For years, security people have been trying to show businesses how to be secure. It is still not working. What they haven't realized is they are talking to the wrong end of the horse.
Teach Security to the user at home. Show them how to secure their home computer so that they can do their business on it, preferably for free. Teach it to their kids in school. Start now. Then show them the exact same tools and techniques and rules and safe practices at work. It won't be something new… Continue
Added by Darrin Ford on March 15, 2010 at 11:08am —
After spending some time in our laboratory, experimenting with some ruby scripts for the metasploit framework, I conducted a small experiment. I was wondering what if I could carve files out of
memory-dump files ?! It could be possible to carve out portable
executables/malware as well. This write-up demonstrates what I did.
How to get malware
Added by Leon van der Eijk on March 1, 2010 at 4:11am —
This post has been published previously on http://lvdeijk.wordpress.com
Today I had a funny one at my work.
for some reason, people still keep falling for e-mail chainletters and hoaxes. The question just asks itself: why?
First of all, for those who don't know what either is:
chainletters & hoaxes
An e-mail chainletter is some e-mail message like this:… Continue
Added by Dennis Lemckert on March 1, 2010 at 3:00am —
NMAP FOR ANDROID CROSS COMPILE ARM
# from android root prompt
nmap -v -iR 50 -PN -p 80 -n -A
This MAY work for other platforms but tested on cygonmod as of 2/18/2010 on
Android G1 plan to APK package this up with other security tools
ruby/metasploit etc ..
• SYN scans may not REALLY be working … along with other… Continue
Added by operat0r on February 18, 2010 at 3:00pm —
After a 4 part investigation / introduction “I was working on tutorials
” to bypassing anti-virus, an update to the target product slapped me in the face, halting the mechanisms I had used for circumvention, I needed to find a solution that would allow me to continue with my deployment of meterpreter and Avast_OFF is what I came up with.
I was looking for some-way, any-way to bypass the product in question just to see how easy it was with today's tools, I had seen AutoIT… Continue
Added by James Fisher on January 27, 2010 at 6:00pm —
hello ALL and welcome to my one and only blog, I decided to blog on this site and this site alone so if your interested in what I do you will need to locate me here. Not all that I undertake is release to the public, but I decided a blog related to security is a natural choice for “unknowns” looking to find a path into the computing security industry.
Added by James Fisher on January 27, 2010 at 6:00pm —
today while trolling the usual places i found out that Back|Track has moved and version 4 is at final.
the site looks great, shiny, and new, so i decided to see if i could up my noob status by adding a guide i created for myself while wondering what to do one day. i decided to create the guide and publish it under the 'story' of 'hacking your neighbours', understandably the post was remove and i… Continue
Added by James Fisher on January 15, 2010 at 5:00am —
As I start this New Year I of course have to take a look back at 2009 and consider what has happened. The funny thing is, as soon as I started reflecting on the last year, my mind wandered even further back. I thought back to when I was homeless, facing the choice of quitting high school to help support my family and then all the time I have spent since working in security and with Law enforcement. It hits me how fear has played such an important part of my success. Also how old fears are… Continue
Added by Jayson E. Street on January 4, 2010 at 3:29pm —
I will be traveling next week to meet with a screen writer so the "news" is that there is a chance my book is heading to the big screen :-) I will be posting more detailed updates soon here stay tuned. (And wish me luck) ;-)
Added by Jayson E. Street on December 14, 2009 at 4:47pm —
Hey…thanks for the support! For those of you wondering about the feeds you see on various sites here’s the scoop. We are no longer selling Dissecting the Hack. We started destroying copies on Monday and our sales folks have made all our partners aware of this situation. But to formally pull it down we need to attach all records to the new book’s ISBN. Then we have to substitute it, link it and push all the feeds back out to vendors. You’ll see that our site,… Continue
Added by Jayson E. Street on October 23, 2009 at 3:14pm —
I have been humbled by the support I have received from the INFOSEC community. I wrote this book to give back to the community not knowing what the community would give back in turn.
This does not make things better I have to have my actions live up to my words. With the help of so many in INFOSEC that will happen.This book was to engage the NON-INFOSEC community to learn more about us to see who we really are & what it is all about. But this has Shown me more than any book I… Continue
Added by Jayson E. Street on October 23, 2009 at 10:00am —
From Laura Colantoni (Syngress)
The team at Syngress recently found out through our Twitter feed that Dissecting the Hack might have plagiarized material. The twitter feeds led us to a popular blog where we found listed at least 125 instances of plagiarism-mostly from Wikipedia.
After talking to all involved we have determined the following:
* The book's technical editor is the source of this plagiarism. He greatly overstepped his role.
* He… Continue
Added by Jayson E. Street on October 22, 2009 at 3:30pm —