Cycbot is a malware that spreads using instant messaging and removable drives and contains backdoor functionality that allows unauthorized access to an affected computer.
When Cycbot malware is executed, it drops several malicious files in the Appdata folder of the victim machines, and then it tries to contact a malicious […]
If you haven’t seen the Skillset exam prep engine, it is worth checking out. It is a better way to assess your knowledge and improve your readiness to sit for a number of certifications. Skillset offers tens of thousands of free test questions, currently for the CISSP, CEH and […]
JPMorgan Chase is the largest bank in the United States, with total assets of over $2.5 trillion. They reportedly spend about $250 million per year on technical security, or one dollar for every $10,000 they have in assets. They also employ more information security professionals than Google does, about […]
Clickjacking was first publicized by Jeremiah Grossman and Robert “Rsnake” Hansen in 2008. Clickjacking is an attack that is possible only by the use of iframes. Iframes are the HTML components that are used to load a webpage in a frame. Their height and width can be set to […]
There are very few things in the IT realm that cover as much territory as databases. Before the web, and more specifically before the advent of dynamic programming languages, these immense collections of data were the exclusive territory of the deep down programmers — rulers of their vast domain […]
The Domain Name Service (DNS) is an integral part of Internet access. It translates human-recognized domain names into computer-readable IP addresses in order to facilitate online communication and connection between devices.
Occasionally, an individual or enterprise needs to find a way to control certain aspects of Internet connections in order […]
From our experience in the cloud, layers of security are best
Cloud computing infrastructure is elastic, scalable, highly available, and accessible – but is it safe? The undisputed largest barrier to business cloud migration is security. From the 2014 survey of the ODCA’s large enterprise members, 67% of respondents reported […]
I made it back from DEFCON with both my phone and tablet intact, but I’m happy I didn’t bring a light bulb. You see, if had brought a light bulb, and that light bulb was a smart LED bulb running Linux, it might be running someone else’s software by […]
Bacula was specifically designed for backup jobs in a server environment, where servers have IP addresses that don’t change regularly and are always up and running. Mobile devices usually connect to the network by using a cable (when an employee comes to the office) or through a VPN (when […]
How many times did your work colleague or a friend of yours find a USB cable from your PC/Laptop and attach his Android phone to recharge its battery? Have you ever thought that your private data (images, sounds, videos, text notes) may get transferred behind the scenes without you […]
As mentioned before, an identity management implementation project will often extend 18-36 months based on the size and complexity of the organization. This is an extraordinary amount of time for any project sponsor to maintain passion around the project. The answer is iterations of value statements which deliver […]
When the backup solution is already working, we can also take a look at notifications more closely. We can send a notification email for every backup, which is run during the night, to tell us whether the backup has been run successfully or not. We can decide the type […]
The gossip news of this week is the alleged hack of Apple’s iCloud of many celebrities. Hundreds of naked photos purportedly belonging to more than one hundred actors and singers have been disclosed online.
On Sunday, the pictures of 101 celebrities, including Ariana Grande, Jennifer Lawrence, Victoria Justice, Kate […]
Traffic light systems security issues
We often see movie scenes in which hackers are able to hack systems for the control of traffic lights, with catastrophic consequences, unfortunately we must be conscious that threat actors are really able these complex infrestructures causing serious problems.
Trafﬁc lights were originally designed as standalone […]
Bacula supports file encryption on the file daemon, which sends encrypted data to the storage daemon for storage. Since the file daemon encrypts the data prior to sending it to the storage daemon, the storage daemon only sees the encrypted data. It’s important to realize that file contents are […]
If you have ever hired a Professional Services team to do an integration project, you know that it takes planning and tenacity to pull it through to the end. Depending on the breadth of the integration, the difficulty of accomplishing this varies. So, what makes an Identity Management integration […]
When configuring the Bacula client, we don’t need the full-blown Bacula installation, but just the bacula-client package that we can simply install by using the apt-get command. The client configuration consists of editing the /etc/bacula/bacula-fd.conf configuration file and ensuring that the name and the password in the Director definition […]
This article presents the integral concepts of Bacula operation and management, which are integral parts of every Bacula backup solution and must be understood in detail. When using Bacula, we must first be up-to-date with the following Bacula terminology:
Director: the director’s name and the access password used for authentication […]
To view Part I of this article, please visit http://resources.infosecinstitute.com/website-hacking-101/.
In this Part, we are going to briefly introduce Path Traversal, usage of Delimiters, and Information Disclosure attack.
We are going to present simple solutions to simplified problems involving the attacks.
Exercise 8: Path Traversal
Figure : A simple webpage in which you […]
In this endeavor I’ve chosen to use Bacula backup software for the reasons outlined above. First we must talk about the Bacula server, but the outlined concept refers to all backup servers out there. There are multiple questions that need addressing: in a virtualized environment, should we backup our […]