Videos

Black Hat EU 2014

Black Hat EU 2014

Today's Guru

Opinion and Analysis

Please don’t pass the hash

Please don’t pass the hash

Currently, there’s a lot of talk about “pass-the-hash” (PtH) attacks.   PtH attacks are based on exploiting vulnerabilities in the Windows Lan Manager (LM) and Windows NT Lan Manager (NTLM) authentication systems. Therefore, any Windows system is vulnerable to PtH attacks, which are very difficult to defend against because it only takes one misconfigured computer, (…read more)

Dropbox – hacked or not hacked? Does it matter?

Dropbox – hacked or not hacked? Does it matter?

Thought for the weekend… This week the security world was hit by vulnerability after vulnerability after vulnerability. Or at least that’s what it felt like. We’d barely finished with the news that another retailer, Kmart, had suffered a breach before Sandworm started burrowing through defences, POODLE ran amok and finally we ended the week being (…read more)

The lowdown on POODLE

The lowdown on POODLE

Around 24 hours since the POODLE bug hit the internet and the headlines, the severity of the flaw has made this the new most talked about flaw of the moment. POODLE, short for “Padding Oracle On Downgraded Legacy Encryption”, affects the 15 year old SSL v3 protocol, which Gavin Millard, Tenable’s technical director for EMEA, (…read more)

Scam of the Week

US-CERT warns on Ebola scams

US-CERT warns on Ebola scams

The world is talking about the Ebola virus, and unsurprisingly this has not stopped cyber criminals and scammers from jumping onboard also.   In fact, there have been so many scams that US-CERT has issued a warning about phishing emails that may contain links that direct users to websites which collect personal information such as (…read more)