1 min
Networking
Leveraging Security Risk Intelligence to Improve Your Security Posture
As most of you probably know, attackers routinely target exploitable weaknesses
of security systems rather than pre-identifying victims for their attacks. Also,
most breaches that occur in database security systems are avoidable without
expensive or sophisticated countermeasures.
In its 2012 Data Breach Investigations Report, Verizon
[http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf]
registered 174 million compromised records for 2011, compar
1 min
Nexpose
How to Check for Remote Desktop Protocol (RDP) Services
There are many organizations concerned with the critical Microsoft Security
Bulletin MS12-020
[http://technet.microsoft.com/en-us/security/bulletin/ms12-020] Remote Desktop
Protocol (RDP) vulnerability. Here is a quick way to check if you have Remote
Desktop Protocol running on your system or network. I used NMAP
[http://nmap.org/] to check my home network.
In the highlighted text below you can see that NMAP can check for the RDP
service running. If you can't patch, this is important because at
2 min
Metasploit
Getting The Most Out of Metasploit: Pentesting, Password Auditing, and Vulnerability Validation
When we talk to Metasploit users, they usually use it for either penetration
testing, password auditing or vulnerability validation, but few use it for more
than one of these purposes. By leveraging your investment in Metasploit, you can
triple-dip at the same price - no extra licenses needed.
Penetration Testing
With penetration testing, you can identify issues in your security
infrastructure that could lead to a data breach. Weaknesses you can identify
include exploitable vulnerabilities, we
2 min
Patch Tuesday
October 2011 Patch Tuesday
This month, Microsoft issued eight bulletins, addressing 23 vulnerabilities
across Microsoft Windows, Silverlight, .NET and Forefront product lines. Only
two bulletins were rated 'critical', and the rest were rated 'important'.
In terms of prioritizing patching, when I look at security vulnerabilities,
first I want to understand which ones can have the most widespread impact.
MS11-081is a cumulative update which affects Internet Explorer, so it relates to
both corporate and home users. These v