Thursday, December 27, 2007

SecurityDistro - BackTrack 3 Beta Released

Quoted from http://www.securitydistro.com/index.php?option=com_content&task=view&id=305:

SecurityDistro - BackTrack 3 Beta Released

BackTrack 3 Beta ISO version (Stripped Down - 700 mb)
http://www.offensive-security.com/bt3b141207.iso.torrent


BackTrack 3 Beta USB version (946 mb)
http://www.offensive-security.com/bt3b141207.rar.torrent

Thursday, December 06, 2007

Slashdot | Most In US Have False Sense of Online Security

Quoted from http://it.slashdot.org/article.pl?sid=07/12/06/1537256:

Slashdot | Most In US Have False Sense of Online Security

"More than half of computer users who think they are protected against online threats like spyware, viruses, and hackers actually have inadequate or no online protection, according to an independent research study conducted for Verizon... While 92 percent of participants thought they were safe, the scans revealed that 59 percent were actually vulnerable to a variety of online dangers. Ninety-four percent of those surveyed said they would find it helpful to be able to diagnose or check their online security status on a regular basis to make sure their PCs were safe."

Monday, December 03, 2007

Slashdot | Security in Ten Years

Quoted from http://it.slashdot.org/article.pl?sid=07/12/03/1840243&from=rss:

Slashdot | Security in Ten Years

Schneier has posted a conversation between himself and Marcus Ranum, Chief Security Officer for Tenable Network Security, Inc. looking at where security is headed.

SecurityDistro - OWASP LabRat 2.1 Released

Quoted from http://www.securitydistro.com/index.php?option=com_content&task=view&id=303:

SecurityDistro - OWASP LabRat 2.1 Released

This LabRat release is part of the 2007 OWASP Spring of Code project.

You can download it here. 

Please let us know your thoughts on the new release by going to the LabRat 2.1 forum section.

Slashdot | A Look at Microsoft's Security War Room

Quoted from http://it.slashdot.org/article.pl?sid=07/12/03/1451252&from=rss:

C|Net has an interesting piece about Microsoft's Security War Room, or rather, shall I say rooms. This room came about when Microsoft's security chief, Mike Nash, had issues finding open conference rooms. The response; a dedicated room only for him and his staff to handle emergencies.

Tuesday, October 16, 2007

BackTrack 3 In Testing
BackTrack 3 is currently in testing. No word yet on a release time.

Here is a little teaser.

Saturday, October 13, 2007

Microsoft gives in to denied IE vulnerability
"Microsoft has finally accepted responsibility for its role in a security weakness that allows malicious websites to run harmful code on an end user's machine. The acknowledgment of the vulnerability in Internet Explorer comes after three months of saying the burden lay with third-party software makers whose programs actually accepted the nasty payloads."

There goes Microsoft's credibility...again.

Full Article: http://www.theregister.co.uk/2007/10/12/microsoft_uri_reversal/
A Monster of a Trojan
"A Trojan horse mines Monster.com for personal details that could make fraudulent e-mail schemes more convincing, while evidence mounts that other job sites are also being attacked."

Full Article: http://www.securityfocus.com/news/11484

Friday, October 12, 2007

Businesses spend only 20% on security
"Security accounted for 20 percent of technology spending last year and it's expected to rise, according to a report released Tuesday."

Full Article: http://www.itnews.com.au/News/62760,businesses-spend-20-of-it-budgets-on-security-survey-shows.aspx

Wednesday, October 10, 2007

Office workers still the biggest threat to IT security
According to a new online survey from Sophos, regular employees pose the biggest threat to IT security.
Wow, who would have thought... /sarcasm

Full Article: http://www.sophos.com/pressoffice/news/articles/2007/10/network-threat.html
Linux Kernel v2.6.23 Released
"2.6.23 includes the new, better, fairer CFS process scheduler, a simpler read-ahead mechanism, the lguest 'Linux-on-Linux' paravirtualization hypervisor, XEN guest support, KVM smp guest support, variable process argument length, make SLUB the default slab allocator, SELinux protection for exploiting null dereferences using mmap, XFS and ext4 improvements, PPP over L2TP support, the 'lumpy' reclaim algorithm, a userspace driver framework, the O_CLOEXEC file descriptor flag, splice improvements, new fallocate() syscall, lock statistics, support for multiqueue network devices, various new drivers and many other minor features and fixes."

Release Notes: http://kernelnewbies.org/Linux_2_6_23