Manage

Hacker Tools and Techniques Underground Sites and Hacking Groups

• The implications of the NetSpectre vulnerability

  The NetSpectre vulnerability could enable a slow leak of data remotely via side channels. Expert Michael Cobb explains why data on secure microprocessors is not actually safe. Continue Reading

• How white hat hackers can tell you more than threat intelligence

  White hat hackers can play a key role in assessing threats lurking on the dark web. Discover what traditional threat intelligence isn't telling you and how white hats can help. Continue Reading

• Cybercrime study: Growing economic ecosystem spells trouble

  New research shows that cybercriminals are gaining momentum with connected infrastructure and collectively earning billions annually from a cybercrime economy. Now what? Continue Reading

• Marcus Ranum decodes hardware vulnerabilities with Joe Grand

  Computer hardware designs with dangerous security flaws? That's no surprise to renowned hardware hacker Grand. Continue Reading

• Why WannaCry and other computer worms may inherit the earth

  A vast majority of APT attacks and malware delivery happens via spear phishing. But worms have always had a place in the toolkit when the delivery method fit the mission. Continue Reading

• Risk & Repeat: Shadow Brokers' dump shakes IT industry

  In part two of Risk & Repeat's podcast on the Equation Group, SearchSecurity editors discuss the zero-day vulnerabilities discovered in the Shadow Brokers' data dump.Continue Reading

• Cyberextortion reaches new heights with bug poaching

  In this Risk & Repeat podcast, SearchSecurity editors discuss how a cyberextortion campaign is targeting enterprises that don't have official bug bounty programs.Continue Reading

• How can enterprises defend against an evil twin attack?

  The threat of an evil twin attack has plagued enterprises for years, and it's still not leaving. Expert Nick Lewis explains how to defend against evil twins.Continue Reading

• Emerging security threats from every which way

  Lethal threats to enterprise information security are emerging from every which way. This ISM Insider Edition looks at what security professionals are up against: state-sponsored attacks, the rise of hacking via social media, and the spread ...Continue Reading

• Emerging security threats you're up against now

  Learn about the 'hacking as a service' and other emerging security threats.Continue Reading

• Emerging hacking trends worry seasoned security professionals

  Video: Some new hacking trends have security professionals worried, including Robert "RSnake" Hansen, who notes the speed and motivation of today's attackers.Continue Reading

• Click fraud to ransomware: Study highlights dangers of malware lifecycle

  New roundup: Sometimes the least of threats -- such as click fraud -- can end up being the bigger issues -- like ransomware. Plus: U.S. Navy won't let go of XP; U.S./China cyber code of conduct; and more!Continue Reading

• Hacking forensics: Windows command-line tools for the modern era

  It's a fact of life: Windows systems get hacked. In this tip, expert Nick Lewis discusses multiple Windows command-line tools to help enterprises discover if their system has been compromised.Continue Reading

• Windows Error Reporting may provide intelligence to attackers

  Attackers may be able to use Windows crash data to find their targets' weaknesses, but enterprises can turn the tables via better anomaly detection.Continue Reading

• AutoIt script in malware attacks: Defensive best practices

  Industry expert Nick Lewis outlines the growing popularity of AutoIt script code in malware attacks and how to defend against these attacks.Continue Reading

• PDF download: Information Security magazine October 2012

  In this issue, find out who won this year's Readers' Choice Awards. Also learn about threat management best practices and how hacktivists are impacting the threat landscape.Continue Reading

• The hacktivist threat to enterprise security

  With their goal of damaging corporate reputations, hacktivists aren't your average cybercriminals.Continue Reading

• UGNazi hacker group claims responsibility for Twitter outage

  Hacktivist group UGNazi says it caused multiple Twitter outages Thursday. Update: Twitter says a "cascading bug" was to blame.Continue Reading

• Time for discourse on China computer hacking

  China is being accused of hacking corporate, government and military networks in the U.S. for economic gain. Policy makers need to be versed in cybersecurity and figure out how to respond.Continue Reading

• The banking malware scourge

  Criminals are using the Zeus banking Trojan and other malware to hijack online business banking accounts.Continue Reading

• ISP shutdown slows Zeus botnet

  Security experts say the Zeus botnet was slowed with the shutdown of Troyak, an ISP serving a large chunk of the Zeus botnetContinue Reading

• Metasploit Project acquisition ups ante for penetration testing market

  Rapid7's acquisition of the Metasploit Project takes down one of the few remaining open source security projects. But expect a smooth transition; there have been many success stories and mistakes made to learn from.Continue Reading

• Rootkit detection and removal know-how

  Get advice on how to detect malware and rootkits and the best ways to achieve rootkit removal and prevent hacker attacks.Continue Reading

• New Types of Computer Crime: Combating malware, botnets, phishing

  The days of thrill-seeking script kiddies are over. Organized criminals are launching new types of computer crime, including browser malware, targeted email attacks and voice-based phishing, and using botnets to launch DDoS attacks.Continue Reading

• Hacker demonstrates targeted attack

  Hacker Robert Hansen, also known as RSnake, demonstrates the pains cybercriminals take to target specific organizations and individuals through an exercise posted on his blog, which targeted the head of Google's spam team. Hansen's exercise ...Continue Reading

• More Than Meets the Eye

  You may think you're guarding your assets, but malicious insiders are using steganography to slip closely guarded company secrets out of your organization.Continue Reading

• Hacking Exposed: Network Security Secrets & Solutions

  Read a review of the security book Hacking Exposed: Network Security Secrets & Solutions (Fifth Edition).Continue Reading

• Proving Grounds

  Test labs are the ideal place to check theory against reality.Continue Reading

• Sploit!

  Exploit frameworks are the machine guns of automated attacks. Don't get caught on the wrong end of the barrel.Continue Reading

• Invasion Force

  Continue Reading

• Secure remote access points and configure connections to avoid a hack

  This installment in our series focuses on poorly secured remote access points that can bypass firewalls and intrusion detection systems and give hackers the key to the candy store.Continue Reading

• Secure Reads: Gray Hat Hacking

  Gray Hat Hacking: The Ethical Hacker's HandbookContinue Reading

• The downside of cybercrime investigation and prosecution

  Prosecuting cybercrime puts your organization -- and your security -- on the hot seat.Continue Reading

• Frank Abagnale preaches the dangers of hacking

  A penitent Frank Abagnale Jr. shuns white-collar crime and fraud, and helps others understand how to guard against the dangers of hacking.Continue Reading

• Reality AV: Infosec storylines make for good reality TV ideas

  Is a Hacker Dating Game show that far-fetched? A few infosec storylines that would play well as reality TV ideas.Continue Reading

• Your're caught: Examining punsihment for cybercrime

  The Trippin Smurfs hacker gang chose the wrong day to deface NASA.Continue Reading

• Reduce Windows command line scripting risks with least privilege

  JP Vossen explains and demonstrates how least privilege can be used to prevent attackers from gaining administrative access when using Windows command line scripting.Continue Reading