution. Continue Reading

By

• Bill Brenner

Watchfire will help IBM build application security

Analysts have been pushing the Security 3.0 concept this week at Gartner's IT Security Summit, and one analyst says IBM's acquisition of Watchfire illustrates the trend. Continue Reading

By

• Bill Brenner

Top spammer indicted on email fraud, identity theft

The arrest may reduce the volume of spam in the short-term, say experts and analysts, but the real spam threat comes from criminal gangs based in Asia and Russia. Continue Reading

By

• Robert Westervelt, TechTarget

Google dives into security market

Search engine giant Google has acquired security startup GreenBorder Technologies, making it a bigger player in the wider information security market. Continue Reading

By

• Bill Brenner

The man behind the Month of Search Engine Bugs speaks

Ukrainian security researcher Eugene Dokukin, more widely known by his online name MustLive, is about to launch a new "Month-of" flaw disclosure project focusing on search engine bugs, at a time when many security professionals are dismissing such projects as shameless publicity. In an interview conducted by email, he describes his background and motive for the Month of Search Engine Bugs, and why he thinks the naysayers are mistaken. Continue Reading

By

• Bill Brenner

Admins run into trouble with Microsoft updates

A DNS service failure and an ongoing WSUS glitch are among this month's frustrations as IT administrators try to deploy the latest security patches from Microsoft. Continue Reading

By

• Bill Brenner

IETF approves new weapon to fight spam, phish

DomainKeys Identified Mail specification (DKIM) gained approval as an official IETF standard. The approval is seen as a major step in the fight against spam and phishing attacks. Continue Reading

By

• Dennis Fisher

Cisco warns of new IOS flaws

The new flaws are classified as "low," but if exploited they could result in a sustained DoS condition, Cisco said. Continue Reading

By

• Robert Westervelt and Bill Brenner, SearchSecurity.com Staff

VoIP security fundamentals

VoIP security is a challenge for IT staff because IP telephony brings with it not only the security problems of data networks but also new threats specific to VoIP. In this fundamentals guide, learn about network security threats and emerging IP telephony threats, and how to secure your VoIP systems and endpoints from them. Continue Reading

Screencast: How to configure a UTM device

In this exclusive screencast, expert David Strom demonstrates the configuration options available in SonicWall's unified threat management product. Continue Reading

PayPal security measures help stamp out fraud

PayPal's 133 million online customers are the biggest ocean phishers have to plunder. CISO Michael Barrett wants to make it safe to be in the water; and he's not going at it alone. Continue Reading

By

• Michael Mimoso, TechTarget

Microsoft to release DNS patch Tuesday

In addition to a fix for the DNS Server Service flaw, Microsoft plans to patch critical flaws in Windows, Office, Exchange, CAPICOM and BizTalk. Continue Reading

By

• Bill Brenner

DNS worm strikes at Microsoft flaw

A new worm called Rinbot.BC exploits the Microsoft DNS flaw by installing an IRC bot on infected machines and scanning for other vulnerable servers. Continue Reading

By

• Dennis Fisher

Malware outbreak 'largest in almost a year'

Security firm Postini and the SANS Internet Storm Center said they are tracking a significant malware outbreak. Postini calls it the biggest email attack in almost a year. Continue Reading

By

• Bill Brenner

Microsoft investigates DNS server flaw

Attackers could exploit a DNS flaw in Microsoft Windows 2000 Server and Windows Server 2003 and run malicious code on the system. A workaround is suggested until a patch is issued. Continue Reading

By

• SearchSecurity.com Staff

Instant messaging threats become more sophisticated

Instant messaging faces greater threats as more enterprises begin to utilize it, making it a more appealing target to hackers. Continue Reading

By

• Kate Dostart, Associate Editor

The changing threat of email attacks

In this Messaging Security School lesson, expert Mike Rothman details the state of next-generation email threats, explores reputation systems and uncovers threats AV can't catch. Continue Reading

Spam campaign uses Storm-like attack technique

Spammers used an attack technique much like last January's "Storm" assault to dupe people into downloading malware over the weekend. This time, they used fake WWIII headlines. Continue Reading

By

• Bill Brenner

Symantec fixes 'high-risk' flaw in Enterprise Security Manager

Attackers could hijack machines from remote locations by exploiting a flaw in Symantec Enterprise Security Manager (ESM). Kaspersky Lab users also have a flaw to deal with. Continue Reading

By

• Bill Brenner

Data security breach at UCSF may have exposed thousands

The University of California at San Francisco (UCSF) acknowledged Wednesday that a security hole in a computer server may have exposed 46,000 people to potential identity fraud. Continue Reading

By

• Bill Brenner

Flaws haunt protocol tied to national infrastructure

Also: A weakness is found in Windows settings, Microsoft investigates a new Vista flaw, and flaws are addressed in OpenOffice.org and Firefox. Continue Reading

By

• SearchSecurity.com Staff

Symantec threat report under the microscope

This week in Security Blog Log: Infosec professionals dissect Symantec's latest threat report and express a range of views in the blogosphere. Continue Reading

Hackers broaden reach of cross-site scripting attacks

An explosion of AJAX-based applications has increased the damage that cross-site scripting (XSS) attacks can inflict on machines. A new tool uses XSS flaws to create a botnet. Continue Reading

By

• Dennis Fisher

Review: eGuardPost a B+ overall

eGuardPost is a well-designed and highly capable product that meets an important need. It has strong security and great forensics capabilities. Continue Reading

By

• Steven Weil, Point B

Microsoft cancels Patch Tuesday as DST looms

IT administrators who are struggling to apply all their daylight-saving time (DST) patches will get a break from Microsoft next week, as no new security fixes will be released. Continue Reading

By

• Bill Brenner

Symantec acquires automated risk assessment firm

Symantec has acquired Reston, Va.-based 4FrontSecurity, a maker of automated risk analysis and security management tools. An expert says it's the latest sign that the security risk assessment market is heating up. Continue Reading

By

• Robert Westervelt, TechTarget

PING with Mark Odiorne

Mark Odiorne, CISO at Scottish Re, provides insights on pen testing procedures, prioritising security for senior management and keeping compliant. Continue Reading

Flaws haunt Symantec, IBM, Cisco and IE

Bug Briefs: Security holes plague Symantec Norton products, IBM DB2; Mozilla Firefox; Trend Micro ServerProtect; Cisco IP phones; Google Desktop; IE and Snort. Continue Reading

By

• SearchSecurity.com Staff

Cisco warns of IP phone flaws

Attackers could circumvent security restrictions by exploiting flaws in certain Cisco IP phones, the networking giant warned Wednesday. Continue Reading

By

• Bill Brenner

New attack technique threatens broadband users

Millions of broadband users across the globe are threatened by a new attack technique called drive-by pharming Continue Reading

By

• Bill Brenner

Rootkit dangers at an 'all-time high'

Industry experts at RSA Conference 2007 say not only have rootkits become the weapon of choice for malicious hackers, but they've also emerged as useful tools for legitimate businesses trying to exert control over users. Continue Reading

By

• Dennis Fisher

Coviello: In 3 years, no more stand-alone security

RSA President Art Coviello says today's patchwork of monolithic security devices will disappear in the next three years as security is integrated into the larger IT infrastructure. Continue Reading

By

• Bill Brenner

CISOs mastering 'softer' skills

Why CISOs can no longer rely on technology skills alone and what businesses are looking for when recruiting their next information security leader. Continue Reading

By

• Amber Plante, Assistant Managing Editor, Information Security magazine

Balancing the cost and benefits of countermeasures

The final tip in our series, "How to assess and mitigate information security threats." Continue Reading

Attacks targeted to specific applications

The fourth tip in our series, "How to assess and mitigate information security threats." Continue Reading

How to assess and mitigate information security threats

Learn how to assess and mitigate information security threats, like rootkits, worms and Trojans in the tip series created in collaboration with Realtimepublishers and Dan Sullivan, author of The Shortcut Guide to Protecting Business Internet Usage. Continue Reading

Malware: The ever-evolving threat

The first tip in our series, "How to assess and mitigate information security threats" Continue Reading

Threats to physical security

Tip No. 6 in our series, "How to assess and mitigate information security threats." Continue Reading

Information theft and cryptographic attacks

The third tip in our series, "How to assess and mitigate information security threats." Continue Reading

Storm Trojan was worse than it should have been

The "Storm" attack made a big splash because people keep falling for social engineering and there was simply little else in the news, experts say. Continue Reading

Companies take IM threats seriously

Wesabe is a brand new money management community. It takes threats to IM as seriously as those targeting email and web applications Continue Reading

By

• Mark Baard