domenica 30 dicembre 2012

Best of the Week - 30 dicembre 2012

My best wishes for a happy new year!!

Hope you enjoy my new selection of security news and resources.

shreeraj ‏@shreeraj Researchers find malware targeting Java HTTP servers

Limor S Kessem ‏@iCyberFighter RT @ECCOUNCIL: World of Botnet-facilitated #cybercrime... paying pretty well these days:

Infosec Reactions ‏@sec_reactions Demonstrating Spear Phishing to people who said they won't fall for that - by gallypete

CcureIT ‏@CcureIT In 2013 We Will See the Decline of Anonymous, Experts Say

Dušan Caf ‏@dusancaf Ten Steps to Smartphone Security by @FCC: #Privacy #CyberSecurity

The Next Web ‏@TheNextWeb EU Commission unwraps public beta of open data portal with 5800+ datasets, ahead of Jan 2013 launch  by @robinwauters (Well, strictly speaking this is not a security news but, digging into this big mass of data, I'm sure it can be possible to find a lot of pieces of security information)

ENISA ‏@enisa_eu #ENISA has published an implementation guide for National #cybersecurity Strategies

domenica 23 dicembre 2012

Best of the Week - 23 dicembre 2012

The end of the year is approaching and many security researchers are publishing papers, reports and predictions. A lot of things to read during holydays... here you can find my favorites.

Hope you enjoy it!

ENISA ‏@enisa_eu Status report 2012 on #CERTs baseline capabilities and recommendations launched today by #ENISA

CcureIT ‏@CcureIT Mobile malware, botnets and attacks on the cloud to rise

Neira Jones ‏@neirajones Verizon's 2013 Breach Predictions: Authentication Attacks, Web Application Exploits & Social Engineering @wadebaker

Imperva ‏@Imperva Security Trends 2013:
Trend #1 Government Malware Goes Commercial
Trend #2 Black Clouds on the Horizon
Trend #3 Strength in Numbers
Trend #4 APT Targets the Little Guy
Trend #5 Hacktivism Gets Process Driven

RSA Conference ‏@RSAConference #Exploits, security threats and #hacks will mutate in 2013 | via @helpnetsecurity |

DCITA ‏@DCITA It's time to start patching the Human OS


domenica 16 dicembre 2012

Best of the Week - 16 Dicembre 2012

This week Internet was full of interesting security resources and I did my best to collect the most important ones!

Hope you enjoy it!

CcureIT ‏@CcureIT Google Hacking with GGGoogleScan  - #cyberwar

iDialoghi ‏@idialoghi "Military Clouds: protecting and exploiting data services". Former director of operations for US EUCOM speaks.

Microsoft Security ‏@msftsecurity Protect against advanced attacks on your login credentials w/ these field tested mitigation strategies from #Microsoft

Kimberly ‏@StopMalvertisin Fortinet | Fortinet 2013 Cyber-Crime Report

Ed Covert ‏@ebcovert3 NIST Revising Glossary of #Infosec Terms

Apura ‏@Apura_Oficial Check out the @DFIROnline Youtube channel for ~20 great digital forensic and incident response presentations

Mikko Hypponen ‏@mikko Video of my talk in HITB'12  Slides … Lost my ponytail 4 hours after this talk…

domenica 9 dicembre 2012

Best of the Week - 9 dicembre 2012

Here is my collection of the best security resources of this week.

Hope you enjoy it!

New attack makes some password cracking faster, easier than ever | @ArsTechnica: A researcher has devi...

Stonesoft ‏@Hack_the_Lab Cyber-warfare: Hype and fear | The Economist

SophosLabs ‏@SophosLabs Sophos Security Threat Report 2013 - the safest and riskiest countries revealed

F-Secure ‏@FSecure Check out this BBC Radio 4 report called The Hackers — featuring our Mikko Hypponen.

PhysicalDrive0 ‏@PhysicalDrive0 #HITB2012KUL D1T1 - Petko D. Petkov - A Short History of the JavaScript Security Arsenal

Mikko Hypponen ‏@mikko Arbor's graph shows nicely how Syria got back online:

Eric Byres ‏@tofinosecurity "harm of disclosure to the un-patched masses greatly outweighs any benefit that comes from shaming vendors"

domenica 2 dicembre 2012

Best of the Week - 2 dicembre 2012

This is my "Best of the Week" post and here you can find the most intriguing security articles I found on the net this week.

Hope you enjoy it!

DarkReading ‏@DarkReading Anti-Botnet Efforts Still Nascent, But Groups Hopeful

Richard Bejtlich ‏@taosecurity Thanks @appsecusa for recording and publishing my talk at your con last month. It's about 42 mins and covers IR stuff.

uKnowKids ‏@uKnowKids Have you heard of SWAT-ting? Check out this new @uKnowKids infographic… SWAT-ting: Inside a New Trend in Cyber Crime

Rafal Los ‏@Wh1t3Rabbit Bug Bounty Programs - As a Service? -  - Can a 3rd party bug-bounty program be the answer for SMEs? Ask @caseyjohnellis

DCITA ‏@DCITA ICANN's Rolling Controversy: Verification of WHOIS Registration Data

Shawn Henry ‏@Shawn365Henry Many questions recently about how private sector can protect itself from attack; nice to see @ABAesq exploring legality

domenica 25 novembre 2012

Best of the Week - 25 novembre 2012

Hello everybody, this week the themes for my post are: privacy and cybercrime. In the following lines you will find the best resources of the week on these subjects.

Hope you enojoy it!

Tails 0.7: The Amnesic Incognito Live System

DCITA ‏@DCITA PGP Zimmermann teams with Navy SEALs, SAS techies in London

scmagazineUK ‏@SCmagazineUK At #Irisscon @neirajones looks at preparations for a proper response to a crisis -

Hacking Update ‏@HackingUpdate Ukraine: Hacker Haven

RSA Security ‏@rsasecurity Don't get hooked to a scam this #cybermonday | more tips:

Websense, Inc. ‏@websense Phish or no phish? That is the question. Test your skills by taking the #OperationSpearPhish challenge

Limor S Kessem ‏@iCyberFighter Is #Bitcoin really the new paradise for money laundering?

domenica 18 novembre 2012

Best of the Week - 18 novembre 2012

Last Sunday I was at the Global Forum 2012 in Stockholm to present the importance of cyber-security for the economic growth (here is my presentation), so I haven't been able to publish my usual selection of the best security resources of the week. Since last week I had found some interesting materials, this week you will find items also from the previous list.

Hope you enjoy it!

Joseph Menn ‏@josephmenn Good points by Gary McGraw on why nifty cyber-offense can't sub for a strong (if elusive) defense.


Damballa ‏@DamballaInc Persistent Threat Detection on a Budget - 8 ways to find #APT activity in your network  #malware #infosec

DarkReading ‏@DarkReading Hunting botnets in the cloud:

Andre M. DiMino ‏@sempersecurus Internet Fraud Alert(IFA) - A trusted mechanism for participating researchers to report stolen account credentials -

Microsoft Security ‏@msftsecurity Check out these in-depth botnet intelligence reports on Rustock, Zbot & Qakbot from MSFT here:  #InfoSecg/

ENISA ‏@enisa_eu New report on Supply Chain Integrity is published today by #ENISA

Dancho Danchev ‏@danchodanchev In retrospective - 2 yrs ago I exposed the DNS infrast. of the money mule recruit. ecosystem  it's still a mul-nat. prob

domenica 4 novembre 2012

Best of the Week - 4 Novembre 2012

To me, Sunday is not Sunday without my "Best of the Week" post in which I publish the most valuable security resources I found during the week.

This week I selected for you: papers, articles and security news.

Hope you enjoy it!

Digital Fortitude ‏@securitybeacon Security Report details emerging cyber threats

TrendMicro ‏@TrendMicro Cybercrime tools and trade in the Russian underground:

CcureIT ‏@CcureIT Hacker forums used to induct new criminals, report finds

Gianluca Stringhini ‏@gianlucaSB Report claims ZeroAccess is the largest active botnet

Dale Pearson ‏@subliminalhack Social Engineering: An Expanding Frontier in Online Attacks -

ericdknapp ‏@ericdknapp @BBCWorld the darker side of social media from @Raj_Samani

BrianHonan ‏@BrianHonan Video from @enisa_eu … about their CERT exercises available for free from their site. @mthorbruegge looking good :)

domenica 28 ottobre 2012

Best of the Week - 28 Ottobre 2012

Here we are for another post of the "Best of the Week" series in which you will find the most interesting security news and security resources of the week.

Hope you enjoy it!

SCMagazine ‏@SCMagazine Never too late to learn a little about clickjacking w/ @jeremiahg of @whitehatsec. |

CoreSecurity ‏@CoreSecurity Ready for a data #breach? How to develop a response plan. Incl. link with top breaches in '12 via @networkworld

Doug Munro ‏@DoDRecruiterDC The Challenge of Protecting Critical Infrastructure against Cyber-Attacks  #cybersecurity via @SmartGridCurato

CcureIT ‏@CcureIT The anatomy of cyber security exercises

Sandro Süffert ‏@suffert Microsoft: Cyber-Threats in the European Union: First Half 2012
... and
Trend Micro’s Q3 threat report: Mobile malware surged from 30K to 175K

Tuomo Makkonen ‏@tmakkonen An Analysis of Android SSL (In)Security (pdf):

sabato 20 ottobre 2012

Best of the Week - 21 Ottobre 2012

This week, for some "logistical" reasons, I had to publish my "Best of the Week" a day in advance. Luckily, I had already gathered a lot of interesting security materials that you can read below.

Hope you enojoy it!

So, this week we serve... 5 security papers

Microsoft Security ‏@msftsecurity Everything you ever wanted to know about rootkits… Download the paper now.  (cc: @MSFTmmpc) #InfoSec

APWG ‏@APWG Our latest trends report shows cybercrime gangs continue to target more and more companies.

Marco Thorbruegge ‏@mthorbruegge RT @teamcymru: Communication Among Incident Responders - A study

The Honeynet Project ‏@ProjectHoneynet HP Annual Report 2012 released: Each year, the Honeynet Project summarizes its activities and activities of its ...

Alan Woodward ‏@ProfWoodward Zero day attacks last hundreds of days before detection. Empirical data from Symantec written up in a nice paper here

... and 2 secure Operating Systems
SCADAhacker ‏@SCADAhacker Eugene Kaspersky Unveils Plans for New Secure SCADA OS - ThreatPost -  #SHnews good interview with Eugene on the project

Janne Ahlberg ‏@JanneFI RT @JussiPeralampi: Whonix : Virtual anonymous operating system

domenica 14 ottobre 2012

Best of the Week - 14 Ottobre 2012

Preparing the presentation for my speech at the RSA-Day, I collected these security articles and resources.

Hope you enjoy it!

ENISA ‏@enisa_eu ENISA's first annual report of #cyber incidents in the EU: 51 severe outages reported over 2011

Denis Maslennikov ‏@hEx63 FBI: Smartphone Users Should be Aware of Malware Targeting Mobile Devices and Safety Measures to Help Avoid Compromise

Limor S Kessem ‏@iCyberFighter Hacking Google: The three Israeli white hats rooting out the web's security holes  << Good read!

scl feed ‏@computersandlaw Crime: Digital Working Guidance from the MoJ

SCMagazine ‏@SCMagazine VIDEO: Cyber Crime Statistics |

Elie Bursztein ‏@elie Most of the Mass Distributed Malware in Q3 2012 Were Banking Trojans, Study Finds -  #security

domenica 7 ottobre 2012

Best of the Week - 7 ottobre 2012

If you missed some security resoures this week, this is the right place for you.

Hope you enjoy it.

ENISA ‏@enisa_eu Bigger is different! #cybereurope 2012 exercise shows large-scale crises need cross-sector cooperation.

DCITA ‏@DCITA Companies seeking to train employees on cybersecurity

CcureIT ‏@CcureIT Anonymous collective the new face of online hacktivism: CSIS report

Trusteer ‏@Trusteer New Trusteer blog post: One Size Fits All – Universal Man in the Browser Attack Targets All Websites

Kimberly ‏@StopMalvertisin Sans CF | "Digital Forensics Case Leads: Open Source Forensics Edition"

Cabinet Office ‏@cabinetofficeuk UK will establish centre of excellence on #cyber security to offer countries advice on how to build secure cyberspace. via @dusancaf

domenica 30 settembre 2012

Best of the Week - 30 settembre 2012

Hi all, this is my list of the best security resources of the week. This time, as you can see further, my selection is aimed to useful tools and resources to raise the awareness of the users.

Hope you enjoy it!

Mikko Hypponen ‏@mikko Amazing mind reader in Belgium: … [2'29"]

RT @bmeyer41: Which Password Manager Is The Most Secure?

FireEye ‏@FireEye What are the top 20 words that appear in spear phishing emails? Read the FireEye report here:

Security Watch ‏@securitywatch My Android Device Is Vulnerable to a 'Dirty USSD' Hack, Now What? … #infosec

BrianHonan ‏@BrianHonan Canadian government launches their "Stop, Think, Connect" computer security awareness campaign …

Brian Meyer ‏@bmeyer41 urlQuery: a free service for detecting and analyzing web-based malware

How Do You Persuade Others?

domenica 23 settembre 2012

Best of the Week - 23 settembre 2012

Here we are with my selection of the best security resources of the week.

Hope you enjoy it!

Team Cymru ‏@teamcymru Can offensive cyber be used by modern military forces within the existing international legal framework (this other document was posted a couple of weeks ago by my friend Alessandro but it's the natural complement of this work "Alessandro Berni ‏@alessandroberni Currently reading …")

Dan Goodin ‏@dangoodin001 New in-the-wild malware linked to state-sponsored Flame targeting Iran: …

FBI PressOffice ‏@FBIPressOffice Fraud Alert Cyber Criminals Targeting Financial Institution Employee Credentials to Conduct Wire Transfer Fraud:

Neira Jones ‏@neirajones A Consumer Alert System for Security Breaches  #databreach #online

CISecurity ‏@CISecurity Want a quick view of cyber activity around the globe? Visit our Cyber Operations Center Dashboard

Giuseppe ‏@(this friend of mine has decided to block his twitter account so, no links here!) NIST Publishes Revised Risk Assessment Guide

domenica 16 settembre 2012

Best of the Week - 16 Settembre 2012

Hello everybody, this was an important week from a security point of view. Many interesting pieces of news have find their way in the online world.

I chose the best ones to present them in this post.

Hope you enjoy it!

CERT-EU Becomes Permanent

Digital Crimes Unit ‏@MicrosoftDCU Microsoft disrupts #Nitol botnet and more than 500 additional strains of malware in latest operation

CcureIT ‏@CcureIT Botnet operators hide C&Cs in the Tor network

Sandro Süffert ‏@suffert Malicious Apache Module Injects Iframes

Tuomo Makkonen ‏@tmakkonen 3 years later, hackers who hit Google continue string of lethal attacks

SCADAhacker ‏@SCADAhacker Good look at a variety of assessment tool. I spend considerable time on this in my adv class "Windows Vuln Assessment"

marco morana ‏@marcomorana@threatmodeling: Comparison of Threat Modeling Methodologies

domenica 9 settembre 2012

Best of the Week - 9 Settembre 2012

Here we are again with my "Best of the Week" post, so let's see what are the most interesting security resources of this week.

Hope you enjoy it!

Alessandro Berni ‏@alessandroberni Currently reading - Tallin Manual on the international law applicable to cyber warfare

DCITA ‏@DCITA Huawei calls for cybersecurity cooperation

Sandro Süffert ‏@suffert Web Application Honeypots

Mikko Hypponen ‏@mikko The Symantec report on the Elderwood Crew is worth reading. 

Alessandro Berni ‏@alessandroberni Greater Autonomy for Unmanned Military Systems Urged

SCMagazine ‏@SCMagazine VIEWPOINT: Hey CISOs, ask yourself these questions -- or find another job |

domenica 2 settembre 2012

Best of the Week - 2 Settembre 2012

Last week I'm travelling back to my home and I wasn't able to publish my usual post so this week I'll post some of the articles of the last week in addition to the new ones.

Hope you enjoy it.

MikkoHypponen.exe ‏@mikko "Our trojan does not work on Russian systems, if found Russian or Ukrainian keyboard, the software will fail"  #Citadel

FireEye ‏@FireEye Download the FireEye Advanced Threat Report for a complete picture of today’s advanced threat landscape.

/r/netsec ‏@r_netsec Cracking Over 122 Million SHA1 and MD5 Hashed Passwords -

Sucuri ‏@sucuri_security The Password Dilemma – Unique and Complex Is The Key

Marco Thorbruegge ‏@mthorbruegge ENISA General Report 2011

CcureIT ‏@CcureIT NIST Offers Guidelines for Securing BIOS   

domenica 19 agosto 2012

Best of the Week - 19 Agosto 2012

Summer holidays are still going on but many things happened in the security field this week... this is my selection.

Hope you enjoy it!

RT @securityshell: CVE-2012-1535: Adobe Flash being exploited in the wild - Alienvault Labs…

BeyondTrust @BeyondTrust: 500K Credit Cards Stolen in Australian Point-of-Sale Hack

 DCITA @DCITA NIST seeks vulnerability analysis for military Android apps

 Neira Jones @neirajones The Web Developer Guide To Buidling Secure Web Applications #Infographic #webdevelopment #security

 Gianluca Srtinghini @gianlucasb What are the tracking capabilities of social networks? #WOSN… 

 Cyberarms @Cyberarms: File Forensics comparison between Windows 7 and Windows 8

domenica 12 agosto 2012

Best of the Week - 12 Agosto 2012

Here we are again with the best security resources of the week. This time we cover the following subjects: Gauss, guidelines, report and mobile malware.

Mikko Hypponen @mikko If the Palida Narrow font is installed on your PC you probably have a problem. Site by @CrySySLab tells you if you do:

Dan Philpott @danphilpott NIST released final SP 800-61 Revision 2 Computer Security Incident Handling Guide

Hacking Update @hackingupdate Top hacker details how to avoid cybercrime

Securityweek @securityweek Report from Asia/Pacific Biggest Source of Attack Traffic in Q1 2012

The Hacker News @thehackernews Zeus malware targeting BlackBerry  and Android devices… #Security #Infosec #vulnerability

domenica 5 agosto 2012

Best of the Week - 5 Agosto 2012

In these sunny days, a bunch of refreshing news is necessary!

The cool topics of this week are: dangerous hacking, fraud, phishing, social media and social engineering.

Hope you enjoy it!

Hacking Update @hackinupdate Curious hackers inject ghost airplanes into radar, track celebrities' flights

Neira Jones @neirajones Tax Fraud via Identity Theft may cost US economy $21bn over next 5 years

Paul Ducklin @duckblog How to explain phishing to your Grandma [VIDEO] -

Team Cymru @teamcymru Social media plays a growing role in open source intelligence, experts say

Humans are the weakest link: social engineering training by @kevinmitnick is learning from the master:…

domenica 29 luglio 2012

Best of the Week - Security tools edition

This week I chose to focus my post on security tools so, here you can find a selection of interesting and useful tools regarding: AET, incident response, botnet, app scanners, nmap, pwd cracking, and three different security scanners.

Hope you enjoy it.

Antievasion ‏@Anti_Evasion Stonesoft Releases Evader – World's First Advanced Evasion Technique Testing Software For Free: #cybersec #infosec

Stonesoft ‏@Hack_the_Lab VIDEO: How to use Evader-The World's 1st #AET Test-tool: #Stonesoft #Security #Infosec #BlackHat #CyberCrime

mls ‏@CaptnPain Kick Ass: RT @_saadk: The word is out. #Google Rapid Response (GRR) #DFIRSummit work-in-progress #DFIR project

Limor S Kessem ‏@iCyberFighter Want to see what happens to your infrastructure under a DDoS attack? Check out BoNeSi--The DDoS Botnet Simulator

Stefano Fratepietro ‏@stevedeft Top 10: The Web Application Vulnerability Scanners Benchmark, 2012 Commercial & Open Source Scanners

Fabio Pietrosanti ‏@fpietrosanti Scan for FinFisher Government Trojan C&C Servers with Nmap

☛ The Hacker News™ ‏@TheHackersNews

d3v1l ‏@securityshell @Owasp Xelenium - XSS Scanner

domenica 22 luglio 2012

Best of the Week - 22 luglio 2012

In this post of the "Best of the Week" series I report some pieces of information regarding: incident response, cloud security, OpenDNS and ISO27001.

Hope you enjoy it!

Team Cymru ‏@teamcymru Have you heard about the Team Cymru CSIRT Assistance Program. If not see

Stefano Fratepietro ‏@stevedeft The DDoS attack survival guide

d3v1l ‏@securityshell Are You Prepared for Certificate Authority Breaches?

Rafal Los ‏@Wh1t3Rabbit The *full* (and lengthy, sorry) analysis of the recently released FFIEC guidance on #cloud computing - is posted.

Sam Bowne ‏@sambowne OpenDNS Calling all elite security experts: Apply to be among the first malware domain taggers via @OpenDNS

N. Groeneveld ‏@nigroeneveld ISO 27001/27002 Information Security Certification Materials #cybersecurity #infosec

domenica 15 luglio 2012

Best of the Week - 15 luglio 2012

This week, my "Best of the Week" post covers the following subjects: evolution in crimeware, Dark Web, consequences of databreaches, financial malware and frauds.

Hope you enjoy it!

@HPSecure Crimeware Developers Shift To More Obfuscation, Jave Exploits  ‪#blackhat‬

Janne Ahlberg ‏@JanneFI Weapons, drugs and hitmen a click away on the Dark Web

Neira Jones ‏@neirajones#ICO fines St George’s Healthcare NHS Trust £60K for sending patient’s medical details to the wrong person #databreach
Nicolas Krassas ‏@Dinosn Oil Giants Shell, BP and others hacked and data leaked by @le4ky

briankrebs ‏@briankrebs At last, sensible, timely advice. EU to Banks: Assume All PCs Are Infected

Tuomo Makkonen ‏@tmakkonen Measuring the cost of cybercrime (pdf):

CcureIT ‏@CcureIT Australian consumer data sold to financial fraudsters: ACC report

domenica 8 luglio 2012

Best of the Week - 8 luglio 2012

Here we are with the new "Best of the Week" post; in this issue you can find: infosec slides, stories of young hackers, botnet and DDOS and Russian censorship.

Hope you enojoy it.

CcureIT ‏@CcureIT Monkif Botnet Hides Commands in JPEGs

Rafal Los ‏@Wh1t3Rabbit How true is this?

SCMagazine ‏@SCMagazine SLIDESHOW: July 2012 Global Threat Report #CyberCrime

SophosLabs ‏@SophosLabs Shocking 17-year-old public high school antics clickjack unwary Facebook users into scam

Xylitol ‏@Xylit0l 13-Year-Old Arrested by Japanese Police for Creating Virus #wtf #japan

Joseph Menn ‏@josephmenn Russia's Internet blacklist looms in freedom crackdown via @CNET

Limor S Kessem ‏@iCyberFighter Want to see what happens to your infrastructure under a DDoS attack? Check out BoNeSi--The DDoS Botnet Simulator

domenica 1 luglio 2012

Best of the Week - 1 luglio 2012

Here is my list of the best security resources of this week. This week the subjects are: malware, phishing, UPnP, Facebook, incident response and... football!

Hope you enjoy it!

Contagio - malware dump: Medre.A AutoCAD worm samples

Mieke Verburgh ‏@miekiemoes Phishy Phishy Phish:

John Matherly ‏@achillean To learn more about UPnP and how it works, check out this defcon 19 presentation on UPnP mapping:
EFF ‏@EFF Facebook's reporting guide, explaining what happens when a user reports content, is a step in the right direction
Stefan Frei ‏@stefan_frei Spend less in anticipation of cybercrime (on antivirus, firewalls, etc.) and more in response, paper concludes

CcureIT ‏@CcureIT McAfee Names Most Dangerous Football Team in Europe

and now, just before the end... a little bit of fun!!

Fabio Assolini ‏@assolini World's hardest sudoku: can you crack it? (via @TelegraphSci

domenica 24 giugno 2012

Best of the Week - 24 giugno 2012

This time, for my "Best of the Week" post, I have picked news about: data breach, a new proposal on DNS, anthropology and hackers, government malware, botnet and, finally, GPS jammers.

Hope you enjoy it!

RSA Conference ‏@RSAConference RT @darkreading 6 biggest database breaches so far in 2012:

Andy Steingruebl ‏@asteingruebl Excellent analysis by Andrew Sullivan. "A Closer Look at the AIP Internet Draft Proposal" -

Web Security News ‏@WebSecurityNews
Gabriella Coleman: Helping Hackers Infiltrate Academia - Fast Company

Xylitol ‏@Xylit0l BlackShades in Syria | Malwarebytes Unpacked #malwarebytes

Sean Sullivan ‏@FSLabsAdvisor The way they spread?? Wherein Bruce Schneier fails to understand basic economics. Commodity vs. specialty good/service:

Marco Thorbruegge ‏@mthorbruegge Botnet Metrics & Calibration

Stefan Frei ‏@stefan_frei Illegal GPS Jammers Are Widespread, Study Finds

domenica 17 giugno 2012

Best of the Week - 17 giugno 2012

Web application security, cyberwar and hackers, these are the subjects of my current best of the week post.

Hope you enjoy it!

Mikko Hypponen ‏@mikko "WAT" - a 3-minute lightning talk by @garybernhardt. Worth watching for by any developer.

Stefano Di Paola ‏@WisecWisec@skeptic_fx: Lol ! Real fun to read :) OWASP's how to write insecure code !” //nice idea!

Mikko Hypponen ‏@mikko "Lessons from the Bin Laden Raid and Cyberwar" - @csoghoian's talk at #PDF12: [video, 10'19"]

Eugene Kaspersky ‏@e_kaspersky Cyber attacks can seem like a way to conduct bloodless wars. Some arguments why not true: by @jtemple #cyberwar

F-Secure ‏@FSecure "The Cyberpolitics Of Cyberbellicosity Cyberpushing Cybersecurity To Cyberprevent Cyberwar"

Jayson E. Street ‏@jaysonstreet IE zero-day flaw being used to hijack Gmail accounts - Neowin via @neowinfeed

Stonesoft ‏@Hack_the_Lab "Money was never his motivation." Power and Ego, Not Money, May have Fueled Alleged Dutch Hacker via @CIOonline

domenica 10 giugno 2012

Best of the Week - 10 giugno 2012

Here we are again with the best security resources of the week. This week I've chosen some articles on: cryptography issues related to Flame, DDOS, DNSSEC and Cyber conflicts.

Hope you enjoy my selection!

Mikko Hypponen ‏@mikko "We now have an example where the government has undermined a crucial part of computer security": #flame #1password

MD5 collision attacks are truly novel, this tells us a lot about who worked on Flame and how important it is

Mikko Hypponen ‏@mikko Tons of good info on the PKI problems that lead to Flame's 'Holy Grail' hack in: By @rmhrisk, who used to work at MSFT.

Prof Alan Woodward ‏@ProfWoodward Nice explanation of the DoS tool that runs on a *single* PC but can bring an Apache web server to its knees

CyLab ‏@cylab Latest CyLab Tech Report: Sanctuary Trail - Refuge from Internet DDoS Entrapment Available Now! #cybersecurity

NLnet Labs ‏@NLnetLabs Our Annual Report 2011 is available:

CCD COE ‏@ccdcoe Day 3 summary of #cycon is now up - and also a summary of the event

domenica 3 giugno 2012

Best of the Week - 3 giugno 2012

This week I selected four papers and four videos for my best of the week post. The subjects are: application security, APT, hackers, mobile security and forensics.
Hope you enjoy it.

Project Honeynet ‏@ProjectHoneynet Know Your Enemy: Social Dynamics of Hacking: I am very pleased to announce the publication of another paper in o...

Jeremiah Grossman ‏@jeremiahg RT @troyhunt: paper from @whitehatsec, "Website Security 101" is a great intro resource to basic webappsec:  < thanks!

Team Cymru ‏@teamcymru Trend's pdf paper on #APT #malware attackers IXESHE (pronounced i-sushi)

xanda ‏@xanda RT @joncallas: iOS Security Guide out from Apple: Contains high level description of many iOS things. thanks!

Javvad Malik ‏@J4vv4D By popular demand #BsidesLondon proudly presents @securityninja 's talk on Win phone 7 security

Security Tube ‏@SecurityTube
[Video] Backtrack Digital Forensics Foremost by jibesh_st
[Video] Backtrack Digital Forensics Magicrescue by jibesh_st
[Video] Forensic recoverjpeg tool on BackTrack 5 R2 by jibesh_st

domenica 27 maggio 2012

Best of the Week - 27 maggio 2012

Cyberwar, destroying Internet, cyber-theft, botnet and monitoring of open sources, these are the subjects I chose for my "Best of the week" post.

So, no more words, here is my selection of the best security resources of the week.

Hope you enjoy it!

@radware Scary indeed. RT @andrewhheller: How to Destroy the Internet (Scary) #infosec #cybersecurity

@TheRealSpaf Also consider sharing it: - Cerias "U.S. Memorial Day Thoughts on Cyber War

@IdentityG We love our ATM's, and so do criminals. Tips from the FBI on how to avoid #skimming scams.

@identidadrobada Buyer Beware: Why You Should Be Wary of Mobile Banking

@raistolo Oh, dear: #botnet #fail. To the authors: don't worry, it's not a honeypot. Italian police doesn't have a clue.

domenica 20 maggio 2012

Best of the Week -20 maggio 2012

As always, during this week I gathered on Twitter the security news items that I considered interesting, then this morning I evaluated them and picked the best (for me). So, here's my new list of the best security resources of the week.

Hope you enjoy it!

‏‏@mthorbruegge ICS-CERT: Risk Management for the Electricity Sector

@markrussinovich DOD report to Congress on China: cyberops "disruptive not only in a conflict, could be very disruptive to the US"

@GarWarner Lessons from the First Cyber Cops - Shawn Henry, Steve Chabinsky, and Chris Painter --

@gianlucaSB Surprise, spam amount is rising again (via @hfuhs)

@whitehatsec Great article from @jodywestby on how Boards view (or in this case don't view) their cybersecurity. Check it out here:

‏@marcomorana Failing cookie tracking user consent for non essential cookies might cost companies up to £ 500,000 fine under UK law

domenica 13 maggio 2012

Best of the week - 13 maggio 2012

Here is my new list of the best security resources of this week.

Hope you enjoy it!

@InfosecIsland FedRAMP Releases Updated Security Assessment Templates - FedRAMP is a government-wide program that provides a standard...

@scottsimkin 74% of Americans believe #Cybersecurity should be a top concern for Presidential candidates:

@europeanprivacy Big unanswered questions over government's 'snooper's charter' #snooperscharter @privacyint @guardian @Data_Privacy_EU

@OnlineSecurity7 Financial Malware Tricks Users With Claims of Free Credit Card Fraud Insurance - PCWorld

@CiscoSecurity (Whitepaper) IPv6 first-hop security concerns:

@yvetteagostini #smartgrid history infographic

domenica 6 maggio 2012

Best of the week - 6 maggio 2012

As always, many security news were published this week, here you can find my selection of the best ones.

Hope you enjoy it!

@packet_storm iOS Application (In)Security #whitepaper 

@ericfreyss A Wild Exploit Kit Appears... Meet RedKit - SpiderLabs Anterior

@DarkOperator Lockheed bags $454m to tool up Pentagon's Cyber Crime Center

@CcureIT The difficulties in sizing up botnets #ccureit

@eEye A CISO's Guide To Application Security - Part 3: Toward an AppSec Center of Excellence #ciso #cso #appsec #netsec

I would like also to bring to your attention the publication of the slides of my presentation at CeCOS VI, the annual meeting organized by the Anti-Phishing Working Group (APWG). In that so interesting event (sadly), there were only two people to represent Italy, Raoul Chiesa, the CyberDefcon principal, and me. Raoul gave a presentation titled "The soul of cybercriminals" based on his work on Hackers Profiling Project and I presented the current situation of cybercrime in Italy. CeCOS IV was a real success that gave the possibility to all the participants to establish new contacts with experts and professionals coming from many different countries and to have new information regarding the important trends in the cybercrime scenario.

domenica 29 aprile 2012

Best of the Week - 29 Aprile 2012

After my participation in CeCOS VI in Prague I have a lot of interesting pieces of information to share so in the next week I'll write something about those that have struck me more. For now, I'm sharing with you my usual selection of the best Internet security resources.

Hope you enjoy it.

@CcureIT The Future of Cyber Security 2012 - Seminars

@CERTGIB Live Russian Cybercriminal cartography. Where do the hackers come from. Full hackers' profiles in

@GarWarner Interesting look back at Trident Breach by Omaha's FBI Special Agent in Charge -

@CERT_Polska_en British hosting company suffered from attack of 10-milion-strong botnet:

@Anti_Evasion "Vendors have largely ignored the warnings." Equipment Maker Caught Installing Backdoor Account in Control System Code

@candolin2 U.S. seen as Iran 'cyberarmy' target - Washington Times: via @washtimes #cyber

domenica 22 aprile 2012

Best of the Week - CeCOS VI Edition

As every sunday morning, I'm publishing my list of the best security resources of the week.

Hope you enjoy it.

@StaySafeOnline An interesting look at how attacks are becoming more mobile in 2012 from Trend Micro (an NCSA Board Member Company):

@paulsparrows RT @suffert The threats of the Age of cyber-warfare: Eugene Kaspersky on cybercrime

@George_Kurtz Cnet:Shawn Henry talks to CNET about why he left public service and joined CrowdStrike. <- great Q&A with Shawn

@cylab CyLab's Richard Power interviews @BurgessCT 4 CSO - How 2 meet challenges of 21st century #cybersecurity & #privacy

Finally, I want also to remember to my readers that next week there will be CeCOS VI, an interesting conference organized by APWG in Prague. I will give a presentation titled "A vision on cybercrime in Italy" so here, next week you 'll be able to find my slides. 

This is the official press release of the event

Containing the Global Cybercrime Threat is Focus of Counter eCrime Operations Summit (CeCOS VI) in Prague, April 25-27

CeCOS VI, in Prague, Czech Republic, to focus on harmonizing operational issues, cybercrime data exchange, and industrial policies to strengthen and unify the global counter-ecrime effort.

The 6th annual Counter eCrime Operations Summit (CeCOS VI) will convene in Prague, Czech Republic, April 25-27, 2012, as the APWG gathers global leaders from the financial services, technology, government, law enforcement, communications sectors, and research centers to define common goals and harmonize resources to strengthen the global counter-cybercrime effort.

CeCOS VI Prague will review the development of response systems and resources available to counter-cybercrime managers and forensic professionals from around the world.

Specific goals of this high-level, multi-national conference are to identify common forensic needs, in terms of the data, tools, and communications protocols required to harmonize cybercrime response across borders and between private sector financial and industrial sector responders and public sector policy professionals and law enforcement.

Key presentations will include:

* Toward a Universal eCrime Taxonomy for Industry and Law Enforcement; by Iain Swaine, Ensequrity.
* Budapest Convention on Cybercrime: Transborder Law Enforcement Access to Data; by Alexander Seger, Director of the Data Protection and Cybercrime Division of the Council of Europe.
* Adventures in Cybercrime Event Data Sharing; by Pat Cain, AWPG Resident Research Fellow.

Additional presentations about industrial policy at CeCOS VI will investigate policies that complicate the work of exploited brand holders and responders including the domain name system (DNS) registration process that is abused by phishers as part of their phishing campaigns.

ABOUT the Counter eCrime Operations Summit

CeCOS VI, the second APWG conference held in Europe, is an open conference for members of the electronic-crime fighting community, hosted by the APWG and its Conference Partner AVG, Program Partners: The Council of Europe and Organization for Security and Cooperation in Europe, and sponsored by AVG, Google, Microsoft, MarkMonitor, ESET, Telefonica and ICANN. The CeCOS programs are widely considered the most vital events to investigators and managers of electronic crime from across the private and public sectors.



domenica 15 aprile 2012

Best of the Week - 15 aprile 2012

Here's my list of the best security resources of this week.

Hope you enjoy it.

@TrendLabs European internet users have been plagued by "Police Trojans" that lock their computer until they pay a fine

@sicert Ransomcrypt infecting users in .si. Uses 8-byte xor to encrypt files and demands 50 € payment. Several versions, different keys.

@InfosecIsland Megaupload Goes to Court: A Primer - Does the government have a responsibility to protect innocent third parties from...

@securityshell Drive-by downloads: exploiting cross-site scripting vulnerabilities

@gianlucaSB "spam is what our users say it is" ~ insights on gmail's antispam techniques

@IreneKoehler Apple issues Trojan removal tool #mac #security

@ilis Great lectures on information security by @mikko and @schneierblog at @rsaconference 2012

@marcomorana Great lecture on malware threats & countermeasures

domenica 8 aprile 2012

Best of the Week - Easter edition

Happy Easter!!

Here we are... another holiday and another special edition of the "Best of Week" series.

Below you can find my selection of the best security resources of this week.

Hope you enjoy it.

@candolin2 Offensive cyber capabilities on the rise: Dutch cabinet to expand digital warfare | Cyber Warzone #cyber

@TrendLabs European internet users have been plagued by "Police Trojans" that lock their computer until they pay a fine

@jackie_singh When the police subpoena your #Facebook information, here's what Facebook sends the cops #privacy

@assolini Apple malware flourishes in a culture of denial | ZDNet UK

@virusbtn BYOD might mean larger pockets needed for lab coats. It certainly affects an organisation's security policies

@securityshell HTML5 Security

domenica 1 aprile 2012

Best of the week - 1 Aprile 2012

Even in April fools' day you can find a few real security articles, or not...

Hope you enjoy my selection of "real" security resources of this week.

See you next week.

@mikko: I never noticed before that Google has Really Advanced Search options:

@robinsage Authorities Apprehend the Hacktivist Known as th3j35t3r: In a shocking turn of events, the hacktivist known as ...

@ryanaraine your april fool's joke is wack. stop it.


@DamballaInc  Blog: Global Payments Breach - Same story, cybercriminals have better tools and more agile #VISA #Mastercard #infosec

@josephmenn "This Creepy App Isn’t Just Stalking Women, It’s A Wake-Up Call About Facebook Privacy" h/t @maggieshiels

@nigroeneveld Cybercriminals increasingly target financial services industry #infosec

@peterkruse #Fake #Bank Site, Fake Registrar,

@WeldPond EU Cyber Attack law would ban tools "production/sale of devices such as computer programs designed for cyber-attacks"