New vulnerabilities emerge every day, threatening enterprise information security. In order to avoid data and devices getting infected, it is important to find them out early so they can be fixed as soon as possible.
There are Open Source tools which can help to identify vulnerabilities, such as web servers and applications scanners, analysis tools, fuzzers… Below you can find a useful selection:
The first Kali Linux Rolling Edition is available after 5 months of testing, featuring the stability of Debian together with the latest versions of many outstanding penetration testing tools created by the information security community.
This new model of release feeds continuously from Debian testing, so the kali-rolling repository will always hold the latest stable releases of monitored tools after 24-48 hours being released.
Security experts have discovered a critical vulnerability in OpenSSH which affects versions from 5.4 to 7.1 and it allows attackers to steal encrypted private keys.
A new OpenSSH version has been released to patch this vulnerability, so it is strongly recommended to update to this new release. Another option is to deactivate the vulnerable code adding “UseRoaming no” option in ssh_config file.
The growth and improper use of domain administrator accounts is one of the major security threats to systems in Windows Active Directory (AD) domains.
In order to avoid potential issues arising from these troubles, here’s an article about restricting the use of domain admin accounts to domain controllers in Windows Server 2012 R2 domains by enabling support for additional Kerberos features.
The author also explains how to create a new authentication policy and silo. You can have a look at the tutorial here
A botnet made up of Linux computers is generating over 150 Gbps per second denial-of-service attacks (DDoS), which are seriously threatening some companies, since they are much more powerful than infraestructures can usually support.
This botnet is targeting around 20 sites each day, 90% located in Asia. The most common targets are online gaming and educational sites.
The malware feeding the botnet is called XOR DDoS and it was identified in September 2014 for the first time. Now, a the security response team from Akamai Technologies has discovered a new wave of attacks.
