Cyber crooks misusing audit tool to breach VoIP servers
Every now and then, cyber criminals misuse “good” software in order to do bad things, and the latest instance of this modus operandi has been spotted by NSS Labs …
auditing
WebSurgery: Suite for security testing of web applications
WebSurgery is a suite of tools for security testing of web applications. It was designed for security auditors to help them with the web application planning and exploitation. …
Virtualized scanners and report customization for security assessment
Qualys announced a new edition of the QualysGuard Consultant service, featuring virtualized scanner appliances (vScanners) and a report customization module. The new edition …
Faster password hashes cracking based on the DES algorithm on CPUs
Openwall released an updated version of John the Ripper, a password security auditing tool and open source project, providing the community with improvements in the …
Qualys recertifies its cloud computing FDCC auditing service
QualysGuard is recertified for FDCC compliance by NIST as conforming to the Security Content Automation Protocol (SCAP) and its component standards. The QualysGuard FDCC …
Web Application Attack and Audit Framework 1.0 released
The Web Application Attack and Audit Framework’s (w3af) goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. …
GFI LANguard 2011 released
GFI Software launched GFI LANguard 2011, the latest version of the network vulnerability scanning and patch management solution. GFI LANguard 2011 is the first network …
Security auditing tools and challenges
James Tarala is a principal consultant with Enclave Security. He is a regular speaker and senior instructor with the SANS Institute as well as a courseware author and editor …
The crucial role of crypto technologies
Crypto technologies play a crucial role in data protection and compliance activities across a wide range of industry sectors, in both private and public organizations, …
Security framework integrates forensics and data auditing
AccessData announced the initial release of its new integrated security framework, CIRT (Cyber Intelligence and Response Technology), and is inviting select government and …
Comprehensive vulnerability, configuration, OS and app auditing
nCircle announced that its solutions now audit for over 40,000 conditions including vulnerabilities, configurations, operating systems and applications. The company also …
EventTracker 7.1 alerts users to security breaches
Prism Microsystems released EventTracker 7.1 with enhanced features including USB and writeable media monitoring. The proliferation of writeable media devices such as USB …