Home > Uncategorized > Security News #0x62

Security News #0x62

  • Did you know that you can use Metasploit to generate MSI (windows installer) files with your malware? Would you like a demo?
For Students
  • Students- you need to know about the common processes that run on a Windows system. Do you know CSRSS.EXE does? Or what is the SVCHOST.EXE? Well the folks at System Forensics have put together a short summary of these common processes and explain a bit about each. This should definitely be on your reading list!
  • Everyone in the business of cyber security is likely to get hacked at some point. Natural reactions vary, but embarrassment is probably high on the list. If you want to see someone handle this with class, you might want to read how Rich Mogull handled a tough situation.
Learning More
  • If you use Truecrypt to protect your data, you should be aware that its master keys must remain in RAM while the tool is in use. Thus, if an attacker gets to a powered on system, or can clush memory to disk, they have a shot at getting your protected data. Take a look at the piece from Volatility Labs to learn what is going on.
  • Rob Fuller has posted his slides from ShmooCon, giving some simple ways to defend your network, from using EMET, to using proxies to block the Java UA at the perimeter to avoiding WPAD attacks. Well worth a look!
Industry News
  • As you think about the latest NSA revelations, remember that they are not the only actors trying to penetrate your network. Sometimes it is done for commercial gain, as in the most recent targeted Target attacks, but also for political reasons. The Electronic Frontier Foundation reports that they were the target of Vietnamese malware aimed at staffers, perhaps because of their stands against Vietnamese internet censorship.
Random Silliness
Categories: Uncategorized
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: