Best of the Week - 30 settembre 2012

Hi all, this is my list of the best security resources of the week. This time, as you can see further, my selection is aimed to useful tools and resources to raise the awareness of the users.

Hope you enjoy it!

Mikko Hypponen ‏@mikko Amazing mind reader in Belgium: http://www.youtube.com/watch?v=F7pYHN9iC9I&sns=tw … [2'29"]

RT @bmeyer41: Which Password Manager Is The Most Secure? http://ow.ly/e5cS6

FireEye ‏@FireEye What are the top 20 words that appear in spear phishing emails? Read the FireEye report here: http://ow.ly/e0KPW

Security Watch ‏@securitywatch My Android Device Is Vulnerable to a 'Dirty USSD' Hack, Now What? http://securitywatch.pcmag.com/none/303186-my-android-device-is-vulnerable-to-a-dirty-ussd-hack-now-what … #infosec

BrianHonan ‏@BrianHonan Canadian government launches their "Stop, Think, Connect" computer security awareness campaign http://uspolitics.einnews.com/pr_news/116564853/government-of-canada-launches-cyber-security-awareness-month-with-new-public-awareness-campaign-partnership …

Brian Meyer ‏@bmeyer41 urlQuery: a free service for detecting and analyzing web-based malware http://urlquery.net/

How Do You Persuade Others? http://www.forbes.com/sites/nickmorgan/2012/09/27/how-do-you-persuade-others/

Best of the Week - 23 settembre 2012

Here we are with my selection of the best security resources of the week.

Hope you enjoy it!

Team Cymru ‏@teamcymru Can offensive cyber be used by modern military forces within the existing international legal framework http://bit.ly/QtRZgl (this other document was posted a couple of weeks ago by my friend Alessandro but it's the natural complement of this work "Alessandro Berni ‏@alessandroberni Currently reading http://issuu.com/NATO_CCD_COE/docs/tallinn_manual_draft/1 …")

Dan Goodin ‏@dangoodin001 New in-the-wild malware linked to state-sponsored Flame targeting Iran: http://arstechnica.com/security/2012/09/new-malware-linked-to-state-sponsored-flame/ …

FBI PressOffice ‏@FBIPressOffice Fraud Alert Cyber Criminals Targeting Financial Institution Employee Credentials to Conduct Wire Transfer Fraud: http://1.usa.gov/RhxiZy

Neira Jones ‏@neirajones A Consumer Alert System for Security Breaches http://lnkd.in/WnH3RW  #databreach #online

CISecurity ‏@CISecurity Want a quick view of cyber activity around the globe? Visit our Cyber Operations Center Dashboard http://msisac.cisecurity.org/apps/dashboard/  pic.twitter.com/JE2l2vkm

Giuseppe ‏@(this friend of mine has decided to block his twitter account so, no links here!) NIST Publishes Revised Risk Assessment Guide http://j.mp/OYkCC2

Best of the Week - 16 Settembre 2012

Hello everybody, this was an important week from a security point of view. Many interesting pieces of news have find their way in the online world.

I chose the best ones to present them in this post.

Hope you enjoy it!

CERT-EU Becomes Permanent http://flpbd.it/vJjun

Digital Crimes Unit ‏@MicrosoftDCU Microsoft disrupts #Nitol botnet and more than 500 additional strains of malware in latest operation http://bit.ly/Or7GIN

CcureIT ‏@CcureIT Botnet operators hide C&Cs in the Tor network http://dlvr.it/28DhV6

Sandro Süffert ‏@suffert Malicious Apache Module Injects Iframes http://flpbd.it/YWV4v

Tuomo Makkonen ‏@tmakkonen 3 years later, hackers who hit Google continue string of lethal attacks http://zite.to/U2d6H2

SCADAhacker ‏@SCADAhacker Good look at a variety of assessment tool. I spend considerable time on this in my adv class "Windows Vuln Assessment" http://h4ckr.us/UclAeN

marco morana ‏@marcomorana “@threatmodeling: Comparison of Threat Modeling Methodologies http://www.myappsecurity.com/threat-modeling/comparison-threat-modeling-methodologies/#.UFTbkJs3NI4 …

Best of the Week - 9 Settembre 2012

Here we are again with my "Best of the Week" post, so let's see what are the most interesting security resources of this week.

Hope you enjoy it!

Alessandro Berni ‏@alessandroberni Currently reading http://t.co/inFmu6k4 - Tallin Manual on the international law applicable to cyber warfare

DCITA ‏@DCITA Huawei calls for cybersecurity cooperation http://is.gd/IWWE7V

Sandro Süffert ‏@suffert Web Application Honeypots http://flpbd.it/VkvVR

Mikko Hypponen ‏@mikko The Symantec report on the Elderwood Crew is worth reading. http://www.threatpost.com/en_us/blogs/elderwood-crew-tied-google-aurora-attack-targeting-defense-energy-finance-companies-090712 

Alessandro Berni ‏@alessandroberni Greater Autonomy for Unmanned Military Systems Urged http://lnkd.in/hEJZnF

SCMagazine ‏@SCMagazine VIEWPOINT: Hey CISOs, ask yourself these questions -- or find another job | http://ow.ly/dwA7j

Best of the Week - 2 Settembre 2012

Last week I'm travelling back to my home and I wasn't able to publish my usual post so this week I'll post some of the articles of the last week in addition to the new ones.

Hope you enjoy it.

MikkoHypponen.exe ‏@mikko "Our trojan does not work on Russian systems, if found Russian or Ukrainian keyboard, the software will fail" http://pastebin.com/gRqQ2693  #Citadel

FireEye ‏@FireEye Download the FireEye Advanced Threat Report for a complete picture of today’s advanced threat landscape. http://ow.ly/diQ9x

/r/netsec ‏@r_netsec Cracking Over 122 Million SHA1 and MD5 Hashed Passwords - http://bit.ly/OrAQm3

Sucuri ‏@sucuri_security The Password Dilemma – Unique and Complex Is The Key http://ow.ly/dgVkP

Marco Thorbruegge ‏@mthorbruegge ENISA General Report 2011 http://j.mp/PieSmb

CcureIT ‏@CcureIT NIST Offers Guidelines for Securing BIOS http://dlvr.it/233Jpy