-
Exploit writing tutorial: Part 1
In the first part of our exploit writing tutorial, we take a look at the fine art of vulnerability discovery, fuzzing and usable techniques. Tutorial
-
Snapshots from nullcon Tritiya Day 2
A quick look at what happened during nullcon 2012. Photo Feature
-
nullcon Tritiya’s infosec conference: Day 1 walkthrough
Join us, as we take a look at the third installment of annual information security conference nullcon 2012. Photo Feature
-
Backtrack 5 PDF tutorial compendium: A pen-tester’s ready reckoner
Our BackTrack 5 PDF tutorials collection will help you hone your edge, whether you are a security professional or an enthusiast. Best yet, they are free! Tutorial
-
Antispyware buying guide for Indian enterprises
As most Indian IT pros will readily attest, an antispyware strategy is not an easy task. This guide designed specifically for Indian businesses explores the key considerations in choosing a solution and offers an overview of various vendors' offering... Buyer's Guide
-
Spyware Protection and Removal Tutorial
This free spyware protection and removal tutorial is a compilation of free resources that explain what spyware is, how it attacks and most importantly what you can to do to win the war on spyware. Learning Guide
-
Virtual Honeypots: From Botnet Tracking to Intrusion Detection
In Chapter 11 of Virtual Honeypots: From Botnet Tracking to Intrusion Detection, authors Niels Provos and Thorsten Holz get inside the botnet and reveal some interesting conclusions. Book Chapter
-
Microsoft fixes code targeted by Duqu in May 2012 Patch Tuesday
Experts suggest patience when dealing with this month’s round of Microsoft updates. News | 08 May 2012
-
Adobe pushes patch for actively exploited Flash Player vulnerability
Adobe is addressing a zero-day flaw in Flash Player being used by cybercriminals in email attacks targeting Internet Explorer users. News | 04 May 2012
-
Microsoft program breach led to early RDP vulnerability exploit
Microsoft said a member of its confidential Active Protections Program leaked information that prompted an exploit targeting a flaw patched in March. News | 03 May 2012
-
Microsoft to fix 23 vulnerabilities in May 2012 Patch Tuesday
Microsoft said it plans to address flaws in Windows, Office, Silverlight and the .NET Framework. News | 03 May 2012
-
Java, HTML exploits via Black Hole toolkit dominate attacks, Microsoft says
The Black Hole Exploit toolkit is behind the bulk of the HTML and Java exploits, according to version 12 of the Microsoft Security Intelligence Report. News | 25 Apr 2012
-
Google Vulnerability Reward Program increases, Microsoft unfazed
Google increased the reward for a code execution bug to $20,000. Microsoft remains against a bug bounty. News | 24 Apr 2012
-
HP study finds widespread custom Web application flaws
A review of hundreds of unique custom Web applications found more than half are vulnerable to cross-site scripting and more than 86% contain injection flaws. News | 18 Apr 2012
-
HP warns of malware in HP ProCurve switches' flash cards
HP has notified customers that some ProCurve 5400 zl switches were shipped that contained compact flash cards infected with malware. News | 16 Apr 2012
-
Dangerous Samba vulnerability affects all Linux systems
The commonly used tool contains an error that can be executed remotely by attackers, giving them root access to a system. Proof-of-concept code is available, experts warn. News | 11 Apr 2012
-
April 2012 Patch Tuesday: Microsoft to issue six bulletins, four critical
Microsoft’s six bulletins include critical server repairs, Internet Explorer updates and a critical update of its .NET Framework. News | 05 Apr 2012
- See More: News on Viruses, worms, spyware, and other malware
-
Maltego tutorial - Part 1: Information gathering
Maltego is a powerful OSINT information gathering tool. Our Maltego tutorial teaches you how to use Maltego for personal reconnaissance of a target. Tip
-
A malware analysis kit for the novice
As malware gets more and more sophisticated, one needs to be aware of the latest techniques for effective malware analysis. Here are some useful guidelines. Tip
-
Four handy botnet detection techniques and tools: A tutorial
This tutorial will help you determine the right techniques and tools for effective botnet detection. Tip
-
Botnet detection through DNS behavior and clustering analysis
Botnets are fast emerging as one of the most serious threats to Internet security today. This expert tip looks at how botnets can be detected analyzing their unique fast flux characteristics. Tip
-
Top 7 anti rootkit software for Windows
It can be quite a tough task to kick out rootkits from infected Windows systems. Our list of top anti rootkit software will prove handy. Tip
-
What are keyloggers? The essential 101
Here is an all-inclusive guide about software keyloggers, along with common attack modes. Defence mechanisms to counter keyloggers is part of this overview. Tip
-
Top seven social media threats
Discover the top seven social media threats in the first of a two-part series on social media related security threats and preventive measures. Tip
-
Enterprise anti-virus selection tips
Thinking of new anti-virus software for your organisation? Experts share their buying tips in this story Tip
-
Cloud security issues and emerging solutions
Security is the top concern for enterprises looking to adopt cloud. We highlight the prime cloud security issues in India as well as solutions to address them. Tip
-
5 penetration test tools to secure your network
Selecting the right penetration test tool can be a hassle. To make your life easier, we have put together a list of proven penetration testing tools. Tip
- See More: Tips on Viruses, worms, spyware, and other malware
-
Defending against an advanced persistent threat (APT)
In this expert response, Nick Lewis explains how organizations should -- or in some cases, shouldn't -- protect against what's known as Advanced Persistent Threat. Answer
-
How to secure a .pdf file
In this expert Q&A, Michael Cobb explains how to avoid malicious content that is embedded into .pdf documents. Ask the Expert
-
How can search results lead to malware?
Search engines aren't fundamentally designed to find trustworthy sites, just popular and relevant ones. Expert Sherri Davidoff explains how attackers are injecting malicious pages into search results. Ask the Expert
-
How to prevent mobile phone spying
Your cell phone conversations and wireless activity are not private, says resident threat expert Sherri Davidoff, and it's important to remember that mobile phone spying is far too easy. Ask the Expert
-
What are today's antivirus software trends?
Expert John Strand reveals two exciting trends in antivirus software. Ask the Expert
-
How to detect keyloggers
In this expert response, Michael Cobb explains how to detect the many rootkits available to today's attackers. Ask the Expert
-
How to quantify business risk exposure to malware
How safe is your enterprise from data-stealing malware? How can you know where your security program falls short? Find out how to gauge enterprise risk exposure to malware in this expert response. Ask the Expert
-
Does cloud-based antivirus provide better malware detection?
Expert John Strand explains some of the drawbacks of a cloud-based antivirus system. Ask the Expert
-
Is it impossible to successfully remove a rootkit?
In this expert Q&A, Michael Cobb takes a closer a look at the nature of rootkits to see why they can be so difficult to remove. Ask the Expert
-
How can an enterprise-wide network prevent denial-of-service attacks?
Denial-of-service (DoS) attacks are often associated only with one type of flood attack, but there are many to look out for. Information security threats expert John Strand weighs in. Ask the Expert
-
crimeware kit (attack kit)
A crimeware kit, also called an infection, exploit or DIY attack kit, is a programming tool that allows someone who does not have any experience writing software code to create, customize and distribute malware. Definition
-
Stuxnet
The Stuxnet worm is a rootkit exploit that targets Supervisory Control and Data Acquisition (SCADA) systems. SCADA is used in power, water and sewage plants, as well as in telecommunications and oil and gas refining. Definition
-
active man-in-the-middle attack (MitM)
Active man-in-the-middle (MitM) is an attack method that allows an intruder to access sensitive information by intercepting and altering communications between the user of a public network and a requested website. Definition
-
Expert Bruce Schneier's Stuxnet malware analysis
In this RSA Conference 2011 interview, security luminary Bruce Schneier, breaks down his Stuxnet malware analysis. Schneier discusses who could have benefited from creating Stuxnet, how the main stream media hype affected the Trojan, how it could hav... Video
-
Malware and email authentication for financial services
Malware and fighting phishing with email authentication are major security topics for financial services firms. In part two of this video, Paul Smocer discusses the threats and mitigation options. Video
-
Smart tactics for antivirus and antispyware
AV has become a commodity service with vendors touting value-added features and the ability to protect other parts of the network. This video addresses AV and antispyware from an architectural perspective. You'll learn the benefits of standalone prod... Video
-
PCI compliance requirement 5: Antivirus
Diana Kelley and Ed Moyle of Security Curve review PCI compliance requirement 5: "Use and regularly update antivirus software." Video
-
Johannes Ullrich: ISC, stealthy malware
SANS Chief Research Officer Johannes Ullrich discusses the Internet Storm Center (ISC), information sharing and the state of malware. Video
-
Maltego tutorial - Part 1: Information gathering
Maltego is a powerful OSINT information gathering tool. Our Maltego tutorial teaches you how to use Maltego for personal reconnaissance of a target. Tip
-
Microsoft fixes code targeted by Duqu in May 2012 Patch Tuesday
Experts suggest patience when dealing with this month’s round of Microsoft updates. News
-
Adobe pushes patch for actively exploited Flash Player vulnerability
Adobe is addressing a zero-day flaw in Flash Player being used by cybercriminals in email attacks targeting Internet Explorer users. News
-
Microsoft program breach led to early RDP vulnerability exploit
Microsoft said a member of its confidential Active Protections Program leaked information that prompted an exploit targeting a flaw patched in March. News
-
Microsoft to fix 23 vulnerabilities in May 2012 Patch Tuesday
Microsoft said it plans to address flaws in Windows, Office, Silverlight and the .NET Framework. News
-
Java, HTML exploits via Black Hole toolkit dominate attacks, Microsoft says
The Black Hole Exploit toolkit is behind the bulk of the HTML and Java exploits, according to version 12 of the Microsoft Security Intelligence Report. News
-
Google Vulnerability Reward Program increases, Microsoft unfazed
Google increased the reward for a code execution bug to $20,000. Microsoft remains against a bug bounty. News
-
HP study finds widespread custom Web application flaws
A review of hundreds of unique custom Web applications found more than half are vulnerable to cross-site scripting and more than 86% contain injection flaws. News
-
HP warns of malware in HP ProCurve switches' flash cards
HP has notified customers that some ProCurve 5400 zl switches were shipped that contained compact flash cards infected with malware. News
-
Dangerous Samba vulnerability affects all Linux systems
The commonly used tool contains an error that can be executed remotely by attackers, giving them root access to a system. Proof-of-concept code is available, experts warn. News
- See More: All on Viruses, worms, spyware, and other malware
About Viruses, worms, spyware, and other malware
Bring viruses, worms and spyware threats under control with these resources. Keep updated with the latest virus news. Select the best antivirus and antispyware options from our reviews to select best of breed solutions. Curb malware menace with advanced tips. Manage antivirus solutions with ease across the enterprise.