Monthly Archives: August 2011

Why Monitor Internet Usage?

As security professionals we often know what needs to be done, however convincing Management to invest in certain software can be hard. Monitoring Internet usage can be a controversial action, one that Management might be reluctant to agree to unless

COREvidence New Vision for Security Scanners

Any security professional have his own way and tools to conduct vulnerability assessment , the problem that we have when using different security assessment tools that utilities produce several reports with different results. This is not the only problem another

Morto: Computer Worm Spread via RDP

New worm has been reported by F-Secure Lab. The malware called Morto consists of several components includes executable dropper and a DLL that perform the payload. After executing the malware on local system the worm starts searching on the affected

MyCERT CyberSecurity Malaysia Introduce DNSwatch

Malysian CERT announced a new free service DNSwatch that will check every website address your computer is trying to access. Basically the checks are performed while you’re browsing the internet, clicking a link in an email, or running a program

Remote DoS Vulnerabilty in Apache

Apache Killer a new exploit that uses a serious Apache vulnerability discovered over 54 months ago, the bug allows hacker to conduct a denial of service attack and turn any web server down. Under certain conditions Apache internally is inefficient

ZeuS Spreading via Facebook Friends Request

New spamming campaign has been reported by Trend micro. This type of malware is spreading through Facebook.  The downloaded malware is another type of Zbot, also called Zeus a Trojan horse that attempts to steal confidential information from the compromised

Automated HTTPS Vulnerability Testing

One of main problem in HTTP protocol is encrypting traffic and verifying data security, securing the web application against any threat is very important especially that if hackers conduct a Man-in the middle attack he can get all users information