Securiteam – Page 2 – PossibleThreat Articles

OpenSSL ACCF Vulnerability (CVE-2015-1793)

August 27, 2019 0 Comments Commentary

Credit to Author: SSD / Noam Rathaus| Date: Thu, 09 Jul 2015 14:12:03 +0000

A new vulnerability has been recently patched in OpenSSL: During certificate verification, OpenSSL (starting from version 1.0.1n and 1.0.2b) will attempt to find an alternative certificate chain if the first attempt to build such a chain fails. An error in the implementation of this logic can mean that an attacker could cause certain checks on … Continue reading OpenSSL ACCF Vulnerability (CVE-2015-1793)

Independent Securiteam

REVIEW – “The Florentine Deception”, Carey Nachenberg

August 27, 2019 0 Comments Ask the Expert, Book Reviews, Culture, Insider Threat, malware, Microsoft, OT, Social engineering, Tips & Tricks

Credit to Author: p1| Date: Wed, 10 Jun 2015 16:22:25 +0000

BKFLODEC.RVW 20150609 “The Florentine Deception”, Carey Nachenberg, 2015, 978-1-5040-0924-9, U$13.49/C$18.91 %A Carey Nachenberg http://florentinedeception.com %C 345 Hudson Street, New York, NY 10014 %D 2015 %G 978-1-5040-0924-9 150400924X %I Open Road Distribution %O U$13.49/C$18.91 www.openroadmedia.com %O http://www.amazon.com/exec/obidos/ASIN/150400924X/robsladesinterne http://www.amazon.co.uk/exec/obidos/ASIN/150400924X/robsladesinte-21 %O http://www.amazon.ca/exec/obidos/ASIN/150400924X/robsladesin03-20 %O Audience n+ Tech 3 Writing 2 (see revfaq.htm for explanation) %P 321 p. %T “The … Continue reading REVIEW – “The Florentine Deception”, Carey Nachenberg

Independent Securiteam

REVIEW: “Security for Service Oriented Architectures”, Walter Williams

August 27, 2019 0 Comments Book Reviews, Commentary, Corporate Security

Credit to Author: p1| Date: Sun, 10 May 2015 23:13:31 +0000

BKSECSOA.RVW 20150130 “Security for Service Oriented Architectures”, Walter Williams, 2014, 978-1466584020, U$61.97 %A Walter Williams walt.williams@gmail.com %C #300 – 6000 Broken Sound Parkway NW, Boca Raton, FL 33487-2742 %D 2014 %G 978-1466584020 1466584025 %I CRC Press %O U$61.97 800-272-7737 http://www.bh.com/bh/ %O http://www.amazon.com/exec/obidos/ASIN/1466584025/robsladesinterne http://www.amazon.co.uk/exec/obidos/ASIN/1466584025/robsladesinte-21 %O http://www.amazon.ca/exec/obidos/ASIN/1466584025/robsladesin03-20 %O Audience i+ Tech 2 Writing 2 (see revfaq.htm for … Continue reading REVIEW: “Security for Service Oriented Architectures”, Walter Williams

Independent Securiteam

Hardening guide for Tomcat 8 on RedHat 6.5 (64bit edition)

August 27, 2019 0 Comments Commentary

Credit to Author: eyalestrin| Date: Thu, 07 May 2015 18:30:34 +0000

This document explains the process of installation, configuration and hardening of Tomcat 8.x server, based on RedHat 6.5 default installation (IPTables and SELinux enabled by default), including support for TLS v1.2 and protection from BEAST attack and CRIME attack. Some of the features explained in this document are supported by only some of the Internet … Continue reading Hardening guide for Tomcat 8 on RedHat 6.5 (64bit edition)

Independent Securiteam

Developing an IR Process and Team

August 27, 2019 0 Comments Tips & Tricks

Credit to Author: brycecolquitt| Date: Wed, 21 Jan 2015 22:01:48 +0000

In our world today, we have an abundance of many things, among which are –unexpected events. Falling meteorites, terrorist attacks, hacktivist demonstrations, blackouts, tsunamis…. well, you get the point.Now, although the majority of events I just mentioned probably fall into a Disaster Recovery category, they are nonetheless events that greatly impact our personal lives and … Continue reading Developing an IR Process and Team