sans institute

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

Is there a rootkit stashed in your boot record?

The latest rootkit in the wild hides on your hard drive's boot sector and is starting to infect Windows PCs, according to security researchers. And the real kicker: The rootkit can't be detected by most antivirus applications. Symantec has been tracking the latest rootkit--Trojan.Mebroot--and...

Tags: Symantec Corp., Microsoft Corp., SANS Institute, Trojan.Mebroot Kernel, Rootkits, Security, Spyware, Adware & Malware, Larry Dignan

Blog posts 2008-01-09

SANS Institute paints gloomy security picture

SANS Institute paints gloomy security pictureMy suggestion - shut down the internetIs there anyone willing to do that ? Well, I didin't think so. So stop whining, and take care of your turf. Accept that we're not at a point where we have a world police, but we are at...

Tags: Microsoft Windows, Spyware, adware & malware, Deodorant, gloomy security, security picture, Internet, rich content, SANS Institute, security, village, Microsoft Corp.

Discussion threads 2007-11-28

SANS Institute paints gloomy security picture

The SANS Institute report on the state of security circa 2007 is enough to make you want to pull your ethernet cord out. Is anything out there secure? On Wednesday, the SANS Institute released its top 20 security risks update for 2007. It's pretty bleak across the board. There...

Tags: Software, Antivirus, Microsoft Office, Vulnerability, SAN, Backup, Backup Software, Plug-in, SANS Institute, Anti-virus Software, Backups, Security, Viruses And Worms, Larry Dignan

Blog posts 2007-11-28

Zero Days: How to protect yourself

The SANS Institute released its top 20 security risks for 2007, which documents the security arms race between cyber criminals and the folks playing defense. But let's focus on the big scourge--zero day attacks. The report released Wednesday press release gives a nice overview of zero day...

Tags: SANS Institute, Zero-day Bug, Security, Larry Dignan

Blog posts 2007-11-28

SANS Institute embarrasses FBI

SANS Institute embarrasses FBIInterestingthat GW used the NSA to spy on citizens - INSTEAD of the FBI. This should speak volumes about the ability/trustworthyness of the FBI.Not really...Think of the FBI people as "Lawyers with a badge and a gun". NSA has always pretty much been in the electronic...

Tags: Federal government, FBI, NSA, SANS Institute

Discussion threads 2005-12-23

SANS Institute embarrasses FBI

Today's headlie (see my Dec 19th blog for the rules on these) is the third in the series: 2005: the missing headlies. Basically: the thing has to relate to IT and be both true and false at the same time. When the SANS Institute, in co-operation with the FBI,...

Tags: FBI, SANS Institute, vulnerability

Blog posts 2005-12-23

SANS Tool Talk Webcast: Desktop Security - A Multi-Layered Approach to Protecting Your Investment

This informative Webcast hosted by The SANS Institute explores the threat environment that host systems face and addresses the confusion surrounding desktop technology. In addition it fully examines the available desktop security technologies in an attempt to determine which solution is right for you and which can be trusted to...

Tags: Information Security, Webcast, Investment, Tool, SANS Institute, Tool Talks, Productivity, Desktops, Security, Hardware

Webcasts 2005-06-09

Additional Resources

Top 25 coding defects listed, surprising nobody with a clue

The SANS institute has produced a list of the top 25 classes of programming flaws. The list won't make the flaws go away, but it does provide software purchasers with a powerful tool for whacking irresponsible software vendors. A consortium of government, industry, and academic software...

Tags: Software, Tools & Techniques, Management, Adam O'Donnell

Blog posts 2009-01-13

News to know: Windows rot; Touch PCs; Palm Pre sales guesses; Apple

Here are today’s notable headlines. You can get News To Know via email alert and RSS daily: Adrian Kingsley-Hughes: Windows bit-rot - fact or fiction? Jason O'Grady: Has Apple gotten lazy? Apple quietly releases iLife '09 hardware up-to-date program ...

Tags: Apple iPhone, High Tech Computer Corp., Software-as-a-service, PC, Palm Inc., Health Care, Apple Inc., Sales, INQ Mobile, Human Capital, Software As A Service (SaaS), Managed Hosting, Vertical Industries, Benefits, Cloud Computing, Healthcare, Microsoft Windows, Human Resources, Workforce Management, Emerging Technologies, Enterprise Software, Software, Operating Systems, Larry Dignan

Blog posts 2009-01-13

The New Adventures of Christine's Old PC

Windows XP virtualized within Vista SP1 using VMWare Player. Some of you may be aware that I have another identity besides professional technologist and tech/computer industry blogger -- I'm also passionate about restaurants, cooking, and eating (albeit with a healthier focus these...

Tags: PC, Microsoft Windows Vista, VMware Inc., Computer, Christine Nunn, Microsoft Outlook, Microsoft Windows, Microsoft Windows XP, Microsoft Windows Vista (Longhorn), Productivity, Groupware, Microsoft Office, Office Suites, Software, Operating Systems, Enterprise Software, Jason Perlow

Blog posts 2008-09-22

How OpenDNS, PowerDNS and MaraDNS remained unaffected by the DNS cache poisoning vulnerability

The short answer is being paranoid about tackling a known vulnerability. It's 2001, and Daniel J. Bernstein DJB, author of the then popular djbdns security-aware DNS implementation, is applying basic math principles to raise awareness on what's to turn into the "sky is falling" critical Internet vulnerability in 2008, in...

Tags: DNS, Vulnerability, Anomaly, Attack, OpenDNS, MaraDNS, NSS, Domain Names, Networking, Internet, Dancho Danchev

Blog posts 2008-07-25

Researchers borrow from Google PageRank for network defense service

Using a link analysis algorithm similar to Google PageRank, researchers at the SANS Institute and SRI International have created a new Internet network defense service that completely revamps the way network blacklists are formulated and distributed. The service, called Highly Predictive Blacklisting (.pdf), will be unveiled next...

Tags: Google PageRank, Attacker, Network, DShield, Highly Predictive Blacklist, Internet, Networking, Security, Ryan Naraine

Blog posts 2008-07-23

PowerBroker Privileged Access Control Supports NISPOM Compliance

This paper explains Symark PowerBroker functionality by showing how the product addresses the National Industrial Security Program Operating Manual NISPOM security categories developed by the Defense Security Service DSS. A sample PowerBroker script implementing authorization in a UNIX environment is included, and sample PowerBroker log output is also provided. An...

Tags: Symark Software, Compliance, Access Control

White papers 2008-07-01

Demo exploits posted for unpatched MS Word vulnerability

A security researcher has released demo exploits for what appears to be a critical --  unpatched -- memory corruption vulnerability affecting the ubiquitous Microsoft Word software program. The proof-of-concept exploits accompany a warning that the flaw affects Microsoft Office 2000 and Microsoft Office 2003.  In addition to...

Tags: Vulnerability, Microsoft Corp., Microsoft Word, Word Processors, Microsoft Office, Security, Office Suites, Software, Ryan Naraine

Blog posts 2008-06-23

NSA coordinates cyberattack response

The Washington Post reports: President Bush signed a directive this month that expands the intelligence community's role in monitoring Internet traffic to protect against a rising number of attacks on federal agencies' computer systems. The directive, whose content is classified, authorizes the...

Tags: Agency, Monitoring, Needle, Cyberattack, Computer, NSA, Government, Internet, Hacking, Productivity, Advertising & Promotion, Viruses And Worms, Security, Marketing, Richard Koman

Blog posts 2008-01-27

Hackers attacking US utilities overseas

Cyber warfare isn't just concerned with military and intel computers. Hackers have also attacked foreign facilities of US power utilities, according to a CIA analyst. The Washington Post reports that Tom Donahue, the CIA's top cybersecurity analyst, told an audience of utility security pros: "We do not know who...

Tags: CIA, Utility, Technology, Hacker, Hacking, Security, Richard Koman

Blog posts 2008-01-20

Is there a rootkit stashed in your boot record?

Is there a rootkit stashed in your boot record?You mean Apple Macs aren't affected?Fascinating. This has been 'known about for some time', Windows 2K affected, XP is affected, Vista partially affected, Apple Mac NOT affected. Imagine that, yet another security drop off which only affects Microsoft Windows. Vista, the OS...

Tags: Rootkits, Microsoft Windows Vista (Longhorn), BIOS, Operating systems, rootkit, Microsoft Windows Vista, Microsoft Corp., Microsoft Windows, MBR

Discussion threads 2008-01-09

Distributed Attacks Denial of Service Type: Nature of These Attacks and Defense Against Them

According to statistical information, published by SANS institute (System Administration, Networking and Security), one of the most critical and devastating classes of computer attacks is that of the Distributed Denial of Service type, DDoS, aimed at interfering in the accessibility to information resources. These attacks are accomplished by the combined...

Tags: Denial Of Service, Distributed Denial Of Service, Attack, Security

White papers 2008-01-01

News to know: Vista SP1; Google; PDF ads

Notable headlines: Mary Jo Foley: Microsoft hones its internal sales pitch for Vista Service Pack 1. Vista SP1 Release Candidate expected next week. Adrian Kingsley-Hughes: Even Microsoft has trouble understanding what 'Vista Capable' means. Performance profiles for Vista ...

Tags: Google Inc., Larry Dignan, Advertisement, Adobe PDF, Microsoft Windows Vista, Microsoft Windows Vista SP1, Microsoft Windows Vista (Longhorn), Security, Operating Systems, Microsoft Windows, Software

Blog posts 2007-11-29

Off-to-jail hacker tells how he stole VOIP on massive scale

Robert Moore at left, a 23 year-old hacker from Spokane, Wash., is to go to prison later this week for his role in a plot to steal VoIP services from some 15 legitimate VoIP providers and then sell them as a separate company.Information Week's Sharon Gaudin  has some quotes from...

Tags: Password, Hacker, Robert Moore, Telephony, VOIP, Telecommunications, Networking, Russell Shaw

Blog posts 2007-09-27