report from a computer security company that links Chinese hack group APT1 to China’s government [Army] ————— aPt1 is believed to be the 2nd Bureau of the People’s Liberation army (PLa) General staff Department’s (GsD) 3rd Department (总…
Posted in china, government, infosec, Security | Comments Off | permalink
report from a computer security company that links Chinese hack group APT1 to China’s government [Army] ————— aPt1 is believed to be the 2nd Bureau of the People’s Liberation army (PLa) General staff Department’s (GsD) 3rd Department (总…
Posted in china, government, infosec, Security | Comments Off | permalink
Guide to Computer Security – Log Management, NIST Publication 800-92 (SEP-2006) / Describes enterprise log management, collection & analysis from policy and technology perspectives.
Posted in analysis, compliance, enterprise, infosec, it, log, management, policy | Comments Off | permalink
Guide to Computer Security – Log Management, NIST Publication 800-92 (SEP-2006) / Describes enterprise log management, collection & analysis from policy and technology perspectives.
Posted in analysis, compliance, enterprise, infosec, it, log, management, policy | Comments Off | permalink
Worm uses bug in jmx-console to execute shell code, then it installs perl-based control daemon that connects to IRS, and tries to discover other JBoss’es near by by using jgroups UDP multicast. Here is more details, including the source code http://pa…
Posted in bug, infosec, jboss, jbossas, jmx-console, update, virus, work, worm | Comments Off | permalink
Worm uses bug in jmx-console to execute shell code, then it installs perl-based control daemon that connects to IRS, and tries to discover other JBoss’es near by by using jgroups UDP multicast. Here is more details, including the source code http://pa…
Posted in bug, infosec, jboss, jbossas, jmx-console, update, virus, work, worm | Comments Off | permalink
MOXIE MARLINSPIKE talk at BlackHat USA 2011 about current problems with SSL and CA sustem, and the feature of SSL w/out CAs.
Posted in authenticity, blackhat, CA, crypto, infosec, Security, ssl, trust, video | Comments Off | permalink
Posted in authenticity, blackhat, CA, crypto, for:@twitter, has:for, infosec, Security, ssl, trust, video | Comments Off | permalink
read this if you need to conduct pen and security testing on / from EC2 instances
Posted in amazon, aws, cloud, ec2, infosec, policy, Security, vulnerability | Comments Off | permalink
Posted in amazon, aws, cloud, ec2, infosec, policy, Security, vulnerability | Comments Off | permalink
You are currently browsing the archives for the infosec category.
Konstantin Antselovich (c) 2004-2011
powered by WordPress
Entries (RSS)
and Comments (RSS).