Just sharing recommended vulnerability scanners.
- Nessus ( Commercial and community )
- OpenVAS ( OpenSource, based on Nessus )
- Nexpose ( Commercial and community )
- MBSA Microsoft Baseline Security Analyzer (Freeware)
- Retina ( Commercial and community )
Hope it helps.
Source : http://sectools.org/tag/vuln-scanners/
It’s retro day in the world of Internet security, with an Internet worm dubbed “Morto” spreading via the Windows Remote Desktop Protocol (RDP).
F-Secure is reporting that the worm is behind a spike in traffic on Port 3389/TCP. Once it’s entered a network, the worm starts scanning for machines that have RDP enabled. Vulnerable machines get Morto copied to their local drives as a DLL, a.dll, which creates other files detailed in the F-Secure post.
SANS, which noticed heavy growth in RDP scan traffic over the weekend, says the spike in traffic is a “key indicator” of a growing number of infected hosts. Both Windows servers and workstations are vulnerable.
Experts are reporting a rise in the number of attacks that take advantage of known vulnerabilities of IPv6, a next-generation addressing scheme that is being adopted across the Internet. IPv6 replaces the Internet’s main communications protocol, which is known as IPv4.
Salient Federal Solutions, a Fairfax, Va., IT engineering firm, is reporting real-world incidents of IPv6 attacks based on the emerging protocol’s tunneling capabilities, routing headers, DNS broadcasting and rogue routing announcements. The company asserts that all of these threats can be eliminated with the use of IPv6-enabled deep packet inspection tools, which it and other network vendors sell.
Source: Computer World
Cyber-attacks have dominated headlines this summer as government agencies, large organizations and small businesses have been hit by malware, distributed-denial-of-service attacks and network intrusions. On the personal front, individuals’ email and social networking accounts have been hijacked.
Most cyber-attackers are motivated by money, whether it’s by looting bank accounts or selling stolen information to other criminals, said Josh Shaul, CTO of Application Security. However, there’s been a surge in politically motivated attacks in the past few months as a number of groups—including the notorious hacker collective Anonymous—turned to cyber-attacks as a form of protest.
PandaLabs researchers predicted this past December that the cyber-protests that have added the word “hacktivism” to the English language will continue to grow in frequency because it’s been so effective in getting attention.
In the past few months, even hacktivism has been transformed as tactics and motivations have evolved. In the past, cyber-protesters generally defaced Websites or launched DDoS attacks to express their discontent.
In these DDoS attacks, Websites were overwhelmed with large volumes of server and database requests and became inaccessible to legitimate site visitors. For the most part, the majority of hacktivists relied on low-tech techniques for its activities, Shaul said.
A little while back I took a look at some recently breached accounts and wrote A brief Sony password analysis. The results were alarming; passwords were relatively short (usually 6 to 10 characters), simple (less than 1% had a non-alphanumeric character) and predictable (more than a third were in a common password dictionary). What was even worse though was uniqueness; 92% of common accounts in the Sony systems reused passwords and even when I looked at a totally unrelated system – Gawker – reuse was still very high with over two thirds of common email addresses sharing the same password.
But there was one important question I left unanswered and that was how people choose their passwords. We now know that structurally, passwords almost always adhere to what we would consider “bad practices” but how are these passwords derived in the first place? What’s the personal significance which causes someone to choose a particular password?
What do you think of when you see this little guy on a webpage:
You’re probably thinking something along the lines of “it means the page is secure”. The more tech savvy among you may suggest that it means HTTPS has been used to encrypt the content in transit.
The problem is that it doesn’t mean anything of the kind. In fact it had absolutely nothing to do with website security. And therein lies the problem – the padlock lies to us, it implies things that it is not and it’s downright misleading.
Excellent post, read more at troyhunt.com