If you ask me the President of RSA had the best keynote at the RSA conference in San Francisco: http://www.rsaconference.com/media/escaping-securitys-dark-ages I have collected the images from the video link above: Talk was titled ” We are Living in Security’s Dark Ages” There is a lot in the 30 minute video, I recommend that if you … Read more
So I finally tried running OpenVAS on my Kali-Linux system. It did not work, stating that you have to run the install first. So I did that (as you can see above) Now I got the following window: Notice the “install” did not go well Step 1: checking OpenVAS Scanner … ERROR: No OpenVAS Scanner … Read more
Threat modeling means you will view your network with a subjective eye and find the most likely attack vector. from a security threat point of view. This is similar to risk Management, where you list all devices and show which ones need the most security attention. Threat modeling comes from a different direction – and … Read more
Wired has a story about “New Dark-Web Market Is Selling Zero-Day Exploits to Hackers” This is the new welcome greeting in the “Dark-Web or Dark-Net” essentially a webserver that is not searchable on Google, only using anonymous Browsers one can find this type of a “market” entrance. Silk Road is another venue that uses the … Read more
Tuesday the patch was released: Here is where it started CVE-2015-1635 Description: HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka “HTTP.sys Remote Code Execution Vulnerability.” the vulnerability was created 20150217 MS:MS15-034 http://technet.microsoft.com/security/bulletin/MS15-034 … Read more
