Archive | Countermeasures


12 July 2012 | 1,367 views

Microsoft Enhanced Mitigation Evaluation Toolkit (EMET) 3rd Party GUI

We published an article about Microsoft Enhanced Mitigation Evaluation Toolkit (EMET) when it came out back in June 2011. The Native GUI for EMET is in .NET and there are some situations or restricted environments where you may be unable to install .NET or just simple don’t want to use it. This is where this [...]

Continue Reading


19 June 2012 | 3,602 views

Graphical Web Interface for OSSEC WUI AnaLogi v1.1

‘Analytical Log Interface’ was built to sit on top of OSSEC (built on OSSEC 2.6) and requires 0 modifications to OSSEC or the database schema that ships with OSSEC. AnaLogi requires a Webserver sporting PHP and MySQL. Written for inhouse analysis work, released under GPL to give something back – it’s intended to help you [...]

Continue Reading


31 May 2012 | 1,071 views

Bitdefender Internet Security 2012 Review

Introduction I do examine Security Software now and then to see what’s going on, if there are any new developments and what the state of affairs is when it comes to consumer grade Antivirus and Firewall software. Countermeasures are useful, especially when it comes to less tech savvy users (which we may happen to live [...]

Continue Reading


29 March 2012 | 1,809 views

Avira Joins The Crowd & Starts To Offer Mac Antivirus Software

For years the Apple geeks were always self-praising and postulating that their OS was so secure and superior that it didn’t need any silly Anti Virus software. Things changed a couple of years back though, probably in 2009 when Mac OS X Snow Leopard Bundled With Malware Detector. Not long after that the commercial crowd [...]

Continue Reading


26 March 2012 | 4,576 views

SSLyze v0.4 Released – Scan & Analyze SSL Server Configuration

SSLyze is a Fast and Full-Featured SSL Scanner – it enables Better, faster scanning to analyze the configuration of SSL servers. Supports cipher suites scanning, insecure renegotiation verification, session resumption testing, client certificates, and more. Tested on Python 2.6 & 2.7 with Ubuntu and Windows 7, both 32 and 64 bits. Might work on other [...]

Continue Reading


07 February 2012 | 9,866 views

At Last – Adobe Launches Sandboxed Flash Player For Firefox

Finally a proactive measure from Adobe to try and remedy the horrible security flaws they have introduced to Firefox with their Flash Player. There have been some massive hacks recently due to Flash – – Hackers Exploiting Latest Adobe Flash Bug On Large Scale – Adobe Patches Latest Flash Zero Day Vulnerability – Adobe Promises [...]

Continue Reading


15 December 2011 | 8,087 views

No BEAST Fix From Microsoft In December Patch Tuesday – But They Fixed Duqu Bug

It looks like Microsoft originally had a patch for the BEAST vulnerability, but for some reason they have withdrawn it for the December Patch Tuesday. It’s a pretty bumper crop of patches though with 13 bulletins and 19 vulnerabilities fixed, the highest profile one being a patch for the zero-day vulnerability exploited by Duqu. The [...]

Continue Reading


07 December 2011 | 11,683 views

sslyze – Fast and Full-Featured SSL Configuration Scanner

Transport Layer Security (TLS), commonly called SSL, is one of the most widely used protocols to secure network communications. As costs fall and user security and privacy expectations rise companies are deploying it more widely every year. Attacks against the CA system, SSL implementation flaws and aging protocol versions have grabbed news headlines, bringing attention [...]

Continue Reading


29 November 2011 | 10,660 views

Twitter Purchases WhisperCore – Full Disk Encryption For Android Phones

This is certainly an interesting acquisition and not one I would have expected, I’m not even exactly sure what Twitter is planning and why they would want a company focused on mobile encryption (and specifically on the Android platform). I can’t see any real corporate use for Twitter, so they won’t be pushing the security [...]

Continue Reading


22 November 2011 | 10,293 views

OpenPGP JavaScript Implementation Enables Encrypted Webmail

This is a pretty interesting progression in the encryption field, I’m pretty sure most of us here will use some kind of key based e-mail encryption (PGP/GPG etc) and various different software based implementations. Or perhaps some of you already use something totally web-based like Hushmail, the story is that researchers in Germany have managed [...]

Continue Reading