Ethical Hacking

Ethical Hacking

Cyber Security

by

Cyber security measures are associated with managing risks, patching vulnerabilities and improving system resilience. Key research subjects include techniques associated with detecting different network behavior anomalies and malware, and IT questions related to IT security. Since these research subjects mainly concentrate on the physical, syntactic and semantic layers, present research infrastructures are focused on studying … Read more

Commercial software: Not cheap, but has maintenance

by

The other option for running VM software yourself is to use commercial software. Most people automatically think of commercial software as a ‘safe’ option, and it usually constitutes the bulk of installed applications. But commercial software has drawbacks, so consider these points: Commercial software costs real money. You have to buy it, and that requires … Read more

Open Source software: Free, but not cheap

by

Open Source software is usually developed in an open, collaborative manner. The software is typically free, and users are able to use, change, improve, or share it. However, three considerations about Open Source software don’t bode well for use with VM: Questionable code. Open Source code is developed by the public, and you can’t be … Read more

Run Software Yourself

by

Software-based solutions enable you to install software for vulnerability management on your internal network and run them yourself. Software can automate many processes for VM. However, having the control over VM software carries the usual price tag of having to manage it (and secure it). You have to successfully operate and maintain everything – in … Read more

Identifying the vulnerability shortlist

by

The VM solution you select needs to provide the capability to scan for and fix vulnerabilities in a broad range of categories, including: Back Doors and Trojan Horses (bypass authentication systems).  Brute force attacks (defies cryptography by systematically trying different keys). CGI (exploits the Common Gateway Interface). Databases. DNS and Bind (exploits Domain Name … Read more

Detecting and Removing Vulnerabilities

by

Vulnerability management has evolved from simply running a scanner on an application, computer, or network to detect common weaknesses. Scanning is an essential element of vulnerability management, but VM includes other technologies and workflow that contribute to a bigger picture required for controlling and removing vulnerabilities. The primary objectives of VM are to:  Identify … Read more

Understanding Linux Vulnerabilities

by

Vulnerabilities    and    attacks    against    Linux    are    creating    business    risks    in    a    growing number    of    organizations    —    especially    e-commerce    companies,    network    and    IT/security vendors,    and    cloud    service    providers    that    rely    on    Linux    for    many    of    their    systems, including    their    own    products.    When    Linux    systems    are    hacked,    the    victim organizations    can    experience    the    same    side    effects    as   … Read more

Cracking Phones and Tablets

by

I    don’t    envy    IT    administrators    and    information    security    managers    for    many    reasons    but especially    when    it    comes    to    the    bring    your    own    device    (BYOD)    movement    taking    place in    business    today.    With    BYOD,    you    have    to    trust    that    your    users    are    making    good decisions    about    security,    and    you    have    to    figure    out    how    to    manage    each   … Read more

Sizing Up Mobile Vulnerabilities

by

It    pays    to    find    and    fix    the    low-hanging    fruit    on    your    network.    That’s    where    you    get    the most    bang    for    your    buck.    The    following    mobile    laptop,    phone,    and    tablet    weaknesses should    be    front    and    center    on    your    priority    list: No    encryption Poorly    implemented    encryption No    power-on    passwords Easily    guessed    (or    cracked)    power-on    passwords For    other   … Read more

Understanding the Implications of Wireless Network Vulnerabilities

by

Wi-Fi    is    very    susceptible    to    attack    —    even    more    so    than    wired    networks    if    it’s    not    configured    or    deployed    properly.    Wireless    networks    have    long- standing    vulnerabilities    that    can    enable    an    attacker    to    bring    your    network    to    its    knees    or allow    your    sensitive    information    to    be    extracted    right    out    of    thin    air.    If    your    wireless network   … Read more