Security Weekly interviews H.D. Moore
This is a very interesting discussion with H.D. Moore, the founder of the Metasploit Project and now angel investor, with guidance on getting your security start-up established and funded.
Author: Mike
The Story of how Hacking Team got Hacked
I’ll throw an allegedly in here; Pastebin has a story written by the fellow who hacked Hacking Team about how it was accomplished. Lessons learned are, again: Change default passwords Patch your systems Log account and network activity – identify suspicious activity Secure your backups After sending passwords by email delete the email and change […]
PCI Professional Program Training now available
PCI SSC press release press release: PCI Professional Program Training now available. Good news – it’s a credential you keep, regardless of where you work.
InfoSec Institute Resources – Transforming your Android Phone into a Network Pentesting Device
An excellent walk-through here on transforming your Android Phone into a Network Pentesting Device. I was debating switching to the iPhone 5, but maybe I’ll go for the next Google phone instead.
InfoSec Resources – Noobz Guide for Setting Up a Vulnerable Lab for Pentesting
Jay Turla of the Infosec Institute introduces us to a bunch of free tools, utilities, and resources to set up a lab where we can practice our penetration testing and elite haxxor skills: You don’t need to pay a single penny in setting up a pentesting lab because there are a lot of vulnerable distros […]
Passively Cable Tapping Cat5
I always figured it would work to simply push the individual wires into the “pinch” areas of a Cat 5 jack, allowing you to “patch in” to the cable without needing to clip it… and it works! Pics and story at: 7 Habits of Highly Effective Hackers: Passively Cable Tapping Cat5.
Connecting from a Solaris 10 box via USB to Serial adapter to the console of a switch
How to connect from a Solaris 10 device to the console of a switch via USB adapter: Step 1: Plug in the USB adapter. In this example, I have a Prolific Technology Inc. USB-Serial Controller plugged into the console port of a Cisco 2900 XL switch. Step 2: Run dmesg to see if it was […]
Oracle Solaris 11 Administrator’s Cheat Sheet
Oracle has published a handy-dandy 6-page quick reference of Solaris 11 commands, covering ZFS, disks, zones, SMF, and networking. Grab the PDF from: solaris-11-cheat-sheet-1556378.pdf (application/pdf Object).
Domain User Spraying and Brute Forcing Domain Default Passwords, Avoiding Lockout
Looks interesting: A while ago, Dave Hoelzer did a nice video on how to use Windows PowerShell to hack domain user accounts. Basically, Dave leveraged PowerShell commands which any domain user can execute on a domain and receive either a positive and negative response based on the legitimacy of the username and password combination. This […]
10 Reasons Why Security Professionals Get Hired – Dark Reading
Greg Thompson, vice president of enterprise security services at Scotiabank, says, As an IT security executive, I am constantly asked, “What do you look for when hiring?” Naturally, certification as an accredited security professional helps get job candidates to the table — there are many respected credentials, such as those offered by (ISC), ISACA, […]
nerdherd.com 