Skip to main content

Home/ Groups/ CIS@ULM Information Security
Rss Feed
Sort By: Most Recent | Popular Filter: All | Bookmarks | Topics Simple Middle
William Barnett

Top Federal Lab Hacked in Spear-Phishing Attack | Threat Level | Wired.com - 0 views

www.wired.com/...oak-ridge-lab-hack

infosec Infowar security malware SpearPhishing phishing socialengineering

shared by William Barnett on 20 Apr 11 - No Cached
  • the intrusion came in the form of a spear-phishing email sent to lab employees on April 7. The e-mail, purportedly sent from the human resources department, discussed employee benefits and included a link to a malicious web page, where malware exploited the IE vulnerability to download additional code to users’ machines
  • About 530 employees received the e-mail — out of about 5,000 workers — but only 57 people clicked on the malicious link in the correspondence. Out of this, only two machines got infected with the malware.
  • April 11, administrators discovered a server had been breached when data began leaving the network. Workers cleaned up the infected system, but early Friday evening “a number of other servers suddenly [went] active with the malware,” Zacharia said. The malware had apparently laid dormant for a week before it awoke on those systems. That’s when the lab blocked internet access. Zacharia said the malware “masked itself” on systems and was designed to erase itself if it tried to compromise a system and was unsuccessful.
  • ...1 more annotation...
  • It’s not the first time the lab has been breached through spear phishing. In 2007, a similar attack allowed hackers to access a nonclassified database at the lab and gain access to thousands of names, Social Security numbers and birth dates belonging to anyone who had visited the lab between 1990 and 2004.
William Barnett

Yahoo user sues over password leak | Security & Privacy - CNET News - 0 views

news.cnet.com/...o-user-sues-over-password-leak

infosecurity privacy hacking security Cost of Failure Business Case

shared by William Barnett on 06 Aug 12 - No Cached
  • William Barnett on 06 Aug 12
     
    Business implications of information security failures.
William Barnett

Hak5 - Moxie Marlinspike on Authenticity - Part 2 - YouTube - 0 views

www.youtube.com/watch

security infosec infosecurity encrypt authenticity video

shared by William Barnett on 27 Aug 11 - No Cached
  • William Barnett on 27 Aug 11
     
    Interview on Hak5 that gives a good basic description of issues with current site certification mechanisms and one possible solution. (commercial for the podcast at the end along with other Defcon shenanigans)
William Barnett

Surf Anonymous Free 2.1.0.8 (Windows), from Surf Anonymous Free - Free Downloads on ZDN... - 0 views

downloads.zdnet.com/abstract.aspx

anonymous privacy security

shared by William Barnett on 22 May 11 - No Cached
  • William Barnett on 22 May 11
     
    Not sure how this compares to Tor.
William Barnett

Oracle - 0 views

www.oracle.com/...swf_viewer.load

security infosec hacking firewall

shared by William Barnett on 26 May 11 - No Cached
  • William Barnett on 26 May 11
     
    Application Firewalls
William Barnett

WikiSecrets | FRONTLINE | PBS Video - 0 views

video.pbs.org/1946795242

wikisecrets frontline pbs security infosec Infowar

shared by William Barnett on 30 May 11 - No Cached
  • William Barnett on 30 May 11
     
    PBS Frontline story on WikiLeaks Cable Scandal.  Discusses Wikileaks methods and the circumstances of B. Manning. Learning Points:  1. Poor security policy that allows disgruntled employee to betray the organization. 2. Methods used by Wikileaks organization.
William Barnett

Homeland Security moves forward with 'pre-crime' detection | Privacy Inc. - CNET News - 0 views

news.cnet.com/...rward-with-pre-crime-detection

security detection privacy Civil Rights Big Brother

shared by William Barnett on 07 Oct 11 - No Cached
  • William Barnett on 07 Oct 11
     
    DHS proposal to use technology to persecute "bad intent".
  • William Barnett on 07 Oct 11
     
    This could be bad.
William Barnett

simple_wep_crack [Aircrack-ng] - 0 views

aircrack-ng.org/doku.php

security infosecurity resource hacking Penetration Testing linux wep crack

shared by William Barnett on 07 Feb 15 - No Cached
  • William Barnett on 07 Feb 15
     
    Basic WEP cracking tutorial on Aircrack-ng site. Good run down of several commands with airmon-ng, airodump-ng, and aireplay-ng.
  • William Barnett on 07 Feb 15
     
    Fake authentication thing is questionable on class APs. Alternate is to spoof a connected MAC. Be sure it's one that's transmitting.
William Barnett

Ubuntu Manpage: wpa_supplicant - Wi-Fi Protected Access client and IEEE 802.1X - 0 views

manpages.ubuntu.com/...wpa_supplicant.8.html

wpa resource wifi network networking linux tools

shared by William Barnett on 03 Feb 15 - No Cached
  • William Barnett on 03 Feb 15
     
    wpa_supplicant MAN page.
William Barnett

Connect to WiFi network from command line in Linux - blackMORE Ops - 0 views

www.blackmoreops.com/...ork-from-command-line-in-linux

networking howto tutorial network linux wifi resource

shared by William Barnett on 02 Feb 15 - No Cached
  • William Barnett on 02 Feb 15
     
    "wpa_supplicant -B -D wext -i wlan0 -c /etc/wpa_supplicant.conf"
1 - 20 Next › Last »
Showing 20 items per page