Article Archive

Hacking April 13, 2011 Infosec

Info on the disclosure of the wicd 0day

Rel1k (Dave Kennedy) asked for a more detailed explanation as to the wicd disclosure / backtrack “0day” fiasco and we're happy to explain. We slipped up...

Digital forensics April 12, 2011 Keatron Evans

Computer Forensics: Alternate Data Streams

Alternate Data Streams are a way to store data on a machine that is not readily accessible to users. Using ADS, files are not easily accessible by Windows operating...

Hacking April 11, 2011 Infosec

Neil Daswani Reveals His Process for Security Research

In our ongoing series of interviews, this week Neil Daswani answered a few questions and pulled back the curtain a bit on the methods, tools and motivation...

Digital forensics April 8, 2011 Keatron Evans

Computer Forensics: Snort Logs Analysis

Sometimes the best evidence of a network intrusion resides in network or traffic logs. Snort is a well known open-source traffic analysis and network intrusion detection...

Reverse engineering April 6, 2011 Mourad Ben Lakhoua

Malware Analysis: Classifying with ClamAV and YARA

On a daily basis,we are encountering thousands of new types of malware with unknown content. This malware can come from honeypots, infected websites or even...

Hacking April 4, 2011 Alec Waters

SLAAC Attack – 0day Windows Network Interception Configuration Vulnerability

// reddit_url = "https://resources.infosecinstitute.com/slaac-attack-%E2%80%93-0day-windows-network-interception-configuration-vulnerability/"; reddit_title...

ISACA CISA April 1, 2011 Kenneth Magee

CISA Domain 5 – Protection of Information Assets

Domain 5, Protection of Information Assets is the last domain in the CISA certification area and the most important. ISACA has stated that this domain represents...

Professional development April 1, 2011 Keatron Evans

How to Learn the IT Skills of a Security Professional

InfoSec Institute's Recommended Course Path for Beginners: A+ Class Network+ class Security+ MCITP track for Server Admin CCNA CCNP Ethical Hacking Advanced...

ISACA CISA March 31, 2011 Kenneth Magee

CISA Domain 4 Information Systems Operations, Maintenance and Support

For 2011, ISACA has updated the domains reducing them from 6 to 5. Domain 4 now includes Disaster Recovery from the old Domain 6. This section has six areas...

Application security March 30, 2011 Ryan Dewhurst

Finding security vulnerabilities in PHP using Grep

Description: Using grep to find common web application vulnerabilities within your applications. It is a common misconception that companies need to purchase...