Welcome to SecurityDocs

A collection of 8,050 IT security white papers, carefully curated by professionals like yourself

ZAP provides automated security tests in continuous integration pipelines

Despite the abundance of tools that test code and help improve the effectiveness of a continuous integration pipeline, automated security testing is much more difficult to get right than it might appear.. Commonly, a mixture of open source and expensive proprietary tools are shoehorned into a pipeline to perform tests on nightly as well as ad hoc builds. However, anyone who has used such tests soon realizes that the maturity of a smaller number of time-honored tests is sometimes much more val...

Oct. 8, 2017 0 comments ADMIN Magazine Detection & Response

The top three SSH tricks

Add extra security to your SSH service, securely copy files to and from remote computers, and configure passwordless SSH for automation scripting.. Secure Shell (SSH) is more than a simple remote connectivity protocol. The SSH utility is one of the most versatile tools in your administrative toolbox. You can use SSH to copy files securely, and you can even build it into automation scripts. Trick 1: Configuring a More Secure SSH Although SSH is secure in a default installation, you can make so...

Oct. 8, 2017 0 comments ADMIN Magazine Pen Testing & Audits

Targeted attacks on companies

Amid the flood of daily intruder attacks, you will find sophisticated, targeted attacks on specific companies. Adapted to a company's systems and staff, these attacks promise cybercriminals great monetary success. This article looks at watering hole and spear phishing attacks and shows how to protect yourself and your users. A Ponemon Institute study has revealed some interesting information about cybercriminal practices. Ponemon interviewed approximately 10,000 hackers regarding how they wor...

Oct. 8, 2017 0 comments ADMIN Magazine Detection & Response

Suricata Intrusion Detection System Fixes Bugs

The fifth maintenance release of the stable Suricata IDS branch includes several important bug fixes. An error in the stream engine, that could lead to crashes, has been fixed. Some bugs, that have been found through the use of the Coverity static analysis tool, could be closed, too. The Suricata developers recommend to update existing installations of the IDS. Suricata is an Intrusion Detection and Prevention System, developed by the Open Information Security Foundation (OISF) with the free ...

Oct. 8, 2017 0 comments ADMIN Magazine Detection & Response

Security issues when dealing with Docker images

Although developers appreciate Docker's ease of use and flexibility, many admins are worried about vulnerabilities. We look at various approaches to securing container images and the price to be paid. Docker Hub is easy for users, and the docker command-line tool can directly tap into it. You can easily pick up prebuilt images for CMS, databases, or distributions and import them into your local infrastructure. But what guarantees do users have that the software running in the container is als...

Oct. 8, 2017 0 comments ADMIN Magazine

Securing IPv6

In 1995, the Internet Engineering Task Force (IETF) chose IPv6 as the successor to IPv4. Initially, this was not an issue that raised much interest. But this changed when Microsoft added IPv6 support to its Windows Vista and Windows Server platforms in 2007. Linux in all its variants and Apple’s Mac OS X followed suit; thus, the new protocol spread with each new installation. On all of these computers today, IPv6 is active by default, communicating in unsolicited dual-stack operations using I...

Oct. 8, 2017 1 comment ADMIN Magazine Management

Protect yourself from infected MS Office files

Attacks based on Office files have increased rapidly in the past few months. They seem to be far less harmless than ZIP or even EXE files in your mailbox, but when combined with a meaningfully worded email, users are too easily tempted to open the infected files. Although macros generally still need to be enabled, the Microsoft Word Intruder (MWI) attack uses unresolved vulnerabilities. Just opening the file compromises the computer. The spread of malware or crimeware has not slowed down – on...

Oct. 8, 2017 1 comment ADMIN Magazine Detection & Response

Penetration Testing DVD Backtrack Version 4 R1...

The updated system now uses Linux kernel 2.6.34. The developers report problems with the WLAN driver RT2800USB, which they have made a workaround available for on their forum . In addition, Backtrack includes many software updates, such as a complete Fluxbox desktop environment. The Vmware version for use in virtual machines now boasts full integration with VMware Tools. Backtrack offers a large choice of tools for penetration testing on the Live DVD. For the first time there is now a roadmap...

Oct. 8, 2017 0 comments ADMIN Magazine Pen Testing & Audits

Microsegmentation with VMware NSX and vRealize Automation

VMware's NSX for vSphere platform adds security to microsegmentation, allowing security components to analyze traffic within the hypervisor. Companies can easily and efficiently validate and control network traffic within the data center through microsegmentation. Microsegmentation is a collection of techniques designed to isolate network traffic through switching and software-defined networking. VMware's NSX for vSphere adds security to software-defined networking and microsegmentation, allo...

Oct. 8, 2017 0 comments ADMIN Magazine

Microsegmentation in the data center

Microsegmentation breaks a network or data center into various segments to enhance its efficiency or security. The idea behind segmentation became an established technique once virtual local area networks (VLANs) came into use. From the very beginning, security was a central focus for VLAN segmentation, because it divided network domains into smaller parts and then protected movement of data among the parts. Traditional VLANs quickly reach their limits, however, when confronted with more extr...

Oct. 8, 2017 0 comments ADMIN Magazine Encryption & Authentication

LemonLDAP::NG 1.1 Enables Web Single Sign-on

With the latest version 1.1 of LemonLDAP::NG notifications can be sent to all users, including the possibility to display specific conditions. User can reset their passwords through a new email based service. For two-factor authentication LemonLDAP enables the use of one time passwords (OTP) together with a Yubikey USB crypto key. The graphical interface can now be customized and includes several pre-made skins. LemonLDAP::NG 1.1 can be used to enable single sign-on for web applications. The ...

Oct. 8, 2017 0 comments ADMIN Magazine Encryption & Authentication

Keeping Docker containers safe

Few debate that the destiny of a hosting infrastructure is running applications across multiple containers. Containers are a genuinely fantastic, highly performant technology ideal for deploying software updates to applications. Whether you're working in an enterprise with a number of critical microservices, tightly coupled with a pipeline that continuously deploys your latest software, or you're running a single LEMP (Linux, Nginx, MySQL, PHP) website that sometimes needs to scale up for bus...

Oct. 8, 2017 1 comment ADMIN Magazine Apps & Hardening

Implementing custom security frameworks with Bro

Bro [1] is high-quality security monitoring tool designed to discover and analyze traffic trends on your network. Bro provides in-depth analysis of network traffic without limiting itself to traditional signature-based approaches. I first heard about the Bro network security monitoring framework when a consultant friend of mine talked about melding the world of big data and security together. My friend believed that traditional signature-based intrusion detection and monitoring simply wasn't ...

Oct. 8, 2017 0 comments ADMIN Magazine Detection & Response

Harden your OpenStack configuration

One of the biggest concerns about virtualization is that an attacker could succeed in breaking out of the virtual machine (VM) and thus gain access to the resources of the physical host. The security of virtual systems thus hinges on the ability to isolate resources of the various VMs on the same server. A simple thought experiment shows how important it is that the boundaries of VM and host are not blurred. Assume you have a server that hosts multiple VMs that all belong to the same customer...

Oct. 8, 2017 0 comments ADMIN Magazine Management

Halting the ransomware blackmail wave

Since February, there have been continuous waves of Locky infection. Windows users are attacked by drive-by downloads or email attachments. After infection, the malicious program encrypts individual files or even the entire hard disk, and demands an anonymous Bitcoin ransom payment from its victims. Locky, an encryption trojan, has found many victims, including well-known corporations and institutions. The trojan changes almost weekly and is known under the following names: Ransom: Win32/Lock...

Oct. 8, 2017 0 comments ADMIN Magazine Encryption & Authentication

Getting a free TLS certificate from Let's Encrypt

Let's Encrypt [1] is an open-source project with the goal of making sure every website is encrypting with TLS. The Let's Encrypt project is sponsored by organizations such as Mozilla, Cisco, Akamai, EFF, gandi.net, and many more. The primary role of Let's Encrypt is to offer trusted and free TLS certificates for everyone. Users can even copy and integrate Let's Encrypt technology into their own networks, which means any website can now offer a encrypted option for no cost. On May 8th 2016, Le...

Oct. 8, 2017 1 comment ADMIN Magazine Encryption & Authentication

Discover ransomware with PowerShell

Backups are not a panacea for all ransomware infections. If a backup overwrites your original files with ransomware encrypted data, your files are gone. Admittedly, this only applies to trivial backup strategies, which you might find in small business environments or in freelancer operations. In mid-sized companies and enterprise environments, this may be not so tragic at first glance, because your archives have backups for the past few weeks. However, even this is not guaranteed. If the data...

Oct. 8, 2017 0 comments ADMIN Magazine Encryption & Authentication

Digital signatures in package management

Many distributions develop, test, build, and distribute their software via a heterogeneous zoo of servers, mirrors, and workstations that make central management and protection of the end product almost impossible. In terms of personnel, distributions also depend on the collaboration of a severely limited number of international helpers. This technical and human diversity creates a massive door for external and internal attackers who seek to infect popular distribution packages with malware. ...

Oct. 8, 2017 0 comments ADMIN Magazine Encryption & Authentication

Countering embedded malware attacks

Embedded malware hidden as macros in Office documents, which automatically launch on opening, was extremely popular 15 years ago. To counter this, in 2001, Microsoft introduced a security policy in Office XP that prompted the user to decide whether or not to run code embedded in documents. This made macro virus attacks difficult to perform, so that other propagation paths became far more lucrative. Consequently, in the last few years, this form of malicious code has been almost completely for...

Oct. 8, 2017 1 comment ADMIN Magazine Detection & Response

Avoiding KVM configuration errors

Whether a virtualization environment comprises only a few hosts or a complex cloud landscape, the majority of admins today who plan to use Linux as the basis of their hypervisors favor KVM. All common Linux distributions already have the necessary software packages, which often facilitates the decision to use KVM, as well as the virtualization project itself. The architects of such a setup all too rarely pay attention to the security of their design. The widespread distribution of container t...

Oct. 8, 2017 0 comments ADMIN Magazine Management

Subscribe

We'll send you a carefully curated list of the best IT security white papers to your mailbox every Friday.