(IN)SECURE Magazine issue 17 (July 2008) is out! Open redirect vulnerabilities: definition and prevention The future of security is information-centric Securing the enterprise data flow against advanced attacks Bypassing and enhancing live behavioral protection Security flaws identification and technical risk analysis through threat modeling Migration from e-mail to web borne
New SANS Papers
The SANS Institute released two interesting new papers: Host Intrusion Prevention Systems and Beyond Security Policy for the use of handheld devices in corporate environments
Microsoft, HP ship free tools to protect Web sites from hackers
Microsoft and HP released free tools to help web developers to protect their sites against SQL injection attacks. Source: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9103138&intsrc=hm_list.
Fired Due to a Malware!
The following story has been relayed by several blogs and newspapers. An employee was fired for violation of its company computer usage policy: Child porn was found on his laptop. The first human reaction facing such evidences is not always the best one: “Guilty!”. A computer forensics analyst spent one
Allo Mozilla?
Firefox 3 is out! It seems that the World Record of downloads in 24 hours will be difficult to accomplish…
Who Still Remember Usenet?
A page of the Internet history will maybe be turned off soon. Three major ISPs in the United States (Verizon, Sprint and Time Warner Cable) announced they will stop access to Usenet! (or access will be limited to the Big-8). The youngest of us have probably never used a “newsreader”
R2-D2 Takes Care of Your Network
Nagios is one of the best monitoring tool available in open source. This software has been re-used in a log of monitoring platform available (free or commercial) such as Groundwork or Centreon. When outages are detected, notifications have to be generated. Classic method are: mail, sms, pager, instant-messenger, rss feed,
Lynis: Security and System Auditing Tool
Michael Boelen announced today a new release of his tool called Lynis dedicated to UNIX specialists. Michael is also the developer of RootKit Hunter. Quote from the homepage: “Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related
Upside-Down-Ternet
Security is part of our daily life and is a serious topic. So, when it can be made with some fun, it’s even better! 😉 Check out: Upside-Down Ternet.
More Hosting Nightmare…
Today, my blog suffered of a new severe outage! It already happened end of 2006: One more time, my server was moved to a new data center without prior notification! Ok, there is nothing business critical in this server. But little communication from my hoster would be much better: –