IT Trenches:

information security


March 17, 2010  8:59 PM

National Research Council Announces Cyberdeterrence Scholarship



Posted by: Troy Tate
cyberattack, cybersecurity, cyberterrorism, cyberthreats, information security, infosec awareness, risk, risk management, security awareness, threat

This is a very interesting call for papers (CFP). The questions of interest section raises some significant security concerns. Maybe you watched some of the US national cybersecurity drill in February. If not, check out my previous blog posting

March 12, 2010  4:47 PM

Dept of Homeland Security announces National Cybersecurity Awareness Campaign Challenge



Posted by: Troy Tate
crisis management, cybersecurity, Department of Homeland Security, dhs, education, information security, information security awareness, risk management, security awareness, training

Maybe you heard about the cybersecurity drill ran last month by the Department of Homeland Security. If not, check out this CNN news story. Then watch the very interesting videos of the drill itself. [kml_flashembed movie="http://www.youtube.com/v/u4MDjcpPfvE" width="425" height="350"...


March 4, 2010  7:29 PM

Verizon releases security incident metrics framework – VerIS



Posted by: Troy Tate
framework, information management, information security, infosec, lessons learned, Metrics, risk management, security metrics, threat mitigation, vulnerability management

Last month Verizon released a publicly available version of the Verizon...

Bookmark and Share     0 Comments     RSS Feed     Email a friend


January 26, 2010  1:28 PM

Nmap 5.20 released – 150+ improvements



Posted by: Troy Tate
fingerprinting, information security, information security administration, network administration, network scanning, network toolkit, nmap, os fingerprinting, os identification, penetration testing, Security

In July 2009, Fyodor released Nmap 5.0 with over 600 changes.This was the first major release since 1997. On January 20, 2010, Nmap 5.20 was released with an additional


January 22, 2010  7:34 PM

Sure you can use my security context – exploit me!



Posted by: Troy Tate
exploit, group policy, information security, least user authority, lua, Microsoft, principle of least privilege, security bulletin, vulnerability

I recently blogged about the fact that the initial reports of the Google Aurora attack focused on Internet Explorer version 6. Some...


January 21, 2010  7:23 PM

How small is your netbook? How about a PC on a stick?



Posted by: Troy Tate
information security, machine emulation, portable application, remote access, remote user, secure computing, Security, USB, virtual machine

I know that there are ways to run ISO's from a USB memory stick using the QEMU processor emulator open source software. It's pretty cool if you haven't tried it. Now, according to


January 15, 2010  7:33 PM

Recipe for malware infection – 10 steps



Posted by: Troy Tate
antivirus, attack, firewall, information security, information security awareness, malware, patching, security awareness, social engineering, updates, zero day

For certain malware infection follow these steps: 1. Do not apply operating system patches. 2. Do not apply application patches. 3. Do open emails from unknown sources. 4. Do open attachments on emails from unknown sources. 5. Do open unexpected attachments appearing to be from known...


December 18, 2009  7:58 PM

Search engine for telnet, ftp, ssh and http brings hackers closer to your doorstep



Posted by: Troy Tate
ftp, http, information security, infosec, malware, network, network protection, reconnaisance, scanning, search, search engine, ssh, telnet, web

Google is obviously a great tool for everyone including hackers. If you have never heard of Google Hacking, then I highly recommend you take a look at what might be exposed and found through a Google search. This

Bookmark and Share     0 Comments     RSS Feed     Email a friend


December 4, 2009  1:22 PM

Generating and tracking passwords: Put javascript to work for you



Posted by: Troy Tate
complex password, information security, Password, password security, password tool, strong password, tool, utility

I recently came across this interesting website that uses javascript and SHA-1 hashes to generate passwords. The thing to remember about this tool is that the generated passwords are just numbers and letters. There are no...


December 3, 2009  7:02 PM

CERT ALERT:H1N1 Malware Campaign Circulating



Posted by: Troy Tate
alert, botnet, bulletin, CERT, cert alert, education, government, information security, information security awareness, malicious software, malware, us-cert, user education, warning

The US-CERT released an alert yesterday about a currently circulating malware threat with the H1N1 virus as the subject matter.

...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: