domenica 24 giugno 2012

Best of the Week - 24 giugno 2012

This time, for my "Best of the Week" post, I have picked news about: data breach, a new proposal on DNS, anthropology and hackers, government malware, botnet and, finally, GPS jammers.

Hope you enjoy it!

RSA Conference ‏@RSAConference RT @darkreading 6 biggest database breaches so far in 2012:

Andy Steingruebl ‏@asteingruebl Excellent analysis by Andrew Sullivan. "A Closer Look at the AIP Internet Draft Proposal" -

Web Security News ‏@WebSecurityNews
Gabriella Coleman: Helping Hackers Infiltrate Academia - Fast Company

Xylitol ‏@Xylit0l BlackShades in Syria | Malwarebytes Unpacked #malwarebytes

Sean Sullivan ‏@FSLabsAdvisor The way they spread?? Wherein Bruce Schneier fails to understand basic economics. Commodity vs. specialty good/service:

Marco Thorbruegge ‏@mthorbruegge Botnet Metrics & Calibration

Stefan Frei ‏@stefan_frei Illegal GPS Jammers Are Widespread, Study Finds

domenica 17 giugno 2012

Best of the Week - 17 giugno 2012

Web application security, cyberwar and hackers, these are the subjects of my current best of the week post.

Hope you enjoy it!

Mikko Hypponen ‏@mikko "WAT" - a 3-minute lightning talk by @garybernhardt. Worth watching for by any developer.

Stefano Di Paola ‏@WisecWisec@skeptic_fx: Lol ! Real fun to read :) OWASP's how to write insecure code !” //nice idea!

Mikko Hypponen ‏@mikko "Lessons from the Bin Laden Raid and Cyberwar" - @csoghoian's talk at #PDF12: [video, 10'19"]

Eugene Kaspersky ‏@e_kaspersky Cyber attacks can seem like a way to conduct bloodless wars. Some arguments why not true: by @jtemple #cyberwar

F-Secure ‏@FSecure "The Cyberpolitics Of Cyberbellicosity Cyberpushing Cybersecurity To Cyberprevent Cyberwar"

Jayson E. Street ‏@jaysonstreet IE zero-day flaw being used to hijack Gmail accounts - Neowin via @neowinfeed

Stonesoft ‏@Hack_the_Lab "Money was never his motivation." Power and Ego, Not Money, May have Fueled Alleged Dutch Hacker via @CIOonline

domenica 10 giugno 2012

Best of the Week - 10 giugno 2012

Here we are again with the best security resources of the week. This week I've chosen some articles on: cryptography issues related to Flame, DDOS, DNSSEC and Cyber conflicts.

Hope you enjoy my selection!

Mikko Hypponen ‏@mikko "We now have an example where the government has undermined a crucial part of computer security": #flame #1password

MD5 collision attacks are truly novel, this tells us a lot about who worked on Flame and how important it is

Mikko Hypponen ‏@mikko Tons of good info on the PKI problems that lead to Flame's 'Holy Grail' hack in: By @rmhrisk, who used to work at MSFT.

Prof Alan Woodward ‏@ProfWoodward Nice explanation of the DoS tool that runs on a *single* PC but can bring an Apache web server to its knees

CyLab ‏@cylab Latest CyLab Tech Report: Sanctuary Trail - Refuge from Internet DDoS Entrapment Available Now! #cybersecurity

NLnet Labs ‏@NLnetLabs Our Annual Report 2011 is available:

CCD COE ‏@ccdcoe Day 3 summary of #cycon is now up - and also a summary of the event

domenica 3 giugno 2012

Best of the Week - 3 giugno 2012

This week I selected four papers and four videos for my best of the week post. The subjects are: application security, APT, hackers, mobile security and forensics.
Hope you enjoy it.

Project Honeynet ‏@ProjectHoneynet Know Your Enemy: Social Dynamics of Hacking: I am very pleased to announce the publication of another paper in o...

Jeremiah Grossman ‏@jeremiahg RT @troyhunt: paper from @whitehatsec, "Website Security 101" is a great intro resource to basic webappsec:  < thanks!

Team Cymru ‏@teamcymru Trend's pdf paper on #APT #malware attackers IXESHE (pronounced i-sushi)

xanda ‏@xanda RT @joncallas: iOS Security Guide out from Apple: Contains high level description of many iOS things. thanks!

Javvad Malik ‏@J4vv4D By popular demand #BsidesLondon proudly presents @securityninja 's talk on Win phone 7 security

Security Tube ‏@SecurityTube
[Video] Backtrack Digital Forensics Foremost by jibesh_st
[Video] Backtrack Digital Forensics Magicrescue by jibesh_st
[Video] Forensic recoverjpeg tool on BackTrack 5 R2 by jibesh_st