Best of the Week - 27 maggio 2012

Cyberwar, destroying Internet, cyber-theft, botnet and monitoring of open sources, these are the subjects I chose for my "Best of the week" post.

So, no more words, here is my selection of the best security resources of the week.

Hope you enjoy it!


@radware Scary indeed. RT @andrewhheller: How to Destroy the Internet (Scary) #infosec #cybersecurity http://bit.ly/KXkJv3

@TheRealSpaf Also consider sharing it: http://www.cerias.purdue.edu/site/blog/... - Cerias "U.S. Memorial Day Thoughts on Cyber War

@IdentityG We love our ATM's, and so do criminals. Tips from the FBI on how to avoid #skimming scams. http://ow.ly/b7nST

@identidadrobada Buyer Beware: Why You Should Be Wary of Mobile Banking http://zite.to/LxCO1o

@raistolo Oh, dear: https://code.google.com/p/malware-lu/wiki/en_analyse_herpnet #botnet #fail. To the authors: don't worry, it's not a honeypot. Italian police doesn't have a clue.

@ginalm2112 Monitoring http://pastebin.com within your SIEM | /dev/random http://blog.rootshell.be/2012/01/17/monitoring-pastebin-com-within-your-siem/

Best of the Week -20 maggio 2012

As always, during this week I gathered on Twitter the security news items that I considered interesting, then this morning I evaluated them and picked the best (for me). So, here's my new list of the best security resources of the week.

Hope you enjoy it!

‏‏@mthorbruegge ICS-CERT: Risk Management for the Electricity Sector http://j.mp/J69VOf

@markrussinovich DOD report to Congress on China: cyberops "disruptive not only in a conflict, could be very disruptive to the US" http://t.co/CUa53U5R

‏@GarWarner Lessons from the First Cyber Cops - Shawn Henry, Steve Chabinsky, and Chris Painter -- http://garwarner.blogspot.com/2012/05/lessons-from-first-cyber-cops.html

‏@gianlucaSB Surprise, spam amount is rising again http://ow.ly/b0AfV (via @hfuhs)

‏@whitehatsec Great article from @jodywestby on how Boards view (or in this case don't view) their cybersecurity. Check it out here: http://onforb.es/KwFelz

‏@marcomorana Failing cookie tracking user consent for non essential cookies might cost companies up to £ 500,000 fine under UK law http://www.bluefinprofessions.co.uk/news/take-on-the-cookie-monster-dont-be-caught-out-by-26-may-website-compliance-deadline

Best of the week - 13 maggio 2012

Here is my new list of the best security resources of this week.

Hope you enjoy it!

@InfosecIsland FedRAMP Releases Updated Security Assessment Templates - FedRAMP is a government-wide program that provides a standard... http://ow.ly/1jF4U8

@scottsimkin 74% of Americans believe #Cybersecurity should be a top concern for Presidential candidates: http://ow.ly/aQ213

@europeanprivacy Big unanswered questions over government's 'snooper's charter' #snooperscharter @privacyint @guardian @Data_Privacy_EU http://www.guardian.co.uk/technology/2012/may/09/questions-unanswered-snoopers-charter

@OnlineSecurity7 Financial Malware Tricks Users With Claims of Free Credit Card Fraud Insurance - PCWorld http://bit.ly/IZUPI8

@CiscoSecurity (Whitepaper) IPv6 first-hop security concerns: http://ow.ly/aLmwE

@yvetteagostini #smartgrid history infographic http://raynor-design.com/wp-content/uploads/2011/08/smartgrid.jpg

Best of the week - 6 maggio 2012

As always, many security news were published this week, here you can find my selection of the best ones.

Hope you enjoy it!

@packet_storm iOS Application (In)Security http://packetstormsecurity.org/files/112482 #whitepaper 

@ericfreyss A Wild Exploit Kit Appears... Meet RedKit - SpiderLabs Anterior http://t.co/QCogaZFN

@DarkOperator Lockheed bags $454m to tool up Pentagon's Cyber Crime Center http://t.co/2f7queZY

@CcureIT The difficulties in sizing up botnets http://dlvr.it/1WTgjX #ccureit

@eEye A CISO's Guide To Application Security - Part 3: Toward an AppSec Center of Excellence http://bit.ly/JX1z9V #ciso #cso #appsec #netsec

I would like also to bring to your attention the publication of the slides of my presentation at CeCOS VI, the annual meeting organized by the Anti-Phishing Working Group (APWG). In that so interesting event (sadly), there were only two people to represent Italy, Raoul Chiesa, the CyberDefcon principal, and me. Raoul gave a presentation titled "The soul of cybercriminals" based on his work on Hackers Profiling Project and I presented the current situation of cybercrime in Italy. CeCOS IV was a real success that gave the possibility to all the participants to establish new contacts with experts and professionals coming from many different countries and to have new information regarding the important trends in the cybercrime scenario.