U.S. Army Goes Bot Hunting
As an automated network-flow analysis tool, BotHunter uses IDS routines to scan inbound and outbound network packet headers and payloads.
How Are We Doing? Dark Reading Seeks Your Input
If you've been clicking through the pages of Dark Reading regularly for the past several weeks, you've probably noticed lots of changes. As we told you back in October, the site has undergone an overhaul that included moving to a new server and a new production system, and we've implemented a new design that's intended to make the site easier to navigate and use.
As with most new releases,
Solving The DR Testing Problem
It seems like almost every time I see a report on disaster recovery plan (DRP) testing, there are typically 50% of the respondents that either don't test their DR plan or don't test it frequently enough for the plan to be worthwhile. How can we solve this?
Free Memoryze Tool Gets A Much Needed GUI
When software vendors release a "free" version, there is often a catch or some limitation that leaves you wanting for more. Rarely is the release good enough to fill a void that you've been missing. But that's not always the case. A good example is the NetWitness Investigator product that I've been testing and wrote about in Friday's
Cyber Monday Risk Factor: Employees Back At Their Desks, Ready to Shop!
When everybody comes back to work next Monday, count on some of them spending at least a bit of the day surfing for online bargains. And some of them are going to be spending a lot of their time shopping -- some estimates place Monday's online shopping time as consuming more than half the workday. How much of that time also puts you and your network is up to you.
Security Firm Warns Of New Apple Malware
A Trojan horse application has been found circulating the Internet. If infected, users can end up having their system passwords nabbed, and be redirected to a number of phishing Web sites.
LiveView: Seeing Is Believing
Investigating security incidents is a necessary fact of life for IT shops everywhere. What varies is how each group handles the incident. I read an interesting article over the weekend from Enterprise IT Planet called "Five Essential Forensics Tools." While I wouldn't consider them all "essential," a couple of them are very important, like Wireshark and Helix, and others are just examples of the ki
IT Efficiency, First Demand Oversight
In this era of tightening budgets, storage administrators are once again being asked to do more with less. The problem is that for most data centers, the efficiency crank has been turned several times already and the easy efficiency steps already have been taken.
Security and Return-Oriented Programming
You don't have to stray too far from the financial pages to know that returns of any kind aren't much to brag about these days. You could say the same thing about "return-oriented programing." In a nutshell, return-oriented programming security attacks start out like familiar attacks, in which attackers take advantage of a programming error in the target system to overwrite the runtime stack and divert program execution away from the path intended by the system's designer
SSD Can Mean Hard Cost Savings
In our last entry we talked about the time savings and potential increase in productivity and revenue that deploying SSD can enable. This entry we will focus on the hard cost savings associated with SSD. In the right situation, SSD can actually be less expensive than mechanical drives.
Web Security Testing Cookbook Book Review
Veteran web application developers know how hostile the Internet can be, and cookbooks like this one remind us that code vulnerabilities are as diverse as the applications they are unintentionally a part of. Authors Paco Hope and Ben Walther outfit readers with free software security tools and instruct how to use these plug-ins and utilities to build more tamper-resistent apps.
As More Lose Jobs, More Job-Spam Scams On The Loose
Spammers get their clicks by preying upon fear, among other things. And as unemployment levels rise, job, income and related concerns are becoming more common spam-prompts than ever.And prime among them are money-mule scams that try to rope people into laundering money from home.
London Hospitals Still Sick From Virus Breach
I was reading Graham Cluley's blog at Sophos earlier this week about a virus infection (the computer kind) at a number of U.K.-based hospitals. I pretty much passed over this story until I learned just how badly the hospitals were prepared for this.
SSD In Tough Times
At a recent conference I was asked how to cost-justify solid state disk during tough economic times. The interesting aspect to SSD is that because of its cost, it always has needed to be cost justified, regardless of the economic situation, and as a result is far better suited to do more than just "ride out" the storm.
Thompson Era At Symantec Drawing To A Close
Yesterday, the news broke that decade-long Symantec veteran John Thompson would be retiring. Symantec's board of directors appointed Enrique T. Salem, currently chief operating officer at the company, to be president and chief executive officer effective April 4, 2009.
Death of the AV Vendor: Microsoft Offers Free AV
The fundamental problem with the AV market is that it makes antivirus vendors as much a part of the problem as they are a part of the solution. They are motivated to promote exposures to create a market for their offerings, and the end result has been a massive increase in malware and an inability by the ecosystem to effectively combat it. This will change that dramatically.
Economy Sinks, Phish Rise
Shouldn't surprise anybody, but the worse the economy gets, the more aggressive the phishers become. Some new statistics show just how aggressive that is.