By: - Forensics and Security Expert

@phenrycissp

Are You Ready for Steganography Malware?

July 17th, 2013

Traditionally, the bad guys’ malware bypasses our signature based defenses with some form of obfuscation, like encoding their malware with XOR, base64, gzip etc. or using any of the malware packers tracked by Shadowserver. Penetration testers have long relied upon the capability in Metasploit to render their payloads undetectable to Antivirus programs. Peter Gramantik, a […]



By: - Senior Architect

@danteal

Detecting RMI – Hiding Under the Covers Part II

June 5th, 2013

“All warfare is based on deception” – Sun Tzu, The Art of War My previous post, “Hiding under the Covers”, reviewed the advantages that attackers gain through the use of Reflective Memory Injection (RMI) techniques. In follow up, let’s take a look at methods to detect injected libraries. One of the most powerful penetration testing […]



By: - Information Security Reporter

@kevtownsend

Metasploit: Is it a Good Thing, or a Bad Thing?

February 21st, 2013

Many years ago I ran the online ‘Security Clinic’ on ITsecurity.com. It offered free advice from a worldwide pool of security experts. Late one evening I received a telephone call at home. It was the Chief Constable of Strathclyde Police. He was worried that the Clinic was pointing people to L0phtCrack to help recover their […]



By: - Forensics and Security Expert

@phenrycissp

Chained Exploits: The Business Side of Hacking

October 19th, 2009

As far back as a decade ago, attacks consisted of simultaneously launching strikes utilizing multiple vulnerabilities to gain a foothold in a target network and then following up with privilege escalation attacks to make it more worthwhile for the bad guys. For many years, we simply referred to these attacks as blended threats. While “Chained […]



By: - Forensics and Security Expert

@phenrycissp

IT Pros Face a “Scary” Patch Tuesday with Zero Day Exploits

October 9th, 2009

This month’s Microsoft Patch Tuesday update has reached an all time high with 13 bulletins, which surpasses the previous high of 12 released in October 2008. IT pros won’t only have to deal with the large amount of patches, but the update also includes fixes for 34 security issues with zero-day issues continuing to be […]



By: - Dir. Solutions Marketing

Old Skool Hax

April 20th, 2009

The focus for those of us in the data leakage arena has generally been on the “big holes,” especially when it comes to the risk of insider theft… email, removable devices and drives (e.g., USB flash drives, external HDDs), removable media (e.g., CDs / DVDs). And for good reason. Why?  Well, first, as I’ve mentioned before, […]




IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us

blog.lumension.com