Best of the Week - 24 giugno 2012

This time, for my "Best of the Week" post, I have picked news about: data breach, a new proposal on DNS, anthropology and hackers, government malware, botnet and, finally, GPS jammers.

Hope you enjoy it!

RSA Conference ‏@RSAConference RT @darkreading 6 biggest database breaches so far in 2012: http://ow.ly/bI7EV

Andy Steingruebl ‏@asteingruebl Excellent analysis by Andrew Sullivan. "A Closer Look at the AIP Internet Draft Proposal" - http://bit.ly/PJDANg

Web Security News ‏@WebSecurityNews
Gabriella Coleman: Helping Hackers Infiltrate Academia - Fast Company http://ow.ly/1kLFpJ

Xylitol ‏@Xylit0l BlackShades in Syria | Malwarebytes Unpacked http://blog.malwarebytes.org/intelligence/2012/06/blackshades-in-syria/ #malwarebytes

Sean Sullivan ‏@FSLabsAdvisor The way they spread?? Wherein Bruce Schneier fails to understand basic economics. Commodity vs. specialty good/service: http://bit.ly/M8bMBa

Marco Thorbruegge ‏@mthorbruegge Botnet Metrics & Calibration http://j.mp/LBw83J

Stefan Frei ‏@stefan_frei Illegal GPS Jammers Are Widespread, Study Finds http://bit.ly/L65Z

Best of the Week - 17 giugno 2012

Web application security, cyberwar and hackers, these are the subjects of my current best of the week post.

Hope you enjoy it!

Mikko Hypponen ‏@mikko "WAT" - a 3-minute lightning talk by @garybernhardt. https://www.destroyallsoftware.com/talks/wat Worth watching for by any developer.

Stefano Di Paola ‏@WisecWisec “@skeptic_fx: Lol ! Real fun to read :) OWASP's how to write insecure code ! https://www.owasp.org/index.php/How_to_write_insecure_code” //nice idea!

Mikko Hypponen ‏@mikko "Lessons from the Bin Laden Raid and Cyberwar" - @csoghoian's talk at #PDF12: http://www.youtube.com/watch?v=pJu0qEha2I0 [video, 10'19"]

Eugene Kaspersky ‏@e_kaspersky Cyber attacks can seem like a way to conduct bloodless wars. Some arguments why not true: http://bit.ly/LgRenQ by @jtemple #cyberwar

F-Secure ‏@FSecure "The Cyberpolitics Of Cyberbellicosity Cyberpushing Cybersecurity To Cyberprevent Cyberwar" http://t.co/EW9dY9mf

Jayson E. Street ‏@jaysonstreet IE zero-day flaw being used to hijack Gmail accounts - Neowin http://www.neowin.net/news/ie-zero-day-flaw-being-used-to-hijack-gmail-accounts via @neowinfeed

Stonesoft ‏@Hack_the_Lab "Money was never his motivation." Power and Ego, Not Money, May have Fueled Alleged Dutch Hacker http://shar.es/s3kl3 via @CIOonline

Best of the Week - 10 giugno 2012

Here we are again with the best security resources of the week. This week I've chosen some articles on: cryptography issues related to Flame, DDOS, DNSSEC and Cyber conflicts.

Hope you enjoy my selection!

Mikko Hypponen ‏@mikko "We now have an example where the government has undermined a crucial part of computer security": http://blog.agilebits.com/2012/06/07/flames-and-collisions/ #flame #1password

MD5 collision attacks are truly novel, this tells us a lot about who worked on Flame and how important it is http://www.cwi.nl/news/2012/cwi-cryptanalist-discovers-new-cryptographic-attack-variant-in-flame-spy-malware

Mikko Hypponen ‏@mikko Tons of good info on the PKI problems that lead to Flame's 'Holy Grail' hack in: http://rmhrisk.wpengine.com By @rmhrisk, who used to work at MSFT.

Prof Alan Woodward ‏@ProfWoodward Nice explanation of the DoS tool that runs on a *single* PC but can bring an Apache web server to its knees http://ddos.arbornetworks.com/2012/06/mp-ddoser-a-rapidly-improving-ddos-threat/

CyLab ‏@cylab Latest CyLab Tech Report: Sanctuary Trail - Refuge from Internet DDoS Entrapment Available Now! http://shar.es/qVKPx #cybersecurity

NLnet Labs ‏@NLnetLabs Our Annual Report 2011 is available: http://nlnetlabs.nl/downloads/publications/annualreports/annualreport

CCD COE ‏@ccdcoe Day 3 summary of #cycon is now up http://www.ccdcoe.org/cycon/521.html - and also a summary of the event http://ccdcoe.org/cycon/522.html

Best of the Week - 3 giugno 2012

This week I selected four papers and four videos for my best of the week post. The subjects are: application security, APT, hackers, mobile security and forensics.
Hope you enjoy it.

Project Honeynet ‏@ProjectHoneynet Know Your Enemy: Social Dynamics of Hacking: I am very pleased to announce the publication of another paper in o... http://bit.ly/L1Q3sH

Jeremiah Grossman ‏@jeremiahg RT @troyhunt: paper from @whitehatsec, "Website Security 101" is a great intro resource to basic webappsec: https://www.whitehatsec.com/assets/WPweb1010607.pdf  < thanks!

Team Cymru ‏@teamcymru Trend's pdf paper on #APT #malware attackers IXESHE (pronounced i-sushi) http://bit.ly/Lg2fGe

xanda ‏@xanda RT @joncallas: iOS Security Guide out from Apple: http://goo.gl/nz9Fw Contains high level description of many iOS things. thanks!

Javvad Malik ‏@J4vv4D By popular demand #BsidesLondon proudly presents @securityninja 's talk on Win phone 7 security http://www.youtube.com/watch?v=XQFkhZ0Y3dw

Security Tube ‏@SecurityTube
[Video] Backtrack Digital Forensics Foremost http://securitytube.net/video/4291 by jibesh_st
[Video] Backtrack Digital Forensics Magicrescue http://securitytube.net/video/4290 by jibesh_st
[Video] Forensic recoverjpeg tool on BackTrack 5 R2 http://securitytube.net/video/4289 by jibesh_st