domenica 29 luglio 2012

Best of the Week - Security tools edition

This week I chose to focus my post on security tools so, here you can find a selection of interesting and useful tools regarding: AET, incident response, botnet, app scanners, nmap, pwd cracking, and three different security scanners.

Hope you enjoy it.

Antievasion ‏@Anti_Evasion Stonesoft Releases Evader – World's First Advanced Evasion Technique Testing Software For Free: #cybersec #infosec

Stonesoft ‏@Hack_the_Lab VIDEO: How to use Evader-The World's 1st #AET Test-tool: #Stonesoft #Security #Infosec #BlackHat #CyberCrime

mls ‏@CaptnPain Kick Ass: RT @_saadk: The word is out. #Google Rapid Response (GRR) #DFIRSummit work-in-progress #DFIR project

Limor S Kessem ‏@iCyberFighter Want to see what happens to your infrastructure under a DDoS attack? Check out BoNeSi--The DDoS Botnet Simulator

Stefano Fratepietro ‏@stevedeft Top 10: The Web Application Vulnerability Scanners Benchmark, 2012 Commercial & Open Source Scanners

Fabio Pietrosanti ‏@fpietrosanti Scan for FinFisher Government Trojan C&C Servers with Nmap

☛ The Hacker News™ ‏@TheHackersNews

d3v1l ‏@securityshell @Owasp Xelenium - XSS Scanner

domenica 22 luglio 2012

Best of the Week - 22 luglio 2012

In this post of the "Best of the Week" series I report some pieces of information regarding: incident response, cloud security, OpenDNS and ISO27001.

Hope you enjoy it!

Team Cymru ‏@teamcymru Have you heard about the Team Cymru CSIRT Assistance Program. If not see

Stefano Fratepietro ‏@stevedeft The DDoS attack survival guide

d3v1l ‏@securityshell Are You Prepared for Certificate Authority Breaches?

Rafal Los ‏@Wh1t3Rabbit The *full* (and lengthy, sorry) analysis of the recently released FFIEC guidance on #cloud computing - is posted.

Sam Bowne ‏@sambowne OpenDNS Calling all elite security experts: Apply to be among the first malware domain taggers via @OpenDNS

N. Groeneveld ‏@nigroeneveld ISO 27001/27002 Information Security Certification Materials #cybersecurity #infosec

domenica 15 luglio 2012

Best of the Week - 15 luglio 2012

This week, my "Best of the Week" post covers the following subjects: evolution in crimeware, Dark Web, consequences of databreaches, financial malware and frauds.

Hope you enjoy it!

@HPSecure Crimeware Developers Shift To More Obfuscation, Jave Exploits  ‪#blackhat‬

Janne Ahlberg ‏@JanneFI Weapons, drugs and hitmen a click away on the Dark Web

Neira Jones ‏@neirajones#ICO fines St George’s Healthcare NHS Trust £60K for sending patient’s medical details to the wrong person #databreach
Nicolas Krassas ‏@Dinosn Oil Giants Shell, BP and others hacked and data leaked by @le4ky

briankrebs ‏@briankrebs At last, sensible, timely advice. EU to Banks: Assume All PCs Are Infected

Tuomo Makkonen ‏@tmakkonen Measuring the cost of cybercrime (pdf):

CcureIT ‏@CcureIT Australian consumer data sold to financial fraudsters: ACC report

domenica 8 luglio 2012

Best of the Week - 8 luglio 2012

Here we are with the new "Best of the Week" post; in this issue you can find: infosec slides, stories of young hackers, botnet and DDOS and Russian censorship.

Hope you enojoy it.

CcureIT ‏@CcureIT Monkif Botnet Hides Commands in JPEGs

Rafal Los ‏@Wh1t3Rabbit How true is this?

SCMagazine ‏@SCMagazine SLIDESHOW: July 2012 Global Threat Report #CyberCrime

SophosLabs ‏@SophosLabs Shocking 17-year-old public high school antics clickjack unwary Facebook users into scam

Xylitol ‏@Xylit0l 13-Year-Old Arrested by Japanese Police for Creating Virus #wtf #japan

Joseph Menn ‏@josephmenn Russia's Internet blacklist looms in freedom crackdown via @CNET

Limor S Kessem ‏@iCyberFighter Want to see what happens to your infrastructure under a DDoS attack? Check out BoNeSi--The DDoS Botnet Simulator

domenica 1 luglio 2012

Best of the Week - 1 luglio 2012

Here is my list of the best security resources of this week. This week the subjects are: malware, phishing, UPnP, Facebook, incident response and... football!

Hope you enjoy it!

Contagio - malware dump: Medre.A AutoCAD worm samples

Mieke Verburgh ‏@miekiemoes Phishy Phishy Phish:

John Matherly ‏@achillean To learn more about UPnP and how it works, check out this defcon 19 presentation on UPnP mapping:
EFF ‏@EFF Facebook's reporting guide, explaining what happens when a user reports content, is a step in the right direction
Stefan Frei ‏@stefan_frei Spend less in anticipation of cybercrime (on antivirus, firewalls, etc.) and more in response, paper concludes

CcureIT ‏@CcureIT McAfee Names Most Dangerous Football Team in Europe

and now, just before the end... a little bit of fun!!

Fabio Assolini ‏@assolini World's hardest sudoku: can you crack it? (via @TelegraphSci