Archive | Countermeasures


08 March 2011 | 9,261 views

PacketFence – Free, Open Source Network Access Control (NAC) System

PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) system. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, 802.1X support, layer-2 isolation of problematic devices, integration with the Snort IDS and the Nessus vulnerability scanner; PacketFence can be used to effectively [...]

Continue Reading


03 March 2011 | 9,012 views

Microsoft Attack Surface Analyzer – Test Software Vulnerabilities

Attack Surface Analyzer is developed by the Security Engineering group, building on the work of our Security Science team. It is the same tool used by Microsoft’s internal product groups to catalogue changes made to operating system attack surface by the installation of new software. Attack Surface Analyzer takes a snapshot of your system state [...]

Continue Reading


02 March 2011 | 6,125 views

Intel Completes $7.68B McAfee Buyout In All-Cash Deal

The big news in the last fews days is that Intel has completed it’s buy-out of McAfee in a $7.6 Billion dollar all-cash deal, it seems like security on the chipset/CPU is going to be a reality. We wrote about the initial acquisition back in August 201 and Intel have been working hard to get [...]

Continue Reading


21 December 2010 | 12,608 views

Gawker CTO Outlines Security Improvements Post Breach

An e-mail from the Gawker CTO (Tom Plunkett) has been posted online and it outlines the security improvements that Gawker are planning to implement after the recent massive breach of user passwords from their database. As we mentioned recently, the U.S. Federal Bureau of Investigation is looking into the Gawker breach, which just goes to [...]

Continue Reading


25 November 2010 | 13,160 views

BlackSheep – Detect Users Of FireSheep On The Network

As you surely know, things blew up recently at Toorcon 12 with the release of the much talked about Firefox plugin called Firesheep. There were various discussions about how to mitigate against it like using Firefox plug-ins to force SSL connections (where available). Microsoft also tried to secure Hotmail with SSL but kinda b0rked that [...]

Continue Reading


10 November 2010 | 9,751 views

Hotmail Always-On Encryption Breaks Microsoft’s Own Apps

Oh look, Microsoft is late to the party again? They are finally launching full-session SSL encryption to Hotmail a mere 2 years after Google did the same thing for Gmail. It looks like the release of FireSheep really has had an impact on web-application vendors due to the amount of mainstream media coverage it got [...]

Continue Reading


02 November 2010 | 10,502 views

Sophos Launches FREE Anti-Virus Software For Mac

Well most Apple users would tell you they don’t need anti-virus anyway, viruses and malware are a Windows problem – not something the hi-tech hipsters need to worry about. And let’s face it, even if you run Windows you don’t really need to run anti-virus either if you practice good web-habits. But with the amount [...]

Continue Reading


20 October 2010 | 8,724 views

NSDECODER – Automated Website Malware Detection Tool

NSDECODER is a automated website malware detection tool. It can be used to decode and analyze an URL to see if it host to malware. Also, NSDECODER will analyze which vulnerability has been exploited and the original source address of malware. Functions Automated analysis and detection of website malware. Detection for plenty of vulnerabilities. Log [...]

Continue Reading


13 October 2010 | 8,970 views

Facebook Introduces OTP (One-time Password) Functionality

Nice to see an innovation on the security front for once rather than endless ‘feature’ updates and announcements of ‘the next big thing’. Facebook has had its fair share of security woes so it’s nice to see they are doing something which I think may be genuinely useful for it’s burgeoning user base. A lot [...]

Continue Reading


08 October 2010 | 8,768 views

Adobe PDF Reader Rewrite To Include Sandbox Feature

A lot of people have complained about the lack of security in Adobe PDF related products and the fact that the very architecture is insecure. There have been a whole spate of PDF related exploits and vulnerabilities lately – some of them being very serious. It’s good to see Adobe is taking this matter seriously [...]

Continue Reading