SecurityThreats

Techworld has a DEFCON22 review of the 10 scariest hacks. If a printer can be hacked on the network, all the things you scan or print can be stolen, and once the hacker is on the network there can be additional hacks to gain additional control of your machines. Irongeek story on HPJetdirect hacks   … Read more

The Internet Storm Center has a post about how to get information from computers on the Internet.   So you want to use the Internet?  If you want to use it, you have to be connected. If you are connected you can be scanned. Hackers will scan you until they find a vulnerability. There are … Read more

etutorials.org explains some Heap Overflow attacks   This is an important sentence and diagram( from the etutorials.org: “Where the details of stack overflow exploitation rely on the specifics of hardware architecture, heap overflows are reliant on the way certain operating systems and libraries manage heap memory. Here I restrict the discussion of heap overflows to … Read more

The 23rd  USENIX  Security conference 8/20 – 8/22 2014 discussed  many subjects There is a specific paper about “An Internet-Wide View of Internet-Wide Scanning” by Zakir Durumeric University of Michigan zakir@umich.edu, Michael Bailey University of Michigan mibailey@umich.edu and, J. Alex Halderman University of Michigan jhalderm@umich.edu So that you do not have to fish the 13 pages out of the 1000 page main document … Read more

In the realm of incidence reporting and response Management: CERT has a process to use. One has to have a Computer Security Incident Response Team (CSIRT) A security incident occurs when unwanted scans and attacks are happening. Breaking a security policy is also a security incident.   Of course breaking into a server and stealing data … Read more