IT Trenches:

Security


November 19, 2010  2:37 PM

Anatomy of a crimeware rootkit – scary stuff!



Posted by: Troy Tate
crimeware, infosec, malware, rootkit, training, trojan, tutorial

I came across a recent tutorial on reverse engineering the ZeroAccess / Max++ / Smiscer Crimeware Rootkit. This is a very malicious...

September 10, 2010  5:05 PM

Is there an orange ball in information security?



Posted by: Troy Tate
awareness, information security, infosec, malicious software, malware, network management, network security, security awareness

In Japan many retailers have what look like orange balls or waterballoons near checkouts. Bruce Schneier, a leading information security expert, recently blogged about these


September 10, 2010  3:56 PM

DLL hole also affects EXE files



Posted by: Troy Tate
exploit, hacking, information security, infosec, risk analysis, threat, vulnerability

According to a Heise Media report, the DLL binary planting vulnerability is not just limited to DLL files but affects EXE files. The example given: An HTML file is saved along with a copy of a file called EXPLORE.EXE. The HTML file is opened and has a URI link embedded with the address file://....


August 27, 2010  5:49 PM

Did you see this? – Microsoft updates Security Compliance Management Accelerator toolkit



Posted by: Troy Tate
Data security, DataCenter, design, Metrics, Microsoft Windows, Monitoring, policy enforcement, reporting, Security, tools

In 2008, I blogged about Microsoft's release of Security Compliance Management Accelerator toolkit. Now two years later Microsoft...


August 27, 2010  1:35 PM

Hackers send exploit code to Microsoft



Posted by: Troy Tate
application development, information security, infosec, infosec awareness, malicious software, malware, Microsoft, Microsoft Windows, web application development

Go ahead and report why your system crashed - send Microsoft the exploit code you are working on. As most Windows users know, you can send Microsoft details about what caused a system crash. In some cases hackers respond yes and their exploit code is sent to Microsoft according to a


August 23, 2010  6:32 PM

Investigation indicates trojan contributed to 2008 Spainair crash



Posted by: Troy Tate
anti-virus, antivirus, av, computer maintenance, loss of life, malicious software, malware, malware protection, slow performance, trojan, virus

Bookmark and Share     0 Comments     RSS Feed     Email a friend


August 17, 2010  5:48 PM

8-character passwords are so 1999 – 12 characters is 21st century



Posted by: Troy Tate
access management, authentication, brute force, hacking, identity management, information security, infosec, infosecurity, Password, password management, secure access, Security

Today's computers and add-on processors (think graphics processing units - GPU's) are extremely powerful. The GPU of today offers about 2 teraflops (10^12 floating...


May 21, 2010  5:15 PM

SC Vision – web videos for infosec professionals



Posted by: Troy Tate
education, information security education, infosec, PKI, Security, security administration, security awareness, webinar

SC Magazine has announced the SC Vision TV website. Currently there is a collection of about 7 videos of interest to IT professionals on such topics as Driving More Informed...


May 19, 2010  8:09 PM

Malvertisements – 1.3 million viewed per day!



Posted by: Troy Tate
drive-by download, information security, information security awareness, infosec, malicious software, malware, security awareness

Last year the NY Times website had advertisements that served up some malicious content (Would you click if it showed on the NY Times website? -...

Bookmark and Share     2 Comments     RSS Feed     Email a friend


May 12, 2010  2:48 PM

Follow Twitter “How to become a hacker in 15 minutes”



Posted by: Troy Tate
certified ethical hacking, education, hacking, information security, information security education, infosec, infosec awareness, Security, technology, twitter

Well, it looks like it might be time for me to join the "twitterpated". Until now I did not see much value in this additional information source. With regards to Twitter, I tend to agree with


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: