NEWS

Changes to the Nessus Vulnerability Scanner subscription model
New book: "The Book of IMAP"
IT spending concerns mounting
E-mail mismanagement puts organizations at risk
Majority of U.S. consumers are likely to enroll in voice verification

Video: The Enigma Machine

REVIEWS

Big Book of Windows Hacks
Backup & Recovery
Mac OS X Leopard Phrasebook
The Book of Wireless (2nd Edition)
Mac OS X Leopard: The Missing Manual

WINDOWS

LANguard Network Security Scanner 8 ***
VBOLock 4
Generic Security Service 0.0.23
Data Guardian 1.3.8
QuickWiper 7.8
AEVITA Tracks Eraser 1.5
Clean Disk Security 7.72
WinSCP 4.1.2

ADVISORIES

Mandriva Linux Security Update Advisory - libvorbis (MDVSA-2008:102)
Mandriva Linux Security Update Advisory - rdesktop (MDVSA-2008:101)
US-CERT Technical Cyber Security Alert - Debian/Ubuntu OpenSSL Random Number Generator Vulnerability (TA08-137A)
Articles

Audio (20)
Authentication (28)
Compliance (13)
Cryptography (9)
Database (14)
Editorials (314)
General Security (109)
Hacking History (30)
Interviews (110)
Intrusion Detection (20)
Linux (16)
Mac OS X (18)
Malware (40)
Opinions (136)
Podcasts (9)
Security Products (49)
Storage (20)
Various (71)
Video (19)
Web Security (68)
Wireless (21)


Last 10 added articles

The Rising Trend of Internet Counter-Intelligence (Opinions)
A growing and dangerous threat, called Internet counter-intelligence, is the use of sophisticated Web analytics to uncover corporate-user identities to analyze and track enterprise surfing habits. Doing so affords the perpetrator the ability to capture IP addresses and network identities.
In many cases, exposing your IP address is as easy a visiting a website.
How To Protect Your Laptop From Prying Eyes With a Privacy Filter (General Security)
This article will show you how to make your Asus Eee PC secure from prying eyes by using a privacy filter. 3M Privacy Filters help block the screen view from anyone viewing the computer from a side view. Their unique microlouver privacy technology allows just persons directly in front of the computer to see on screen data clearly.
The Enigma Machine (Video)
The National Security Agency (NSA) had an Enigma machine in their booth at the RSA Conference 2008 in San Francisco. Here's a video that shows the machine and provides some history about it.
HNS Podcast: Jeremiah Grossman's top security conferences (Podcasts)
Jeremiah Grossman, the founder and Chief Technology Officer of WhiteHat Security attends quite a number of security conferences around the globe. A couple of weeks ago we had a chat with him and in this short podcast he discusses four of his favorite events.
Interview with Josh Corman, Principal Security Strategist for IBM Internet Security Systems (Interviews)
With more than ten years of experience in security and networking software development, Corman is currently leading an industry charge to evolve defenses against the latest generations and innovations of malicious code. In this Q&A session he discusses the Storm Worm.
Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications (General Security)
The automatic patch-based exploit generation problem is: given a program P and a patched version of the program P', automatically generate an exploit for the potentially unknown vulnerability present in P but fixed in P'. In this paper, we propose techniques for automatic patch-based exploit generation, and show that our techniques can automatically generate exploits for vulnerable programs based upon patches provided via Windows Update.
The Fundamentals of Physical Security (Video)
Deviant Ollam works as a network engineer and security consultant but his strongest love has always been teaching. A supporter of First Amendment rights who believes that the best way to increase security is to publicly disclose vulnerabilities, Deviant has given lockpick demonstrations at ShmooCon, DefCon, HOPE, HackCon, HackInTheBox, and the West Point Military Academy. In this video, made at Black Hat Europe, he discusses the importance of physical security and illustrates that with a real-world example.
Changing Threats, Changing Solutions: A History of Viruses and Antivirus (Malware)
It is more than 20 years since the first PC virus appeared. Since then, the nature of threats has changed significantly. Today’s threats are more complex than ever before. In any field of human activity, the latest generation stands squarely on the shoulders of those who went before, learning from what has been done before, re-applying what has proved successful and also trying to break new ground. This is no less true of those who develop malicious code. Successive waves of malicious code have re-defined the threat landscape.
HNS Podcast: Penetration testing considerations (Podcasts)
In this HNS podcast, Anothony Alves from CORE Security Technologies talks about penetration testing. He dicusses the things you should look for when considering doing a penetration test.
Hacking Second Life (Video)
At Black Hat in Amsterdam we caught up with Michael Thumann, CSO of ERNW. In this video he discusses Second Life hacking. Beyond being an online game Second Life is a growing marketplace for big companies where lot of money is made. Living and acting in a virtual world gives the people the opportunity to do things they would never do in real life. Therefore it is not surprising that Second Life has increasingly attracted real world hackers.




Qualys: This free security guide describes the scanning requirements for PCI-DSS and provides a quick-reference requirements matrix for both Merchants and Service Providers of all levels.










Vulnerability Scanning

Network Vulnerabilities

Event Log Security